SPINS: Security Protocols for Sensor Networks

Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. We present a suite of security protocols optimized for sensor networks: SPINS. SPINS has two secure building blocks: SNEP and μTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. μTESLA provides authenticated broadcast for severely resource-constrained environments. We implemented the above protocols, and show that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of our network. Additionally, we demonstrate that the suite can be used for building higher level protocols.

[1]  Jon Crowcroft,et al.  Ticket based service access for the mobile user , 1997, MobiCom '97.

[2]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[3]  Colin Boyd,et al.  Key Establishment Protocols for Secure Mobile Communications: A Selective Survey , 1998, ACISP.

[4]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[5]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[6]  Dan Boneh,et al.  Generating RSA Keys on a Handheld Using an Untrusted Server , 2000, INDOCRYPT.

[7]  Ben Y. Zhao,et al.  An architecture for a secure service discovery service , 1999, MobiCom.

[8]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[9]  Donggang Liu,et al.  Multi-Level microTESLA: A Broadcast Authentication System for Distributed Sensor Networks , 2003 .

[10]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[11]  Mihir Bellare,et al.  A concrete security treatment of symmet-ric encryption: Analysis of the DES modes of operation , 1997, FOCS 1997.

[12]  Kevin Driscoll,et al.  Making Home Automation Communications Secure , 2001, Computer.

[13]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[14]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[15]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[16]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[17]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[18]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[19]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[20]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[21]  Zygmunt J. Haas,et al.  The zone routing protocol (zrp) for ad hoc networks" intemet draft , 2002 .

[22]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[23]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[24]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[25]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[26]  Gideon Yuval,et al.  Reinventing the Travois: Encryption/MAC in 30 ROM Bytes , 1997, FSE.

[27]  Alex Biryukov,et al.  Slide Attacks , 1999, FSE.

[28]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[29]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[30]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[31]  Nitin H. Vaidya,et al.  Location-aided routing (LAR) in mobile ad hoc networks , 1998, MobiCom '98.

[32]  Bennet S. Yee,et al.  Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[33]  Michael Ganley,et al.  Encryption algorithms , 1992 .

[34]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[35]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[36]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[37]  James Foti,et al.  Status of the Advanced Encryption Standard (AES) Development Effort , 1999 .

[38]  Druin Burch,et al.  Tea , 2000, The Lancet.

[39]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[40]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[41]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[42]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[43]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[44]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[45]  David B. Johnson,et al.  The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks , 2003 .

[46]  Natsume Matsuzaki,et al.  Key Distribution Protocol for Digital Mobile Communication Systems , 1989, CRYPTO.

[47]  David L. Tennenhouse,et al.  Proactive computing , 2000, Commun. ACM.

[48]  Kaoru Kurosawa,et al.  On Key Distribution and Authentication in Mobile Radio Networks , 1994, EUROCRYPT.

[49]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[50]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[51]  Deborah Estrin,et al.  Embedding the Internet , 2000 .

[52]  Armando Fox,et al.  Security on the move: indirect authentication using Kerberos , 1996, MobiCom '96.

[53]  Jerome H. Saltzer,et al.  Kerberos authentication and authorization system , 1987 .

[54]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[55]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[56]  M. S. Corson,et al.  A highly adaptive distributed routing algorithm for mobile wireless networks , 1997, Proceedings of INFOCOM '97.

[57]  M. Beller,et al.  Fully-fledged two-way public key authentication and key agreement for low-cost terminals , 1993 .