Protocols for Secure Communication in Wireless Sensor Networks

Wireless sensor networks are comprised of large numbers of resource-constrained and wirelessly communicating computing devices. Advances in computing and communication technology have made it possible to integrate sensing capabilities, wireless communication interfaces, and microprocessors into tiny devices that allow to embed compuational power in arbitrary environments. The applications of wireless sensor networks range from surveillance and environmental monitoring to healthcare and the provisioning of context information for computing applications. Many of these applications have a direct impact on the welfare of human beings or are of high economic significance. Security breaches might lead to grave consequences, so it is important to protect wireless sensor networks against such threats. The specific characteristics of wireless sensor networks make them vulnerable to attacks on their communication channels and their hardware. Cryptographic mechanisms can be employed to protect against some of the possible attacks: eavesdropping on messages is countered by encryption, and the injection of messages by the attacker is prevented by authentication. Unfortunately, direct physical access to the sensor nodes allows an attacker to manipulate them almost arbitrarily. In particular, nodes could be compromised and then made to execute malicious code injected by the attacker. Tamper resistance mechanisms applied to the nodes’ hardware, concealment, surveillance and other techniques may be used to mitigate such attacks. However, they cannot be completely prevented and therefore, any communication security scheme being used must be sufficiently resilient to tolerate a certain amount of compromised nodes. Consequently an important objective is to limit the impact of a set of compromised nodes on the legitimate operation of the network to a minimum. This objective can optimally achieved by cryptographic mechanisms that establish a direct security relationship between communicating end-points. This limits the influence that a single compromised node has to its own resources. Thereby, it cannot tamper with messages that originate at other nodes. However, such mechanisms are overly resource demanding for many sensor nodes in terms of computational or communication complexity, especially due to the

[1]  Douglas R. Stinson,et al.  Deterministic Key Predistribution Schemes for Distributed Sensor Networks , 2004, Selected Areas in Cryptography.

[2]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  Martin Connolly Sensor Networks and the Food Industry , 2005 .

[4]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[5]  Adrian Perrig,et al.  PIKE: peer intermediaries for key establishment in sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[6]  Srivaths Ravi,et al.  Tamper resistance mechanisms for secure embedded systems , 2004, 17th International Conference on VLSI Design. Proceedings..

[7]  Harald Vogt,et al.  The value of handhelds in smart environments , 2004, Personal and Ubiquitous Computing.

[8]  Gary McGraw,et al.  Software Penetration Testing , 2005, IEEE Secur. Priv..

[9]  Niels Provos,et al.  A Virtual Honeypot Framework , 2004, USENIX Security Symposium.

[10]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[11]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[12]  Kay Römer,et al.  Time synchronization and localization in sensor networks , 2005 .

[13]  S.E. Minzer,et al.  Broadband ISDN and asynchronous transfer mode (ATM) , 1989, IEEE Communications Magazine.

[14]  James F. Doyle,et al.  Peer-to-Peer: harnessing the power of disruptive technologies , 2001, UBIQ.

[15]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[16]  Sung-Ju Lee,et al.  Split multipath routing with maximally disjoint paths in ad hoc networks , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[17]  Harald Vogt,et al.  Integrity preservation for communication in sensor networks , 2004 .

[18]  Catherine Forbes,et al.  Student's t Distribution , 2010 .

[19]  Randall K. Nichols,et al.  Wireless Security: Models, Threats, and Solutions , 2001 .

[20]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[21]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[22]  Silvio Micali,et al.  Secret-Key Agreement without Public-Key Cryptography (Extended Abstract) , 1994 .

[23]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[24]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[25]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[26]  Pietro Michiardi,et al.  Simulation-based analysis of security exposures in mobile ad hoc networks , 2002 .

[27]  Frédéric Thiesse,et al.  Extending the EPC network: the potential of RFID in anti-counterfeiting , 2005, SAC '05.

[28]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[29]  Hans Mulder,et al.  Smart sensors to network the world. , 2004, Scientific American.

[30]  Michael T. Goodrich,et al.  Leap-frog packet linking and diverse key distributions for improved integrity in network broadcasts , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[31]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[32]  Harald Vogt,et al.  Exploring Message Authentication in Sensor Networks , 2004, ESAS.

[33]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[34]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[35]  Shouhuai Xu,et al.  Constructing Disjoint Paths for Secure Communication , 2003, DISC.

[36]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[37]  Paul C. van Oorschot,et al.  Message authentication by integrity with public corroboration , 2005, NSPW '05.

[38]  David A. Wagner,et al.  Resilient aggregation in sensor networks , 2004, SASN '04.

[39]  Béla Bollobás,et al.  Random Graphs , 1985 .

[40]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[41]  David M. Nicol,et al.  Fast model-based penetration testing , 2004, Proceedings of the 2004 Winter Simulation Conference, 2004..

[42]  Bronius Grigelionis Student's t -Distribution , 2011, International Encyclopedia of Statistical Science.

[43]  Christian Bettstetter,et al.  How to achieve a connected ad hoc network with homogeneous range assignment: an analytical study with consideration of border effects , 2002, 4th International Workshop on Mobile and Wireless Communications Network.

[44]  Éva Tardos,et al.  Approximations for the disjoint paths problem in high-diameter planar networks , 1995, STOC '95.

[45]  Mike Burmester,et al.  Secure multipath communication in mobile ad hoc networks , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[46]  David E. Culler,et al.  TOSSIM: accurate and scalable simulation of entire TinyOS applications , 2003, SenSys '03.

[47]  Deborah Estrin,et al.  Highly-resilient, energy-efficient multipath routing in wireless sensor networks , 2001, MOCO.

[48]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[49]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[50]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[51]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[52]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[53]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[54]  Christof Paar,et al.  Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker , 2006, CHES.

[55]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[56]  Levente Buttyán,et al.  Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks , 2003, Mob. Networks Appl..

[57]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[58]  Christian Bettstetter,et al.  On the minimum node degree and connectivity of a wireless multihop network , 2002, MobiHoc '02.

[59]  Simson L. Garfinkel,et al.  PGP: Pretty Good Privacy , 1994 .

[60]  Kristofer S. J. Pister,et al.  Smart Dust: Communicating with a Cubic-Millimeter Computer , 2001, Computer.

[61]  Paul Dourish,et al.  What we talk about when we talk about context , 2004, Personal and Ubiquitous Computing.

[62]  T. Dierks,et al.  The TLS protocol , 1999 .

[63]  Lothar Thiele,et al.  Prototyping Wireless Sensor Network Applications with BTnodes , 2004, EWSN.

[64]  Baruch Awerbuch,et al.  Optimal distributed algorithms for minimum weight spanning tree, counting, leader election, and related problems , 1987, STOC.

[65]  Jeongyeup Paek,et al.  A wireless sensor network for structural health monitoring: performance and experience , 2005, The Second IEEE Workshop on Embedded Networked Sensors, 2005. EmNetS-II..

[66]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[67]  Edward Sazonov,et al.  Wireless intelligent sensor network for autonomous structural health monitoring , 2004, SPIE Smart Structures and Materials + Nondestructive Evaluation and Health Monitoring.

[68]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[69]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[70]  Helena Handschuh,et al.  Smart Card Crypto-Coprocessors for Public-Key Cryptography , 1998, CARDIS.

[71]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[72]  Sándor P. Fekete,et al.  Shawn: A new approach to simulating wireless sensor networks , 2005, ArXiv.

[73]  Jie Wu,et al.  Small Worlds: The Dynamics of Networks between Order and Randomness , 2003 .

[74]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[75]  Eric Allman,et al.  DomainKeys Identified Mail (DKIM) , 2005 .

[76]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[77]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[78]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[79]  Xiao Chen,et al.  Package routing algorithms in mobile ad-hoc wireless networks , 2001, Proceedings International Conference on Parallel Processing Workshops.

[80]  Andrew Huang,et al.  Keeping Secrets in Hardware: The Microsoft Xbox™ Case Study , 2002, CHES.

[81]  Paolo Fiorini,et al.  Human++: autonomous wireless sensors for body area networks , 2005, Proceedings of the IEEE 2005 Custom Integrated Circuits Conference, 2005..

[82]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[83]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[84]  R. Dingledine,et al.  Reputation in P2P Anonymity Systems , 2003 .

[85]  M. Goodrich Efficient and Secure Network Routing Algorithms , 2001 .

[86]  David Evans,et al.  Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.

[87]  Shivakant Mishra,et al.  INSENS: Intrusion-Tolerant Routing in Wireless Sensor Networks , 2002 .

[88]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[89]  Torsten Braun,et al.  On-demand Construction of Non-interfering Multiple Paths in Wireless Sensor Networks , 2005, GI Jahrestagung.

[90]  Deborah Estrin,et al.  Geographical and Energy Aware Routing: a recursive data dissemination protocol for wireless sensor networks , 2002 .

[91]  Ahmed Helmy,et al.  Analysis of Wired Short Cuts in Wireless Sensor Networks , 2004, The IEEE/ACS International Conference on Pervasive Services.

[92]  Jianwei Huang,et al.  Key Management in Sensor Networks , 2011, Theoretical Aspects of Distributed Computing in Sensor Networks.

[93]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[94]  Theo Ungerer,et al.  SecSens - Security Architecture for Wireless Sensor Networks , 2009, 2009 Third International Conference on Sensor Technologies and Applications.

[95]  Alexander L. Wolf,et al.  Content-Based Networking: A New Communication Infrastructure , 2001, Infrastructure for Mobile and Wireless Systems.

[96]  Gregory D. Abowd,et al.  A Conceptual Framework and a Toolkit for Supporting the Rapid Prototyping of Context-Aware Applications , 2001, Hum. Comput. Interact..

[97]  Stephen Foster,et al.  Are you with me , 2007 .

[98]  Deborah Estrin,et al.  A Remote Code Update Mechanism for Wireless Sensor Networks , 2003 .

[99]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[100]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[101]  Meng Weng Wong,et al.  Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1 , 2006, RFC.

[102]  Adrian Perrig,et al.  On the distribution and revocation of cryptographic keys in sensor networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[103]  Philip Koopman,et al.  Embedded System Security , 2004, Computer.

[104]  Mathew D. Penrose,et al.  Random Geometric Graphs , 2003 .

[105]  Sonja Buchegger,et al.  Cooperative Routing in Mobile Ad-hoc Networks: Current Efforts Against Malice and Selfishness , 2002, GI Jahrestagung.

[106]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[107]  Scott Shenker,et al.  Geographic routing without location information , 2003, MobiCom '03.

[108]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[109]  Craig A. Grimes,et al.  Design of a Wireless Sensor Network for Long-term, In-Situ Monitoring of an Aqueous Environment , 2002 .

[110]  Zinaida Benenson,et al.  Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks , 2006, SPC.

[111]  Harald Vogt Increasing attack resiliency of wireless ad hoc and sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[112]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[113]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[114]  S. Iyengar,et al.  Simulating Wireless Sensor Networks with OMNeT + + , 2005 .

[115]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[116]  David Pollino,et al.  Wireless security , 2002 .

[117]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[118]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[119]  Sadie Creese,et al.  Authentication for Pervasive Computing , 2003, SPC.

[120]  Roberto Di Pietro,et al.  Random key-assignment for secure Wireless Sensor Networks , 2003, SASN '03.

[121]  Satish Kumar,et al.  Next century challenges: scalable coordination in sensor networks , 1999, MobiCom.

[122]  Gabor Karsai,et al.  Smart Dust: communicating with a cubic-millimeter computer , 2001 .

[123]  John A. Clark,et al.  Smart dust, friend or foe?--Replacing identity with configuration trust , 2004, Comput. Networks.

[124]  Albrecht Schmidt,et al.  Multi-sensor Activity Context Detection for Wearable Computing , 2003, EUSAI.

[125]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[126]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[127]  Chris Toumazou,et al.  Medical Healthcare Monitoring with Wearable and Implantable Sensors , 2004 .

[128]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[129]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[130]  Ravi Mazumdar,et al.  Hybrid sensor networks: a small world , 2005, MobiHoc '05.

[131]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[132]  Adam Dunkels,et al.  The design and implementation of an IP-based sensor network for intrusion monitoring , 2004 .

[133]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[134]  Blake Hannaford,et al.  "Are You with Me?" - Using Accelerometers to Determine If Two Devices Are Carried by the Same Person , 2004, Pervasive.

[135]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[136]  Thomas J. Walsh,et al.  Security Considerations for Voice Over IP Systems , 2005 .

[137]  Mahalingam Ramkumar,et al.  An efficient key predistribution scheme for ad hoc network security , 2005, IEEE Journal on Selected Areas in Communications.

[138]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[139]  Anupam Joshi,et al.  Secure sensor networks for perimeter protection , 2003, Comput. Networks.

[140]  Harald Vogt,et al.  Intrusion Detection and Failure Recovery in Sensor Nodes , 2005, GI Jahrestagung.

[141]  Ahmed Helmy,et al.  Small worlds in wireless networks , 2003, IEEE Communications Letters.

[142]  Philip Levis,et al.  Maté: a tiny virtual machine for sensor networks , 2002, ASPLOS X.

[143]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[144]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[145]  Brad Karp,et al.  GPSR: greedy perimeter stateless routing for wireless networks , 2000, MobiCom '00.

[146]  Xin Zhang,et al.  Locality caching multiroot multigeneration routing algorithm in mobile ad hoc networks , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[147]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[148]  Chunming Qiao,et al.  Meshed multipath routing with selective forwarding: an efficient strategy in wireless sensor networks , 2003, Comput. Networks.

[149]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[150]  Michael Rohs,et al.  Social, Economic, and Ethical Implications of Ambient Intelligence and Ubiquitous Computing , 2005, Ambient Intelligence.

[151]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[152]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[153]  Stefan Fischer,et al.  A Security Architecture for Mobile Wireless Sensor Networks , 2004, ESAS.

[154]  Sadie Creese,et al.  The attacker in ubiquitous computing environments: formalising the threat model , 2003 .

[155]  Deborah Estrin,et al.  Rumor Routing Algorithm For Sensor Networks , 2002 .

[156]  Tony Ballardie,et al.  Core Based Trees (CBT) Multicast Routing Architecture , 1997, RFC.

[157]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[158]  Zinaida Benenson,et al.  An algorithmic framework for robust access control in wireless sensor networks , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[159]  Yan Zhang,et al.  Geometric ad-hoc routing: of theory and practice , 2003, PODC '03.

[160]  Martina Zitterbart,et al.  Towards Acceptable Public-Key Encryption in Sensor Networks , 2005, IWUC.

[161]  Moti Yung,et al.  Perfectly secure message transmission , 1993, JACM.

[162]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[163]  Peter Oehlert,et al.  Violating Assumptions with Fuzzing , 2005, IEEE Secur. Priv..

[164]  John C. Klensin,et al.  Simple Mail Transfer Protocol , 2001, RFC.

[165]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[166]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[167]  Michael K. Reiter,et al.  Resilient Authentication Using Path Independence , 1998, IEEE Trans. Computers.

[168]  John A. Stankovic,et al.  A survey of configurable, component-based operating systems for embedded applications , 2001 .

[169]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[170]  Albrecht Schmidt,et al.  There is more to context than location , 1999, Comput. Graph..

[171]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[172]  Mike Bond,et al.  API-Level Attacks on Embedded Systems , 2001, Computer.

[173]  Gary McGraw,et al.  Building Secure Software : ソフトウェアセキュリティについて開発者が知っているべきこと , 2006 .

[174]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[175]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[176]  Mike Bond,et al.  Chip and spin , 2006 .