Securing the Deluge network programming system

A number of multi-hop, wireless, network programming systems have emerged for sensor network retasking but none of these systems support a cryptographically-strong, public-key-based system for source authentication and integrity verification. The traditional technique for authenticating a program binary, namely a digital signature of the program hash, is poorly suited to resource-contrained sensor nodes. Our solution to the secure programming problem leverages authenticated streams, is consistent with the limited resources of a typical sensor node, and can be used to secure existing network programming systems. Under our scheme, a program binary consists of several code and data segments that are mapped to a series of messages for transmission over the network. An advertisement, consisting of the program name, version number, and a hash of the very first message, is digitally signed and transmitted first. The advertisement authenticates the first message, which in turn contains a hash of the second message. Similarly, the second message contains a hash of the third message, and so on, binding each message to the one logically preceding it in the series through the hash chain. We augmented the Deluge network programming system with our protocol and evaluated the resulting system performance

[1]  Hugo Krawczyk,et al.  Strengthening Digital Signatures Via Randomized Hashing , 2006, CRYPTO.

[2]  J. Deng,et al.  Secure code distribution in dynamically programmable wireless sensor networks , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[3]  Gang Zhou,et al.  VigilNet: An integrated sensor network system for energy-efficient surveillance , 2006, TOSN.

[4]  Sandeep S. Kulkarni,et al.  Infuse: A TDMA Based Data Dissemination Protocol for Sensor Networks , 2006, Int. J. Distributed Sens. Networks.

[5]  Vipul Gupta,et al.  Sizzle: a standards-based end-to-end security architecture for the embedded Internet , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[6]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[7]  David E. Culler,et al.  Design of an application-cooperative management system for wireless sensor networks , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[8]  Matt Welsh,et al.  Monitoring volcanic eruptions with a wireless sensor network , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[9]  David E. Culler,et al.  System software techniques for low-power operation in wireless sensor networks , 2005, ICCAD-2005. IEEE/ACM International Conference on Computer-Aided Design, 2005..

[10]  David E. Culler,et al.  Telos: enabling ultra-low power wireless research , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[11]  David E. Culler,et al.  Design of a wireless sensor network platform for detecting rare, random, and ephemeral events , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[12]  S. Shankar Sastry,et al.  Design and implementation of a sensor network system for vehicle tracking and autonomous interception , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[13]  Limin Wang,et al.  MNP: Multihop Network Reprogramming Service for Sensor Networks , 2004, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[14]  Adam Dunkels,et al.  Contiki - a lightweight and flexible operating system for tiny networked sensors , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[15]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[16]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[17]  John Anderson,et al.  An analysis of a large scale habitat monitoring application , 2004, SenSys '04.

[18]  Deborah Estrin,et al.  A wireless sensor network For structural monitoring , 2004, SenSys '04.

[19]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[20]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[21]  Joseph A. Paradiso,et al.  Sensate Media — Multimodal Electronic Skins as Dense Sensor Networks , 2004 .

[22]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[23]  Carl Oberg,et al.  A small submarine robot for experiments in underwater sensor networks , 2004 .

[24]  Mike Horton,et al.  The platforms enabling wireless sensor networks , 2004, CACM.

[25]  David E. Culler,et al.  Lessons from a Sensor Network Expedition , 2004, EWSN.

[26]  P. Varaiya,et al.  Sensor Networks for Monitoring Traffic , 2004 .

[27]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.

[28]  Johannes Gehrke,et al.  Query Processing in Sensor Networks , 2003, CIDR.

[29]  Adrian Perrig,et al.  Secure Broadcast Communication , 2003, Springer US.

[30]  Deborah Estrin,et al.  A Remote Code Update Mechanism for Wireless Sensor Networks , 2003 .

[31]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[32]  Yong Wang,et al.  Energy-efficient computing for wildlife tracking: design tradeoffs and early experiences with ZebraNet , 2002, ASPLOS X.

[33]  Philip Levis,et al.  Maté: a tiny virtual machine for sensor networks , 2002, ASPLOS X.

[34]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[35]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[36]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[37]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[38]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[39]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.