Multi-Level microTESLA: A Broadcast Authentication System for Distributed Sensor Networks

Broadcast authentication is a fundamental security service in distributed sensor networks. This paper presents the development of a scalable broadcast authentication scheme named multi-level microTESLA based on microTESLA, a broadcast authentication protocol whose scalability is limited by its unicast based initial parameter distribution. Multi-level microTESLA satisfies several nice properties, including low overhead, tolerance of message loss, scalability to large networks, and resistance to replay attacks as well as denial of service attacks. This paper also presents the development of a multi-level microTESLA broadcast authentication system on TinyOS, an operating system for networked sensors, and experimental results obtained through simulation.

[1]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[2]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[3]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[4]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[5]  Charalampos Manifavas,et al.  A new family of authentication protocols , 1998, OPSR.

[6]  Bob Briscoe,et al.  FLAMeS: Fast, Loss-Tolerant Authentication of Multicast Streams , 2000 .

[7]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[8]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[9]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[10]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[11]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[12]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1998, Proceedings Sixth International Conference on Network Protocols (Cat. No.98TB100256).

[13]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[14]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[15]  Bruno Crispo,et al.  Individual single source authentication on the MBONE , 2000, 2000 IEEE International Conference on Multimedia and Expo. ICME2000. Proceedings. Latest Advances in the Fast Changing World of Multimedia (Cat. No.00TH8532).

[16]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[17]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[18]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[19]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[20]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[21]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[22]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[23]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[24]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[25]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[26]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[27]  S. Cheung,et al.  An efficient message authentication scheme for link state routing , 1997, Proceedings 13th Annual Computer Security Applications Conference.

[28]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.