Towards Secure and Practical MACs for Body Sensor Networks

In this paper, some practical problems with the Message Authentication Codes (MACs), which are suggested in the current security architectures for wireless sensor network (WSN), are reconsidered. The analysis exploits the fact that the recommended MACs for WSN, e.g., TinySec (CBC-MAC), MiniSec (OCB-MAC), and SenSec (XCBC-MAC), are not exactly suitable for body sensor network (BSN). Particularly a dedicated attack is elaborated on the XCBC-MAC. Considering the hardware limitations of BSN, we propose a tunable lightweight MAC based on the PRESENT block cipher, which is named TuLP. A 128-bit variant TuLP-128 is proposed for a higher resistance against internal collisions. Compared to the existing schemes, our lightweight MACs are time and resource efficient on hardware-constrained devices.

[1]  Andrey Bogdanov,et al.  Hash Functions and RFID Tags: Mind the Gap , 2008, CHES.

[2]  Cihangir Tezcan,et al.  Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT , 2009, ACISP.

[3]  Martin R. Albrecht,et al.  Algebraic Techniques in Differential Cryptanalysis , 2009, IACR Cryptol. ePrint Arch..

[4]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[5]  Wu Wen Hash Functions Based on Block Ciphers , 2009 .

[6]  John Black,et al.  CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions , 2000, Journal of Cryptology.

[7]  Florian Mendel,et al.  Cryptanalysis of MDC-2 , 2009, EUROCRYPT.

[8]  Martin Feldhofer,et al.  A Case Against Currently Used Hash Functions in RFID Protocols , 2006, OTM Workshops.

[9]  Elfed Lewis,et al.  Analysis of Hardware Encryption Versus Software Encryption on Wireless Sensor Network Motes , 2008 .

[10]  Mihir Bellare,et al.  OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[11]  Elaine B. Barker,et al.  The Keyed-Hash Message Authentication Code (HMAC) | NIST , 2002 .

[12]  Andrey Bogdanov,et al.  Collision Attacks on AES-Based MAC: Alpha-MAC , 2007, CHES.

[13]  Wei Wang,et al.  Impossible Differential Cryptanalysis of Pelican, MT-MAC-AES and PC-MAC-AES , 2009, IACR Cryptol. ePrint Arch..

[14]  Jennifer Seberry,et al.  On the Internal Structure of Alpha-MAC , 2006, VIETCRYPT.

[15]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[16]  Christof Paar,et al.  New Designs in Lightweight Symmetric Encryption , 2008 .

[17]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[18]  John Black,et al.  Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV , 2002, CRYPTO.

[19]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[20]  Vincent Rijmen,et al.  The Pelican MAC Function , 2005, IACR Cryptol. ePrint Arch..

[21]  N. Ferguson Collision attacks on OCB , 2002 .

[22]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[23]  N. Vodjdani,et al.  The ambient assisted living joint programme , 2008, 2008 2nd Electronics System-Integration Technology Conference.

[24]  Vincent Rijmen,et al.  A New MAC Construction ALRED and a Specific Instance ALPHA-MAC , 2005, FSE.

[25]  François-Xavier Standaert,et al.  A Statistical Saturation Attack against the Block Cipher PRESENT , 2009, CT-RSA.

[26]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[27]  Meiqin Wang,et al.  Differential Cryptanalysis of Reduced-Round PRESENT , 2008, AFRICACRYPT.

[28]  Phillip Rogaway,et al.  Authenticated-encryption with associated-data , 2002, CCS '02.

[29]  Krste Asanovic,et al.  Energy-aware lossless data compression , 2006, TOCS.

[30]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[31]  M. Luk,et al.  MiniSec: A Secure Sensor Network Communication Architecture , 2007, 2007 6th International Symposium on Information Processing in Sensor Networks.