TinySec : Link Layer Security Architecture for Wireless Sensor Networks - PowerPoint PPT Presentation

About This Presentation
Title:

TinySec : Link Layer Security Architecture for Wireless Sensor Networks

Description:

To Measure the bandwidth , latency and energy costs of TinySec. ... Ease of use. MESSAGE AUTHENTICATION CODE. ENCRYPTION. DECREASE MESSAGE LENGTH. PUT IN TinyOS ... – PowerPoint PPT presentation

Number of Views:85
Avg rating:3.0/5.0
Slides: 29
Provided by: Anil188
Learn more at: http://sce.uhcl.edu
Category:

less

Transcript and Presenter's Notes

Title: TinySec : Link Layer Security Architecture for Wireless Sensor Networks


1
TinySec Link Layer Security Architecture for
Wireless Sensor Networks
  • Chris Karlof Naveen Sastry David Wagner
  • Presented by Anil Karamchandani
  • 10/01/2007

2
What is ???

Tiny OS
Link layer
Wireless Sensor Network
Tiny Sec
3
Contents
  • Motivation TinySec
  • Contributions by the paper .
  • Difference between Sensor Networks and Other
    Networks .
  • Security threats in WSN.
  • What is TinySec and its goal .
  • Why Link Architecture .
  • Design Goals .
  • Security Primitive.
  • Design of TinySec .
  • Modes of Encryption and their drawbacks.
  • Security Analysis of TinySec .
  • Implementation and Evaluation.

4
What was the motivation ???
  • Sensor Networks Resource Constraint networks ,
    small memory , weak processor , limited energy ,
    less Bandwidth .
  • 80 of all 802.11 wireless networks operate in
    the clear i.e. without cryptographic protection
  • Need for an architecture which could change
    things around. TinySec
  • SW / HW

5
Contributions of this paper
  • To introduce TinySec as a protocol for link layer
    cryptography in Sensor Networks.
  • To Measure the bandwidth , latency and energy
    costs of TinySec .
  • To encourage people to volunteer and perform
    research in further higher level of protocols.

6
What is the Difference between WSN and other
Network ?
  • WSN
  • Other Networks
  • Bandwidth - less
  • Devices have very little computational power
  • Energy is less with Wireless Sensor devices
  • Wireless Networks are difficult to protect
  • Vulnerable to resource consumption
  • Information Hop by Hop .
  • Bandwidth more
  • Comparatively devices have more computational
    power.
  • Energy for devices in other networks is high.
  • Comparatively much easier to protect .
  • Not Vulnerable to resource consumption.
  • Information- end to end (not necessary for all
    networks)

7
Security Threats in WSN
  • WSN are difficult to protect .
  • WSN are in a Broadcast medium
  • WSN are vulnerable to resource consumption
    attacks .
  • Intruders can waste network bandwidth

8
What is TinySec and its Goal
  • Lightweight link layer Security Mechanism for
    Sensor Networks .
  • Goal Is to minimize the overhead with
    reasonable protection from
  • Energy
  • Bandwidth
  • Latency

9
Why Link Architecture ???
  • Conventional networks authenticity and
    integrity , confidentiality end to end
    mechanism (SSH , SSL).
  • End to end Security is vulnerable to DOS (Denial
    of Attacks).
  • Message integrity should not be checked at the
    end alone.

10
Design Goals
  • Security
  • Access control
  • Message integrity
  • Message confidentiality
  • Performance
  • Energy
  • Bandwidth
  • etc.
  • Ease of use
  • MESSAGE AUTHENTICATION CODE
  • ENCRYPTION
  • DECREASE MESSAGE LENGTH
  • PUT IN TinyOS

11
Security Primitive
  • Message Authentication code
  • A cryptographic checksum for checking the message
    integrity
  • MAC

12
Security Primitives (cont .)
  • Encrypting the same plain text two times should
    get two different cipher texts
  • Initialization Vectors ( IV)
  • -A side input to the Encryption Algorithm
  • -Not kept secret , sent with the message .

shared key
shared key
MESSAGE
(YES/NO)
13
Why design TinySec ??
  • Why Design TinySec when existing protocols are
    present .
  • - IPSec ,SSL / SSH are too heavy weight to be
    used in Sensor Networks .
  • -The packet format adds many bytes of overhead
    and they were not being designed to built on WSN.

14
Design of TinySec
  • Two different security Options
  • --Authentication Encryption TinySec AE
  • --Authenticated only TinySec Auth
  • In both the cases the data is authenticated with
    MAC and thus maintaining Data Integrity.

encrypted
Header
Message
MAC
Header
MACs
Message
15
How can we Encrypt ??
  • Requirements for encryption
  • To select an encryption scheme
  • To specify the IV format
  • 8 Byte IV format

CIPHER BLOCK CHAINING CBC
16
Different modes of Encryption
  • A stream Cipher uses a Key and IV .
  • Together they are ex-ored with message to get the
    cipher text (C MK.IV).
  • Drawbacks - If same IV is used to encrypt 2
    different packets then there is a possibility of
    retrieving both the packets.

Symmetric key encryption schemes
Modes of operation using block cipher
Stream Ciphers
17
What is CBC mode of Encryption??
  • Link
  • In (CBC) mode, each block of plaintext is XORed
    with the previous ciphertext block before being
    encrypted.
  • This way, each ciphertext block is dependent on
    all plaintext blocks processed up to that point.

18
Drawbacks of CBC Mode .
  • Given two plaintexts P and P .If the IV used
    for the two plaintexts are same then there exists
    a possibility that the length of the longest
    shared message is shared / known .

19
How does the packet format for TinySec Looks like
??
Dest Destination address AM Active Message
Handler type L length of the data Src source
of the address
20
Security Analysis of TinySec Message Integrity
and Authenticity
  • Security of a CBC MAC is proportional to the
    length of the MAC .
  • Choice of 4 bytes MAC ??

21
Implementation of TinySec
  • Implemented on Berkeley Sensor Nodes
  • Integrated into TOSSIM simulator
  • 3000 Lines of nesC code
  • Works in FIFO format
  • Thus TinySec has got 2 priority Schedulers

22
Evaluation
  • Energy Consumption
  • Power Consumption
  • Bandwidth
  • - Energy 24 bytes of data was transmitted

23
Evaluation
24
Evaluation (Cont)
  • Since the power consumed by TinySec-AE is maximum
    ( for majority of time )the energy consumed by
    TinySec AE will also be maximum
  • While sending with TinySec the packets are also
    larger in length

25
Bandwidth
  • To measure Bandwidth- 24 bytes packets were sent
    using TinyOS , TinySec Auth , Tiny-Auth Enc .
  • Measured the number of packets that were
    successfully received .

26
(No Transcript)
27
Conclusions
  • We have learnt that there are design
    vulnerabilities in the conventional protocols for
    sensor networks.
  • TinySec addresses this with extreme careful
    design and takes advantage of the limitations of
    Sensor Networks

28
References
  • http//www.webopedia.com/quick_ref/OSI_Layers.asp
  • http//camars.kaist.ac.kr/hyoon/courses/cs710_200
    4_fall/rhoyo.ppt
  • http//en.wikipedia.org/wiki/Block_cipher_modes_of
    _operationCipher-block_chaining_.28CBC.29
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "TinySec : Link Layer Security Architecture for Wireless Sensor Networks" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!