6. security in wireless sensor netwoks
Download as PPTX, PDF0 likes1,311 views
This document discusses security threats and challenges in wireless sensor networks. It outlines various threats including passive information gathering, node subversion, false nodes, node malfunctions, message corruption and denial of service attacks. It also describes different key distribution techniques for sensor networks such as single network keys, asymmetric cryptography, pairwise keys, and base station based key distribution. Random key predistribution schemes are explained where sensors are loaded with random keys before deployment. The document also discusses watermarking techniques that can be used to authenticate data collected by sensor networks through modulating sensor parameters or embedding signatures during data processing.
![1
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-1-320.jpg)
![Security in
Wireless Sensor Network
Unit : 6
2
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-2-320.jpg)
![Threats to a wireless sensor Networks
There are many vulnerability and threats to WSN which includes:
Due to Power Failure
Due to Environmental Factors
Due to Physical Tempering
3
Threats due to Equipment Breakdown
Due to Information Gathering
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-3-320.jpg)
![List of threats to WSN
Passive information gathering
Subversion of node
False Node
Node Malfunction
Node Outage
Message corruption
Denial of Service
4
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-4-320.jpg)
![List of threats to WSN
Passive Information Gathering:
- If communication between sensors / between sensors and Intermediate
nodes are in the clear then
An intruder: with an appropriate powerful receiver and
well designed antenna
can passively pick off the data stream.
Subversion of a node:
- If sensor node is captured, it may be tampered with electronically
interrogated and perhaps compromised.
- Once compromised, the sensor node may disclose its cryptographic
keying material.
5
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-5-320.jpg)
![List of threats to WSN
False Node:
- An Intruder might add a node to a system and
feed false data or block the passage of True data.
- Typically a false node is computationally robust device which
impersonates a sensor node.
Node Malfunction:
- A node in a wireless sensor network may mal function and generate
inaccurate or false data.
- More over if the node is work as intermediate node may drop or
garble data during transmission.
6
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-6-320.jpg)
![List of threats to WSN
Node Outage:
If a node serves as an intermediate node or collection and aggregation
point, Which stops working.
Message Corruption:
Attacks against the integrity of message occur when:
An intruder insert themselves between the source and destination
And modify the contents of a message.
Denial of Service:
A denial of service attack on WSN may take several forms, such an attack
may consist of jamming the radio link or could exhaust resources or
misroute the data.
7
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-7-320.jpg)
![List of task to be achieve during
designing of Generic WSN Security Model
Communication Security:
- This Mechanism involve to provide security for node to node
communication.
- In the case: when more powerful nodes exist & clusters can be
formed, end to end communication security between the designated
cluster head and each individual sensor node in the cluster should be
used.
- In the absence of powerful nodes , it is appropriate to employ
pair wise security , but only for fixed number of pairs.
- This is because pair wise security is not scalable as the number of
nodes in WSN increases.
8
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-8-320.jpg)
![List of task to be achieve during
designing of Generic WSN Security Model
Key Management:
- Due to the fact that most sensor nodes in WSN have limited amount
of energy, public key cryptography mechanism are expensive in
terms of Energy Consumption.
- Private key cryptography, on the hand is quite applicable to WSN
due to its low energy requirements.
- However in hybrid WSN consist of nodes with different capabilities
and resources , so it is feasible to employ both public key & private key
cryptography.
9
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-9-320.jpg)
![List of task to be achieve during
designing of Generic WSN Security Model
Data Aggregation:
- In the ideal security model data aggregation can be performed to
confirm security options.
Self-Healing:
- Self organization and maintenance properties are built into the
network.
10
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-10-320.jpg)
![Security Architecture
SPIN:
Security Protocol
in Sensor Network
SPIN
SNEP:
Secure Network
Encryption Protocol
Micro-TESLA:
SNEP
Micro Timed Efficient
MicroTESLA
Streaming Loss tolerant
Authentication
11
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-11-320.jpg)
![Security Architecture
In SPINS, each sensor node shares a unique master key with
base station.
Other key required by SNEP and micro-TESLA protocols are derived
from this master key.
SNEP is based on Cipher block Chaining implemented in counter
mode (CBC-CTR).
In this method initial value of the counter in the sender and receiver is
the same , thus:
The sender increments the counter after sending each encrypted
message and the receiver after receiving, decrypting it.
12
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-12-320.jpg)
![Security Architecture
To
achieve
authenticated
broadcasts,
micro-TESLA
uses
time –released key chain.(TRKC)
There are two requirements for correct functioning of this protocol
i.
The owner of the key release schedule has to have enough storage
for all the keys in the key chain.
ii.
Every node in the network has to at least be loosely time
synchronized.
13
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-13-320.jpg)
![Key distribution techniques
for sensor Network
The general key distribution refers to the task of distributing secret
keys between communicating parties in order to facilitate security
properties such as Communication Secrecy and Authentication.
In sensor network , key distribution is usually combined with initial
communication
establishment
to
bootstrap
a
secure
communication infrastructure from collection of deployed sensor
nodes.
These nodes may have been pre initialized with some secret
information but do not have direct contact to each other.
“ This Combined problem of key distribution & secure communication
establishment is known as Bootstrapping Problem”
14
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-14-320.jpg)
![Problems of Bootstrapping in Sensor N/W
Boot strapping schemes for sensor networks needs to satisfy the
following requirements:
Deploy nodes must be able to establish secure node to node
communication.
Additional Legitimate nodes deploy at later time can form secure
connection with already deployed nodes.
Unauthorized node should not be able to gain entry into the
network, either through packet injection.
The scheme must work without prior knowledge of which nodes will
come into communication range of each other after deployment.
16
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-16-320.jpg)
![method of key distribution
Single
Network Wide Key
Asymmetric
Pair
Cryptography
wise keys
Trusted
base station based key
distribution
Random
17
Key pre distribution scheme
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-17-320.jpg)
![Single Network Wide Key
The simplest method of key distribution is to pre-load a Single Network
Wide Key onto all nodes before deployment.
After deployment nodes can start communication with the nodes
which are using the same network key.
This can be achieve by encrypting a message using Network Key.
18
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-18-320.jpg)
![Single Network Wide Key : Properties
Minimal
memory storage required
No additional
protocol steps are required.
Resistant against packet injection
19
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-19-320.jpg)
![Single Network Wide Key :
Drawback & Solution
The drawback of this scheme is:
if single node is compromised then entire security of the network
would be broken.
Methods to overcome this drawback
- Nodes must be temper resistant
- New nodes must not be allowed to enter into the network.
20
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-20-320.jpg)
![Asymmetric Cryptography
If a sensor node hardware is able to support asymmetric key cryptography
operation then this is a potentially viable method of key distribution.
In this technique before deployment, a master public/private key
pair (KM , KMi) is first generated.
Then for every node A, its public/private key pair (KA , KAi ) is
generated.
This key pair is stored in node A’s memory along with the master
public key KM and master key’s signature on A’s public key.
Once all nodes are initialized in this fashion, they are ready for
deployment.
21
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-21-320.jpg)
![Asymmetric Cryptography
Once nodes have been deployed, they perform key exchanges.
‘Nodes exchange their respective public keys and master key signatures.’
Each node’s public key which is known to every node in the network.
Once the public key of node has been received, a symmetric link key
can be generated and sent message, which encrypted by its public key.
22
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-22-320.jpg)
![Asymmetric Cryptography
Properties :
Possible to revoke known compromised key-pairs
Perfectly resilient against node capture
Fully scalable
Disadvantages:
Dependence on asymmetric key cryptography hardware
Vulnerability to denial of service
No resistance against node replication
23
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-23-320.jpg)
![Pair wise keys
In this approach , every node in the sensor network shares a unique
symmetric key with every other node in the network.
In a network of n nodes ,
Total number of unique keys = nC2
Every node stores n-1 number of keys.
24
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-24-320.jpg)
![Pair wise keys
Property:
Compromised keys can be revoked
Perfect resilience to node capture
Only uses symmetric cryptography
Disadvantage:
25
The main problem with the pair wise keys scheme is poor scalability.
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-25-320.jpg)
![Trusted base station based key distribution
This method of key distribution uses trusted, secure base station as an
arbiter to provide link keys to sensor nodes.
The sensor nodes authenticate themselves to the base station, after
which the base station generates a link key & sends it securely to both
parties.
Before deployment of sensor nodes, unique symmetric key is
generated for each node in the network.
This node key is stored in the memory of each sensor node will serve as
the authentication key between base station and sensor node.
26
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-26-320.jpg)
![Trusted base station based key distribution
Now assume that after deployment , the node A wants to establish a
shared secret session key SKAB with node B.
Since A and B do not share any secrets, they need to use a trusted third
party S, base station.
27
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-27-320.jpg)
![Trusted base station based key distribution
Properties:
Perfect resilience to node capture
Revocation of node is simple
Small memory requirements
Node replication is easily controlled
Disadvantages:
Not scalable
Base station becomes target for compromise.
28
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-28-320.jpg)
![Random Key pre distribution scheme
Let m –denote the number of distinct cryptographic keys that can be stores
on a sensor node.
Before deployed the sensor nodes, an initialization phase is performed.
In this initialization phase a basic scheme picks a random pool of keys S
out of the total possible key space.
For each node, m keys are randomly selected from the key pool S and
stored into the node’s memory.
This set of m keys is called as the node’s key ring.
After deployed the sensor nodes , a key-setup phase is performed.
The nodes first perform key discovery to find out with which of their
neighbors they share a key.
29
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-29-320.jpg)
![Random Key pre distribution scheme
Such key discovery can be performed by assigning a short identifier to
each key prior to deployment and having each node broadcasts its set
of identifiers.
Nodes which discover that they contain shared key in their key
rings, can then verify that their neighbor actually holds the key, through
a challenge – response protocol.
30
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-30-320.jpg)
![Water Marking
One of the major security issue in the Internet is:
Digital Right Management (DRM).
It is easy to see that DRM will also play a major role in wireless sensor
network.
To address these problems Feng et al have developed the first water
marking technique for crypto logically embedding an authorship
signature into data and information which acquired by a WSN.
The notion of intellectual property protection and specifically
watermarking
has
been
widely
studied
for
items
such
text, video/audio, and circuit designs.
31
]Rushin $hah
27 February 2014
as](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-31-320.jpg)
![Water Marking
Watermarking techniques have been proposed for two domains:
Static artifacts & Functional artifacts
Static artifacts are artifacts that consist of only syntactic components
which are not altered during their use.
F o r e x a m p l e : images, audio.
The essential property of all watermarking for static artifacts is that they
leverage the imperfection of human perception.
The main objective of watermarking technique for static artifacts
- Requirements for global placement of the watermark in the artifact,
- Resiliency against removal and suitability for rapid detection.
32
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-32-320.jpg)
![Water Marking
Watermarking is also applicable to functional artifacts, such as
software & integrated circuits designs.
Functional artifacts can be specified and therefore watermarked at
several levels of abstraction such as:
- System level designs,
- The logic synthesis level,
- FPGA designs,
- Physical design level.
Additionally other techniques for intellectual property protection such
as finger printing, obfuscation, reverse engineering, and forensic
engineering can be apply.
33
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-33-320.jpg)
![Real – Time Watermarking
AIM: To authenticate data which is collected by a sensor network.
Key Idea: To impose additional constraints to the system during the
sensing data acquisition or data processing phases.
The first set of techniques embeds the signature into the process of
sensing data.
The crucial idea is to modulate by imposing additional constraints on
of parameters that define sensor relationship with the physical world.
The options include the location and orientation on sensor, time
management (e.g. frequency and phase of intervals between
consecutive data capturing), resolution.
34
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-34-320.jpg)
![Real – Time Watermarking
In particular, an attractive alternative is to impose constraints on
intrinsic properties (e.g. sensitivity, compression laws) of a particular
sensor, therefore the measured data have certain unique characteristics
that are strongly correlated with the signature of the author/owner.
The
second
technique
is
to
embed
signature
during
processing, either in sensor data or control data.
35
]Rushin $hah
27 February 2014
data](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-35-320.jpg)
![36
]Rushin $hah
27 February 2014](https://image.slidesharecdn.com/6-140227030247-phpapp02/85/6-security-in-wireless-sensor-netwoks-36-320.jpg)
6. security in wireless sensor netwoks
- 1. 1 ]Rushin $hah 27 February 2014
- 2. Security in Wireless Sensor Network Unit : 6 2 ]Rushin $hah 27 February 2014
- 3. Threats to a wireless sensor Networks There are many vulnerability and threats to WSN which includes: Due to Power Failure Due to Environmental Factors Due to Physical Tempering 3 Threats due to Equipment Breakdown Due to Information Gathering ]Rushin $hah 27 February 2014
- 4. List of threats to WSN Passive information gathering Subversion of node False Node Node Malfunction Node Outage Message corruption Denial of Service 4 ]Rushin $hah 27 February 2014
- 5. List of threats to WSN Passive Information Gathering: - If communication between sensors / between sensors and Intermediate nodes are in the clear then An intruder: with an appropriate powerful receiver and well designed antenna can passively pick off the data stream. Subversion of a node: - If sensor node is captured, it may be tampered with electronically interrogated and perhaps compromised. - Once compromised, the sensor node may disclose its cryptographic keying material. 5 ]Rushin $hah 27 February 2014
- 6. List of threats to WSN False Node: - An Intruder might add a node to a system and feed false data or block the passage of True data. - Typically a false node is computationally robust device which impersonates a sensor node. Node Malfunction: - A node in a wireless sensor network may mal function and generate inaccurate or false data. - More over if the node is work as intermediate node may drop or garble data during transmission. 6 ]Rushin $hah 27 February 2014
- 7. List of threats to WSN Node Outage: If a node serves as an intermediate node or collection and aggregation point, Which stops working. Message Corruption: Attacks against the integrity of message occur when: An intruder insert themselves between the source and destination And modify the contents of a message. Denial of Service: A denial of service attack on WSN may take several forms, such an attack may consist of jamming the radio link or could exhaust resources or misroute the data. 7 ]Rushin $hah 27 February 2014
- 8. List of task to be achieve during designing of Generic WSN Security Model Communication Security: - This Mechanism involve to provide security for node to node communication. - In the case: when more powerful nodes exist & clusters can be formed, end to end communication security between the designated cluster head and each individual sensor node in the cluster should be used. - In the absence of powerful nodes , it is appropriate to employ pair wise security , but only for fixed number of pairs. - This is because pair wise security is not scalable as the number of nodes in WSN increases. 8 ]Rushin $hah 27 February 2014
- 9. List of task to be achieve during designing of Generic WSN Security Model Key Management: - Due to the fact that most sensor nodes in WSN have limited amount of energy, public key cryptography mechanism are expensive in terms of Energy Consumption. - Private key cryptography, on the hand is quite applicable to WSN due to its low energy requirements. - However in hybrid WSN consist of nodes with different capabilities and resources , so it is feasible to employ both public key & private key cryptography. 9 ]Rushin $hah 27 February 2014
- 10. List of task to be achieve during designing of Generic WSN Security Model Data Aggregation: - In the ideal security model data aggregation can be performed to confirm security options. Self-Healing: - Self organization and maintenance properties are built into the network. 10 ]Rushin $hah 27 February 2014
- 11. Security Architecture SPIN: Security Protocol in Sensor Network SPIN SNEP: Secure Network Encryption Protocol Micro-TESLA: SNEP Micro Timed Efficient MicroTESLA Streaming Loss tolerant Authentication 11 ]Rushin $hah 27 February 2014
- 12. Security Architecture In SPINS, each sensor node shares a unique master key with base station. Other key required by SNEP and micro-TESLA protocols are derived from this master key. SNEP is based on Cipher block Chaining implemented in counter mode (CBC-CTR). In this method initial value of the counter in the sender and receiver is the same , thus: The sender increments the counter after sending each encrypted message and the receiver after receiving, decrypting it. 12 ]Rushin $hah 27 February 2014
- 13. Security Architecture To achieve authenticated broadcasts, micro-TESLA uses time –released key chain.(TRKC) There are two requirements for correct functioning of this protocol i. The owner of the key release schedule has to have enough storage for all the keys in the key chain. ii. Every node in the network has to at least be loosely time synchronized. 13 ]Rushin $hah 27 February 2014
- 14. Key distribution techniques for sensor Network The general key distribution refers to the task of distributing secret keys between communicating parties in order to facilitate security properties such as Communication Secrecy and Authentication. In sensor network , key distribution is usually combined with initial communication establishment to bootstrap a secure communication infrastructure from collection of deployed sensor nodes. These nodes may have been pre initialized with some secret information but do not have direct contact to each other. “ This Combined problem of key distribution & secure communication establishment is known as Bootstrapping Problem” 14 ]Rushin $hah 27 February 2014
- 15. Complication in Designing of Secure Protocol Characteristics of the Sensor Network which can generate complication in designing of Secure protocol Vulnerability of nodes to physical capture: Sensor nodes may be deploy in public or hostile locations in many applications. Because of large number of nodes requirement, each sensor node must not be expensive, which makes manufacturers to make them temper resistant. Lack of priory knowledge of post deployment configuration: The large number of nodes involve makes it costly to pre-determine the location of every individual node. Hence security protocol should not assume prior knowledge of which nodes will be neighbor in network. Limited bandwidth and Transmission Power: 15 27 February 2014
- 16. Problems of Bootstrapping in Sensor N/W Boot strapping schemes for sensor networks needs to satisfy the following requirements: Deploy nodes must be able to establish secure node to node communication. Additional Legitimate nodes deploy at later time can form secure connection with already deployed nodes. Unauthorized node should not be able to gain entry into the network, either through packet injection. The scheme must work without prior knowledge of which nodes will come into communication range of each other after deployment. 16 ]Rushin $hah 27 February 2014
- 17. method of key distribution Single Network Wide Key Asymmetric Pair Cryptography wise keys Trusted base station based key distribution Random 17 Key pre distribution scheme ]Rushin $hah 27 February 2014
- 18. Single Network Wide Key The simplest method of key distribution is to pre-load a Single Network Wide Key onto all nodes before deployment. After deployment nodes can start communication with the nodes which are using the same network key. This can be achieve by encrypting a message using Network Key. 18 ]Rushin $hah 27 February 2014
- 19. Single Network Wide Key : Properties Minimal memory storage required No additional protocol steps are required. Resistant against packet injection 19 ]Rushin $hah 27 February 2014
- 20. Single Network Wide Key : Drawback & Solution The drawback of this scheme is: if single node is compromised then entire security of the network would be broken. Methods to overcome this drawback - Nodes must be temper resistant - New nodes must not be allowed to enter into the network. 20 ]Rushin $hah 27 February 2014
- 21. Asymmetric Cryptography If a sensor node hardware is able to support asymmetric key cryptography operation then this is a potentially viable method of key distribution. In this technique before deployment, a master public/private key pair (KM , KMi) is first generated. Then for every node A, its public/private key pair (KA , KAi ) is generated. This key pair is stored in node A’s memory along with the master public key KM and master key’s signature on A’s public key. Once all nodes are initialized in this fashion, they are ready for deployment. 21 ]Rushin $hah 27 February 2014
- 22. Asymmetric Cryptography Once nodes have been deployed, they perform key exchanges. ‘Nodes exchange their respective public keys and master key signatures.’ Each node’s public key which is known to every node in the network. Once the public key of node has been received, a symmetric link key can be generated and sent message, which encrypted by its public key. 22 ]Rushin $hah 27 February 2014
- 23. Asymmetric Cryptography Properties : Possible to revoke known compromised key-pairs Perfectly resilient against node capture Fully scalable Disadvantages: Dependence on asymmetric key cryptography hardware Vulnerability to denial of service No resistance against node replication 23 ]Rushin $hah 27 February 2014
- 24. Pair wise keys In this approach , every node in the sensor network shares a unique symmetric key with every other node in the network. In a network of n nodes , Total number of unique keys = nC2 Every node stores n-1 number of keys. 24 ]Rushin $hah 27 February 2014
- 25. Pair wise keys Property: Compromised keys can be revoked Perfect resilience to node capture Only uses symmetric cryptography Disadvantage: 25 The main problem with the pair wise keys scheme is poor scalability. ]Rushin $hah 27 February 2014
- 26. Trusted base station based key distribution This method of key distribution uses trusted, secure base station as an arbiter to provide link keys to sensor nodes. The sensor nodes authenticate themselves to the base station, after which the base station generates a link key & sends it securely to both parties. Before deployment of sensor nodes, unique symmetric key is generated for each node in the network. This node key is stored in the memory of each sensor node will serve as the authentication key between base station and sensor node. 26 ]Rushin $hah 27 February 2014
- 27. Trusted base station based key distribution Now assume that after deployment , the node A wants to establish a shared secret session key SKAB with node B. Since A and B do not share any secrets, they need to use a trusted third party S, base station. 27 ]Rushin $hah 27 February 2014
- 28. Trusted base station based key distribution Properties: Perfect resilience to node capture Revocation of node is simple Small memory requirements Node replication is easily controlled Disadvantages: Not scalable Base station becomes target for compromise. 28 ]Rushin $hah 27 February 2014
- 29. Random Key pre distribution scheme Let m –denote the number of distinct cryptographic keys that can be stores on a sensor node. Before deployed the sensor nodes, an initialization phase is performed. In this initialization phase a basic scheme picks a random pool of keys S out of the total possible key space. For each node, m keys are randomly selected from the key pool S and stored into the node’s memory. This set of m keys is called as the node’s key ring. After deployed the sensor nodes , a key-setup phase is performed. The nodes first perform key discovery to find out with which of their neighbors they share a key. 29 ]Rushin $hah 27 February 2014
- 30. Random Key pre distribution scheme Such key discovery can be performed by assigning a short identifier to each key prior to deployment and having each node broadcasts its set of identifiers. Nodes which discover that they contain shared key in their key rings, can then verify that their neighbor actually holds the key, through a challenge – response protocol. 30 ]Rushin $hah 27 February 2014
- 31. Water Marking One of the major security issue in the Internet is: Digital Right Management (DRM). It is easy to see that DRM will also play a major role in wireless sensor network. To address these problems Feng et al have developed the first water marking technique for crypto logically embedding an authorship signature into data and information which acquired by a WSN. The notion of intellectual property protection and specifically watermarking has been widely studied for items such text, video/audio, and circuit designs. 31 ]Rushin $hah 27 February 2014 as
- 32. Water Marking Watermarking techniques have been proposed for two domains: Static artifacts & Functional artifacts Static artifacts are artifacts that consist of only syntactic components which are not altered during their use. F o r e x a m p l e : images, audio. The essential property of all watermarking for static artifacts is that they leverage the imperfection of human perception. The main objective of watermarking technique for static artifacts - Requirements for global placement of the watermark in the artifact, - Resiliency against removal and suitability for rapid detection. 32 ]Rushin $hah 27 February 2014
- 33. Water Marking Watermarking is also applicable to functional artifacts, such as software & integrated circuits designs. Functional artifacts can be specified and therefore watermarked at several levels of abstraction such as: - System level designs, - The logic synthesis level, - FPGA designs, - Physical design level. Additionally other techniques for intellectual property protection such as finger printing, obfuscation, reverse engineering, and forensic engineering can be apply. 33 ]Rushin $hah 27 February 2014
- 34. Real – Time Watermarking AIM: To authenticate data which is collected by a sensor network. Key Idea: To impose additional constraints to the system during the sensing data acquisition or data processing phases. The first set of techniques embeds the signature into the process of sensing data. The crucial idea is to modulate by imposing additional constraints on of parameters that define sensor relationship with the physical world. The options include the location and orientation on sensor, time management (e.g. frequency and phase of intervals between consecutive data capturing), resolution. 34 ]Rushin $hah 27 February 2014
- 35. Real – Time Watermarking In particular, an attractive alternative is to impose constraints on intrinsic properties (e.g. sensitivity, compression laws) of a particular sensor, therefore the measured data have certain unique characteristics that are strongly correlated with the signature of the author/owner. The second technique is to embed signature during processing, either in sensor data or control data. 35 ]Rushin $hah 27 February 2014 data
- 36. 36 ]Rushin $hah 27 February 2014
Editor's Notes
- #4: Vulnerability (વલ્નરેબિલિટિ) : ભેદ્યતા, આંતરિક નિર્બળતા
- #6: Intrude(ઇન્ટ્રૂડ) : –માં ઘાલવું, -માં ખોસવું, બીજા ઉપર પરાણે લાદવું (વસ્તુને કે જાતને), વગર બોલાવ્યે આવવું, અંદર ઘૂસવું, અતિક્રમણ કરવું Tampered : interfere unwantedly
- #7: Impersonate (ઇમ્પર્સનેટ્) : હોવાનો ઢોંગ કરવો, -નો ભાગ ભજવવોMal (મેલ) : રોગ, વ્યાધિ, કુ–, દુ:–, દુષ્–, અધમના અર્થમાં વપરાતો ઉપસર્ગGarble(ગાર્બલ) : ખોટો ખ્યાલ ઉત્પન્ન થાય એ રીતે હકીકતને તેના વિકૃત, ખોટા સ્વરૂપે રજૂ કરવી,
- #10: Quite (ક્વાઇટ) : પૂરેપૂરું, તદ્દન, બિલકુલ, કેવળ, કેટલેક અંશે
- #11: Healing : દરદ મટાડનાર, સાજું કરનાર, સુધારનાર
- #15: Secrecy (સિક્રસિ) : ગુપ્ત રાખવું તે, ગુપ્તતાBootstraps (બૂટસ્ટ્રેપ્સ) : પારકી સહાય વિનાનો પ્રયત્ન, સ્વતંત્ર પ્રયત્ન
- #16: Vulnerability(વલ્નરેબિલિટિ) : ભેદ્યતા, આંતરિક નિર્બળતા
- #17: Legitimate (લિજિટિમટ) : કાયદેસરનું, યોગ્ય, નિયમિત, તર્કથી ગ્રાહ્ય, યથાર્થ, નિયમસર
- #22: Viable(વાઇઅબલ) : જીવી, નભી, – જીવતું રહી શકે એવું, (કોઈ યોજના ઇ અંગે) આર્થિક દૃષ્ટિથી કરી શકાય એવું, પાંગરી કે ઊછરી શકે તેવું
- #24: Resilient(રિઝિલિઅન્ટ) : શારીરિક કે માનસિક મૂળ સ્થિતિ પ્રાપ્ત કરનાર, શારીરિકે માનસિક દૃષ્ટિએ સ્થિતિ સ્થાપક, સ્થિતિસ્થાપકતા, લવચીક, ઉલ્લસિત વૃત્તિવાળુંRevoke (રિવોક) : પાછું ખેંચી લેવું, રદ કરવું,Vulnerability (વલ્નરેબિલિટિ) : ભેદ્યતા, આંતરિક નિર્બળતા
- #27: Arbiter(આર્બિટર) : લવાદ, પંચ, કર્તાહર્તા, મધ્યસ્થી
- #33: Syntactic : પદવિન્યાસનું, તેને લગતું કે તદનુસારLeverage (લીવરિજ) : ઉચ્ચાલકની ક્રિયા, ઉચ્ચાલક વાપરવાથી થતો યાંત્રિક લાભ, કોઈ હેતુ પાર પાડવાનું સાધન
- #34: Obfuscation(ઑબ્ફસ્કેશન) : ધૂંધળું કરવું, અસ્પષ્ટ કરવું, અંધારું કરવું, ઉપર અંધારપછેડો નાખવો, મૂંઝવવું, સ્તિમિત કરવું