In wireless sensor networks, it is critical to restrict the network access only to eligible sensor nodes, while messages from outsiders will not be forwarded in the networks. In this paper, we present the design, implementation, and evaluation of a secure network access system for wireless sensor networks. This paper makes three contributions: First, it develops a network admission control subsystem using Elliptic Curve public key cryptosystem to add new sensor nodes into a sensor network. The admission control subsystem employs a polynomial-based weak authentication scheme to mitigate Denial of Service (DoS) attacks against the public key cryptographic operations. Second, it implements an interface in TinyOS to provide symmetric key cryptography using the hardware security support in IEEE 802.15.4 radio components (e.g., CC2420). The hardware security can satisfy both message authentication and timely delivery requirements in real-time applications. The third contribution is an implementation of a stateless group key update scheme to update a network-wide secret key in a sensor network. We implement all the proposed techniques on Imote2 sensor platform running TinyOS and conduct an evaluation through field experiments.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/Imote2_Datasheet.pdf
	2	http://www.meshnetics.com/Building_Subsidence_Monitoring_Case_Study.pdf
	3	www.xbow.com
	4	SmartRF CC2420 Datasheet. http://focus.ti.com/lit/ds/symlink/cc2420.pdf
	5	A. Liu, P. Kampanakis, and P. Ning, "TinyECC: Elliptic curve cryptography for sensor networks (version 0.3)," http://discovery.csc.ncsu.edu/software/TinyECC/.
	6	Arazi, B. (1999). Certification of dl/ec keys. In Proceedings of the IEEE P1363 Study Group for Future Public-Key Cryptography Standards.
	7	Donggang Liu , Peng Ning, Establishing pairwise keys in distributed sensor networks, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948119]
	8	Dalit Naor , Moni Naor , Jeffrey B. Lotspiech, Revocation and Tracing Schemes for Stateless Receivers, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.41-62, August 19-23, 2001
	9	Darrel Hankerson , Alfred J. Menezes , Scott Vanstone, Guide to Elliptic Curve Cryptography, Springer-Verlag New York, Inc., Secaucus, NJ, 2003
	10	Certicom Research. Standards for efficient cryptography -- SEC1: Elliptic curve cryptography. http://www.secg.org/download/aid-385/sec1_final.pdf
	11	Certicom Research. Standards for efficient cryptography -- SEC2: Recommended Elliptic Curve Domain Parameters. http://www.secg.org/download/aid-386/sec2_final.pdf
	12	Bouncy Castle provider, http://www.bouncycastle.org/
	13	Chris Karlof , Naveen Sastry , David Wagner, TinySec: a link layer security architecture for wireless sensor networks, Proceedings of the 2nd international conference on Embedded networked sensor systems, November 03-05, 2004, Baltimore, MD, USA  [doi>10.1145/1031495.1031515]
	14	Y. Hu, A. Perrig, and D. B. Johnson. Wormhole detection in wireless ad hoc networks. Technical Report TR01-384, Department of Computer Science, Rice University, Dec 2001.
	15	Adrian Perrig , J. D. Tygar , Dawn Song , Ran Canetti, Efficient Authentication and Signing of Multicast Streams over Lossy Channels, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.56, May 14-17, 2000
	16	Sangwon Hyun , Peng Ning , An Liu , Wenliang Du, Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks, Proceedings of the 7th international conference on Information processing in sensor networks, p.445-456, April 22-24, 2008  [doi>10.1109/IPSN.2008.12]
	17	R. Merkle. Protocols for public key cryptosystems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, Apr 1980.
	18	Additional ECC Groups For IKE, http://www1.tools.ietf.org/html/draft-ipsec-ike-ecc-groups-06
	19	Donggang Liu , Peng Ning, Improving key predistribution with deployment knowledge in static sensor networks, ACM Transactions on Sensor Networks (TOSN), v.1 n.2, p.204-239, November 2005  [doi>10.1145/1105688.1105691]
	20	IEEE std. 802.15.4 -- 2003: Wireless Medium Access Control (MAC) and Physical Layer (PHY) specifications for Low Rate Wireless Personal Area Networks (LR-WPANs) http://standards.ieee.org/getieee802/download/802.15.4-2003.pdf
	21	Chung Kei Wong , Mohamed Gouda , Simon S. Lam, Secure group communications using key graphs, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.68-79, August 31-September 04, 1998, Vancouver, British Columbia, Canada
	22	Java Data Structure Library (JDSL) http://www.jdsl.org/