Security Sensor Network. Biswajit panja

Transcription

1 Security Sensor Network Biswajit panja 1

2 Topics Security Issues in Wired Network Security Issues in Wireless Network Security Issues in Sensor Network 2

3 Security Issues in Wired Network 3

4 Security Attacks Source: Network Security Essentials, William Stallings 4

5 Conventional Encryption Principles An encryption scheme has five ingredients: Plaintext Encryption algorithm Secret Key Ciphertext Decryption algorithm Security depends on the secrecy of the key, not the secrecy of the algorithm Source: Network Security Essentials, William Stallings 5

6 Conventional Encryption Principles Source: Network Security Essentials, William Stallings 6

7 Average time required for exhaustive key search Key Size (bits) Number of Alternative Keys = 4.3 x = 7.2 x = 3.4 x = 3.7 x Time required at 10 6 Decryption/µs 2.15 milliseconds 10 hours 5.4 x years 5.9 x years Source: Network Security Essentials, William Stallings 7

8 Symmetric Block Ciphers DEA TDEA International Data Encryption Blowfish Source: Network Security Essentials, William Stallings 8

9 Source: Network Security Essentials, William Stallings 9

10 Key Distribution 1. A key could be selected by A and physically delivered to B. 2. A third party could select the key and physically deliver it to A and B. 3. If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B. Session key: Data encrypted with a one-time session key. At the conclusion of the session the key is destroyed Permanent key: Used between entities for the purpose of distributing session keys Source: Network Security Essentials, William Stallings 10

11 Source: Network Security Essentials, William Stallings 11

12 Encryption using Public-Key system Source: Network Security Essentials, William Stallings 12

13 Authentication using Public-Key System Source: Network Security Essentials, William Stallings 13

14 Applications for Public-Key Cryptosystems Three categories: Encryption/decryption: The sender encrypts a message with the recipient s public key. Digital signature: The sender signs a message with its private key. Key exhange: Two sides cooperate two exhange a session key. Source: Network Security Essentials, William Stallings 14

15 The RSA Algorithm Key Generation 1. Select p,q 2. Calculate n = p x q 3. Calculate Φ( n) = ( p 1)( q 4. Select integer e 5. Calculate d d 6. Public Key 7. Private key p and q both prime 1) gcd( Φ( n), e) = 1;1 < e 1 = e mod Φ( n) KU = {e,n} KR = {d,n} < Φ( n) Source: Network Security Essentials, William Stallings 15

16 Diffie-Hellman Key Echange Source: Network Security Essentials, William Stallings 16

17 Key Management Public-Key Certificate Use Source: Network Security Essentials, William Stallings 17

18 Authentication Applications: Kerberos Source: Network Security Essentials, William Stallings 18

19 IP Security Scenario Source: Network Security Essentials, William Stallings 19

20 End-to to-end versus End-to to- Intermediate Authentication Source: Network Security Essentials, William Stallings 20

21 Source: Network Security Essentials, William Stallings 21

22 Distributed Intrusion Detection Source: Network Security Essentials, William Stallings 22

23 Distributed Intrusion Detection Source: Network Security Essentials, William Stallings 23

24 Security Issues in Wireless Network

25 Attacks Attacks could range from deleting messages, injecting erroneous messages, impersonate a node. Poor physical protection Attacks not only from outside but also from within the network from compromised nodes 25

26 Key Management and Routing A single key management service for an Ad-hoc network is not a good idea - CA may be down/unavailable - CA compromises Secure routing is an issue with dynamically changing network. False routing information generated by compromised nodes 26

27 Used key agreement Certificate based key agreement public key certificates can allow participants to verify the binding between the IP address and keys of other participants. Disadvantage - Difficult to determine if the certificate presented by the participant has been revoked 27

28 Password based Authenticated Key Exchange Password is chosen and shared among the nodes Desirable properties:-secrecy, Perfect Forward Secrecy, Contributory key agreement, Tolerance to disruption attempts Protocol:- Diffie-Hellman 28

29 Problems associated with Ad-hoc Routing Frequent changes in network topology Problems associated with wireless communication Trust relationship between neighbors Throughput Attacks using modification of protocol fields of messages 29

30 Some Approaches Using pre-deployed security infrastructure Using independent Security Agents (SA) Installing extra facilities in the network to mitigate routing misbehavior 30

31 Security Issues in Sensor Network

32 Requirements Confidentiality Authenticity Integrity Freshness Scalability Availability Accessibility Self-Organization Flexibility Source: Constraints and approaches for distributed network security, NAI Lab 32

33 Sensor Node Constraints Battery Power/Energy - Computational Energy Consumption - Communications Energy Consumption Rechargeability Sleep Patterns Transmission Range Memory - Program Storage and Working Memory - Programmable Storage for Security Information Location Sensing Tamper Protection Time Unattended Operations Source: Constraints and approaches for distributed network security, NAI Lab 33

34 Networking Constraints Ad hoc Networking Limited Pre-Configuration Data Rate/Packet Size Channel error rate Intermittent connectivity Unreliable communications Latency Unicast vs. multicast Unidirectional Communications Isolated subgroups Frequent Routing Changes Population Density Unknown Recipients Source: Constraints and approaches for distributed network security, NAI Lab 34

35 Sensor Network Encryption Protocol (SNEP) E = {D}{ (kencr,, c), M=MAC(kmac MAC(kmac, c {D} (kencr,c kencr,c) ) A->B: {D}{ (kencr,, c), M=MAC(kmac MAC(kmac, c {D} (kencr,c kencr,c) ) Advantages: - Semantic security: Same message get encrypted differently because of counter - Data authentication: MAC verifies - Low communication overhead Source: SPINS: Security protocol for sensor network 35

36 Micro TESLA Delayed disclosure of symmetric keys. Sender computes a MAC with message and a secret key. Receiver node stores the msg with MAC in buffer, not the key yet. K i = F(K i+1 ) Source: SPINS: Security protocol for sensor network 36

37 Micro TESLA Each key corresponds to a time interval, and packets send in that interval used that key. F F F K0 K1 K2 K3 Time K0 = F(F(k2)), If key lost it can be calculated using the function. So, the packets can be authenticated using the key. Source: SPINS: Security protocol for sensor network 37

38 Flat Architecture Cluster head Relay nodes M1 M2 Mn Mn-1 M3 Mn-2 38

39 Higher level cluster head makes a decision after Collecting group data Reports to higher level Cluster head Report to cluster head Removes dup data (1,0) (1,1) (2,0) (2,1) (2,2) (1,2) (2,3) (2,4) (1,0) (2,1) (2,0) (2,2) (1,0) (2,1) (2,0) (2,2) group

40 Multi party Diffie-Hellman g s1s2s3s4 M10 Cluster head g s4s5s6s11 M11 gs1s s13 Broadcast M12 g s7s8s9s12 Session Key g s1 M1 g s2 M2 g s3 M3 g s4 M4 g s5 g s6 M6 M5 g s7 M7 g s8 M8 g s9 M9

41 Another approach 41

42 Questions?