Towards Secure Network Programming and Recovery in Wireless Sensor Networks

A number of multi-hop wireless reprogramming systems haveemerged for sensor network retasking but none of these sys-tems support a cryptographically-strong, public-key-basedsystem for program authentication or any form of recoveryfrom authenticated, but Byzantine, programs. The tradi-tional techniques for authenticating a program and recover-ing from Byzantine user programs, namely a digital signa-ture of the program hash and hardware-based memory pro-tection, respectively, are not suited to resource-contrainedsensor nodes. We present techniques that are consistentwith the limited resources of sensor networks, can be usedto secure existing wireless reprogramming systems, and al-low recovery from Byzantine programs. Our solution to thesecure reprogramming problem is based on authenticatedstreams. A program image consists of several code and datasegments that are mapped to a series of messages for trans-mission over the network. A hash of the first message inthis series is digitally signed and the hash and signature areprepended to the series. The signed hash authenticates thefirst message, which in turn contains a hash of the secondmessage. Similarly, the second message contains a hash ofthe third message, and so on, recursively binding each mes-sage to the one logically preceding it in the series through thehash chain. The solution to the recovery problem requiresboth on- and off-chip hardware support in the form of awrite-protected boot block and a grenade timer. Recoveryis enforced by periodically resetting the node which executesa trusted bootloader located in the boot block. We imple-mented the security and recovery primitives using TinyOSand demonstrated that the overhead incurred is small com-pared with the cost of network programming.

[1]  P. Varaiya,et al.  Sensor Networks for Monitoring Traffic , 2004 .

[2]  David E. Culler,et al.  Mica: A Wireless Platform for Deeply Embedded Networks , 2002, IEEE Micro.

[3]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[4]  Matt Welsh,et al.  Monitoring volcanic eruptions with a wireless sensor network , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[5]  Chaki Ng,et al.  Mirage: a microeconomic resource allocation system for sensornet testbeds , 2005, The Second IEEE Workshop on Embedded Networked Sensors, 2005. EmNetS-II..

[6]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[7]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[8]  Deborah Estrin,et al.  A Remote Code Update Mechanism for Wireless Sensor Networks , 2003 .

[9]  Philip Levis,et al.  Maté: a tiny virtual machine for sensor networks , 2002, ASPLOS X.

[10]  Robert Wahbe,et al.  Efficient software-based fault isolation , 1994, SOSP '93.

[11]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[12]  John Anderson,et al.  An analysis of a large scale habitat monitoring application , 2004, SenSys '04.

[13]  Matt Welsh,et al.  MoteLab: a wireless sensor network testbed , 2005, IPSN '05.

[14]  Joseph A. Paradiso,et al.  Sensate Media — Multimodal Electronic Skins as Dense Sensor Networks , 2004 .

[15]  Yong Wang,et al.  Energy-efficient computing for wildlife tracking: design tradeoffs and early experiences with ZebraNet , 2002, ASPLOS X.

[16]  Adrian Perrig,et al.  Secure Broadcast Communication , 2003, Springer US.

[17]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[18]  Frank Stajano,et al.  The Grenade Timer: Fortifying the Watchdog Timer Against Malicious Mobile Code , 2000 .

[19]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[20]  S. Shankar Sastry,et al.  Design and implementation of a sensor network system for vehicle tracking and autonomous interception , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[21]  David E. Culler,et al.  Design of a wireless sensor network platform for detecting rare, random, and ephemeral events , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[22]  Carl Oberg,et al.  A small submarine robot for experiments in underwater sensor networks , 2004 .

[23]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[24]  Limin Wang,et al.  MNP: Multihop Network Reprogramming Service for Sensor Networks , 2004, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[25]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[26]  Johannes Gehrke,et al.  Query Processing in Sensor Networks , 2003, CIDR.

[27]  Sandeep S. Kulkarni,et al.  Infuse: A TDMA Based Data Dissemination Protocol for Sensor Networks , 2006, Int. J. Distributed Sens. Networks.

[28]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[29]  David E. Culler,et al.  Telos: enabling ultra-low power wireless research , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[30]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[31]  Deborah Estrin,et al.  A wireless sensor network For structural monitoring , 2004, SenSys '04.

[32]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[33]  David E. Culler,et al.  Design of an application-cooperative management system for wireless sensor networks , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[34]  Gang Zhou,et al.  VigilNet: An integrated sensor network system for energy-efficient surveillance , 2006, TOSN.