|
 ABSTRACT
In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node -- an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
R. Anderson, M. Kuhn. Tamper Resistance -- a Cautionary Note. The Second USENIX Workshop on Electronic Com-merce Proceedings, Oakland, California, November, 1996.
|
 |
2
|
Stefano Basagni , Kris Herrin , Danilo Bruschi , Emilia Rosti, Secure pebblenets, Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking & computing, October 04-05, 2001, Long Beach, CA, USA
[doi> 10.1145/501436.501438]
|
| |
3
|
A. Cerpa and D. Estrin. ASCENT: Adaptive selfconfiguring sensor network topologies. In Proc. of INFOCOM'02, June 2002.
|
| |
4
|
D. Coppersmith, M. Jakobsson. Almost Optimal Hash Sequence Traversal. In Finanical Cryptography (FC) '02.
|
| |
5
|
D. Carman, P. Kruus and B. Matt. Constraints and approaches for distributed sensor network security, NAI Labs Technical Report No. 00010 (2000).
|
| |
6
|
|
| |
7
|
T. Dierks and C. Allen. The TLS Protocol Version 1.0. RFC 2246, January 1999.
|
| |
8
|
|
| |
9
|
|
| |
10
|
|
| |
11
|
Y. Hu, A. Perrig, and D. Johnson. Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks. Proceedings of INFOCOM 2003, IEEE, San Francisco, CA, April 2003, to appear.
|
| |
12
|
Jason Hill , Robert Szewczyk , Alec Woo , Seth Hollar , David Culler , Kristofer Pister, System architecture directions for networked sensors, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.93-104, November 2000, Cambridge, Massachusetts, United States
|
| |
13
|
Chalermek Intanagonwiwat , Ramesh Govindan , Deborah Estrin, Directed diffusion: a scalable and robust communication paradigm for sensor networks, Proceedings of the 6th annual international conference on Mobile computing and networking, p.56-67, August 06-11, 2000, Boston, Massachusetts, United States
[doi> 10.1145/345910.345920]
|
| |
14
|
C. Karlof, Y. Li, and J. Polastre. ARRIVE: An Architecture for Robust Routing In Volatile Environments. Technical Report UCB/CSD-03-1233, University of California at Berkeley, Mar. 2003.
|
| |
15
|
J. Kohl and B. Neuman. The Kerberos Network Authentication Service (V5). RFC 1510, Sep. 1993.
|
| |
16
|
C. Karlof, N. Sastry, U. Shankar, and D. Wagner. TinySec: TinyOS Link Layer Security Proposal, version 1.0, Unpublished manuscript, July 2002.
|
| |
17
|
C. Karlof and D. Wagner. Secure Routing in Sensor Networks: Attacks and Countermeasures. To appear in Proc. of First IEEE Workshop on Sensor Network Protocols and Applications, May 2003.
|
| |
18
|
|
| |
19
|
D. Liu and P. Ning. Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks. In Proc. of NDSS'03, Feb. 2003.
|
| |
20
|
|
| |
21
|
|
| |
22
|
Adrian Perrig , Robert Szewczyk , Victor Wen , David Culler , J. D. Tygar, SPINS: security protocols for sensor netowrks, Proceedings of the 7th annual international conference on Mobile computing and networking, p.189-199, July 2001, Rome, Italy
[doi> 10.1145/381677.381696]
|
| |
23
|
|
| |
24
|
TinyOs. http://www.cs.berkeley.edu/~jhill/spec/index.htm.
|
| |
25
|
|
| |
26
|
Chung Kei Wong , Mohamed Gouda , Simon S. Lam, Secure group communications using key graphs, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.68-79, August 31-September 04, 1998, Vancouver, British Columbia, Canada
|
| |
27
|
|
| |
28
|
|
| |
29
|
|
CITED BY 103
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Wensheng Zhang , Hui Song , Sencun Zhu , Guohong Cao, Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks, Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing, May 25-27, 2005, Urbana-Champaign, IL, USA
|
|
|
Hao Yang , Fan Ye , Yuan Yuan , Songwu Lu , William Arbaugh, Toward resilient security in wireless sensor networks, Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing, May 25-27, 2005, Urbana-Champaign, IL, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Nidal Aboudagga , Mohamed Tamer Refaei , Mohamed Eltoweissy , Luiz A. DaSilva , Jean-Jacques Quisquater, Authentication protocols for ad hoc networks: taxonomy and research issues, Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks, October 13-13, 2005, Montreal, Quebec, Canada
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Anthony D. Wood , Lei Fang , John A. Stankovic , Tian He, SIGF: a family of configurable, secure routing protocols for wireless sensor networks, Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks, October 30-30, 2006, Alexandria, Virginia, USA
|
|
|
|
|
|
|
|
|
|
|
|
Eric Sabbah , Adnan Majeed , Kyoung-Don Kang , Ke Liu , Nael Abu-Ghazaleh, An application-driven perspective on wireless sensor network security, Proceedings of the 2nd ACM international workshop on Quality of service & security for wireless and mobile networks, October 02-02, 2006, Terromolinos, Spain
|
|
|
|
|
|
|
|
|
Patrick Traynor , Raju Kumar , Hussain Bin Saad , Guohong Cao , Thomas La Porta, LIGER: implementing efficient hybrid security mechanisms for heterogeneous sensor networks, Proceedings of the 4th international conference on Mobile systems, applications and services, June 19-22, 2006, Uppsala, Sweden
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Paolo Baronti , Prashant Pillai , Vince W. C. Chook , Stefano Chessa , Alberto Gotta , Y. Fun Hu, Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards, Computer Communications, v.30 n.7, p.1655-1695, May, 2007
|
|
|
|
|
|
|
|
|
Mark Luk , Ghita Mezzour , Adrian Perrig , Virgil Gligor, MiniSec: a secure sensor network communication architecture, Proceedings of the 6th international conference on Information processing in sensor networks, April 25-27, 2007, Cambridge, Massachusetts, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Rabia Riaz , Ayesha Naureen , Attiya Akram , Ali Hammad Akbar , Ki-Hyung Kim , H. Farooq Ahmed, A unified security framework with three key management schemes for wireless sensor networks, Computer Communications, v.31 n.18, p.4269-4280, December, 2008
|
|
|
Patrick Traynor , Raju Kumar , Heesook Choi , Guohong Cao , Sencun Zhu , Thomas La Porta, Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks, IEEE Transactions on Mobile Computing, v.6 n.6, p.663-677, June 2007
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Hailun Tan , Sanjay Jha , Diet Ostry , John Zic , Vijay Sivaraman, Secure multi-hop network programming with multiple one-way key chains, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
|
|
|
|
|
|
Yang Xiao , Venkata Krishna Rayi , Bo Sun , Xiaojiang Du , Fei Hu , Michael Galloway, A survey of key management schemes in wireless sensor networks, Computer Communications, v.30 n.11-12, p.2314-2341, September, 2007
|
|
|
Hui Song , Liang Xie , Sencun Zhu , Guohong Cao, Sensor node compromise detection: the location perspective, Proceedings of the 2007 international conference on Wireless communications and mobile computing, August 12-16, 2007, Honolulu, Hawaii, USA
|
|
|
|
|
|
Wensheng Zhang , Minh Tran , Sencun Zhu , Guohong Cao, A random perturbation-based scheme for pairwise key establishment in sensor networks, Proceedings of the 8th ACM international symposium on Mobile ad hoc networking and computing, September 09-14, 2007, Montreal, Quebec, Canada
|
|
|
|
|
|
|
|
|
Leonardo B. Oliveira , Adrian Ferreira , Marco A. Vilaça , Hao Chi Wong , Marshall Bern , Ricardo Dahab , Antonio A. F. Loureiro, SecLEACH-On the security of clustered sensor networks, Signal Processing, v.87 n.12, p.2882-2895, December, 2007
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Idris M. Atakli , Hongbing Hu , Yu Chen , Wei Shinn Ku , Zhou Su, Malicious node detection in wireless sensor networks using weighted trust evaluation, Proceedings of the 2008 Spring simulation multiconference, April 14-17, 2008, Ottawa, Canada
|
|
|
|
|
|
Mi Wen , Yan-Fei Zheng , Wen-jun Ye , Ke-Fei Chen , Wei-Dong Qiu, A key management protocol with robust continuity for sensor networks, Computer Standards & Interfaces, v.31 n.4, p.642-647, June, 2009
|
|
|
Reza Shokri , Marcin Poturalski , Gael Ravot , Panos Papadimitratos , Jean-Pierre Hubaux, A practical secure neighbor verification protocol for wireless sensor networks, Proceedings of the second ACM conference on Wireless network security, March 16-19, 2009, Zurich, Switzerland
|
|
|
|
|
|
|
|
|
|
|
|
Jorge Guajardo , Boris Škorić , Pim Tuyls , Sandeep S. Kumar , Thijs Bel , Antoon H. Blom , Geert-Jan Schrijen, Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions, Information Systems Frontiers, v.11 n.1, p.19-41, March 2009
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Madalin Plastoi , Daniel-Ioan Curiac , Iosif Gut , Constantin Volosencu, Self-destruction procedure for mesh wireless sensor networks, Proceedings of the 9th WSEAS international conference on Simulation, modelling and optimization, p.286-291, September 03-05, 2009, Budapest, Hungary
|
|
|
Jianming Zhou , Wensheng Zhang , Daji Qiao, Protecting storage location privacy in sensor networks, The Fourth International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness & Workshops, August 14-17, 2007, Vancouver, Canada
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.2