Security Analysis and Improvement of a Secure and Distributed Reprogramming Protocol for Wireless Sensor Networks

Wireless reprogramming in a wireless sensor network (WSN) is the process of propagating a new code image or relevant commands to sensor nodes. As a WSN is usually deployed in hostile environments, secure reprogramming is and will continue to be a major concern. While all existing insecure/secure reprogramming protocols are based on the centralized approach, it is important to support distributed reprogramming in which multiple authorized network users can simultaneously and directly reprogram sensor nodes without involving the base station. Very recently, a novel secure and distributed reprogramming protocol named SDRP has been proposed, which is the first work of its kind. However, in this paper, we identify an inherent design weakness in the user preprocessing phase of SDRP and demonstrate that it is vulnerable to an impersonation attack by which an adversary can easily impersonate any authorized user to carry out reprogramming. Subsequently, we propose a simple modification to fix the identified security problem without losing any features of SDRP. Our experimental results demonstrate that it is possible to eliminate the design weakness by adding 1-B redundant data and that the execution time of the suggested solution in a 1.6-GHz laptop PC is no more than 1 ms. Therefore, our solution is feasible and secure for real-world applications. Moreover, we show that, in order to further improve the security and efficiency of SDRP, any better established identity-based signature algorithm can be directly employed in SDRP. Based on implementation results, we demonstrate efficiency improvement over the original SDRP.

[1]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[2]  Ren C. Luo,et al.  Mobile Sensor Node Deployment and Asynchronous Power Management for Wireless Sensor Networks , 2012, IEEE Transactions on Industrial Electronics.

[3]  Vladimir Shin,et al.  Mobile Node Localization Using Fusion Prediction-Based Interacting Multiple Model in Cricket Sensor Network , 2012, IEEE Transactions on Industrial Electronics.

[4]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[5]  Marimuthu Palaniswami,et al.  Secure Rateless Deluge: Pollution-Resistant Reprogramming and Data Dissemination for Wireless Sensor Networks , 2011, EURASIP J. Wirel. Commun. Netw..

[6]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[7]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[8]  Chun Chen,et al.  Secure and efficient dynamic program update in wireless sensor networks , 2012, Secur. Commun. Networks.

[9]  Gerhard P. Hancke,et al.  Opportunities and Challenges of Wireless Sensor Networks in Smart Grid , 2010, IEEE Transactions on Industrial Electronics.

[10]  Chae Hoon Lim Secure Code Dissemination and Remote Image Management Using Short-Lived Signatures in WSNs , 2011, IEEE Communications Letters.

[11]  Xiaotie Deng,et al.  TinyPairing: A Fast and Lightweight Pairing-Based Cryptographic Library for Wireless Sensor Networks , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[12]  Kijoon Chae,et al.  Code updates based on minimal backbone and group key management for secure sensor networks , 2013, Math. Comput. Model..

[13]  Jiming Chen,et al.  Building-Environment Control With Wireless Sensor and Actuator Networks: Centralized Versus Distributed , 2010, IEEE Transactions on Industrial Electronics.

[14]  Jiming Chen,et al.  Distributed Collaborative Control for Industrial Automation With Wireless Sensor and Actuator Networks , 2010, IEEE Transactions on Industrial Electronics.

[15]  Peng Ning,et al.  Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[16]  Philip Levis,et al.  Data Discovery and Dissemination with DIP , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[17]  Prasun Sinha,et al.  Sprinkler: A Reliable and Energy Efficient Data Dissemination Service for Extreme Scale Wireless Networks of Embedded Devices , 2007, IEEE Transactions on Mobile Computing.

[18]  David Starobinski,et al.  Rateless Deluge: Over-the-Air Programming of Wireless Sensor Networks Using Random Linear Codes , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[19]  Chun Chen,et al.  SDRP: A Secure and Distributed Reprogramming Protocol for Wireless Sensor Networks , 2012, IEEE Transactions on Industrial Electronics.

[20]  John Zic,et al.  Secure Multihop Network Programming with Multiple One-Way Key Chains , 2008, IEEE Transactions on Mobile Computing.

[21]  Carlos Couto,et al.  A 2.4-GHz CMOS Short-Range Wireless-Sensor-Network Interface for Automotive Applications , 2010, IEEE Transactions on Industrial Electronics.

[22]  J. Antonio García-Macías,et al.  A protocol for secure and energy-aware reprogramming in WSN , 2009, IWCMC.

[23]  Michele Zorzi,et al.  An integrated system for secure code distribution in Wireless Sensor Networks , 2010, 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[24]  Gerhard P. Hancke,et al.  Industrial Wireless Sensor Networks: Challenges, Design Principles, and Technical Approaches , 2009, IEEE Transactions on Industrial Electronics.

[25]  Jonathan W. Hui,et al.  Securing the Deluge network programming system , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[26]  Luca Mottola,et al.  Programming wireless sensor networks , 2011, ACM Comput. Surv..

[27]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.