Académique Documents
Professionnel Documents
Culture Documents
11/29/07
page 1
Confidentiality
Ensures secrecy of data
Prevents eavesdropping
11/29/07
page 2
Challenges
Integrity of sensor: hard to manage without
expensive crypto processors or ensuring physical
security
Key distribution is a challenge
Dont want to store private keys in sensors
Key strength weakens with time
Freshness important
Prevent replay attack
Define notions of strong freshness (delay estimation, total
ordering) and weak freshness (partial ordering)
page 3
11/29/07
page 4
TESLA
Micro Timed Efficient Stream Loss-tolerant Authentication
Provides broadcast authentication
11/29/07
page 5
System Assumptions
Communication patterns
Frequent node-base station exchanges
Frequent network flooding from base
Node-node interactions infrequent
Base station
Sufficient memory, power
Shares secret key with each node
Node
Limited resources, limited trust
11/29/07
page 6
11/29/07
page 7
Asymmetric cryptography
Each person maintains two keys, public and private
M PrivateKey(PublicKey(M))
M PublicKey (PrivateKey(M))
11/29/07
page 8
O(minutes)
O(seconds)
~128 bytes
11/29/07
page 9
11/29/07
page 10
11/29/07
]
,
>
C
AB A
page 11
SNEP Properties
Secrecy & confidentiality
Semantic security against chosen ciphertext attack
(strongest security notion for encryption)
Authentication
Replay protection
Code size: 1.5 Kbytes
Strong freshness protocol in paper
11/29/07
page 12
Broadcast Authentication
Broadcast is basic communication mechanism
Sender broadcasts data
Each receiver verifies data origin
Alice
Sender
M
Bob
11/29/07
Dave
M
Carol
CSE 4/60484: Networked Sensor Systems
page 13
K
Sender
M, MAC(K,M)
K
11/29/07
Alice
M, MAC(K,M)
Bob
M', MAC(K,M') K
CSE 4/60484: Networked Sensor Systems
page 14
11/29/07
page 15
K4
Time 4
Verify MAC
11/29/07
K5
Time 5
K6
Time 6
K7
Time 7
P1
P2
K3
K5
page 16
Authenticate K5
K3
K4
Time 4
P1
K5
K6
Time 5
Time 6
K7
Time 7
P2
P3
P4
P5
K2 K2
K3
K4
K5
Verify MACs
11/29/07
page 17
TESLA Properties
Low overhead (1 MAC)
Communication (same as SNEP)
Computation (~ 2 MAC computations)
11/29/07
page 18
Security Computation 2%
MAC transmission
21%
Data
transmission
77%
11/29/07
page 19
Conclusion
Strong security protocols affordable
First broadcast authentication
11/29/07
page 20