Secure Multihop Network Programming with Multiple One-Way Key Chains

Hailun Tan; Diethelm Ostry; John Zic; Sanjay K. Jha

doi:10.1109/TMC.2010.140

Publication
2011
Issue No. 1 - January
Abstract - Secure Multihop Network Programming with Multiple One-Way Key Chains

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Hailun Tan Articles by John Zic Articles by Sanjay K. Jha Articles by Diethelm Ostry

Secure Multihop Network Programming with Multiple One-Way Key Chains

January 2011 (vol. 10 no. 1)

pp. 16-31

	ASCII Text	x
	Hailun Tan, John Zic, Sanjay K. Jha, Diethelm Ostry, "Secure Multihop Network Programming with Multiple One-Way Key Chains," IEEE Transactions on Mobile Computing, vol. 10, no. 1, pp. 16-31, January, 2011.

	BibTex	x
	@article{ 10.1109/TMC.2010.140, author = {Hailun Tan and John Zic and Sanjay K. Jha and Diethelm Ostry}, title = {Secure Multihop Network Programming with Multiple One-Way Key Chains}, journal ={IEEE Transactions on Mobile Computing}, volume = {10}, number = {1}, issn = {1536-1233}, year = {2011}, pages = {16-31}, doi = {http://doi.ieeecomputersociety.org/10.1109/TMC.2010.140}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Mobile Computing TI - Secure Multihop Network Programming with Multiple One-Way Key Chains IS - 1 SN - 1536-1233 SP16 EP31 EPD - 16-31 A1 - Hailun Tan, A1 - John Zic, A1 - Sanjay K. Jha, A1 - Diethelm Ostry, PY - 2011 KW - Network programming protocols KW - broadcast authentication KW - code dissemination KW - sensor network security. VL - 10 JA - IEEE Transactions on Mobile Computing ER -

Hailun Tan, University of New South Wales, Sydney

John Zic, CSIRO ICT Centre, Australia

Sanjay K. Jha, University of New South Wales, Sydney

Diethelm Ostry, CSIRO ICT Centre, Australia

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2010.140

Current network programming protocols provide an efficient way to update program images running on sensor nodes without having physical access to them. Securing these updates, however, remains a challenging and important issue, given the open environment where sensor nodes are often deployed. Several approaches addressing these issues have been reported, but their use of cryptographically strong protocols means that their computational costs (and hence, power consumption and communication costs) are relatively high. In this paper, we propose a novel scheme to secure a multihop network programming protocol through the use of multiple one-way hash chains. The scheme is shown to be lower in computational, power consumption, and communication costs yet still able to secure multihop propagation of program images. We demonstrate the use of this scheme and provide some results using the popular network programming protocol, Deluge. In addition, we include a performance evaluation of our scheme, implemented in TinyOS, in terms of latency and energy consumption.

[1] I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "A Survey on Sensor Networks," IEEE Comm. Magazine, vol. 40, no. 8, pp. 102-114, Aug. 2002.
[2] J.W. Hui and D. Culler, "The Dynamic Behavior of a Data Dissemination Protocol for Network Programming at Scale," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 81-94, 2004.
[3] T. Stathopoulos, J. Heidemann, and D. Estrin, "A Remote Code Update Mechanism for Wireless Sensor Networks," technical report, Univ. of California, Los Angeles, 2003.
[4] L. Wang, "MNP: Multihop Network Reprogramming Service for Sensor Networks," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 285-286, 2004.
[5] J. Jeong and D. Culler, "Incremental Network Programming for Wireless Sensors," Proc. IEEE Conf. Sensor and Ad Hoc Comm. and Networks (SECON '04), pp. 25-33, 2004.
[6] Tmote Sky, "Ultra Low Power IEEE 802.15.4 Compliant Wireless Sensor Module Humidity, Light, and Temperature Sensors with USB," http://www.moteiv.com/products/docstmote-sky-data sheet.pdf , Aug. 2007.
[7] R.L. Rivest, A. Shamir, and L.M. Adelman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Technical Report MIT/LCS/TM-82, 1977.
[8] W. Diffie and M.E. Hellman, "New Directions in Cryptography," IEEE Trans. Information Theory, vol. 22, no. 6, pp. 644-654, Nov. 1976.
[9] A. Tridgell, "Efficient Algorithms for Sorting and Synchronization," PhD thesis, 1999.
[10] P.K. Dutta, J.W. Hui, D.C. Chu, and D.E. Culler, "Securing the Deluge Network Programming System," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '06), pp. 326-333, 2006.
[11] P.E. Lanigan, R. Gandhi, and P. Narasimhan, "Sluice: Secure Dissemination of Code Updates in Sensor Networks," Proc. IEEE Int'l Conf. Distributed Computing Systems (ICDCS '06), pp. 53-63, 2006.
[12] J. Deng, R. Han, and S. Mishra, "Secure Code Distribution in Dynamically Programmable Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '06), pp. 292-300, 2006.
[13] J. Shaheen, D. Ostry, V. Sivaraman, and S. Jha, "Confidential and Secure Broadcast in Wireless Sensor Networks," Proc. IEEE Int'l Symp. Personal, Indoor and Mobile Radio Comm. (PIMRC '07), 2007.
[14] D.H. Kim, R. Gandhi, and P. Narasimhan, "Exploring Symmetric Cryptography for Secure Network Reprogramming," Proc. Int'l Conf. Distributed Computing Systems Workshops (ICDCSW '07), p. 17, 2007.
[15] P.E. Lanigan, P. Narasimhan, and R. Gandhi, "Tradeoffs in Configuring Secure Data Dissemination in Sensor Networks: An Empirical Outlook," Technical Report 006, Carnegie Mellon Univ., May 2007.
[16] S. Hyun, P. Ning, A. Liu, and W. Du, "Seluge: Secure and Dos-Resistant Code Dissemination in Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '08), pp. 445-456, 2008.
[17] A. Perrig, R. Szewczyk, V. Wen, D.E. Culler, and J.D. Tygar, "Spins: Security Protocols for Sensor Netowrks," Proc. Int'l Conf. Mobile Computing and Networking (Mobilecom '01), pp. 189-199, 2001.
[18] Y.C. Hu, A. Perrig, and D.B Johnson, "Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks," Proc. IEEE INFOCOM, vol. 3, pp. 1976-1986, 2003.
[19] V. Shnayder, M. Hempstead, B.-R. Chen, G.W. Allen, and M. Welsh, "Simulating the Power Consumption of Large-Scale Sensor Network Applications," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 188-200, 2004.
[20] M. Luk, A. Perrig, and B. Whillock, "Seven Cardinal Properties of Sensor Network Broadcast Authentication," Proc. Workshop Security of Ad Hoc and Sensor Networks (SASN '06), pp. 147-156, 2006.
[21] A.D. Wood, J.A. Stankovic, and S.H. Son, "Jam: A Jammed-Area Mapping Service for Sensor Networks," Proc. IEEE Int'l Real-Time Systems Symp. (RTSS '03), pp. 286-297, 2003.
[22] W. Xu, W. Trappe, and Y. Zhang, "Channel Surfing: Defending Wireless Sensor Networks from Interference," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '07), pp. 499-508, 2007.
[23] L. Lamport, "Password Authentication with Insecure Communication," Comm. ACM, vol. 24, no. 11, pp. 770-772, Nov. 1981.
[24] C. Kuo, M. Luk, R. Negi, and A. Perrig, "Message-in-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '07), 2007.
[25] D. Eastlake and P. Jones, "US Secure Hash Algorithm 1 (SHA1)," RFC 3174 (Experimental), Sept. 2001.
[26] W. Hu, C.T. Chou, S. Jha, and N. Bulusu, "Deploying Long-Lived and Cost-Effective Hybrid Sensor Networks," Ad Hoc Networks, vol. 4, no. 6, pp. 749-767, Nov. 2006.
[27] J.R. Douceur, "The Sybil Attack," Proc. Int'l Workshop Peer-to-Peer Systems (IPTPS '01): Revised Papers, pp. 251-260, 2002.
[28] "Telosb-Telosb Mote Platform," http://www.willow.co.ukTelosB_Datasheet.pdf , Sept. 2010.
[29] R. Clayton, "Brute Force Attacks on Cryptographic Keys," http://www.cl.cam.ac.uk/rnc1brute.html, Oct. 2001.
[30] A. Juels and J. Brainard, "Client Puzzles: A Cryptographic Countermeasure against Connection Depletion Attacks," Proc. Network and Distributed System Security Symp. (NDSS '99), pp. 151-165, 1999.
[31] D. Liu and P. Ning, Security for Wireless Sensor Networks. Springer, Nov. 2006.
[32] D. Gay, P. Levis, R. von Behren, M. Welsh, E. Brewer, and D. Culler, "The nesC Language: A Holistic Approach to Networked Embedded Systems," Proc. ACM SIGPLAN, 2003.
[33] Bouncy Castle Crypto Apis, http:/www.bouncycastle.org, 2010.
[34] A. Liu and P. Ning, "TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '08), Apr. 2008.
[35] C. Karlof, N. Sastry, and D. Wagner, "Tinysec: A Link Layer Security Architecture for Wireless Sensor Networks," Proc. Int'l SourceConf. Embedded Networked Sensor Systems (SenSys '04), pp. 162-175, 2004.
[36] Java Source Code for Deluge, http://tinyos.cvs.sourceforge.net/tinyos/ tinyos-1.x/tools/java/net/tinyosdeluge , 2010.
[37] Nesc Source Code for Deluge, http://tinyos.cvs.sourceforge.net/tinyos/ tinyos-1.x/tos/libDeluge, 2010.
[38] P. Levis, N. Lee, M. Welsh, and D. Culler, "Tossim: Accurate and Scalable Simulation of Entire Tinyos Applications," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '03), pp. 126-137, 2003.

Index Terms:

Network programming protocols, broadcast authentication, code dissemination, sensor network security.

Citation:

Hailun Tan, John Zic, Sanjay K. Jha, Diethelm Ostry, "Secure Multihop Network Programming with Multiple One-Way Key Chains," IEEE Transactions on Mobile Computing, vol. 10, no. 1, pp. 16-31, Jan. 2011, doi:10.1109/TMC.2010.140

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.