Random key material distribution Submitted by: Varsha Anandani 13MIT0062
Jun 20, 2015
Random key material distribution
Submitted by:Varsha Anandani
13MIT0062
Introduction Security issues in wireless sensor networks Threats Random key material distribution Conclusion
Agenda
Wireless Information Networking Group (WING)
Wireless Sensor Networks A wireless sensor network (WSN) is composed of a
large number of low-cost sensor nodes randomly deployed to sense/monitor the field of interest, collect and process information, and make intelligent decision (actuation)
Sensor nodes Limited in energy, computation, and storage Sense/monitor their local environment Perform limited data processing Communicate over short distances Actuate/control (decision making)
Wireless Information Networking Group (WING)
Wireless Sensor Networks
sink
Design Challenges
Resource constraints pose many secure design challenges Security schemes for wired networks may NOT be
feasible for wireless networks Computationally intensive scheme will not work well Power hungry operations should be avoided (due to
either computation or communications) Trust model should be re-evaluated Non-conventional attacks should be investigated
and appropriate strategy should be designed
Security Issues
Authentication Key agreement Mitigating specific serious attacks Secure location discovery Broadcast authentication Secure data aggregation Secure clock synchronization Secure routing and MAC protocols Intrusion detection
Node Duplication Attack The attacker put clones of a captured node at
random or strategic locations in the network
sink
A
Random Walk Attack The attacker uses secret information of a
captured node to roam in the network
sink
A
Wormhole Attack Attackers tunnel packets received at one
location to another distant network location Allowing the attacker to
Disrupt routing, selectively drop packets, …
secret Wormhole link
A B
Key Agreement
Two neighboring nodes establish a shared secret key known only to themselves
The shared key is a prerequisite for Message encryption/decryption Message authentication
A Bencrypt/ authenticate
Key Generation and Establishment
Key Generation:
Given (ID, K), it is infeasible to derive s, as the Discrete Logarithm Problem is computationally hard in G1.
Key establishment: node A (IDA,KA) and node B (IDB,KB)
1 1( )
IDK sH ID G
Public key: Private key:
, 1
1 1
1 1
1
1
,
( , ( ))
( ( ), ( ))
( ( ), ( ))( ( ), )
( , ( ))
A B A B
A B
A B
A B
B A
B A
k f K H ID
f sH ID H ID
f H ID sH ID ff H ID K
f K H ID fk
is bilinear
is symmetric
A shared key is established without exchanging any information!!!
Random-key material distribution
Large pool of symmetric keys is chosen
Random subset of the pool is distributed to each sensor node
To communicate, two nodes search their pools for a common key If they find one, they use it to establish a session key Not every pair of nodes shares a common key, but if the
key-establishment probability is sufficiently high, nodes can securely communicate with sufficiently many nodes to obtain a connected network
No need to include a central trusted base station
Advantage
Attackers who compromised sufficiently many nodes could also reconstruct the complete key pool and break the scheme
Limitation