Multi-user Broadcast Authentication in Wireless Sensor Networks

Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetric-key- based solutions such as muTESLA and multilevel muTESLA have been proposed, they all suffer from severe energy- depletion attacks resulted from the nature of delayed message authentication. This paper presents several efficient public-key-based schemes to achieve immediate broadcast authentication and thus avoid the security vulnerability intrinsic to muTESLA-like schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message recovery signature scheme and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication.

[1]  Yuguang Fang,et al.  Location-based compromise-tolerant security mechanisms for wireless sensor networks , 2006, IEEE Journal on Selected Areas in Communications.

[2]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[3]  Rajeevan Amirtharajah,et al.  Self-powered signal processing using vibration-based power generation , 1998, IEEE J. Solid State Circuits.

[4]  Rajeev Gandhi,et al.  Sluice: Secure Dissemination of Code Updates in Sensor Networks , 2005, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[5]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[6]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[7]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[8]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[9]  Mani B. Srivastava,et al.  An environmental energy harvesting framework for sensor networks , 2003, ISLPED '03.

[10]  Ian F. Akyildiz,et al.  Wireless sensor and actor networks: research challenges , 2004, Ad Hoc Networks.

[11]  Jacques Stern,et al.  Signing on a Postcard , 2000, Financial Cryptography.

[12]  J. Deng,et al.  Secure code distribution in dynamically programmable wireless sensor networks , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[13]  Wenjing Lou,et al.  Communication Security in Wireless Sensor Networks , 2008 .

[14]  Elaine Shi,et al.  Detection of denial-of-message attacks on sensor network broadcasts , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[15]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[16]  Wenjing Lou,et al.  Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance , 2009, IEEE INFOCOM 2009.

[17]  Kui Ren,et al.  DP²AC: Distributed Privacy-Preserving Access Control in Sensor Networks , 2009, IEEE INFOCOM 2009.

[18]  Çetin Kaya Koç,et al.  An High-speed ECC-based Wireless Authentication Protocol on an ARM Microprocessor , 2000 .

[19]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[20]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[21]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[22]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[23]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[24]  Mani B. Srivastava,et al.  Performance aware tasking for environmentally powered sensor networks , 2004, SIGMETRICS '04/Performance '04.

[25]  Steven S. Lumetta,et al.  Using the Power of Two Choices to Improve Bloom Filters , 2007, Internet Math..

[26]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[27]  Guoliang Xing,et al.  A Spatiotemporal Query Service for Mobile Users in Sensor Networks , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[28]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[29]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[30]  Hans Eberle,et al.  Energy Analysis of Public-Key Cryptography on Small Wireless Devices , 2004 .

[31]  Peng Ning,et al.  An efficient scheme for authenticating public keys in sensor networks , 2005, MobiHoc '05.

[32]  Stefano Chessa,et al.  Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards , 2007, Comput. Commun..

[33]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[34]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[35]  Joonsang Baek,et al.  A Survey of Identity-Based Cryptography , 2004 .

[36]  Peng Ning,et al.  Containing denial-of-service attacks in broadcast authentication in sensor networks , 2007, MobiHoc '07.

[37]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[38]  Michael Mitzenmacher,et al.  Compressed bloom filters , 2001, PODC '01.

[39]  Wenjing Lou,et al.  On Broadcast Authentication in Wireless Sensor Networks , 2006, IEEE Transactions on Wireless Communications.

[40]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[41]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[42]  Donggang Liu,et al.  Multilevel μTESLA: Broadcast authentication for distributed sensor networks , 2004, TECS.

[43]  Wenjing Lou,et al.  Multi-User Broadcast Authentication in Wireless Sensor Networks , 2009 .

[44]  T. Itoh,et al.  A Fast Algorithm for Computing Multiplicative Inverses in GF(2^m) Using Normal Bases , 1988, Inf. Comput..