Title: TinySec : Link Layer Security Architecture for Wireless Sensor Networks
1TinySec Link Layer Security Architecture for
Wireless Sensor Networks
- Chris Karlof Naveen Sastry David Wagner
- Presented by Anil Karamchandani
- 10/01/2007
2What is ???
Tiny OS
Link layer
Wireless Sensor Network
Tiny Sec
3Contents
- Motivation TinySec
- Contributions by the paper .
- Difference between Sensor Networks and Other
Networks . - Security threats in WSN.
- What is TinySec and its goal .
- Why Link Architecture .
- Design Goals .
- Security Primitive.
- Design of TinySec .
- Modes of Encryption and their drawbacks.
- Security Analysis of TinySec .
- Implementation and Evaluation.
4What was the motivation ???
- Sensor Networks Resource Constraint networks ,
small memory , weak processor , limited energy ,
less Bandwidth . - 80 of all 802.11 wireless networks operate in
the clear i.e. without cryptographic protection - Need for an architecture which could change
things around. TinySec - SW / HW
5Contributions of this paper
- To introduce TinySec as a protocol for link layer
cryptography in Sensor Networks. - To Measure the bandwidth , latency and energy
costs of TinySec . - To encourage people to volunteer and perform
research in further higher level of protocols.
6What is the Difference between WSN and other
Network ?
- Bandwidth - less
- Devices have very little computational power
- Energy is less with Wireless Sensor devices
- Wireless Networks are difficult to protect
- Vulnerable to resource consumption
- Information Hop by Hop .
- Bandwidth more
- Comparatively devices have more computational
power. - Energy for devices in other networks is high.
- Comparatively much easier to protect .
- Not Vulnerable to resource consumption.
- Information- end to end (not necessary for all
networks)
7Security Threats in WSN
- WSN are difficult to protect .
- WSN are in a Broadcast medium
- WSN are vulnerable to resource consumption
attacks . - Intruders can waste network bandwidth
8What is TinySec and its Goal
- Lightweight link layer Security Mechanism for
Sensor Networks . - Goal Is to minimize the overhead with
reasonable protection from - Energy
- Bandwidth
- Latency
9Why Link Architecture ???
- Conventional networks authenticity and
integrity , confidentiality end to end
mechanism (SSH , SSL). - End to end Security is vulnerable to DOS (Denial
of Attacks). - Message integrity should not be checked at the
end alone.
10Design Goals
- Security
- Access control
- Message integrity
- Message confidentiality
- Performance
- Energy
- Bandwidth
- etc.
- Ease of use
- MESSAGE AUTHENTICATION CODE
- ENCRYPTION
- DECREASE MESSAGE LENGTH
- PUT IN TinyOS
11Security Primitive
- Message Authentication code
- A cryptographic checksum for checking the message
integrity - MAC
12Security Primitives (cont .)
- Encrypting the same plain text two times should
get two different cipher texts - Initialization Vectors ( IV)
- -A side input to the Encryption Algorithm
- -Not kept secret , sent with the message .
shared key
shared key
MESSAGE
(YES/NO)
13Why design TinySec ??
- Why Design TinySec when existing protocols are
present . - - IPSec ,SSL / SSH are too heavy weight to be
used in Sensor Networks . - -The packet format adds many bytes of overhead
and they were not being designed to built on WSN.
14Design of TinySec
- Two different security Options
- --Authentication Encryption TinySec AE
- --Authenticated only TinySec Auth
- In both the cases the data is authenticated with
MAC and thus maintaining Data Integrity.
encrypted
Header
Message
MAC
Header
MACs
Message
15How can we Encrypt ??
- Requirements for encryption
- To select an encryption scheme
- To specify the IV format
- 8 Byte IV format
CIPHER BLOCK CHAINING CBC
16Different modes of Encryption
- A stream Cipher uses a Key and IV .
- Together they are ex-ored with message to get the
cipher text (C MK.IV). - Drawbacks - If same IV is used to encrypt 2
different packets then there is a possibility of
retrieving both the packets.
Symmetric key encryption schemes
Modes of operation using block cipher
Stream Ciphers
17What is CBC mode of Encryption??
- Link
- In (CBC) mode, each block of plaintext is XORed
with the previous ciphertext block before being
encrypted. - This way, each ciphertext block is dependent on
all plaintext blocks processed up to that point.
18Drawbacks of CBC Mode .
- Given two plaintexts P and P .If the IV used
for the two plaintexts are same then there exists
a possibility that the length of the longest
shared message is shared / known .
19How does the packet format for TinySec Looks like
??
Dest Destination address AM Active Message
Handler type L length of the data Src source
of the address
20Security Analysis of TinySec Message Integrity
and Authenticity
- Security of a CBC MAC is proportional to the
length of the MAC . - Choice of 4 bytes MAC ??
21Implementation of TinySec
- Implemented on Berkeley Sensor Nodes
- Integrated into TOSSIM simulator
- 3000 Lines of nesC code
- Works in FIFO format
- Thus TinySec has got 2 priority Schedulers
22Evaluation
- Energy Consumption
- Power Consumption
- Bandwidth
- - Energy 24 bytes of data was transmitted
23Evaluation
24Evaluation (Cont)
- Since the power consumed by TinySec-AE is maximum
( for majority of time )the energy consumed by
TinySec AE will also be maximum - While sending with TinySec the packets are also
larger in length
25Bandwidth
- To measure Bandwidth- 24 bytes packets were sent
using TinyOS , TinySec Auth , Tiny-Auth Enc . - Measured the number of packets that were
successfully received .
26(No Transcript)
27Conclusions
- We have learnt that there are design
vulnerabilities in the conventional protocols for
sensor networks. - TinySec addresses this with extreme careful
design and takes advantage of the limitations of
Sensor Networks
28References
- http//www.webopedia.com/quick_ref/OSI_Layers.asp
- http//camars.kaist.ac.kr/hyoon/courses/cs710_200
4_fall/rhoyo.ppt - http//en.wikipedia.org/wiki/Block_cipher_modes_of
_operationCipher-block_chaining_.28CBC.29