Seven cardinal properties of sensor network broadcast authentication

We investigate the design space of sensor network broadcast authentication. We show that prior approaches can be organized based on a taxonomy of seven fundamental proprieties, such that each approach can satisfy at most six of the seven proprieties. An empirical study of the design space reveals possibilities of new approaches, which we present in the following two new authentication protocols: RPT and LEA. Based on this taxonomy, we offer guidance in selecting the most appropriate protocol based on an application's desired proprieties. Finally, we pose the open challenge for the research community to devise a protocol simultaneously providing all seven properties.

[1]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2005, IEEE J. Sel. Areas Commun..

[2]  Alfred Menezes,et al.  PGP in Constrained Wireless Devices , 2000, USENIX Security Symposium.

[3]  Kay Römer,et al.  Wireless sensor networks: a new regime for time synchronization , 2003, CCRV.

[4]  Adrian Perrig,et al.  Distillation Codes and Applications to DoS Resistant Multicast Authentication , 2004, NDSS.

[5]  Leonid Reyzin,et al.  Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying , 2002, ACISP.

[6]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[7]  Randy H. Katz,et al.  Next century challenges: mobile networking for “Smart Dust” , 1999, MobiCom.

[8]  Lingxuan Hu,et al.  Secure aggregation for wireless networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[9]  David E. Culler,et al.  System architecture directions for networked sensors , 2000, SIGP.

[10]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[11]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[12]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[13]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[14]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[15]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[16]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[17]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[18]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[19]  Shivakant Mishra,et al.  A Practical Study of Transitory Master Key Establishment ForWireless Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[20]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Public Key Cryptography.

[21]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[22]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[23]  Vipul Gupta,et al.  Sizzle: a standards-based end-to-end security architecture for the embedded Internet , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[24]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[25]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[26]  J. Elson,et al.  Fine-grained network time synchronization using reference broadcasts , 2002, OSDI '02.

[27]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[28]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[29]  Matthew K. Franklin,et al.  Lower Bounds for Multicast Message Authentication , 2001, EUROCRYPT.

[30]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[31]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[32]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[33]  Bruce Schneier,et al.  Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive , 2003, FSE.

[34]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[35]  Dawn Song,et al.  SIA: Secure information aggregation in sensor networks , 2007, J. Comput. Secur..

[36]  Shivakant Mishra,et al.  A Performance Evaluation of Intrusion-Tolerant Routing in Wireless Sensor Networks , 2003, IPSN.