Download - Who’s watching your network A Communications Security Architecture and Cryptographic Mechanisms
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
A Communications Security Architecture and Cryptographic Mechanisms for Distributed
Sensor Networks
DARPA SensIT WorkshopOctober 8, 1999
David Carman, Dr. Brian Matt,David Balenson, and Peter Kruus
NAI Labs, The Security Research DivisionNetwork Associates, Inc.
Sponsored by the DARPA/ITO Sensor Information Technology (SensIT) Program
Through Air Force Research Laboratory (AFRL) Contract No. F30602-99-C-0185Dr. Sri Kumar, DARPA, Program Manager
Scott Shyne, AFRL, COTR
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-2http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Presentation OutlinePresentation Outline
• Research Status– Goals and Objectives– Hard Problems– Related Work– New Ideas
• Support for Demonstration– Sensor Node Architecture– User Platform Architecture– Project Timeline– Demo 1 Security Software
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-3http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Goal and ObjectivesGoal and Objectives
• Goal– Develop a communications security architecture incorporating
cryptographic security mechanisms that efficiently support the provision of required integrity, authentication, and confidentiality security services within distributed networks of resource-limited sensors
• Objectives– Identify practical cryptographic mechanisms and protocols that
can be selectively employed by resource-limited sensor nodes– Design a communications security architecture suitable for
use by distributed networks of resource-limited sensor nodes– Implement a prototype system and simulation that can be
used to demonstrate efficient and practical communications security for distributed networks of resource-limited sensor in a variety of environments and scenarios
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-4http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Hard ProblemsHard Problems
• Resource-Limitations– power budget, processing budget, continuous operation
• Range of Security Services Across Different Layers– confidentiality, integrity, authentication (with varying
granularity), anti-replay, non-repudiation, anonymity, denial-of-service, authorization
• Minimal Preconfiguration• Intermittent Group Connectivity• Key Management for Multi-hop Routing• Keying and authenticating unattended sensors
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-5http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Related WorkRelated Work
• Wireless Security Research– DARPA GloMo Program– Bluetooth Technology– Charon
• Smart Card Security Research
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-6http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
DARPA GloMo ProgramDARPA GloMo Program
• GloMo provides mobile users access to a range of information services (e.g., email, www, video/voice conferencing, whiteboard).www.darpa.mil/ato/programs/glomo/index.htm
• GloMo network characteristics:
– Sporadic network connectivity.
– Wireless spread spectrum.
– Self-organizing, multi-hop, heterogeneous networks.
– Security technologies and techniques applied at the application, networking, and wireless link/node layers.
* Courtesy DARPA ATO GloMo Program website.* Courtesy DARPA ATO GloMo Program website.
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-7http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
GloMo - Applicability to SensITGloMo - Applicability to SensIT
• GloMo security research does– allocate security services to various layers– offer a scalable group key management scheme
– examine implementing crypto in Ps vs. ASICs vs. FPGAs
• GloMo security research does not provide solutions for– intermittent group connectivity– multi-hop routing– security with limited preconfiguration– continuous, unattended operation
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-8http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Bluetooth TechnologyBluetooth Technology
• Specification for wireless data/voice communication– www.bluetooth.com
• Low-cost, short-range radio link facilitating protected ad hoc connections for mobile communications
• Frequency-hopped transceiver with data rate of 1Mb/s• Applicability to SensIT
– Does provide security solutions for link-level privacy (encryption) and entity authentication using a challenge-response scheme
– Does not provide• protection for other network layers
• intermittent group connectivity
• multi-hop routing
• unattended operation
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-9http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
CharonCharon
• Armando Fox and Steven Gribble - UC Berkeley– www.cs.berkeley.edu/~gribble/cs294-7_wireless/Charon.html
• Kerberos-based protocol for indirect authentication and secure communications with PDA-class mobile devices
• Uses a Kerberos-style trusted server to provide confidentiality and authentication between end-entities
• Applicability to SensIT– Does provide a solution to interactively authenticate management
nodes– Does not provide
• protection for other network layers
• intermittent group connectivity
• multi-hop routing
• unattended operation
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-10http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Smart Card CharacteristicsSmart Card Characteristics
• Smart cards contain small (~25mm2) micro-controllers that provide portable, relatively secure, low cost computing power and data storage.
• Smart card characteristics:
– Main power provided by card readers (may have battery-backed memory)
– Typically 8-bit CPUs with math / crypto co-processor, low memory
– Limitations include small size / gate count and card interface
– Physical vulnerabilities include fault analysis and power analysis
• Smart cards security applications include:
– access control, secure peer-to-peer communications, e-commerce, secure storage
* Courtesy of cmpnet.com ©1997* Courtesy of cmpnet.com ©1997
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-11http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Smart Card Security - Applicability to SensITSmart Card Security - Applicability to SensIT
• Applicability to SensIT– Provide some security solutions for resource-limited platforms
• math, crypto co-processors
• non-volatile data and key storage (EEPROM, FLASH, BBRAM)
• research in new protocols / algorithms for resource limited point-to -point authentication, encryption, etc.
– Does not offer solutions for group keying• Smart card client/server security model not applicable to group
security - does not provide routing security
• Smart card systems do not provide security with limited preconfiguration
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-12http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
New IdeasNew Ideas
• Multi-Layer Protection– Varying Authentication Granularity by Security Layer– Varying Confidentiality Keying Granularity by Security Layer
• Confidential Query/Tasking with Minimal Preconfiguration
• Anonymous Addressing with Minimal Preconfiguration• Location-Dependent Cryptography
– Security for geo-routing
• Rippled Key Cryptography
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-13http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Multi-Layer ProtectionMulti-Layer Protection
Link Layer
Network Layer
Application Layer
Confidentiality Authentication
Device Key Device Key
Mission KeyMission Key
Ad hoc Key Ad hoc Key
EphemeralAd hoc Key
Public/PrivateKeypair
• Provide confidentiality and authentication with varying levels of granularity at different network layers
• Provides progressively stronger key binding with minimal use of public key cryptography
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-14http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Sensor Network Key Management (for Demo?)Sensor Network Key Management (for Demo?)
KKdevicedevice
KKmission1mission1
KKmission2mission2
KKadhocadhoc
Super Node- Distributes Mission Key- Signs Mobile Code
Super Node- Distributes Mission Key- Signs Mobile Code
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-15http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Confidential Query/Tasking withMinimal Preconfiguration
Confidential Query/Tasking withMinimal Preconfiguration
Kquery = OWF(Attribute, KMission, Nonce)Attribute Type = ID or Capability or Location
Kquery = OWF(Attribute, KMission, Nonce)Attribute Type = ID or Capability or Location
EKquery(Query or Task Message), Nonce,
Attribute Type
ManagementNode
SensorNodes
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-16http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Anonymous Addressing withMinimal Preconfiguration
Anonymous Addressing withMinimal Preconfiguration
Does Nonce2 = OWF(Attribute(s), KMission, Nonce1) ?Attribute Type = ID, Capability, and/or Location, etc.
Does Nonce2 = OWF(Attribute(s), KMission, Nonce1) ?Attribute Type = ID, Capability, and/or Location, etc.
EKquery(Query or Task Message), Nonce1,
Nonce2, Attribute Type
ManagementNode
SensorNodes
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-17http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Location-Dependent CryptographyLocation-Dependent Cryptography
Kadhoc = OWF(Location attributes, KMission, Nonce)Kadhoc = OWF(Location attributes, KMission, Nonce)
Continuing research isaddressing how best to expresscomplex closed polygons and
multiple areas
Continuing research isaddressing how best to expresscomplex closed polygons and
multiple areas
SensorNodes
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-18http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Rippled Key CryptographyRippled Key Cryptography
• Intelligent Key Sharing Between Groups– eliminates inefficiencies of translation (decryption/re-encryption)– defines scheme for wrapping of session keys, application keys,
mission keys, and attribute keys
logical keying relationships
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-19http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Near-Term Project Tasks (Task 1 only)Near-Term Project Tasks (Task 1 only)
• Architecture and Mechanisms Study and Specification– Study sensor environment, communications, security
requirements and constraints– Develop an appropriate communications security architecture
comprised of selected cryptographic mechanisms
• Deliverables:– Requirements and Constraints REPORT; Month 06– Draft Design and Specification REPORT; Month 18– Final Design and Specification REPORT; Month 28
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-20http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Support for SensIT DemonstrationSupport for SensIT Demonstration
• Sensor Node Architecture• User Platform Architecture• Sensor Network Key Management• Project Timeline• Demo 1 Security Software
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-21http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Sensor Node Strawman ArchitectureSensor Node Strawman Architecture
Comm API
Network Routinghandles external msg. traffic
Comm H/W Initialization- Network address- Functionality- Security parameters
Data Acq.
SecurityManager
= security functionality
Message Handlinghandles internal msg. traffic
GPSTime,Loc
Data Acq. API
Sensor HWTamper Sensor
S/PDM
T/SDM
DC
DM
HI
DM
MobileCode
IP
Data Req.Mgr.
Func.Mgr.
FunctionalDB
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-22http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
User Platform Strawman ArchitectureUser Platform Strawman Architecture
DM
MobileCode
Nodes
Network Routing
Message Handling
Communications Link
DM
DeviceStatus
DM
TimeSeries
DM
Detection/Classification
DM
HighLevel
Initialization- Security parameters
DM
SecurityMgmt.
SecurityManager
= security functionality
GPS Time,Loc
GUIDisplay
DB Languagequery generator
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-23http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Jun1999
Jun2000
Jun2001
Dec1999
1 2 3 4 5 6 7 8 9 10 2511 26 27 29 31 353228 33 3630 34
Requirements& Constraints
REPORT
Requirements& Constraints
REPORT
DraftDesign &
SpecificationREPORT
DraftDesign &
SpecificationREPORT
DemoDemo
FinalReportFinal
Report
FinalDesign &
SpecificationREPORT
FinalDesign &
SpecificationREPORT
Dec2000
PrototypeToolkit
SOFTWARE
PrototypeToolkit
SOFTWARE
Project TimelineProject Timeline
12 13 14 15 16 17 18 19 20 21 22 23 24
Dec2001
Jun2002
PreliminarySOFTWAREfor Demo 1
PreliminarySOFTWAREfor Demo 1
PreliminarySOFTWAREfor Demo 2
PreliminarySOFTWAREfor Demo 2
Apr2000
Apr2001
Wh
o’s
wat
chin
g y
ou
r n
etw
ork
SensIT-100799-24http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp
Demo 1 Security SoftwareDemo 1 Security Software
• Demo 1 Approach: – Embed (hide) security functionality beneath Network API– Low-risk, very little integration (only with Sensor.com?)
• Link Layer Security Software– Embedded beneath the WINS Network API on all nodes– Provides confidentiality, integrity, coarse authentication, and
anti-replay
• Network/Mission Layer Security Software– Embedded beneath the WINS Network API on all nodes– Provides confidentiality, integrity, mission group authentication