500 likes | 654 Views
Key Infection: Smart Trust For Smart Dust Ross Anderson Haowen Chan Adrian Perrig. Presented By: Hathal ALwageed. Referneces. R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on Network Protocols , 2004 .
E N D
Key Infection: Smart Trust For Smart DustRoss Anderson Haowen Chan Adrian Perrig Presented By: Hathal ALwageed
Referneces • R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on Network Protocols, 2004. • http://www.warroom.co.uk/~dc352/CL_talk2005_wsn.pdf • http://en.wikipedia.org/wiki/Wireless_sensor_network • http://www.wsn-security.info/ • http://www.ee.kth.se/~oland/teaching/wsn2010/
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Wireless Sensor Network(WSN) • Distributed sensor nodes to cooperatively monitor physical or environmental conditions. • Multihop routing algorithms. • Base stations. • Ad-hoc technology between the nodes(peer-to-peer communication). • Usually covers large areas.
Sensor Nodes • Sensor nodes Constraints: • Battery powered. • Memory resources are limited • No Tamper-resistance hardware. • limited bandwidth transmission and computation power .
The Sensor Network Applications AgricultureMilitary applications Under seas And many others
Smart Dust • Developed by Brett Warneke and Kris Pister at the University of California Berkeley, CA • Microelectromechanical systems (MEMS) • Radio frequency (RF) & Optical communication. • Memory size around 8k. • The goal is to reach less than 1 node size. • Sensors options: • temperature, pressure, humidity, vibration, Sound,…..
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Bootstrapping Problem(Key Establishment) • The problem of establishing shared keys between sensor nodes. • Due to the sensor nodes constraints, the problem is considered a challenge. • Public key cryptography is infeasible (computation power limitation). • So a symmetric key cryptography is a convenient choice.
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Previous Work • Using base stations as key-distribution centers(KDCs) • Master keys used by nodes to establish secured keys. • Drawback: • Compromising the base stations(usually they are more active than sensor nodes so it is easy for attackers to discover and compromise them) . • Random key pre-distribution . • Before deployment phase, each node gets a certain number of keys from large pool of keys. • Probability of sharing keys with another node is p. • Drawbacks: • Pre-computation phase. • Large enough memory required in each node to store m keys(cost issue).
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Realistic Attacker Model • Possibility of global active adversary. • Todays huge traffic volume. • Licenses to install surveillances(law constraint) . • Knowledge of deploying at the target area. • Long term surveillance. • Importance of network application (trade-off between security and network application). • Deployment time window is small(key establishment phase may continue for seconds). SO, it is more realistic to consider no attacks during the deployment stage. If yes, small amount of communication links may be compromised.
Cont. • Paper assumptions: • During the deployment: • No physical access. • Small amount of links compromised. • No active attacks(e.g. jamming). After completing key exchange phase, passive & active attacks are possible.
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Key Infection(Basic) • Key distributed by contact(virus infection) • Two methods: • Speaking loudly: • Each node chooses a key and broadcasts it in clear to its neighbors. • If the signal received, the neighbor establishes a pairwise key .
Cont. • Node A Send in clear its key to its neighbors speaking with its maximum communication power.
Cont. • As a response, each neighbor establishes a session key and encrypts it, along with A identity, using A key . • These session keys are used to secure communication between nodes.
Cont. • Whispering : initiate transmission power while (transmission power <= transmission power.max) start transmission If (there is a respond) establish a secret key Increase the transmission power
Cont. Whispering: Assume A wants to establish pairs of keys with its neighbors
Cont. • Whispering:
Cont. • Whispering:
Cont. • Whispering:
Cont. • Whispering:
Cont. • Whispering:
Cont. • Whispering
Key Infection Analysis • If there is no attacker during the deployment phase, trivially secured. • Few black dusts among the white dusts. Notations: • s:area covered by the network. • R:maximum range of RF signal(for white & black dust nodes). • : # of black dust nodes. • : # of white dust nodes. • e : a link between two white dust nodes. Speaking loudly: Probability (e) is compromised is π Whispering: Probability (e) is compromised is 1.2 r
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Multipath Key Establishment (Secrecy Amplification) • Combine keys distributed along different paths. • Used to update keys of suspicious links. • The Adversary needs to compromise all paths to get the updated key .
Secrecy Amplification Cont. Example: • A C : { B, A, NA }KAC • C D: { B, A, NA }KCD • D E : { A, B, NA}KDE • E B : { A, B, NA}KEB • B: K’AB= H( KAB| NA ) • B A: { NB }K’AB • AB: {NB }K’AB
SA Cont. • A C : { B, A, NA }KAC • C D : { B, A, NA }KCD • D E : { A, B, NA }KDE • E B : { A, B, NA }KEB • B: K’AB = H( KAB| NA) • B A : { NB }K’AB • A B : {NB }K’AB
Cont. • A C : { B, A, NA }KAC • C D : { B, A, NA }KCD • D E : { A, B, NA }KDE • E B : { A, B, NA }KEB • B: K’AB = H( KAB| NA) • B A : { NB }K’AB • A B : {NB }K’AB
Cont. • A C : { B, A, NA }KAC • C D : { B, A, NA }KCD • D E : { A, B, NA }KDE • E B : { A, B, NA }KEB • B: K’AB = H( KAB| NA) • B A : { NB }K’AB • A B : {NB }K’AB
Cont. • A C : { B, A, NA }KAC • C D : { B, A, NA }KCD • D E : { A, B, NA }KDE • E B : { A, B, NA }KEB • B: K’AB = H( KAB| NA) • B A : { NB }K’AB • A B : {NB }K’AB
Cont. • A C : { B, A, NA }KAC • C D : { B, A, NA }KCD • D E : { A, B, NA }KDE • E B : { A, B, NA }KEB • B: K’AB = H( KAB| NA) • B A : { NB }K’AB • A B : {NB }K’AB
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Multi-hop Keys • Amplify links keys through multible-hop technique. • All nodes between must erase keys after the establishment( protect keys from future compromising). • It supports End-to-end cryptography. • It is convenient to use this method between nodes and base stations.
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Interacting With Routing Algorithms • Their approaches do not need a particular routing strategy. • Can support mechanisms used to recover after nodes being compromised. • E.g. re-run initial network discovery algorithm • Instead of run discovery routing many time along a certain path, multipath key infection protocol automatically can discover paths . • Multi-hop keying has the ability to discover different paths along the same physical path. • This may use to isolate compromised nodes.
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Economic Issue • Trade-off between attack and security concepts. • Do we have strong attack and important application? This Implies needing Strong security. • E.g. What is the change required after adopting a certain technology ? • Take a look from the defender side and the attacker side. Which side does pay more? If Attacker we are good. • Is the network long life ? We should concentrate on security maintenance not the key establishing .
Outline • What is the sensor network? • Bootstrapping (key establishment) • Previous work • Attacker model • Key infection (basic, whispering) • Multipath key establishment(secrecy amplification) • Multi-hop keys establishment • Interacting with routing algorithms • Economic issues • Conclusion
Conclusion • Each node broadcasts its key in clear and establishes secured keys with its neighbors.(remember no concentrated attack at the deployment phase). • The simple idea behind these protocols is trust. Our relationships with others depend on the word trust. And since the impact of sensor ad-hoc communication (as the authors claim) in the future will flood our lives, it’s easy to adopt.
Smart Dust criticisms • RF communication => specific antenna size required .( small antenna causes very short wavelength). • Active optical communication(power consumption). • Laser beam should be directed ; it needs time (this causes delay). • ………….