Secure-TWS: Authenticating node to multi-user communication in shared sensor networks

Recent works have shown the usefulness of network and application layer protocols that connect low power sensor nodes directly to multiple applications and users on the Internet. We propose a security solution for this scenario. While previous works have provided security support for various communication patterns in sensor networks, such as among nodes, from nodes to a base station, and from users to nodes, the security of communication from sensor nodes to multiple users has not been sufficiently addressed. Specifically, we explore this design space and develop a security solution, named Secure-TWS, for efficient authentication of data sent by a resource constrained sensor node to multiple users, using digital signatures. We investigate the resource overheads in communication and computation for two most suitable signature schemes - the Elliptic Curve Digital Algorithm (ECDSA) and the Boneh-Lynn-Shacham (BLS) short signature schemes. We implement these schemes on two popular sensor node architectures (based onMSP430 and ARM processors with 802.15.4 radios) and experimentally characterize relevant trade-offs.

[1]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[2]  C. Q. Lee,et al.  The Computer Journal , 1958, Nature.

[3]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[4]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[5]  Alfred Menezes,et al.  Pairing-Based Cryptography at High Security Levels , 2005, IMACC.

[6]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[7]  Roberto Maria Avanzi,et al.  Another Look at Square Roots (and Other Less Common Operations) in Fields of Even Characteristic , 2007, Selected Areas in Cryptography.

[8]  Scott A. Vanstone,et al.  Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms , 2001, CRYPTO.

[9]  Neal Koblitz,et al.  CM-Curves with Good Cryptographic Properties , 1991, CRYPTO.

[10]  Frederik Vercauteren,et al.  Optimal Pairings , 2010, IEEE Transactions on Information Theory.

[11]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[12]  Feng Zhao,et al.  Tiny web services: design and implementation of interoperable and evolvable sensor networks , 2008, SenSys '08.

[13]  A. Miyaji,et al.  New Explicit Conditions of Elliptic Curve Traces for FR-Reduction , 2001 .

[14]  Vipul Gupta,et al.  Sizzle: a standards-based end-to-end security architecture for the embedded Internet , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[15]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[16]  Ricardo Dahab,et al.  SecLEACH - A Random Key Distribution Solution for Securing Clustered Sensor Networks , 2006, Fifth IEEE International Symposium on Network Computing and Applications (NCA'06).

[17]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[18]  Ricardo Dahab,et al.  High-Speed Software Multiplication in F2m , 2000, INDOCRYPT.

[19]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[20]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[21]  Peng Ning,et al.  Mitigating DoS attacks against broadcast authentication in wireless sensor networks , 2008, TOSN.

[22]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[23]  Ricardo Dahab,et al.  NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks , 2008, EWSN.

[24]  Julio César López-Hernández,et al.  Software Implementation of Pairing-Based Cryptography on Sensor Networks Using the MSP430 Microcontroller , 2009, INDOCRYPT.

[25]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[26]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[27]  Vipul Gupta,et al.  Sizzle: A Standards-Based End-to-End Security Architecture for the Embedded Internet (Best Paper) , 2005, PerCom.

[28]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[29]  Donggang Liu,et al.  Pre-authentication filters: providing dos resistance for signature-based broadcast authentication in sensor networks , 2008, WiSec '08.

[30]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[31]  Paulo S. L. M. Barreto,et al.  A family of implementation-friendly BN elliptic curves , 2011, J. Syst. Softw..

[32]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[33]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[34]  Suman Nath,et al.  SenseWeb: An Infrastructure for Shared Sensing , 2007, IEEE MultiMedia.

[35]  Don Coppersmith,et al.  Fast evaluation of logarithms in fields of characteristic two , 1984, IEEE Trans. Inf. Theory.

[36]  Wenjing Lou,et al.  Multi-user Broadcast Authentication in Wireless Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[37]  David E. Culler,et al.  Mica: A Wireless Platform for Deeply Embedded Networks , 2002, IEEE Micro.

[38]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.

[39]  Michael D. Smith,et al.  Implementing public-key infrastructure for sensor networks , 2008, TOSN.

[40]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[41]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[42]  Ricardo Dahab,et al.  Efficient implementation of elliptic curve cryptography in wireless sensors , 2010, Adv. Math. Commun..

[43]  Jiejun Kong,et al.  The challenges of building mobile underwater wireless networks for aquatic applications , 2006, IEEE Network.

[44]  Chae Hoon Lim,et al.  More Flexible Exponentiation with Precomputation , 1994, CRYPTO.

[45]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[46]  Kazumaro Aoki,et al.  SEC X.2: Recommended Elliptic Curve Domain Parameters , 2008 .

[47]  Feng Zhao,et al.  Towards Energy Efficient Design of Multi-radio Platforms for Wireless Sensor Networks , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[48]  David E. Culler,et al.  IP is dead, long live IP for wireless sensor networks , 2008, SenSys '08.

[49]  Jerome A. Solinas,et al.  Efficient Arithmetic on Koblitz Curves , 2000, Des. Codes Cryptogr..

[50]  Michael Scott,et al.  Optimizing Multiprecision Multiplication for Public Key Cryptography , 2007, IACR Cryptol. ePrint Arch..

[51]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[52]  Ricardo Dahab,et al.  TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks , 2008 .

[53]  Feng Zhao,et al.  mPlatform: a reconfigurable architecture and efficient data sharing mechanism for modular sensor nodes , 2007, IPSN.

[54]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[55]  Paulo S. L. M. Barreto,et al.  Efficient Implementation of Pairing-Based Cryptosystems , 2004, Journal of Cryptology.

[56]  Adam Dunkels,et al.  Full TCP/IP for 8-bit architectures , 2003, MobiSys '03.

[57]  Adrian Perrig,et al.  Seven cardinal properties of sensor network broadcast authentication , 2006, SASN '06.