|
 ABSTRACT
We describe LEAP+ (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP+ supports the establishment of four types of keys for each sensor node: an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a global key shared by all the nodes in the network. LEAP+ also supports (weak) local source authentication without precluding in-network processing. Our performance analysis shows that LEAP+ is very efficient in terms of computational, communication, and storage costs. We analyze the security of LEAP+ under various attack models and show that LEAP+ is very effective in defending against many sophisticated attacks, such as HELLO flood attacks, node cloning attacks, and wormhole attacks. A prototype implementation of LEAP+ on a sensor network testbed is also described.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
Anderson, R. and Kuhn, M. 1996. Tamper resistance---a cautionary note. In Proceedings of the 2nd USENIX Workshop on Electronic Commerce'96. 1--11.
|
 |
3
|
Stefano Basagni , Kris Herrin , Danilo Bruschi , Emilia Rosti, Secure pebblenets, Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing, October 04-05, 2001, Long Beach, CA, USA
[doi> 10.1145/501436.501438]
|
| |
4
|
|
| |
5
|
Carlo Blundo , Alfredo De Santis , Amir Herzberg , Shay Kutten , Ugo Vaccaro , Moti Yung, Perfectly-Secure Key Distribution for Dynamic Conferences, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, p.471-486, August 16-20, 1992
|
| |
6
|
Carman, D., Kruus, P., and Matt, B. 2000. Constraints and approaches for distributed sensor network security. Tech. Rep., NAI Labs, No. 00010.
|
| |
7
|
Chan, H. and Perrig, A. 2005. PIKE: Peer intermediaries for key establishment in sensor networks. In Proceedings of IEEE Infocom.
|
| |
8
|
|
| |
9
|
|
| |
10
|
Coppersmith, D. and Jakobsson, M. 2002. Almost optimal hash sequence traversal. In Proceedings of Finanical Cryptography (FC'02). 102--119.
|
| |
11
|
|
| |
12
|
|
| |
13
|
|
| |
14
|
Du, W., Deng, J., Han, Y., and Chen, S. 2004. A key management scheme for wireless sensor networks using deployment knowledge. Proceedings of IEEE INFOCOM'04.
|
| |
15
|
|
| |
16
|
|
| |
17
|
|
| |
18
|
Jason Hill , Robert Szewczyk , Alec Woo , Seth Hollar , David Culler , Kristofer Pister, System architecture directions for networked sensors, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.93-104, November 2000, Cambridge, Massachusetts, United States
|
| |
19
|
Hu, L. and Evans, D. 2003. Secure aggregation for wireless networks. In Proceedings of Workshop on Security and Assurance in Ad hoc Networks.
|
| |
20
|
Hu, Y., Jakobsson, M., and Perrig, A. 2005. Efficient constructions for one-way hash chains. In Proceedings of Applied Cryptography and Network Security (ACNS).
|
| |
21
|
Hu, Y., Perrig, A., and Johnson, D. 2003. Packet leashes: A defense against wormhole attacks in wireless ad hoc networks. In Proceedings of IEEE Infocom'03.
|
| |
22
|
Chalermek Intanagonwiwat , Ramesh Govindan , Deborah Estrin, Directed diffusion: a scalable and robust communication paradigm for sensor networks, Proceedings of the 6th annual international conference on Mobile computing and networking, p.56-67, August 06-11, 2000, Boston, Massachusetts, United States
[doi> 10.1145/345910.345920]
|
| |
23
|
Karlof, C., Li, Y., and Polastre, J. 2003. Arrive: An architecture for robust routing in volatile environments. Tech. Rep. UCB/CSD-03-1233, University of California at Berkeley.
|
| |
24
|
|
| |
25
|
Karlof, C. and Wagner, D. 2003. Secure routing in sensor networks: Attacks and countermeasures. In Proceedings of the 1st IEEE Workshop on Sensor Network Protocols and Applications.
|
| |
26
|
|
| |
27
|
|
| |
28
|
Lazos, L. and Poovendran, R. 2003. Energy-aware secure multicast communication in ad hoc networks using geographic location information. In Proceedings of IEEE ICASSP'03.
|
| |
29
|
|
| |
30
|
|
| |
31
|
|
| |
32
|
|
| |
33
|
Suvo Mittra, Iolus: a framework for scalable secure multicasting, Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication, p.277-288, September 14-18, 1997, Cannes, France
|
| |
34
|
James Newsome , Elaine Shi , Dawn Song , Adrian Perrig, The sybil attack in sensor networks: analysis & defenses, Proceedings of the third international symposium on Information processing in sensor networks, April 26-27, 2004, Berkeley, California, USA
[doi> 10.1145/984622.984660]
|
| |
35
|
|
| |
36
|
|
| |
37
|
Adrian Perrig , Robert Szewczyk , Victor Wen , David Culler , J. D. Tygar, SPINS: security protocols for sensor netowrks, Proceedings of the 7th annual international conference on Mobile computing and networking, p.189-199, July 2001, Rome, Italy
[doi> 10.1145/381677.381696]
|
| |
38
|
|
| |
39
|
Rivest, R. 1994. The rc5 encryption algorithm. In Proceedings of the 1st International Workshop on Fast Software Encryption. 86--96.
|
| |
40
|
Chung Kei Wong , Mohamed Gouda , Simon S. Lam, Secure group communications using key graphs, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.68-79, August 31-September 04, 1998, Vancouver, British Columbia, Canada
|
| |
41
|
|
| |
42
|
Xbow 2005. Crossbow technology inc. http://www.xbow.com.
|
| |
43
|
|
| |
44
|
Ye, F., Luo, H., Lu, S., and Zhang, L. 2004. Statistical en-route detection and filtering of injected false data in sensor networks. In Proceedings of IEEE Infocom'04.
|
| |
45
|
Wensheng Zhang , Hui Song , Sencun Zhu , Guohong Cao, Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks, Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing, May 25-27, 2005, Urbana-Champaign, IL, USA
[doi> 10.1145/1062689.1062737]
|
| |
46
|
|
| |
47
|
Zhu, S., Setia, S., Jajodia, S., and Ning, P. 2004. An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. In Proceedings of IEEE Symposium on Security and Privacy. 259--271.
|
| |
48
|
|
CITED BY 4
|
|
Li Chen , Chia-Chang Hsu , Chin-Laung Lei, A location-ID sensitive key establishment scheme in static wireless sensor networks, Proceedings of the International Conference on Mobile Technology, Applications, and Systems, September 10-12, 2008, Yilan, Taiwan
|
|
|
|
|
|
|
|
|
Jorge Guajardo , Boris Škorić , Pim Tuyls , Sandeep S. Kumar , Thijs Bel , Antoon H. Blom , Geert-Jan Schrijen, Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions, Information Systems Frontiers, v.11 n.1, p.19-41, March 2009
|
REVIEW
"Eduardo B. Fernandez : Reviewer"
LEAP+, a key management protocol for sensor networks, is proposed by the authors in this paper. The basic idea recognizes that sensor networks use different types of messages and proposes the use of multiple keys intended to protect these differen
more...
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.2