SPINS: Security Protocols for Sensor Networks

Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. We present a suite of security protocols optimized for sensor networks: SPINS. SPINS has two secure building blocks: SNEP and μTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. μTESLA provides authenticated broadcast for severely resource-constrained environments. We implemented the above protocols, and show that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of our network. Additionally, we demonstrate that the suite can be used for building higher level protocols.

[1]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[2]  Donggang Liu,et al.  Multi-Level microTESLA: A Broadcast Authentication System for Distributed Sensor Networks , 2003 .

[3]  Zygmunt J. Haas,et al.  The zone routing protocol (zrp) for ad hoc networks" intemet draft , 2002 .

[4]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[5]  Kevin Driscoll,et al.  Making Home Automation Communications Secure , 2001, Computer.

[6]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[7]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[8]  Dan Boneh,et al.  Generating RSA Keys on a Handheld Using an Untrusted Server , 2000, INDOCRYPT.

[9]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[10]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[11]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[12]  David L. Tennenhouse,et al.  Proactive computing , 2000, Commun. ACM.

[13]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[14]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[15]  Ben Y. Zhao,et al.  An architecture for a secure service discovery service , 1999, MobiCom.

[16]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[17]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[18]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[19]  Nitin H. Vaidya,et al.  Location-aided routing (LAR) in mobile ad hoc networks , 1998, MobiCom '98.

[20]  Colin Boyd,et al.  Key Establishment Protocols for Secure Mobile Communications: A Selective Survey , 1998, ACISP.

[21]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[22]  Jon Crowcroft,et al.  Ticket based service access for the mobile user , 1997, MobiCom '97.

[23]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[24]  M. S. Corson,et al.  A highly adaptive distributed routing algorithm for mobile wireless networks , 1997, Proceedings of INFOCOM '97.

[25]  Gideon Yuval,et al.  Reinventing the Travois: Encryption/MAC in 30 ROM Bytes , 1997, FSE.

[26]  Armando Fox,et al.  Security on the move: indirect authentication using Kerberos , 1996, MobiCom '96.

[27]  Bennet S. Yee,et al.  Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[28]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[29]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[30]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[31]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[32]  Kaoru Kurosawa,et al.  On Key Distribution and Authentication in Mobile Radio Networks , 1994, EUROCRYPT.

[33]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[34]  Network Working,et al.  The Kerberos Network Authentication Service (V5) , 1993, RFC.

[35]  M. Beller,et al.  Fully-fledged two-way public key authentication and key agreement for low-cost terminals , 1993 .

[36]  Michael Ganley,et al.  Encryption algorithms , 1992 .

[37]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[38]  Natsume Matsuzaki,et al.  Key Distribution Protocol for Digital Mobile Communication Systems , 1989, CRYPTO.

[39]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[40]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[41]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[42]  Patricia A. Gabow First Things First , 1963, Science.

[43]  David B. Johnson,et al.  The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks , 2003 .

[44]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[45]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[46]  J. D. Tygar,et al.  Efficient Authentication and Signing of Multicast Streams over Lossy Channels , 2000 .

[47]  James Foti,et al.  Status of the Advanced Encryption Standard (AES) Development Effort , 1999 .

[48]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[49]  J. Broach,et al.  The dynamic source routing protocol for mobile ad-hoc networks , 1998 .

[50]  Mihir Bellare,et al.  A concrete security treatment of symmet-ric encryption: Analysis of the DES modes of operation , 1997, FOCS 1997.

[51]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[52]  Jerome H. Saltzer,et al.  Section E.2.1 Kerberos Authentication and Authorization System , 1988 .

[53]  Jerome H. Saltzer,et al.  Kerberos authentication and authorization system , 1987 .

[54]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..