On application of Host Identity Protocol in wireless sensor networks

Recent advances in development of low-cost wireless sensor platforms open up opportunities for novel wireless sensor network (WSN) applications. Likewise emerge security concerns of WSNs receiving closer attention of research community. Well known security threats in WSNs range from Denial-of-Service (DoS), Replay and Sybil attacks to those targeted at violating data integrity and confidentiality. Public-key cryptography (PKC) as a countermeasure to potential attacks, although originally treated infeasible for resource-constrained sensor nodes, has shown its eligibility for WSNs in the past few years. However, different security and performance requirements, energy consumption issues, as well as varying hardware capabilities of sensor motes pose a challenge of finding the most efficient security protocol for a particular WSN application and scenario. In this paper, we propose to use the Host Identity Protocol (HIP) as the main component for building network-layer security in WSNs. Combining PKC signatures to authenticate wireless nodes, a Diffie-Hellman key exchange to create a pairwise secret key, a puzzle mechanism to protect against DoS attacks and the IPsec protocol for optional encryption of sensitive application data, HIP provides a standardized solution to many security problems of WSNs. We discuss how HIP can strengthen security of WSNs, suggest possible alternatives to its heavy components in particular WSN applications and evaluate their computational and energy costs on a Linux-based Imote2 wireless sensor platform.

[1]  Russ Housley,et al.  Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) , 2004, RFC.

[2]  Klaus Wehrle,et al.  Security for pervasive medical sensor networks , 2009, 2009 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, MobiQuitous.

[3]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[4]  Klaus Wehrle,et al.  Brief announcement: distributed trust management and revocation , 2010, PODC '10.

[5]  Andrei Gurtov Host Identity Protocol (HIP): Towards the Secure Mobile Internet , 2008 .

[6]  Chieh-Yih Wan,et al.  Edge Processing and Enterprise Integration: Closing the Gap on Deployable Industrial Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[7]  Andrey Khurri,et al.  Performance of host identity protocol on lightweight hardware , 2007, MobiArch '07.

[8]  Weisong Shi,et al.  Wireless Sensor Network Security: A Survey , 2006 .

[9]  Peter Langendörfer,et al.  How public key cryptography influences wireless sensor node lifetime , 2006, SASN '06.

[10]  Billie F. Spencer,et al.  Structural health monitoring sensor development for the Imote2 platform , 2008, SPIE Smart Structures and Materials + Nondestructive Evaluation and Health Monitoring.

[11]  R. Kling,et al.  IMOTE2: Serious Computation at the Edge , 2008, 2008 International Wireless Communications and Mobile Computing Conference.

[12]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[13]  Pekka Nikander,et al.  Host Identity Protocol , 2005 .

[14]  Peng Ning,et al.  Securing network access in wireless sensor networks , 2009, WiSec '09.

[15]  David E. Culler,et al.  Transmission of IPv6 Packets over IEEE 802.15.4 Networks , 2007, RFC.

[16]  Russ Housley,et al.  Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP) , 2005, RFC.

[17]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[18]  Cristina Alcaraz,et al.  A Survey of Cryptographic Primitives and Implementations for Hardware-Constrained Sensor Network Nodes , 2007, Mob. Networks Appl..

[19]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[20]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .