Professional Documents
Culture Documents
07/30/16
page 1
07/30/16
page 2
07/30/16
page 3
Performance
Using cryptography will incur increased overhead in extra
demands on the processor and RAM
The increased message length decreases the throughput and
increase latency, more importantly, it increases the power
consumption
Ease of use
Higher level security protocols will rely on the link-layer security
as a primitive
It should be transparent to applications
07/30/16
page 4
Security primitives
Message authentication codes (MAC)
A common solution to achieve message authenticity and
integrity
MAC can be viewed as cryptographically secure
checksum
Generated with a key shared by both sender & receiver
Must be hard to forge without the secret key
07/30/16
page 5
Mode of Operation
Block ciphers operate on blocks of plaintext and
ciphertext
Usually 64 bits
A cryptographic mode combines the basic cipher, some
sort of feedback, and some simple operations
07/30/16
page 6
07/30/16
page 7
TinySec design
Existing schemes are inadequate
Well-studied protocols are too heavy-weight for use in
sensor networks
Schemes for cellular telephony, and ad-hoc wireless
networks have serious limitations
07/30/16
page 8
Encryption
TinySec IV format
Tradeoff between long and short IV
How long is long enough?
Pigeonhole principle and birthday paradox
The structure of IV is dst||AM||l||src||ctr
Encryption schemes
Stream cipher has a devastating failure mode: if the same IV is
ever used, it is often possible to recover both plaintext
Block cipher is preferred
It is as robust as possible in the presence of repeated IV
MAC algorithms use a block cipher and so can reuse code
07/30/16
page 9
07/30/16
page 10
Message integrity
Authentication is still necessary even with
encryption
Flip bits in unauthenticated encrypted message can
cause predictable changes in plaintext
Unauthenticated messages are vulnerable to cut-andpaste attack
07/30/16
page 11
Packet format
07/30/16
page 12
Security analysis
Security of CBC-MAC is directly related to the
length of the MAC
Conventional security protocols use 8- or 16-byte MACs
07/30/16
page 13
07/30/16
page 14
Keying mechanisms
TinySec is not limited to any particular keying
mechanism
07/30/16
page 15
Implementation
TinySec was implemented in nesC, the
programming language used for TinyOS
Requires 728 bytes of RAM and 7146 bytes of program
space (256B RAM and 8152B ROM at expense of 6% slower)
07/30/16
page 16
Evaluation
Two main components to the costs: larger packet sizes when
using TinySec, and the extra computation time and energy
needed for cryptography
07/30/16
page 17
Cipher performance
07/30/16
page 18
Energy cost
07/30/16
page 19
Throughput
07/30/16
page 20
Latency
07/30/16
page 21
07/30/16
page 22