SPINS: Security Protocols for Sensor Networks

Wireless Networks - Tập 8 - Trang 521-534 - 2002
Adrian Perrig1, Robert Szewczyk1, J.D. Tygar2, Victor Wen1, David E. Culler1
1Department of Electrical Engineering and Computer Sciences, University of California – Berkeley, Berkeley, USA
2Department of Electrical Engineering and Computer Sciences, University of California-Berkeley, Berkeley, USA

Tóm tắt

Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. We present a suite of security protocols optimized for sensor networks: SPINS. SPINS has two secure building blocks: SNEP and μTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. μTESLA provides authenticated broadcast for severely resource-constrained environments. We implemented the above protocols, and show that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of our network. Additionally, we demonstrate that the suite can be used for building higher level protocols.

Tài liệu tham khảo

Atmel, Secure Microcontrollers for SmartCards, http://www. atmel.com/atmel/acrobat/1065s.pdf S. Basagni, K. Herrin, E. Rosti and D. Bruschi, Secure Pebblenets, in: ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (2001) pp. 156–163. M. Bellare, A. Desai, E. Jokipii and P. Rogaway, A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation, in: Symposium on Foundations of Computer Science (FOCS) (1997). M. Beller and Y. Yacobi, Fully-fledged two-way public key authentication and key agreement for low-cost terminals, Electronics Letters 29(11) (1993) 999–1001. S. Bellovin and M. Merrit, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, in: ACM Conference on Computer and Communications Security CCS-1 (1993) pp. 244–250. P. Bergstrom, K. Driscoll and J. Kimball, Making home automation communications secure, IEEE Computer 34(10) (2001) 50–56. A. Biryukov and D. Wagner, Slide attacks, in: International Workshop on Fast Software Encryption (1999). C. Boyd and A. Mathuria, Key establishment protocols for secure mobile communications: A selective survey, in: Australasian Conference on Information Security and Privacy (1998) pp. 344–355. D.W. Carman, P.S. Kruus and B.J. Matt, Constraints and approaches for distributed sensor network security, NAI Labs Technical Report No. 00-010 (2002). S.E. Czerwinski, B.Y. Zhao, T.D. Hodes, A.D. Joseph and R.H. Katz, An architecture for a secure service discovery service, in: ACM International Conference on Mobile Computing and Networking (MobiCom'99) (1999) pp. 24–35. D. Johnson, D.A. Maltz and J. Broch, The dynamic source routing protocol for mobile ad hoc networks, Internet draft, Mobile Ad-Hoc Network (MANET) Working Group, IETF (1999). J. Daemen and V. Rijmen, AES proposal: Rijndael (1999). Dallas, iButton: A Java-powered cryptographic iButton, http:// www.ibutton.com/ibuttons/java.html W. Diffie and M.E. Hellman, Privacy and authentication: An introduction to cryptography, Proceedings of the IEEE 67(3) (1979) 397–427. Fortezza, Fortezza: Application implementers guide (1995). A. Fox and S.D. Gribble, Security on the move: Indirect authentication using Kerberos, in: International Conference on Mobile Computing and Networking (MobiCom'96) (1996) pp. 155–164. R. Gennaro and P. Rohatgi, How to sign digital streams, in: Advances in Cryptology – Crypto'97, Lecture Notes in Computer Science, Vol. 1294 (1997) pp. 180–197. O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions, Journal of the ACM 33(4) (1986) 792–807. S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer Security 28 (1984) 270–299. Z. Haas and M. Perlman, The Zone Routing Protocol (ZRP) for ad hoc networks, Internet draft, Mobile Ad-Hoc Network (MANET) Working Group, IETF (1998). N.M. Haller, The S/KEY one-time password system, in: Symposium on Network and Distributed Systems Security (1994). D. Harkins and D. Carrel, The Internet key exchange (IKE), RFC 2409, Information Sciences Institute, University of Southern California (1998). J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler and K. Pister, System architecture directions for networked sensors, in: International Conference on Architectural Support for Programming Languages and Operating Systems. J.-P. Hubaux, L. Buttyán and S. Čapkun, The quest for security in mobile ad hoc networks, in: ACM Symposium on Mobile Ad Hoc Networking and Computing (2001). D.B. Johnson and D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: Mobile Computing (Kluwer Academic, 1996) chapter 5, pp. 153–181. Y.-B. Ko and N. Vaidya, Location-Aided Routing (LAR) in mobile ad hoc networks, in: International Conference on Mobile Computing and Networking (MobiCom'98) (1998). J. Kohl and C. Neuman, The Kerberos network authentication service (V5), RFC 1510 (1993). S. Marti, T. Giuli, K. Lai and M. Baker, Mitigating routing misbehaviour in mobile ad hoc networks, in: International Conference on Mobile Computing and Networking (MobiCom 2000) (2000) pp. 255–265. A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography (CRC Press, 1997). S.P. Miller, C. Neuman, J.I. Schiller and J.H. Saltzer, Kerberos authentication and authorization system, Project Athena Technical Plan (1987). N. Modadugu, D. Boneh and M. Kim, Generating RSA keys on a hand-held using an untrusted server, RSA 2000 (2000). National Bureau of Standards (NBS), Specification for the data encryption standard, Federal Information Processing Standards (FIPS) Publication 46 (1977). National Institute of Standards and Technology (NIST), DES model of operation, Federal Information Processing Standards Publication 81 (FIPS PUB 81) (1981). National Institute of Standards and Technology (NIST), Security requirements for cryptographic modules, Federal Information Processing Standards (FIPS) Publication 140-1 (1994). National Institute of Standards and Technology (NIST), Security requirements for cryptographic modules, Federal Information Processing Standards (FIPS) Publication 140-2 (1999). National Institute of Standards and Technology (NIST), Advanced encryption standard (AES) development effort (2000) http:// csrc.nist.gov/encryption/aes/ C. Park, K. Kurosawa, T. Okamoto and S. Tsujii, On key distribution and authentication in mobile radio networks, in: Advances in Cryptology – EuroCrypt'93, Lecture Notes in Computer Science, Vol. 765 (1993) pp. 461–465. V. Park and M. Corson, A highly adaptable distributed routing algorithm for mobile wireless networks, in: IEEE INFOCOMM'97 (1997). B. Patel and J. Crowcroft, Ticket based service access for the mobile user, in: International Conference on Mobile Computing and Networking (MobiCom'97) (1997) pp. 223–233. C. Perkins and P. Bhagwat, Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers, in: ACM SIG-COMM Symposium on Communication, Architectures and Applications (1994). C. Perkins and E. Royer, Ad hoc on-demand distance vector routing, in: IEEE WMCSA'99 (1999). A. Perrig, R. Canetti, D. Song and J.D. Tygar, Efficient and secure source authentication for multicast, in: Network and Distributed System Security Symposium, NDSS'01 (2001). A. Perrig, R. Canetti, J. Tygar and D. Song, Efficient authentication and signing of multicast streams over lossy channels, in: IEEE Symposium on Security and Privacy (2000). A. Perrig, R. Szewczyk, V. Wen, D. Culler and J.D. Tygar, SPINS: Security protocols for sensor networks, in: International Conference on Mobile Computing and Networking (MobiCom 2001), Rome, Italy (2001). K.S.J. Pister, J.M. Kahn and B.E. Boser, Smart dust: Wireless networks of millimeter-scale sensor nodes (1999). R. Rivest, The MD5 message-digest algorithm. RFC 1321, Internet Engineering Task Force (1992). R.L. Rivest, The RC5 encryption algorithm, in: Workshop on Fast Software Encryption (1995) pp. 86–96. R.L. Rivest, A. Shamir and L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21(2) (1978) 120–126. P. Rohatgi, A compact and fast hybrid signature scheme for multicast packet authentication, in: ACM Conference on Computer and Communications Security (1999). B. Schneier, Applied Cryptography, 2nd ed. (Wiley, 1996). F. Stajano and R. Anderson, The resurrecting duckling: Security issues for ad-hoc wireless networks, in: International Workshop on Security Protocols (1999). M. Tatebayashi, N. Matsuzaki and D.B.J. Newman, Key distribution protocol for digital mobile communication systems, in: Advances in Cryptology – Crypto'89, Lecture Notes in Computer Science, Vol. 435 (1989) pp. 324–334. D. Tennenhouse, Embedding the Internet: Proactive computing, Communications of the ACM 43(5) (2000) 43. D. Wheeler and R. Needham, TEA, a Tiny Encryption Algorithm (1994) http://www.ftp.cl.cam.ac.uk/ftp/papers/ djw-rmn/djw-rmn-tea.html B. Yee and J.D. Tygar, Secure coprocessors in electronic commerce applications, in: USENIX Workshop on Electronic Commerce, NewYork (1995). G. Yuval, Reinventing the Travois: Encryption/MAC in 30 ROM bytes, in: Workshop on Fast Software Encryption (1997). L. Zhou and Z. Haas, Securing ad hoc networks, IEEE Network Magazine 13(6) (1999).