Sencun Zhu
Sushil Jajodia
ABSTRACT
In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node -- an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.
- R. Anderson, M. Kuhn. Tamper Resistance -- a Cautionary Note. The Second USENIX Workshop on Electronic Com-merce Proceedings, Oakland, California, November, 1996.]] Google Scholar
Digital Library
- S. Basagni, K. Herrin, E. Rosti, D. Bruschi. Secure Pebblenets. In Proc. of MobiHoc 2001.]] Google ScholarDigital Library
- A. Cerpa and D. Estrin. ASCENT: Adaptive selfconfiguring sensor network topologies. In Proc. of INFOCOM'02, June 2002.]]Google Scholar
- D. Coppersmith, M. Jakobsson. Almost Optimal Hash Sequence Traversal. In Finanical Cryptography (FC) '02.]]Google Scholar
- D. Carman, P. Kruus and B. Matt. Constraints and approaches for distributed sensor network security, NAI Labs Technical Report No. 00010 (2000).]]Google Scholar
- H. Chan, A. Perrig, D. Song. Random Key Predistribution Schemes for Sensor Networks. To appear in Proc. of the IEEE Security and Privacy Symposim 2003, May 2003.]] Google ScholarDigital Library
- T. Dierks and C. Allen. The TLS Protocol Version 1.0. RFC 2246, January 1999.]] Google ScholarDigital Library
- J. Douceur. The Sybil Attack. In First Interntional Workshop on Peer-to-Peer Systems (IPTPS'02), 2002.]] Google ScholarDigital Library
- L. Eschenauer and V. Gligor. A Key-Management Scheme for Distributed Sensor Networks. In Proc. of ACM CCS 2002.]] Google ScholarDigital Library
- O. Goldreich, S. Goldwasser, and S. Micali. How to Construct Random Functions. Journal of the ACM, Vol. 33, No. 4, 1986, pp 210--217.]] Google ScholarDigital Library
- Y. Hu, A. Perrig, and D. Johnson. Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks. Proceedings of INFOCOM 2003, IEEE, San Francisco, CA, April 2003, to appear.]]Google ScholarCross Ref
- J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture directions for networked sensors. In Proc. of ASPLOS IX, 2000.]] Google ScholarDigital Library
- C. Intanagonwiwat, R. Govindan and D. Estrin. Directed diffusion: A scalable and robust communication paradigm for sensor networks In Proc. of MobiCOM'00, Boston, Massachussetts, August 2000.]] Google ScholarDigital Library
- C. Karlof, Y. Li, and J. Polastre. ARRIVE: An Architecture for Robust Routing In Volatile Environments. Technical Report UCB/CSD-03-1233, University of California at Berkeley, Mar. 2003.]]Google Scholar
- J. Kohl and B. Neuman. The Kerberos Network Authentication Service (V5). RFC 1510, Sep. 1993.]] Google ScholarDigital Library
- C. Karlof, N. Sastry, U. Shankar, and D. Wagner. TinySec: TinyOS Link Layer Security Proposal, version 1.0, Unpublished manuscript, July 2002.]]Google Scholar
- C. Karlof and D. Wagner. Secure Routing in Sensor Networks: Attacks and Countermeasures. To appear in Proc. of First IEEE Workshop on Sensor Network Protocols and Applications, May 2003.]]Google Scholar
- L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, Nov., 1981.]] Google ScholarDigital Library
- D. Liu and P. Ning. Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks. In Proc. of NDSS'03, Feb. 2003.]]Google Scholar
- S. Madden, R. Szewczyk, M. Franklin, and D. Culler. Supporting Aggregate Queries Over Ad-Hoc Wireless Sensor Networks. In 4th IEEE Workshop on Mobile Computing Systems & Applications, June 2002.]] Google ScholarDigital Library
- A. Perrig, R. Canetti, J. Tygar, D. Song. Efficient authentication and signing of multicast streams over lossy channels. In IEEE Symposium on Security and Privacy. May 2000.]] Google ScholarDigital Library
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar. SPINS: Security Protocols for Sensor Networks. In Proc. of Seventh Annual ACM International Conference on Mobile Computing and Networks(Mobicom 2001), Rome Italy, July 2001.]] Google ScholarDigital Library
- F. Stajano and R. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Security Protocols, 7th International Workshop. Springer Verlag, 1999.]] Google ScholarDigital Library
- TinyOs. http://www.cs.berkeley.edu/~jhill/spec/index.htm.]]Google Scholar
- A. Woo and D. Culler. A Transmission Control Scheme for Media Access in Sensor Networks. In Proc. of MOBICOM '01, Rome, July 2001.]] Google ScholarDigital Library
- C. Wong, M. Gouda,S. Lam. Secure Group Communication Using Key Graphs. In Proc. Of SIGCOMM'98, 1998.]] Google ScholarDigital Library
- F. Ye, G. Zhong, S. Lu, L. Zhang. PEAS: A Robust Energy Conserving Protocol for Long-lived Sensor Networks. In Prof. of ICDCS 2003, Providence Rhode Island, May, 2003.]] Google ScholarDigital Library
- S. Zhu, S. Xu, S. Setia, and S. Jajodia. LHAP: A Lightweight Hop-by-Hop Authentication Protocol For Ad-Hoc Networks. In ICDCS 2003 International Workshop on Mobile and Wireless Network (MWN 2003), Providence, Rodhe Island, May 2003.]] Google ScholarDigital Library
- S. Zhu, S. Xu, S. Setia, and S. Jajodia. Establishing Pair-wise Keys For Secure Communication in Ad Hoc Networks: A Probabilistic Approach. To appear in the 11th IEEE International Conference on Network Protocols (ICNP'03), Atlanta, Georgia, November 4-7, 2003.]] Google ScholarDigital Library
Index Terms
- LEAP: efficient security mechanisms for large-scale distributed sensor networks
Recommendations
LEAP+: Efficient security mechanisms for large-scale distributed sensor networks
We describe LEAP+ (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the ...
Poster abstract: LEAP—efficient security mechanisms for large-scale distributed sensor networks
SenSys '03: Proceedings of the 1st international conference on Embedded networked sensor systemsIn this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing techniques such as passive participation. LEAP includes support for ...
A symmetric key based secured data gathering protocol for WSN
ASID'09: Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communicationWireless sensor network (WSN) is usually used in civil and military applications for gathering data from the surrounding environment. As WSN is a self configured network and mostly works in an unattended wireless environment, there is a lot of scope for ...
Comments