Adrian Perrig
Robert Szewczyk
ABSTRACT
As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, much research has focused on making sensor networks feasible and useful, and has not concentrated on security.
We present a suite of security building blocks optimized for resource-constrained environments and wireless communication. SPINS has two secure building blocks: SNEP and μTESLA SNEP provides the following important baseline security primitives: Data confidentiality, two-party data authentication, and data freshness. A particularly hard problem is to provide efficient broadcast authentication, which is an important mechanism for sensor networks. μTESLA is a new protocol which provides authenticated broadcast for severely resource-constrained environments. We implemented the above protocols, and show that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of our network. Additionally, we demonstrate that the suite can be used for building higher level protocols.
- 1.Secure Microcontrollers for SmartCards. http: //www.atmel.com/atmel/acrobat/1065s.pdf.]]Google Scholar
- 2.Steven Bellovin and Michael Merrit. Augmented encrypted key exchange: a password-based protocol secure against dictionary atttacks and password file compromise. In First ACM Conference on Computer and Communications Security CCS-1, pages 244-250, 1993.]] Google ScholarDigital Library
- 3.David W. Carman, Peter S. Kruus, and Brian J. Matt. Constraints and approaches for distributed sensor network security. NAI Labs Technical Report #00-010, September 2000.]]Google Scholar
- 4.Steven E. Czerwinski, Ben Y. Zhao, Todd D. Hodes, Anthony D. Joseph, and Randy H. Katz. An architecture for a secure service discovery service. In Fifth Annual ACM/IEEE International Conference on Mobile Computing and Networking, pages 24 - 35, Seattle, WA USA, August 1999.]] Google ScholarDigital Library
- 5.D. Johnson and D.A. Maltz and J. Broch. The dynamic source routing protocol for mobile ad hoc networks (internet-draft). In Mobile Ad-hoc Network (MANET) Working Group, IETF, October 1999.]]Google Scholar
- 6.Joan Daemen and Vincent Rijmen. AES proposal: Rijndael, March 1999.]]Google Scholar
- 7.iButton: A Java-Powered Cryptographic iButton. http: //www.ibutton.com/ibuttons/java.html.]]Google Scholar
- 8.W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. Inform. Theory, IT-22:644-654, November 1976.]]Google ScholarDigital Library
- 9.Whitfield Diffie and Martin E. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67(3):397-427, March 1979.]]Google ScholarCross Ref
- 10.Armando Fox and Steven D. Gribble. Security on the move: indirect authentication using Kerberos. In Second Annual International Conference on Mobile Computing and Networking (MOBICOM 1996), pages 155-164, White Plains, NY USA, November 1996.]] Google ScholarDigital Library
- 11.R. Gennaro and P. Rohatgi. How to sign digital streams. In Burt Kaliski, editor, Advances in Cryptology - Crypto '97, pages 180-197, Berlin, 1997. Springer-Verlag. Lecture Notes in Computer Science Volume 1294.]] Google ScholarDigital Library
- 12.Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer Security, 28:270-299, 1984.]]Google Scholar
- 13.Z.J. Haas and M. Perlman. The zone routing protocol (ZRP) for ad hoc networks (Internet-Draft). 1998.]]Google Scholar
- 14.Neil M. Haller. The S/KEY one-time password system. In ISOC, 1994.]]Google Scholar
- 15.D. Harkins and D. Carrel. The internet key exchange (IKE). Request for Comments 2409, Information Sciences Institute, University of Southern California, November 1998.]] Google ScholarDigital Library
- 16.J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture directions for networked sensors. In Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems, November 2000.]] Google ScholarDigital Library
- 17.D.B. Johnson and D.A. Maltz. Dynamic source routing in ad-hoc wireless networks. In Mobile Computing, 1996.]]Google ScholarCross Ref
- 18.Young-Bae Ko and Nitin Vaidya. Location-aided routing (LAR) in mobile ad hoc networks. In Proceedings of the Fourth International Conference on Mobile Computing and Networking (MobiCom'98), October 1998.]] Google ScholarDigital Library
- 19.J. Kohl and C. Neuman. RFC 1510: The Kerberos Network Authentication Service (V5), September 1993. Status: PROPOSED STANDARD.]] Google ScholarDigital Library
- 20.L. Lamport. Constructing digital signatures from a one-way function. Technical Report CSL-98, SRI International, October 1979.]]Google Scholar
- 21.H. Lipmaa, P. Rogaway, and D. Wagner. Counter mode encryption. http://csrc.nist.gov/encryption/modes/.]]Google Scholar
- 22.Alfred J. Menezes, Paul van Oorschot, and Scott Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.]] Google ScholarDigital Library
- 23.S. P. Miller, C. Neuman, J. I. Schiller, and J. H. Saltzer. Kerberos authentication and authorization system. In Project Athena Technical Plan, page section E.2.1, 1987.]]Google Scholar
- 24.N. Modadugu, D. Boneh, and M. Kim. Generating RSA keys on a handheld using an untrusted server. In RSA 2000, 2000.]]Google Scholar
- 25.NIST. Advanced encryption standard (AES) development effort. http://csrc.nist.gov/encryption/aes/, October 2000.]]Google Scholar
- 26.V.D. Park and M.S. Corson. A highly adaptable distributed routing algorithm for mobile wireless networks. In IEEE INFOCOMM'97, 1997.]] Google ScholarDigital Library
- 27.Bhrat Patel and Jon Crowcroft. Ticket based service access for the mobile user. In Third annual ACM/IEEE international conference on Mobile computing and networking, pages 223-233, Budapest Hungary, September 1997.]] Google ScholarDigital Library
- 28.C.E. Perkins and P. Bhagwat. Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers. In ACM SIGCOMM Symposium on Communication, Architectures and Applications, 1994.]] Google ScholarDigital Library
- 29.C.E. Perkins and E.M. Royer. Ad hoc on-demand distance vector routing. In IEEE WMCSA'99, February 1999.]] Google ScholarDigital Library
- 30.Adrian Perrig, Ran Canetti, Dawn Song, and J. D. Tygar. Efficient and secure source authentication for multicast. In Network and Distributed System Security Symposium, NDSS '01, February 2001.]]Google Scholar
- 31.Adrian Perrig, Ran Canetti, J.D. Tygar, and Dawn Song. Efficient authentication and signing of multicast streams over lossy channels. In IEEE Symposium on Security and Privacy, May 2000.]] Google ScholarDigital Library
- 32.K. S. J. Pister, J. M. Kahn, and B. E. Boser. Smart dust: Wireless networks of millimeter-scale sensor nodes, 1999.]]Google Scholar
- 33.R. L. Rivest. The RC5 encryption algorithm. Proc. 1st Workshop on Fast Software Encryption, pages 86-96, 1995.]]Google ScholarCross Ref
- 34.Ronald L. Rivest. The MD5 message-digest algorithm. Internet Request for Comments, April 1992. RFC 1321.]] Google ScholarDigital Library
- 35.Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120-126, 1978.]] Google ScholarDigital Library
- 36.Pankaj Rohatgi. A compact and fast hybrid signature scheme for multicast packet authentication. In 6th ACM Conference on Computer and Communications Security, November 1999.]] Google ScholarDigital Library
- 37.S. Marti and T. Giuli and K. Lai and M. Baker. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of Mobicom 2000, August 2000.]] Google ScholarDigital Library
- 38.Bruce Schneier. Applied Cryptography (Second Edition). John Wiley & Sons, 1996.]]Google Scholar
- 39.Frank Stajano and Ross Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In B. Christianson, B. Crispo, and M. Roe, editors, Security Protocols, 7th International Workshop. Springer Verlag Berlin Heidelberg, 1999.]] Google ScholarDigital Library
- 40.David Tennenhouse. Embedding the Internet: Proactive computing. Communications of the ACM, 43(5):43-43, 2000.]] Google ScholarDigital Library
- 41.U. S. National Institute of Standards and Technology (NIST). DES model of operation. Federal Information Processing Standards Publication 81 (FIPS PUB 81).]]Google Scholar
- 42.U. S. National Institute of Standards and Technology (NIST). Data Encryption Standard (DES). Draft Federal Information Processing Standards Publication 46-3 (FIPS PUB 46-3), January 1999.]]Google Scholar
- 43.David Wheeler and Roger Needham. TEA, a tiny encryption algorithm. http://www.ftp.cl.cam.ac.uk/ftp/ papers/djw-rmn/djw-rmn-tea.html, November 1994.]]Google Scholar
- 44.Gideon Yuval. Reinventing the Travois: Encryption/MAC in 30 ROM bytes. In Proc. 4th Workshop on Fast Software Encryption, 1997.]] Google ScholarDigital Library
- 45.L. Zhou and Z.J. Hass. Securing ad hoc networks. 13(6), November/December 1999.]]Google Scholar
Index Terms
- SPINS: security protocols for sensor networks
Recommendations
SPINS: security protocols for sensor networks
Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. We present a suite of security protocols optimized for sensor ...
Protocols for Multiparty Coin Toss with a Dishonest Majority
Coin-tossing protocols are protocols that generate a random bit with uniform distribution, although some corrupted parties might try to bias the output. These protocols are used as a building block in many cryptographic protocols. Cleve (Proc. of the ...
Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious
Proceedings, Part I, of the 14th International Conference on Theory of Cryptography - Volume 9985An $$\alpha $$α-fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than $$\alpha $$α. Cleve [STOC 1986] has shown that if half of the ...
Comments