Multi-User Broadcast Authentication in Wireless Sensor Networks

Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetric-key-based solutions such as muTESLA and multilevel muTESLA have been proposed, they all suffer from severe energy-depletion attacks resulting from the nature of delayed message authentication. This paper presents several efficient public-key-based schemes to achieve immediate broadcast authentication and thus avoid the security vulnerability that is intrinsic to muTESLA-like schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message-recovery signature scheme, and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication.

[1]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[2]  D. Boneh,et al.  Short Signatures from the Weil Pairing , 2001, Journal of Cryptology.

[3]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[4]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[5]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[6]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[7]  Elaine Shi,et al.  Detection of denial-of-message attacks on sensor network broadcasts , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[8]  Peng Ning,et al.  Containing denial-of-service attacks in broadcast authentication in sensor networks , 2007, MobiHoc '07.

[9]  Wenjing Lou,et al.  Multi-user Broadcast Authentication in Wireless Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[12]  Mani B. Srivastava,et al.  Performance aware tasking for environmentally powered sensor networks , 2004, SIGMETRICS '04/Performance '04.

[13]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[14]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[15]  Rajeevan Amirtharajah,et al.  Self-powered signal processing using vibration-based power generation , 1998, IEEE J. Solid State Circuits.

[16]  Rajeev Gandhi,et al.  Sluice: Secure Dissemination of Code Updates in Sensor Networks , 2005, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[17]  Wenjing Lou,et al.  Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance , 2009, INFOCOM.

[18]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[19]  J. Deng,et al.  Secure code distribution in dynamically programmable wireless sensor networks , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[20]  Jacques Stern,et al.  Signing on a Postcard , 2000, Financial Cryptography.

[21]  Mani B. Srivastava,et al.  An environmental energy harvesting framework for sensor networks , 2003, ISLPED '03.

[22]  Ian F. Akyildiz,et al.  Wireless sensor and actor networks: research challenges , 2004, Ad Hoc Networks.

[23]  T. Itoh,et al.  A Fast Algorithm for Computing Multiplicative Inverses in GF(2^m) Using Normal Bases , 1988, Inf. Comput..

[24]  Steven S. Lumetta,et al.  Using the Power of Two Choices to Improve Bloom Filters , 2007, Internet Math..

[25]  Kui Ren,et al.  DP²AC: Distributed Privacy-Preserving Access Control in Sensor Networks , 2009, IEEE INFOCOM 2009.

[26]  Peng Ning,et al.  An efficient scheme for authenticating public keys in sensor networks , 2005, MobiHoc '05.

[27]  Wenjing Lou,et al.  On Broadcast Authentication in Wireless Sensor Networks , 2007 .

[28]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[29]  Michael Mitzenmacher,et al.  Compressed bloom filters , 2002, TNET.

[30]  Yuguang Fang,et al.  Location-based compromise-tolerant security mechanisms for wireless sensor networks , 2006, IEEE Journal on Selected Areas in Communications.

[31]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[32]  Donggang Liu,et al.  Multilevel μTESLA: Broadcast authentication for distributed sensor networks , 2004, TECS.

[33]  Guoliang Xing,et al.  A Spatiotemporal Query Service for Mobile Users in Sensor Networks , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[34]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2008, IEEE Trans. Mob. Comput..

[35]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[36]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.