You are on page 1of 29

SPINS: Security

Protocols for Sensor


Networks
Adrian Perrig, Robert Szewczyk,
Victor Wen, David Culler, and J.D.
Tygar – University of California,
Berkeley

Presented By: Kimberly Yonce


Outline
 Wireless Sensor Networks
 SPINS Building Blocks
 SNEP
 µTESLA
 Related Work
 Limitations/Future Work/Comments
Wireless Sensor Networks
(WSN)
 A wireless network
consisting of spatially
distributed autonomous
devices using sensors to
cooperatively monitor
different locations.
 Types of Sensors:
temperature, sound,
vibration, pressure,
motion, and light.
WSN Applications
 Habitat monitoring
 ZebraNet: Animals are
equipped with tracking
nodes that contain GPS
to monitor position and
speed of movement and
light sensors to indicate
current environment.
WSN Applications
 Fire Detection
 SmokeNet: Sensors
monitor smoke
detection in a building.
Sensors worn by
firefighters monitor
heart rate and air tank
level as well as their
location.
WSN Applications
 Medical Uses
 Vital Sign Monitoring
 Patient Tracking
 Emergency Triage
 Stroke Rehabilitation
WSN Applications
 Military Uses
 Military Vehicle Tracking
 Mine Fields
 Sniper Localization
 Traffic Monitoring
 Intrusion Detection
Sensor Network at UC
Berkeley
Sensor Hardware
Sensor Hardware
 SmartDust
 TinyOS
 CPU: 8-bit, 4MHz
 Storage: 8 KB instruction
flash, 512 bytes RAM, 512
bytes EEPROM
 916 MHz radio
 Bandwidth: 10 Kbps
 OS Code Space: 3500
bytes
 Available Code Space:
4500 bytes
WSN Challenges
 Severely resource-constrained
environments:
 Processing power
 Storage
 Bandwidth
 Energy
Is Security Possible?
 RSA
 Performs operations on 2 large prime numbers
 N (modulus of the public and private keys) is
recommended to be at least 2048 bits long
 Digital Signatures
 High communication overhead of 50-1000
bytes per packet
 High overhead to create and verify the
signatures
Is Security Possible?
 DES
 64 bit block size
 Key length 56 bits
 512-entry Sbox table
 256-entry table for various permutations
 AES
 128 bit fixed block size
 Key size of 128, 192, or 256 bits
 800 bytes of lookup tables
WSN Communication
Patterns
 Sensor Readings
 Node to Base Station
 Specific Requests
 Base Station to Node
 Reprogramming
Network, Routing
Beacons
 Base Station broadcast
to all Nodes
Sensor Network Security
Requirements
 Data Confidentiality
 Data Authentication
 Data Integrity
 Data Freshness
 Weak Freshness
 Strong Freshness
SPINS Building Blocks
 SNEP
 Data confidentiality
 Two-party data authentication
 Integrity
 Freshness
 µTESLA
 Authentication for data broadcasts
SNEP
 Low communication overhead
 Uses MAC to achieve two-party authentication
and data integrity
 A shared counter between sender and receiver
helps ensure semantic security

A → B : { D} K encr ,C , (
MAC K mac , C { D} K encr ,C )
SNEP with Strong Freshness
A → B : N A , RA

B → A : { RB } K encr ,C
(
, MAC K mac , N A C { RB } K encr ,C
)
µTESLA
 TESLA authenticates initial packet with a
digital signature. µTESLA uses only
symmetric mechanisms.
 Instead of disclosing a key in each packet,
a key is disclosed once per epoch.
 µTESLA restricts number of authenticated
senders.
 Broadcast from Base Station vs. Broadcast
from a node
Cryptography
Implementation
 Block Cipher
 RC5 – small code size and high efficiency
 Variable block size (32, 64, or 128 bits)
 Key Size (0 to 255)

 # of Rounds (0 to 255)

 Modular additions and XORs

 Feistal like structure


Encryption Function
 Counter (CTR) Mode
 Same function for encryption and decryption
 Stream cipher in nature
MAC Generation
Key Setup
Evaluation
 Code Size

 RAM Requirements
Evaluation
 Energy Costs
MAC Transmission
20%
1% Encryption Computation
1%
Encryption
1% Transmission
7% Computation

2% Freshness Transmission
71% MAC Computation

Data Transmission
Related Work
 Carman, Kruus, and Matt analyze a variety
of approaches for key agreement and
distribution in sensor networks.
 TEA by Wheeler and Needham or TREYFER
by Yuval are smaller alternatives as
symmetric ciphers.
 Karlof and Wagner investigate security
goals for routing in sensor networks.
 Deng et al. analyze attacks against the
base station.
Limitations/Future Work
 µTESLA requires loose time
synchronization between nodes
 Counter must be updated at sender and
receiver
 Information leakage through covert
channels
 Only ensure that a compromised sensor
does not reveal the keys of all the sensors
in the network
Limitations/Future Work
 Does not consider DoS
 Does not achieve non-repudiation
 Relies on the base station being trusted,
and therefore does not consider attacks on
the base station itself.
Questions/Comment
s

You might also like