The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January (2011 vol.10)
pp: 16-31
Hailun Tan , University of New South Wales, Sydney
John Zic , CSIRO ICT Centre, Australia
Sanjay K. Jha , University of New South Wales, Sydney
Diethelm Ostry , CSIRO ICT Centre, Australia
ABSTRACT
Current network programming protocols provide an efficient way to update program images running on sensor nodes without having physical access to them. Securing these updates, however, remains a challenging and important issue, given the open environment where sensor nodes are often deployed. Several approaches addressing these issues have been reported, but their use of cryptographically strong protocols means that their computational costs (and hence, power consumption and communication costs) are relatively high. In this paper, we propose a novel scheme to secure a multihop network programming protocol through the use of multiple one-way hash chains. The scheme is shown to be lower in computational, power consumption, and communication costs yet still able to secure multihop propagation of program images. We demonstrate the use of this scheme and provide some results using the popular network programming protocol, Deluge. In addition, we include a performance evaluation of our scheme, implemented in TinyOS, in terms of latency and energy consumption.
INDEX TERMS
Network programming protocols, broadcast authentication, code dissemination, sensor network security.
CITATION
Hailun Tan, John Zic, Sanjay K. Jha, Diethelm Ostry, "Secure Multihop Network Programming with Multiple One-Way Key Chains", IEEE Transactions on Mobile Computing, vol.10, no. 1, pp. 16-31, January 2011, doi:10.1109/TMC.2010.140
REFERENCES
[1] I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "A Survey on Sensor Networks," IEEE Comm. Magazine, vol. 40, no. 8, pp. 102-114, Aug. 2002.
[2] J.W. Hui and D. Culler, "The Dynamic Behavior of a Data Dissemination Protocol for Network Programming at Scale," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 81-94, 2004.
[3] T. Stathopoulos, J. Heidemann, and D. Estrin, "A Remote Code Update Mechanism for Wireless Sensor Networks," technical report, Univ. of California, Los Angeles, 2003.
[4] L. Wang, "MNP: Multihop Network Reprogramming Service for Sensor Networks," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 285-286, 2004.
[5] J. Jeong and D. Culler, "Incremental Network Programming for Wireless Sensors," Proc. IEEE Conf. Sensor and Ad Hoc Comm. and Networks (SECON '04), pp. 25-33, 2004.
[6] Tmote Sky, "Ultra Low Power IEEE 802.15.4 Compliant Wireless Sensor Module Humidity, Light, and Temperature Sensors with USB," http://www.moteiv.com/products/docstmote-sky-data sheet.pdf , Aug. 2007.
[7] R.L. Rivest, A. Shamir, and L.M. Adelman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Technical Report MIT/LCS/TM-82, 1977.
[8] W. Diffie and M.E. Hellman, "New Directions in Cryptography," IEEE Trans. Information Theory, vol. 22, no. 6, pp. 644-654, Nov. 1976.
[9] A. Tridgell, "Efficient Algorithms for Sorting and Synchronization," PhD thesis, 1999.
[10] P.K. Dutta, J.W. Hui, D.C. Chu, and D.E. Culler, "Securing the Deluge Network Programming System," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '06), pp. 326-333, 2006.
[11] P.E. Lanigan, R. Gandhi, and P. Narasimhan, "Sluice: Secure Dissemination of Code Updates in Sensor Networks," Proc. IEEE Int'l Conf. Distributed Computing Systems (ICDCS '06), pp. 53-63, 2006.
[12] J. Deng, R. Han, and S. Mishra, "Secure Code Distribution in Dynamically Programmable Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '06), pp. 292-300, 2006.
[13] J. Shaheen, D. Ostry, V. Sivaraman, and S. Jha, "Confidential and Secure Broadcast in Wireless Sensor Networks," Proc. IEEE Int'l Symp. Personal, Indoor and Mobile Radio Comm. (PIMRC '07), 2007.
[14] D.H. Kim, R. Gandhi, and P. Narasimhan, "Exploring Symmetric Cryptography for Secure Network Reprogramming," Proc. Int'l Conf. Distributed Computing Systems Workshops (ICDCSW '07), p. 17, 2007.
[15] P.E. Lanigan, P. Narasimhan, and R. Gandhi, "Tradeoffs in Configuring Secure Data Dissemination in Sensor Networks: An Empirical Outlook," Technical Report 006, Carnegie Mellon Univ., May 2007.
[16] S. Hyun, P. Ning, A. Liu, and W. Du, "Seluge: Secure and Dos-Resistant Code Dissemination in Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '08), pp. 445-456, 2008.
[17] A. Perrig, R. Szewczyk, V. Wen, D.E. Culler, and J.D. Tygar, "Spins: Security Protocols for Sensor Netowrks," Proc. Int'l Conf. Mobile Computing and Networking (Mobilecom '01), pp. 189-199, 2001.
[18] Y.C. Hu, A. Perrig, and D.B Johnson, "Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks," Proc. IEEE INFOCOM, vol. 3, pp. 1976-1986, 2003.
[19] V. Shnayder, M. Hempstead, B.-R. Chen, G.W. Allen, and M. Welsh, "Simulating the Power Consumption of Large-Scale Sensor Network Applications," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '04), pp. 188-200, 2004.
[20] M. Luk, A. Perrig, and B. Whillock, "Seven Cardinal Properties of Sensor Network Broadcast Authentication," Proc. Workshop Security of Ad Hoc and Sensor Networks (SASN '06), pp. 147-156, 2006.
[21] A.D. Wood, J.A. Stankovic, and S.H. Son, "Jam: A Jammed-Area Mapping Service for Sensor Networks," Proc. IEEE Int'l Real-Time Systems Symp. (RTSS '03), pp. 286-297, 2003.
[22] W. Xu, W. Trappe, and Y. Zhang, "Channel Surfing: Defending Wireless Sensor Networks from Interference," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '07), pp. 499-508, 2007.
[23] L. Lamport, "Password Authentication with Insecure Communication," Comm. ACM, vol. 24, no. 11, pp. 770-772, Nov. 1981.
[24] C. Kuo, M. Luk, R. Negi, and A. Perrig, "Message-in-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '07), 2007.
[25] D. Eastlake and P. Jones, "US Secure Hash Algorithm 1 (SHA1)," RFC 3174 (Experimental), Sept. 2001.
[26] W. Hu, C.T. Chou, S. Jha, and N. Bulusu, "Deploying Long-Lived and Cost-Effective Hybrid Sensor Networks," Ad Hoc Networks, vol. 4, no. 6, pp. 749-767, Nov. 2006.
[27] J.R. Douceur, "The Sybil Attack," Proc. Int'l Workshop Peer-to-Peer Systems (IPTPS '01): Revised Papers, pp. 251-260, 2002.
[28] "Telosb-Telosb Mote Platform," http://www.willow.co.ukTelosB_Datasheet.pdf , Sept. 2010.
[29] R. Clayton, "Brute Force Attacks on Cryptographic Keys," http://www.cl.cam.ac.uk/rnc1brute.html, Oct. 2001.
[30] A. Juels and J. Brainard, "Client Puzzles: A Cryptographic Countermeasure against Connection Depletion Attacks," Proc. Network and Distributed System Security Symp. (NDSS '99), pp. 151-165, 1999.
[31] D. Liu and P. Ning, Security for Wireless Sensor Networks. Springer, Nov. 2006.
[32] D. Gay, P. Levis, R. von Behren, M. Welsh, E. Brewer, and D. Culler, "The nesC Language: A Holistic Approach to Networked Embedded Systems," Proc. ACM SIGPLAN, 2003.
[33] Bouncy Castle Crypto Apis, http:/www.bouncycastle.org, 2010.
[34] A. Liu and P. Ning, "TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks," Proc. Int'l Conf. Information Processing in Sensor Networks (IPSN '08), Apr. 2008.
[35] C. Karlof, N. Sastry, and D. Wagner, "Tinysec: A Link Layer Security Architecture for Wireless Sensor Networks," Proc. Int'l SourceConf. Embedded Networked Sensor Systems (SenSys '04), pp. 162-175, 2004.
[36] Java Source Code for Deluge, http://tinyos.cvs.sourceforge.net/tinyos/ tinyos-1.x/tools/java/net/tinyosdeluge , 2010.
[37] Nesc Source Code for Deluge, http://tinyos.cvs.sourceforge.net/tinyos/ tinyos-1.x/tos/libDeluge, 2010.
[38] P. Levis, N. Lee, M. Welsh, and D. Culler, "Tossim: Accurate and Scalable Simulation of Entire Tinyos Applications," Proc. Int'l Source Conf. Embedded Networked Sensor Systems (SenSys '03), pp. 126-137, 2003.
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool