Presented By: Hathal ALwageed

1

Key Infection: Smart Trust For Smart Dust

Ross Anderson Haowen Chan Adrian Perrig

Presented By:Hathal ALwageed

2

R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on Network Protocols, 2004.

http://www.warroom.co.uk/~dc352/CL_talk2005_wsn.pdf http://en.wikipedia.org/wiki/Wireless_sensor_network http://www.wsn-security.info/ http://www.ee.kth.se/~oland/teaching/wsn2010/

Referneces

3

What is the sensor network? Bootstrapping (key establishment) Previous work Attacker model Key infection (basic, whispering) Multipath key establishment(secrecy amplification) Multi-hop keys establishment Interacting with routing algorithms Economic issues Conclusion

Outline

4


Outline

5

Distributed sensor nodes to cooperatively monitor physical or environmental conditions.

Multihop routing algorithms. Base stations. Ad-hoc technology between the nodes(peer-to-peer communication). Usually covers large areas.

Wireless Sensor Network(WSN)

6

Sensor nodes Constraints:◦ Battery powered.

◦ Memory resources are limited

◦ No Tamper-resistance hardware.

◦ limited bandwidth transmission and computation power .

Sensor Nodes

7

Agriculture Military applications

Under seas And many others

The Sensor Network Applications

8

Developed by Brett Warneke and Kris Pister at the University of California Berkeley, CA

Microelectromechanical systems (MEMS) Radio frequency (RF) & Optical communication. Memory size around 8k. The goal is to reach less than 1 node size. Sensors options:

◦ temperature, pressure, humidity, vibration, Sound,…..

Smart Dust

9


Outline

10

The problem of establishing shared keys between sensor nodes.

Due to the sensor nodes constraints, the problem is considered a challenge.

Public key cryptography is infeasible (computation power limitation).

So a symmetric key cryptography is a convenient choice.

Bootstrapping Problem(Key Establishment)

11


Outline

12

Using base stations as key-distribution centers(KDCs)

◦ Master keys used by nodes to establish secured keys.◦ Drawback:

Compromising the base stations(usually they are more active than sensor nodes so it is easy for attackers to discover and compromise them) .

Random key pre-distribution .◦ Before deployment phase, each node gets a certain number of keys from large

pool of keys.◦ Probability of sharing keys with another node is p.◦ Drawbacks:

Pre-computation phase. Large enough memory required in each node to store m keys(cost issue).

Previous Work

13


Outline

14

Possibility of global active adversary.◦ Todays huge traffic volume.◦ Licenses to install surveillances(law constraint) .◦ Knowledge of deploying at the target area.◦ Long term surveillance.◦ Importance of network application (trade-off between security and network application).◦ Deployment time window is small(key establishment phase may continue for seconds).

SO, it is more realistic to consider no attacks during the deployment stage. If yes, small amount of communication links may be compromised.

Realistic Attacker Model

15

Paper assumptions: During the deployment:

◦ No physical access.◦ Small amount of links compromised.◦ No active attacks(e.g. jamming).

After completing key exchange phase, passive & active attacks are possible.

Cont.

16


Outline

17

Key distributed by contact(virus infection)

Two methods:

Speaking loudly:

◦ Each node chooses a key and broadcasts it in clear to its neighbors.

◦ If the signal received, the neighbor establishes a pairwise key .

Key Infection(Basic)

18

Cont. Node A Send in clear its key

to its neighbors speaking with its maximum communication power.

19

Cont. As a response, each neighbor

establishes a session key and encrypts it, along with A identity, using A key .

These session keys are used to secure communication between nodes.

20

Whispering :

initiate transmission power while (transmission power <= transmission power.max)

start transmission If (there is a respond)

establish a secret key Increase the transmission power

Cont.

21

Cont. Whispering:

Assume A wants to establish pairs of keys with its neighbors

22

Whispering:

Cont.

23

Whispering:

Cont.

24

Whispering:

Cont.

25

Whispering:

Cont.

26

Whispering:

Cont.

27

Whispering

Cont.

28

If there is no attacker during the deployment phase, trivially secured.

Few black dusts among the white dusts.Notations:◦ s:area covered by the network.◦ R:maximum range of RF signal(for white & black dust nodes).◦ : # of black dust nodes.◦ : # of white dust nodes.◦ e : a link between two white dust nodes.

Speaking loudly:Probability (e) is compromised is π

Whispering:Probability (e) is compromised is 1.2

Key Infection Analysis

A Br

29

Key Infection Simulation

30


Outline

31

Multipath Key Establishment (Secrecy Amplification) Combine keys distributed along

different paths.

Used to update keys of suspicious links.

The Adversary needs to compromise all paths to get the updated key .

32

Example:

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB

◦ B: K’AB = H( KAB| NA )

◦ B A : { NB }K’AB

◦ A B : {NB }K’AB

Secrecy Amplification Cont.

33

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB


◦ B A : { NB }K’AB


SA Cont.

34

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB


◦ B A : { NB }K’AB


Cont.

35

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB


◦ B A : { NB }K’AB


Cont.

36

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB


◦ B A : { NB }K’AB


Cont.

37

◦ A C : { B, A, NA }KAC

◦ C D : { B, A, NA }KCD

◦ D E : { A, B, NA }KDE

◦ E B : { A, B, NA }KEB


◦ B A : { NB }K’AB


Cont.

38

SA Results

39

SA Results

40


Outline

41

Multi-hop Keys Amplify links keys through multible-

hop technique.

All nodes between must erase keys after the establishment( protect keys from future compromising).

It supports End-to-end cryptography.

It is convenient to use this method between nodes and base stations.

42

Cont.

43


Outline

44

Their approaches do not need a particular routing strategy.

Can support mechanisms used to recover after nodes being compromised.

◦ E.g. re-run initial network discovery algorithm ◦ Instead of run discovery routing many time along a certain path, multipath key

infection protocol automatically can discover paths .

Multi-hop keying has the ability to discover different paths along the same physical path.◦ This may use to isolate compromised nodes.

Interacting With Routing Algorithms

45


Outline

46

Trade-off between attack and security concepts.◦ Do we have strong attack and important application? This Implies needing Strong

security.

E.g. What is the change required after adopting a certain technology ?

Take a look from the defender side and the attacker side. Which side does pay more? If Attacker we are good.

Is the network long life ? We should concentrate on security maintenance not the key establishing .

Economic Issue

47


Outline

48

Each node broadcasts its key in clear and establishes secured keys with its neighbors.(remember no concentrated attack at the deployment phase).

The simple idea behind these protocols is trust. Our relationships with others depend on the word trust. And since the impact of sensor ad-hoc communication (as the authors claim) in the future will flood our lives, it’s easy to adopt.

Conclusion

49

RF communication => specific antenna size required .( small antenna causes very short wavelength).

Active optical communication(power consumption).

Laser beam should be directed ; it needs time (this causes delay).

………….

Smart Dust criticisms

50

Questions!!

Documents

Presented By: Hathal ALwageed