Abstract
We consider the classical problem of establishing initial security associations in wireless sensor networks. More specifically, we focus on pre-deployment phase in which sensor nodes have not yet been loaded with shared secrets or other forms of authentic information.
In this paper, we propose two novel multichannel protocols for initialization of large scale wireless sensor networks. The first protocol uses only secret key cryptography and is suitable for CPU-constrained sensor nodes. The second protocol is based on public key cryptography. Both protocols involve communication over a bidirectional radio channel and an unidirectional out-of-band visible light channel. A notable feature of the proposed “public key”-based key deployment protocol is that it is designed to be secure in a very strong attacker model, where an attacker can eavesdrop, jam and modify transmitted messages by adding his own message to both a radio and a visible light channel; the attacker however cannot disable the visible light communication channel. We show that many existing protocols that rely on the visible light channel are insecure in this strong adversary model.
We implemented the proposed protocols on the Meshnetics wireless sensor platform. The proposed protocols are cheap to implement, secure in the very strong attacker model, easy to use and scalable. We also designed and tested a simple random number generator suitable for sensor platforms.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
ZigBee Alliance. ZigBee Specification (Document 053474r06, Version 1.0). Technical report (June 2005)
Anderson, R., Chan, H., Perrig, A.: Key Infection: Smart Trust for Smart Dust. In: IEEE International Conference on Network Protocols (2004)
Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: Talking to Strangers: Authentication in Ad-hoc Wireless Networks. In: Symposium on Network and Distributed Systems Security (2002)
Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Heidelberg (2003)
Cagalj, M., Capkun, S., Hubaux, J.: Key Agreement in Peer-to-Peer Wireless Networks. In: Proceedings of the IEEE Special Issue on Cryptography and Security (2006)
Cagalj, M., Hubaux, J.P., Capkun, S., Rengaswamy, R., Tsigkogiannis, I., Srivastava, M.: Integrity (I) Codes: Message Integrity Protection and Authentication Over Insecure Channels. In: Proceedings of the IEEE Symposium on Security and Privacy (2006)
Carter, L., Wegman, M.N.: Universal Classes of Hash Functions. Journal of Computer and System Sciences 18(2) (1979)
Castelluccia, C., Mutaf, P.: Shake Them Up!: A Movement-based Pairing Protocol for CPU-constrained Devices. In: ACM MobiSys (2005)
Chan, H., Perrig, A., Song, D.: Random Key Predistribution Schemes for Sensor Networks. In: Proceedings of the IEEE Symposium on Security and Privacy (2003)
Deng, J., Hartung, C., Han, R., Mishra, S.: A Practical Study of Transitory Master Key Establishment For Wireless Sensor Networks. In: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (2005)
Du, W., Deng, J., Han, Y.S., Varshney, P.K.: A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks. In: Proceedings of the 10th ACM conference on Computer and Communications Security, CCS (2003)
Eschenauer, L., Gligor, V.D.: A Key-Management Scheme for Distributed Sensor Networks. In: Proceedings of the 9th ACM conference on Computer and Communications Security (2002)
Rukhin, A., et al.: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (2001), http://csrc.nist.gov/rng/
Fairfield, R.C., Mortenson, R.L., Coulthart, K.B.: An LSI random number generator (RNG). In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 203–230. Springer, Heidelberg (1985)
Francillon, A., Castelluccia, C.: TinyRNG: A Cryptographic Random Number Generator for Wireless Sensors Network Nodes. In: Int. Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (2007)
MATLAB Online Users Guide, http://www.mathworks.com (last access, September 2008)
Holmquist, L.E., Mattern, F., Schiele, B., Alahuhta, P., Beigl, M., Gellersen, H.W.: Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts. In: International Proceedings of the 3rd international conference on Ubiquitous Computing (2001)
Kuhn, M.G.: Electromagnetic eavesdropping risks of flat-panel displays. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 88–107. Springer, Heidelberg (2005)
Kuo, C., Luk, M., Negi, R., Perrig, A.: Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes. In: ACM SenSys (2007)
Lester, J., Hannaford, B., Borriello, G.: “Are you with me?” - using accelerometers to determine if two devices are carried by the same person. In: Ferscha, A., Mattern, F. (eds.) PERVASIVE 2004. LNCS, vol. 3001, pp. 33–50. Springer, Heidelberg (2004)
Liu, D., Ning, P., Du., W.: Group-Based Key Pre-Distribution in Wireless Sensor Networks. In: ACM Workshop on Wireless Security (2005)
Mayrhofer, R., Gellersen, H.: Shake Well Before Use: Two Implementations for Implicit Context Authentication. In: Ubicomp (2007)
Mayrhofer, R., Welch, M.: A Human-Verifiable Authentication Protocol Using Visible Laser Light. In: International Conference on Availability, Reliability and Security (2007)
McCune, J.M., Perrig, A., Reiter, M.K.: Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication. In: Proceedings of the IEEE Symposium on Security and Privacy (2005)
Murray, K.D.: 8-bit AVR Microcontroller with 64K/128K/256K Bytes In-System Programmable Flash, http://www.atmel.com (last access, March 2008)
Oliveira, L.B., Scott, M., Lopez, J., Dahab, R.: TinyPBC: Pairings for Authenticated Identity-Based Non-Interactive Key Distribution in Sensor Networks. In: 5th International Conference on Networked Sensing Systems, INSS (2008)
Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: Security Protocols for Sensor Networks. Wireless Networks 8(5) (2002)
Ramkumar, M., Memon, N.: An Efficient Key Predistribution Scheme for Ad-hoc Network Security. IEEE Journal on Selected Areas in Communications (2005)
Roman, R., Lopez, J.: KeyLED - Transmitting Sensitive Data Over Out-of-Band Channels in Wireless Sensor Networks. In: IEEE WSNS (2008)
Saxena, N., Uddin, M. B.: Automated Device Pairing for Asymmetric Pairing Scenarios. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 311–327. Springer, Heidelberg (2008)
Saxena, N., Uddin, M.B.: Bootstrapping Key Pre-Distribution: Secure, Scalable and User-Friendly Initialization of Sensor Nodes. In: ACNS (2009)
Saxena, N., Uddin, M.B., Voris, J.: Universal Device Pairing Using an Auxiliary Device. In: Proceedings of the 4th Symposium on Usable Privacy and Security, SOUPS (2008)
Shapiro, G., Stockman, G.C.: Computer Vision. Prentice-Hall, Englewood Cliffs (2001)
Soriente, C., Tsudik, G., Uzun, E.: HAPADEP: Human-Assisted Pure Audio Device Pairing. In: Proceedings of the 11th International Conference on Information Security, ISC (2008)
Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. In: 7th International Workshop. Springer, Heidelberg (1999)
Szczechowiak, P., Oliveira, L.B., Scott, M., Collier, M., Dahab, R.: NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks. In: Verdone, R. (ed.) EWSN 2008. LNCS, vol. 4913, pp. 305–320. Springer, Heidelberg (2008)
Tkacik, T.E.: A Hardware Random Number Generator. Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES (2003)
Vaudenay, S.: Secure Communications Over Insecure Channels Based on Short Authenticated Strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)
von Neumann, J.: Various Techniques Used in Connection With Random Digits. Applied Math Series (1951)
Walker, J.: Hotbits, http://www.fourmilab.ch/random/ (last access, March 2009)
Yuksel, K., Kaps, J.P., Sunar, B.: Universal Hash Functions for Emerging Ultra-Lowpower Networks. In: Proceedings of the Communications Networks and Distributed Systems Modeling and Simulation Conference (2004)
Zhu, S., Setia, S., Jajodia, S.: LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks. In: Proceedings of the 10th ACM conference on Computer and Communications Security, CCS (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Perković, T., Stančić, I., Mališa, L., Čagalj, M. (2009). Multichannel Protocols for User-Friendly and Scalable Initialization of Sensor Networks. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-05284-2_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05283-5
Online ISBN: 978-3-642-05284-2
eBook Packages: Computer ScienceComputer Science (R0)