skip to main content
article

LiSP: A lightweight security protocol for wireless sensor networks

Published: 01 August 2004 Publication History

Abstract

Small low-cost sensor devices with limited resources are being used widely to build a self-organizing wireless network for various applications, such as situation monitoring and asset surveillance. Making such a sensor network secure is crucial to their intended applications, yet challenging due to the severe resource constraints in each sensor device. We present a lightweight security protocol (LiSP) that makes a tradeoff between security and resource consumption via efficient rekeying. The heart of the protocol is the novel rekeying mechanism that offers (1) efficient key broadcast without requiring retransmission/ACKs, (2) authentication for each key-disclosure without incurring additional overhead, (3) the ability of detecting/recovering lost keys, (4) seamless key refreshment without disrupting ongoing data encryption/decryption, and (5) robustness to inter-node clock skews. Furthermore, these benefits are preserved in conventional contention-based medium access control protocols that do not support reliable broadcast. Our performance evaluation shows that LiSP reduces resource consumption significantly, while requiring only three hash computations, on average, and a storage space for eight keys.

References

[1]
Anderson, R. and Kuhn, M. 1996. Tamper resistance---a cautionary note. In Proceedings of 2nd Usenix Workshop Electronic Commerce. USENIX, Oakland, CA, 1--11.]]
[2]
Basagni, S., Herrin, K., Bruschi, D., and Rosti, E. 2001. Secure pebblenets. In Proceedings of ACM MobiHoc&01. ACM, Long Beach, CA.]]
[3]
Bass, T. 2000. Intrusion detection systems and multisensor data fusion. Commun. ACM.]]
[4]
Bonnet, P., Gehrke, J., and Seshadri, P. 2001. Towards sensor database systems. In Mobile Data Management (MDM&01), Hong Kong, China.]]
[5]
Borisov, N., Goldberg, I., and Wagner, D. 2001. Intercepting mobile communications: the insecurity of 802.11. In Proceedings of IEEE/ACM MobiCom&01. ACM, Rome, Italy, 180--189.]]
[6]
Burnside, M., Clarke, D., Mills, T., Devadas, S., and Rivest, R. 2002. Proxy-based security protocols in networked mobile devices. In Proceedings of SAC&02.]]
[7]
Carman, D. W., Kruus, P. S., and Matt, B. J. 2000. Constraints and Approaches for Distributed Sensor Network Security. NAI Labs Technical Report #00-010, NAI Labs.]]
[8]
Chang, I., Engel, R., Kandlur, D., Pendarakis, D., and Saha, D. 1999. Key management for secure internet multicast using Boolean function minimization techniques. In Proceedings of IEEE INFOCOM&99. IEEE.]]
[9]
Crossbow. 2003. MICA, MICA2 Motes & Sensors. Available at http://www.xbow.com/.]]
[10]
Duckworth, G. L., Gilbert, D. C., and Barger, J. E. 1996. Acoustic counter-sniper system. In International Symposium on Enabling Technologies for Law Enforcement and Security. SPIE, Boston, MA.]]
[11]
Eschenauer, L. and Gilgor, V. D. 2002. A key-management scheme for distributed sensor networks. In Proceedings of ACM CCS&02. ACM, Washington, DC. 41--47.]]
[12]
Estrin, D., Govindan, R., Heidemann, J., and Kumar, S. 1999. Next century challenges: scalable coordination in sensor networks. In Proceedings of IEEE/ACM MobiCom&99. ACM.]]
[13]
Haller, N. 1995. The s/key one-time password system. Request for Comments (Informational) 1760. IETF.]]
[14]
Harney, H. and Muchenhirn, C. 1997. Group key management protocol (GKMP) architecture. RFC 2094. IETF.]]
[15]
Hespanha, J. P., Kim, H. J., and Sastry, S. 1999. Multiple-agent probabilistic pursuit-evasion games. In Proceedings of the 38th Conference on Decision and Control. IEEE, Phoenix, AZ. 2432--2437.]]
[16]
Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D., and Pister, K. 2000. System architecture directions for networked sensors. In Proceedings of ASPLOS.]]
[17]
IEEE. 1997. Part 11: wireless LAN medium access control (MAC) and physical layer (PHY) specifications. In IEEE Std 802.11-1997. IEEE.]]
[18]
Ilgun, K., Kemmerer, R. A., and Porras, P. A. 1995. State transition analysis: a rule-based intrusion detection approach. IEEE Trans. Softw. Engng. 21, 3, 181--199.]]
[19]
Kong, J., Zerfos, P., Luo, H., Lu, S., and Zhang, L. 2001. Providing robust and ubiquitous security support for mobile ad-hoc networks. In Proceedings of ICNP&01. IEEE, Riverside, CA.]]
[20]
Kumar, S. and Spafford, E. H. 1995. A software architecture to support misuse intrusion detection. In Proceedings of the 18th National Information Security Conference. 194--204.]]
[21]
Li, J., Jannotti, J., Couto, D. S. J. D., Karger, D. R., and Morris, R. 2000. A scalable location service for geographic ad hoc routing. In Proceedings of IEEE/ACM MobiCom&00. ACM.]]
[22]
Li, X. S., Yang, Y. R., Gouda, M. G., and Lam, S. S. 2001. Batch rekeying for secure group communications. In Proceedings of 10th International World Wide Web Conference.]]
[23]
Madden, S., Szewczyk, R., Franklin, M. J., and Culler, D. 2002. Supporting aggregate queries over ad-hoc wireless sensor networks. In Proceedings of IEEE WMCSA&02. IEEE, New York.]]
[24]
Mainwaring, A., Polastre, J., Szewczyk, R., Culler, D., and Anderson, J. 2002. Wireless sensor networks for habitat monitoring. In Proceedings of ACM WSNA&02. ACM.]]
[25]
McGrew, D. A. and Fluhrer, S. R. 2000. The stream cipher encapsulating security payload. In draft-mcgrew-ipsec-scesp-01.txt. IETF.]]
[26]
Mittra, S. 1997. Iolus: a framework for scalable secure multicasting. In Proceedings of ACM SIGCOMM&97. ACM.]]
[27]
Pagani, E. and Rossi, G. P. 1997. Reliable broadcast in mobile multihop packet networks. In Proceedings of IEEE/ACM MobiCom&97. ACM.]]
[28]
Perrig, A., Canetti, R., Song, D., and Tygar, J. D. 2001. Efficient and secure source authentication for multicast. In Proceedings of NDSS&01. ISOC, San Diego, CA.]]
[29]
Perrig, A., Szewczyk, R., Wen, V., Culler, D., and Tygar, J. D. 2001. SPINS: security protocol for sensor networks. In Proceedings of IEEE/ACM MobiCom&01. ACM, Rome, Italy, 189--199.]]
[30]
Setia, S., Koussih, S., Jajodia, S., and Harder, E. 2000. Kronos: a scalable group re-keying approach for secure multicast. In Proceedings of IEEE Symposium on Security and Privacy&00. IEEE.]]
[31]
Setia, S., Zhu, S., and Jajodia, S. 2002. A comparative performance analysis of reliable group rekey transport protocols for secure multicast. In Proceedings of Performance&02.]]
[32]
Shamir, A. 1979. How to share a secret. Commun. ACM 22, 11.]]
[33]
Singh, S. and Raghavendra, C. S. 1998. Pamas: power aware multi-access protocol with signalling for ad hoc networks. ACM Comput. Commun. Rev. 28, 3 (July), 5--26.]]
[34]
Steiner, M., Tsudik, G., and Waidner, M. 1998. Cliques: a new approach to group key agreement. In Proceedings of ICDCS&98.]]
[35]
Sun, M., Huang, L., Arora, A., and Lai, T. H. 2002. Reliable mac layer multicast in IEEE 802.11 wireless networks. In Proceedings of IEEE ICPP&02. IEEE.]]
[36]
Tang, K. and Gerla, M. 2000. Mac layer broadcast support in 802.11 wireless networks. In Proceedings of MILCOM&00, Los Angeles, CA.]]
[37]
Tourrilhes, J. 1998. Robust broadcast: improving the reliability of broadcast transmissions on CSMA/CA. In Personal, Indoor and Mobile Radio Communications. IEEE, Boston, MA.]]
[38]
Vidal, R., Shakernia, O., Kim, H. J., Shim, H., and Sastry, S. 2002. Probabilistic pursuit-evasion games: theory, implementation and experimental evaluation. IEEE Trans. Robotics Automat. 18, 5 (Oct.), 662--669.]]
[39]
Walker, J. R. 2000. Unsafe at any key size; an analysis of the wep encapsulation. IETF.]]
[40]
Wallner, D. M., Harder, E. G., and Agee, R. C. 1999. Key management for multicast: issues and architecture. RFC 2627. IETF.]]
[41]
Wong, C. K., Gouda, M. G., and Lam, S. S. 1998. Secure group communications using key graphs. In Proceedings of ACM SIGCOMM&98. ACM.]]
[42]
Woo, A. and Culler, D. 2001. A transmission control scheme for media access in sensor networks. In Proceedings of IEEE/ACM MobiCom&01. ACM, Rome, Italy, 221--235.]]
[43]
Wood, A. D. and Stankovic, J. A. 2002. Denial of service in sensor networks. IEEE Comput. 35, 10 (Oct.).]]
[44]
Yang, Y. R., Li, X. S., Zhang, X. B., and Lam, S. S. 2001. Reliable group rekeying: design and performance analysis. In Proceedings of ACM SIGCOMM&01. ACM.]]
[45]
Ye, F., Luo, H., Cheng, J., Lu, S., and Zhang, L. 2002. A two-tier data dissemination model for large-scale wireless sensor networks. In Proceedings of IEEE/ACM MobiCom&02. ACM, Atlanta, GA.]]
[46]
Ye, W., Heidemann, J., and Estrin, D. 2002. An energy-efficient mac protocol for wireless sensor networks. In Proceedings of IEEE INFOCOM&02. IEEE.]]
[47]
Zhang, R., Qian, D., Ba, C., Wu, W., and Guo, X. 2001. Multi-agent based intrusion detection architecture. In Proceedings of International Conference on Computer Networks and Mobile Computing. IEEE, Beijing, China, 494--504.]]
[48]
Zhang, Y. and Lee, W. 2000. Intrusion detection in wireless ad hoc networks. In Proceedings of IEEE/ACM MobiCom&00. ACM, Boston, MA, 275--283.]]
[49]
Zhou, L. and Haas, Z. J. 1998. Securing ad hoc networks. IEEE Netw. Mag. 13, 6 (Nov.).]]
[50]
Zhou, L., Schneider, F. B., and van Renesse, R. 2002. Coca: a secure distributed on-line certification authority. ACM Trans. Comput. Syst. 20, 4 (Nov.).]]

Cited By

View all
  • (2025)Lightweight 0-RTT Session Resumption Protocol for Constrained DevicesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.349779620(221-233)Online publication date: 2025
  • (2024)A Comprehensive Analysis of Ultralightweight Secure Communication Protocol2024 International Conference on Advances in Computing Research on Science Engineering and Technology (ACROSET)10.1109/ACROSET62108.2024.10743272(1-6)Online publication date: 27-Sep-2024
  • (2023)Security Provisioning as Integrity in wireless sensor networks (WSN): A Survey2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10308199(1-6)Online publication date: 6-Jul-2023
  • Show More Cited By

Index Terms

  1. LiSP: A lightweight security protocol for wireless sensor networks

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Transactions on Embedded Computing Systems
      ACM Transactions on Embedded Computing Systems  Volume 3, Issue 3
      August 2004
      202 pages
      ISSN:1539-9087
      EISSN:1558-3465
      DOI:10.1145/1015047
      Issue’s Table of Contents
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Journal Family

      Publication History

      Published: 01 August 2004
      Published in TECS Volume 3, Issue 3

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. Authentication
      2. key management
      3. lightweight security
      4. sensor networks

      Qualifiers

      • Article

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)7
      • Downloads (Last 6 weeks)2
      Reflects downloads up to 04 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2025)Lightweight 0-RTT Session Resumption Protocol for Constrained DevicesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.349779620(221-233)Online publication date: 2025
      • (2024)A Comprehensive Analysis of Ultralightweight Secure Communication Protocol2024 International Conference on Advances in Computing Research on Science Engineering and Technology (ACROSET)10.1109/ACROSET62108.2024.10743272(1-6)Online publication date: 27-Sep-2024
      • (2023)Security Provisioning as Integrity in wireless sensor networks (WSN): A Survey2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10308199(1-6)Online publication date: 6-Jul-2023
      • (2021)DTA-PUF: Dynamic Timing-aware Physical Unclonable Function for Resource-constrained DevicesACM Journal on Emerging Technologies in Computing Systems10.1145/343428117:3(1-24)Online publication date: 12-Aug-2021
      • (2021)Large Sensing Data Flows Using Cryptic TechniquesIntelligent Data Analytics for Terror Threat Prediction10.1002/9781119711629.ch13(269-289)Online publication date: 15-Jan-2021
      • (2020)Comparison and overview of Wireless sensor network systems for Medical ApplicationsInternational Journal on Smart Sensing and Intelligent Systems10.21307/ijssis-2019-0147:5(1-6)Online publication date: 15-Feb-2020
      • (2020)Symmetric-Key Authenticated Key Exchange (SAKE) with Perfect Forward SecrecyTopics in Cryptology – CT-RSA 202010.1007/978-3-030-40186-3_10(199-224)Online publication date: 24-Feb-2020
      • (2019)Data Storages in Wireless Sensor Networks to Deal With Disaster ManagementEmergency and Disaster Management10.4018/978-1-5225-6195-8.ch030(655-682)Online publication date: 2019
      • (2019)SEEN: A Selective Encryption Method to Ensure Confidentiality for Big Sensing Data StreamsIEEE Transactions on Big Data10.1109/TBDATA.2017.27021725:3(379-392)Online publication date: 1-Sep-2019
      • (2019)A Novel and Comprehensive Trust Estimation Clustering Based Approach for Large Scale Wireless Sensor NetworksIEEE Access10.1109/ACCESS.2019.29147697(58221-58240)Online publication date: 2019
      • Show More Cited By

      View Options

      Login options

      Full Access

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media