This Article 
 Bibliographic References 
 Add to: 
Toward Secure Low Rate Wireless Personal Area Networks
October 2006 (vol. 5 no. 10)
pp. 1361-1373
Low rate wireless personal area networks (LR-WPANs) offer device level wireless connectivity. They bring to light a host of new applications as well as enhance existing applications. Due to their low cost, low power consumption and self-organization features, LR-WPANs are ideal for applications such as public security, battle field monitoring, inventory tracking, as well as home and office automation. Nevertheless, one critical issue, security, needs to be solved before LR-WPANs are commonly accepted. Pursuing security in LR-WPANs is a challenging task. On one hand, wireless communications are inherently susceptible to interception and interference. On the other hand, most devices in LR-WPANs are resource-constrained and lack physical safeguards. This paper presents a systematic analysis of the threats faced by LR-WPANs with respect to the protocol stack defined by IEEE 802.15.4 and the ZigBee Alliance. Attacks are modeled and their impacts are evaluated. Some security problems within the current LR-WPAN security architecture are identified and remedies are suggested. Countermeasures of various attacks are also given.

[1] IEEE P802.15.4/D18, Draft Standard: Low Rate Wireless Personal Area Networks, Feb. 2003.
[2] Bluetooth SIG, Bluetooth Specifications, V1.0, July 1999.
[3] ZigBee Alliance, http:/, 2005.
[4] ZigBee Network Specification, V1.0, Dec. 2004.
[5] ZigBee Security Services Specification, V1.0, Dec. 2004.
[6] USC Information Sciences Institute, Network Simulator— NS2,, 2005.
[7] FIPS Pub 197, Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, US Dept. of Commerce/N.I.S.T, Nov. 2001.
[8] V. Rijmen and J. Daemen, “The Block Cipher,” Smart Card Research and Applications, 2000.
[9] M. Bellare, J. Kilian, and P. Rogaway, “The Security of the Cipher Block Chaining Message Authentication Code,” J. Computer and System Sciences, vol. 61, no. 3, pp. 362-399, Dec. 2000.
[10] D. Whiting, R. Housley, and N. Ferguson, “Counter with CBC-MAC (CCM),” RFC 3610, Sept. 2003.
[11] J. Zheng and M.J. Lee, “Will IEEE 802.15.4 Make Ubiquitous Networking a Reality?— A Discussion on a Potential Low Power, Low Bit Rate Standard,” IEEE Comm. Magazine, vol. 42, no. 6, pp. 140-146, June 2004.
[12] C. Perkins, E. Belding-Royer, and S. Das, “Ad Hoc on Demand Distance Vector (AODV) Routing,” IETF RFC 3561, July 2003.
[13] I. Chakeres and L. Klein-Berndt, “AODVjr, AODV Simplified,” ACM SIGMOBILE Mobile Computing and Comm. Rev., pp. 100-101, July 2002.
[14] L. Hester, Y. Huang, A. Allen, O. Andric, and P. Chen, “neuRFon Netform: A Self-Organizing Wireless Sensor Network,” Proc. 11th IEEE Int'l Conf. Computer Comm. and Networks Conf., Oct. 2002.
[15] L. Zhou and Z. Haas, “Securing Ad Hoc Networks,” IEEE Networks, special issue on network security, Nov./Dec. 1999.
[16] Y. Desmedt, “Threshold Cryptography,” European Trans. Telecomm., vol. 5, no. 4, pp. 449-457, July-Aug. 1994.
[17] A. Perrig, H. Chan, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” Proc. IEEE Symp. Security and Privacy, 2003.
[18] L. Eschenauer and V. Gligor, “A Key-Management Scheme for Distributed Sensor Networks,” Proc. Ninth ACM Conf. Computer and Comm. Security, 2002.
[19] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.D. Tygar, “SPINS: Security Protocols for Sensor Networks,” Wireless Networks J., Sept. 2002.
[20] A. Perrig, R. Canetti, D. Song, and J.D. Tygar, “Efficient and Secure Source Authentication for Multicast,” Proc. Network and Distributed System Security Symp., pp. 35-46, Feb. 2001.
[21] A. Perrig, R. Canetti, D. Song, and D. Tygar, “The TESLA Broadcast Authentication Protocol,” RSA Cryptobytes, Summer 2002.
[22] J. Kong, H. Luo, K. Xu, D.L. Gu, M. Gerla, and S. Lu, “Adaptive Security for MultiLayer Ad Hoc Networks,” John Wiley InterScience Press J., Aug. 2002.
[23] G. O'Shea and M. Roe, “Child-Proof Authentication for MIPv6 (CAM),” ACM Computer Comm. Rev., Apr. 2001.
[24] J.-P. Hubaux, L. Buttyán, and S. Capkun, “The Quest for Security in Mobile Ad Hoc Networks,” Proc. 2001 ACM Int'l Symp. Mobile Ad Hoc Networking and Computing, 2001.
[25] Y.-C. Hu, A. Perrig, and D.B. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks,” Proc. MobiCom Conf., Sept. 2002.
[26] Y.-C. Hu, D.B. Johnson, and A. Perrig, “SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks,” Proc. Fourth IEEE Workshop Mobile Computing Systems and Applications, pp. 3-13, June 2002.
[27] B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens, “An On-Demand Secure Routing Protocol Resilient to Byzantine Failures,” Proc. ACM Workshop Wireless Security, Sept. 2002.
[28] S. Yi, P. Naldurg, and R. Kravets, “Security-Aware Ad-Hoc Routing for Wireless Networks,” Proc. MobiHoc Conf., 2001.
[29] C. Karlof and D. Wagner, “Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures,” Proc. First IEEE Int'l Workshop Sensor Network Protocols and Applications, 2003.
[30] V. Srinivasan, P. Nuggehalli, C.-F. Chiasserini, and R.R. Rao, “Optimal Rate Allocation and Traffic Splits for Energy Efficient Routing in Ad Hoc Networks,” Proc. Infocom Conf., June 2001.
[31] S. Marti, T.J. Giuli, K. Lai, and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proc. MobiCom Conf., Aug. 2000.
[32] L. Buttyán and J.P. Hubaux, “Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks,” ACM/Kluwer Mobile Networks and Applications, 2002.
[33] N.B. Salem, L. Buttyán, J.P. Hubaux, and M. Jakobsson, “A Charging and Rewarding Scheme for Packet Forwarding in Multi-Hop Cellular Networks,” Proc. MobiHoc Conf., 2003.
[34] M. Felegyhazi, L. Buttyán, and J.P. Hubaux, “Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks— The Static Case,” Proc. Personal Wireless Comm., Sept. 2003.
[35] N. Sastry and D. Wagner, “Security Considerations for IEEE 802.15.4 Networks,” Proc. 2004 ACM Workshop Wireless Security, Oct. 2004.
[36] R.L. Rivest, A. Shamir, and L.M. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Comm. ACM, vol. 21, no. 2, pp. 120-126, 1978.
[37] T. ElGamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Trans. Information Theory, vol. 31, pp. 469-472, 1985.
[38] ANSI X9.30-1, “The Digital Signature Algorithm (DSA) (revised),” Am. Bankers Assoc., working draft, July 1999.
[39] W. Diffie and M.E. Hellman, “New Directions in Cryptography,” IEEE Trans. Information Theory, vol. 22, pp. 644-654, Nov. 1976.
[40] I. Blake, G. Seroussiand, and N. Smart, Elliptic Curves in Cryptography. Cambridge Univ. Press, 1999.
[41] A. Lenstra and E. Verheul, “Selecting Cryptographic Key Sizes,” J. Cryptology, vol. 14, no. 4, pp. 255-293, 2001.
[42] R.L. Pickholtz, D.L. Schilling, and L.B. Milstein, “Theory of Spread Spectrum Communications— A Tutorial,” IEEE Trans. Comm., vol. 30, no. 5, pp. 855-884, May 1982.
[43] M.B. Pursley and H.B. Russel, “Routing in Frequency-Hop Packet Radio Networks with Partial-Band Jamming,” IEEE Trans. Comm., vol. 41, no. 7, pp. 1117-1124, July 1993.
[44] A.A. Hassan, W.E. Stark, and J.E. Hershey, “Frequency-Hopped Spread Spectrum in the Presence of a Follower Partial-Band Jammer,” IEEE Trans. Comm., vol. 41, no. 7, pp. 1125-1131, July 1993.
[45] K.S. Kwak and J.W. Park, “Multiuser Detection Scheme Using Adaptive Antenna Array over Rayleigh Fading Channels,” Proc. Conf. Vehicular Technology, vol. 3, pp. 2157-2161, Spring 2000.
[46] H. Ko, J.H. Lee, and B. Yu, “A Switched Beamforming System with Multiuser Detectors,” Proc. Conf. Vehicular Technology, vol. 2, pp. 705-709, Spring 2000.

Index Terms:
Security, wireless personal area networks, wireless sensor networks, LR-WPAN.
Jianliang Zheng, Myung J. Lee, Michael Anshel, "Toward Secure Low Rate Wireless Personal Area Networks," IEEE Transactions on Mobile Computing, vol. 5, no. 10, pp. 1361-1373, Oct. 2006, doi:10.1109/TMC.2006.157
Usage of this product signifies your acceptance of the Terms of Use.