ABSTRACT
Despite recent improvements of the capabilities of Wireless Sensor Networks (WSN) nodes, network protocol support for key management is still lagging behind. While in traditional networks well known protocol suites (e.g., IPsec IKE and the TLS handshake), are commonly used for flexible negotiation of the cryptographic and key exchange protocols, to the best of our knowledge no similar support has been provided for the same operation in WSNs. The goal of this paper is therefore threefold. We discuss the design of a flexible security negotiation protocol for WSNs, and we suggest to adapt TLS handshake ideas to obtain maximum flexibility. We design and implement a security association set up protocol, tailored to the resource constraints and limits of WSN nodes. Finally, we run an experimental assessment of this protocol operations in support of RSA key transport, Elliptic Curve Diffie-Hellman key agreement, and Identity Based Encryption key agreement.
- }}I. Akyildiz, W. Su, Y. Sankarasubramaniam, E. Cayirci, "Wireless sensor networks: a survey", Computer Networks, Vol. 38(4), Mar. 2002, pp. 393--422. Google ScholarDigital Library
- }}C. Garcia-Hernandez, P. Ibarguengoytia-Gonzales, J. Garcia-Hernandez, J. Perez-Diaz, "Wireless Sensor Networks and Applications - a Survey", Int. J. of Computer Science and Network Security, Vol. 7(3), Mar. 2007, pp. 264--273.Google Scholar
- }}C. Kaufman, editor, "Internet Key Exchange (IKEv2) Protocol", IETF RFC 4306, Dec. 2005.Google Scholar
- }}T. Dierks, E. Rescorla, "The Transport Layer Security (TLS) Protocol, Version 1.2", IETF RFC 5246, Aug. 2008.Google Scholar
- }}A. Shamir, "Identity-based cryptosystems and signature schemes", Proc. of CRYPTO 84 on Advances in cryptology, Santa Barbara, CA, USA, 1985, pp. 47--53. Google ScholarDigital Library
- }}D. Malan, M. Welsh, M. Smith, "A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography", IEEE Sensor and Ad Hoc Communications and Networks, SECON 2004, pp. 71--80.Google Scholar
- }}G. Gaubatz, J. P. Kaps, B. Sunar, "Public key cryptography in sensor networks", 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004).Google Scholar
- }}C. Karlof, N. Sastry, D. Wagner, "TinySec: a link layer security architecture for wireless sensor networks", Proc. of the 2nd Int. Conf. on Embedded networked sensor systems, SenSys 2004, Baltimore, MD, USA, pp. 162--175. Google ScholarDigital Library
- }}M. Luk, G. Mezzour, A. Perrig, V. Gligor, "MiniSec: a secure sensor network communication architecture", 6th Int. Conf. on Information processing in sensor networks, IPSN 2007, Cambridge, MA, USA, 2007, pp. 479--488. Google ScholarDigital Library
- }}V. Gupta, M. Wurm, Y. Zhu, M. Millard, S. Fung, N. Gura, H. Eberle, S. C. Shantz, "Sizzle: a standards-based end-to-end security architecture for the embedded Internet", Sun Microsystems, Inc., Technical Reports, SERIES 13103, 2005. Google ScholarDigital Library
- }}S. Fouladgar, B. Mainaud, K. Masmoudi, H. Afifi, "Tiny 3-TLS: A Trust Delegation Protocol for Wireless Sensor Networks", Springer LNCS, Vol. 4357/2006, Security and Privacy in Ad-Hoc and Sensor Networks, Mar. 2007, pp. 32--42. Google ScholarDigital Library
- }}S. Blake-Wilson, N. Bolyard, V. Gupta, C. Hawk, B. Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)", IETF RFC 4492, May 2006.Google Scholar
- }}E. Rescorla, N. Modadugu, "Datagram Transport Layer Security", IETF RFC 4347, April 2006.Google Scholar
- }}R. Rivest, A Shamir, L. Adleman, "A method for obtaining Digital Signatures and Public Key Cryptosystems", Communications of the ACM. Feb., 1978 21(2) pages 120--126. Google ScholarDigital Library
- }}A. K. Lenstra, E. R. Verheul, "Selecting Cryptographic Key Sizes", Journal of Cryptology: the journal of the International Association for Cryptologic Research, 2001.Google ScholarDigital Library
- }}E. Barker, W. Barker, W. Burr, W. Polk, M. Smid, "Recommendation for Key Management - Part 1: General (Revised)", NIST Special Publication 800--57, March 2007. Google ScholarDigital Library
- }}S. D. Galbraith, K. G. Paterson, N. P. Smart, "Pairings for cryptographers", Discrete Applied Mathematics, Vol. 156(16), 2008, 3113--3121. Google ScholarDigital Library
- }}B. Parno, A. Perrig, V. Gligor, "Distributed Detection of Node Replication Attacks in Sensor Networks", Proc. of the IEEE Symp. on Security and Privacy, Oakland, CA, May, 2005. Google ScholarDigital Library
- }}http://www.ist-ubisecsens.org/downloads/tinyrng/tinyrng.ph.Google Scholar
- }}http://code.google.com/p/relic-toolkit.Google Scholar
- }}http://discovery.csc.ncsu.edu/software/TinyECC.Google Scholar
- }}R. Sakai, K. Ohgishi, M. Kasahara, "Cryptosystems based on pairing", Symp. Cryptography and Information Security, SCIS 2000, Jan 2000, pp. 26--28.Google Scholar
- }}P. Barreto, S. Galbraith, C. Heigeartaigh, M. Scott, "Efficient pairing computation on supersingular abelian varieties", Designes Codes And Cryptography, 2006. Google ScholarDigital Library
- }}L. B. Oliveira, M. Scott, J. Lopez, R. Dahab, "TinyPBC: Pairings for authenticated identity-basednon-interactive key distribution in sensor networks", Networked Sensing Systems, 2008, pp. 173--180..Google Scholar
Index Terms
- Flexible key exchange negotiation for wireless sensor networks
Recommendations
Simple, extensible and flexible random key predistribution schemes for wireless sensor networks using reusable key pools
Sensor nodes are tiny, low-power, computationally limited and battery constrained electromechanical devices. A sensor node contains a sensing unit and a wireless communication unit. Sensor nodes are deployed over a field for sensing an event data in the ...
A Hybrid Key Management Protocol for Wireless Sensor Networks
TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and CommunicationsWireless Sensor Networks (WSNs) are wireless ad-hoc networks of tiny battery-operated wireless sensors. They are usually deployed in unsecured, open, and, harsh environments where it is difficult for humans to perform continuous monitoring. Due to its ...
Random key-assignment for secure Wireless Sensor Networks
SASN '03: Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networksA distributed Wireless Sensor Network (WSN) is a collection of n sensors with limited hardware resources. Sensors can exchange messages via Radio Frequency (RF), whose range usually covers only a limited number of other sensors. An interesting problem ...
Comments