secure time synchronization service for sensor networks s. ganeriwal, r. kumar, m. b. sirvastava...
TRANSCRIPT
![Page 1: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/1.jpg)
Secure Time Synchronization Service for Sensor Networks
S. Ganeriwal, R. Kumar, M. B. Sirvastava
Presented by: Kaiqi Xiong
11/28/2005
Computer Science
CSC 774 Adv. Net. Security
![Page 2: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/2.jpg)
CSC 774 Adv. Net. Security
2
Outline
• Time synchronization and techniques– Pairwise sender-receiver synchronization
• Secure time sync problem: pulse delay attacks
• Proposed techniques– Node to node
• Single hop: Secure Pairwise Synchronization (SPS)
• Multi-hops: SO(opportunistic)M, SDM and STM
– Group: L-SGS and SGS
• Conclusions and possible research questions
![Page 3: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/3.jpg)
CSC 774 Adv. Net. Security
3
Why Time Synchronization
• Time difference in sensor node clocks– Time offset: = CA(t)-CB(t)
• Why time synchronization– e.g., TESLA, localization and target tracking (any protocol
regarding time stamp)
• How to find
![Page 4: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/4.jpg)
CSC 774 Adv. Net. Security
4
How to Synchronize
• Pairwise sender-receiver synchronization: TPSN#
– Step 1: A (T1) (T2) B: A, B, sync
– Step 2: B (T3) (T4) A: m, where m=[B, A, T2, T3, ack]
– Step 3: Compute
A
B
T1
T2 T3
T4
= [(T2-T1)-(T4-T3)]/2
d = [(T2-T1)+(T4-T3)]/2
T1, T4 are measured in A’s clock
T2, T3 are measured in B’s clock
#S. Ganeriwal, et al., Timing-sync protocol for sensor networks, SenSys, 2003
![Page 5: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/5.jpg)
CSC 774 Adv. Net. Security
5
Why Secure Time Synchronization
• Type 1 attack: modify T2 and T3 by capturing node B• Type 2 attack: pulse-delay attacks
– Simply jam an initial pulse– Store in its memory– Replay it at an arbitrary time later
=[(T2-T1)-(T4-T3)+]/2; d=[(T2-T1)+(T4-T3)+]/2
T2* = T1 + d + +
Jam the signal with delay A sends at T1 B receives at T2*
![Page 6: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/6.jpg)
CSC 774 Adv. Net. Security
6
Roadmap For Proposed Techniques
• Only discuss techniques resilient to type 2 attacks• Node-to-node: time synchronization of two nodes
– Single hop: Secure Pairwise Synchronization (SPS)– multi-hops:
• Secure Opportunistic Multi-hop (SOM)• Secure Direct Multi-hop (SDM)• Secure Transitive Multi-hop (STM)
• Group: time synchronization among a group of nodes– Lightweight Secure Group Synchronization (L-SGS)– Secure Group Synchronization (SGS)
![Page 7: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/7.jpg)
CSC 774 Adv. Net. Security
7
Single-hop - Secure Pairwise Synchronization (SPS)
• Step 1: A (T1) (T2) B: A, B, NA, sync
• Step 2: B (T3) (T4) A: m, MAC[KAB, m]
– where m=[B, A, NA, T2, T3, ack]
• Step 3: Compute d=[(T2-T1)+(T4-T3)]/2• If d d* (predefined), then =[(T2-T1)-(T4-T3)]/2; else abort
End-to-end delay (d) consists of •Waiting time Tw at mac to access channel (s~min) (Big!)•Transmission time Tt : time taken to transmit the packet bit-by-bit at the radio of sender (100’s s)•Propagation delay Tp: time over wireless link between sender and receiver (ns)
![Page 8: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/8.jpg)
CSC 774 Adv. Net. Security
8
Performance - Define d*
• d = N(davg, ) is a Guassian distribution
• Select d* = davg+3
• Maxi sync error=3=10s
• Attacker can introduce a maxi pulse-delay factor of 12 due to
– davg+3 +/2 = davg-3
– In this case, maxi attacker impact = 6
•Fig: End-to-end delay over a link
•Table: Statistics of end-to-end delay (Waiting time is extracted)
Maximum(s)
Minimum (s)
Average(s) (dAVG)
Standarddeviation ()
768 755 762 2.82
![Page 9: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/9.jpg)
CSC 774 Adv. Net. Security
9
Secure Opportunistic Multi-hops (SOM)
• Assumption: key KAB shared by A and B
• SOM
Step 1: m1=[A, B, NA], sync
Step 2: m, MAC[KAB, m]
where m=[m1, T2, T3, ack]
Step 3: Node A computes d =[(T2-T1)+(T4-T3)]/2
If d dM*, then =[(T2-T1)-(T4-T3)]/2; else abort
BA
– Exactly the same as SPS except nodes C and D added
DC
Send at T1 Receive at T2
Receive at T4 Send at T3
![Page 10: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/10.jpg)
CSC 774 Adv. Net. Security
10
Performance: SOM
• End-to-end delay – d=sum (Tw+ Tt +Tp)
– Tw is significantly higher
– Standard deviation is higher in 3 orders of magnitude as compared to a single hop
– Maxi sync error=3• Maxi attacker impact=6
![Page 11: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/11.jpg)
CSC 774 Adv. Net. Security
11
Secure Direct Multi-hop (SDM)
• Step 5: Node A computes d=(E1+E2)/2
– If d dT*, then = (E1-E2)/2; else abort
• where E1 = (T2-T1)+(T4-T3)+(T6-T5), E2 = (T12-T11)+(T10-T9)+(T8-T7)
Step 1. A C D B: A, B, NA, sync
Step 2. B,D,NA,m1,M1
– m1=[m1, T2, T3, ack], M1=MAC[KBD, B, D, NA, m1]
– m2 =[B, D, A, T4, T9, T6-T5, T8-T7, ack], M2=MAC[KDC, D, C, NA, m2]
– m3 =[B,D,C,A,T2,T11,T4-T3,T10-T9, T6-T5,T8-T7, ack], M3=MAC[KCA,C, A, NA, m3]
BADC
T1 T3T2 T4 T5T6
T7T8T9T10T11T12
Step 3. D,C,NA,m2,M2Step 4. C,A,NA,m3,M3
![Page 12: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/12.jpg)
CSC 774 Adv. Net. Security
12
Performance (as compared to SOM)
• Advantages– End-to-end delay is not corrupted by Tw
– dAC= dCD=dDB=N(davg, ). So, dAB=N(ndavg, n1/2)
– dT*= ndavg+n1/2
n1/2 M* (SOM), lower in 3 orders of magnitude
• Disadvantages– ack has to carry the state information and
timestamps about all the previous packets, so the packet size of ack packet is larger
![Page 13: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/13.jpg)
CSC 774 Adv. Net. Security
13
Secure Transitive Multi-hop (STM)
• Step 5: A sync to C (SPS)
Step 1. A C D B: A, B, NA, sync
Step 2. B, D, NA, m1, M1
– m1 = [B, D, notify], M1 = MAC[KBD, B, D, NA, m1]
– m2 = [B, D, C, notify], M2 = MAC[KDC, D, C, NA, m2]#
– m3 = [B, D, C, A, notify], M3 = MAC[KCA, C, A, NA, m3]#
BADC
Step 4. C sync to D (SPS) Step 3. D sync to B (SPS)
#In the paper, KBD in M2 and M3 should be KDC and KCA respectively
D C: D, C, NA, m2, M2C A: C, A, NA, m3, M3
![Page 14: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/14.jpg)
CSC 774 Adv. Net. Security
14
Comparison (SOM, SDM and STM)
• Maximal delay parameter same as d* in SYS
• Advantages– Threshold is verified at each step, so re-sync if the
threshold does not meet in STM. But, threshold is done only when A receives ack in SOM and SDM
• Disadvantages– In STM, an external attacker can carry out pulse-delay
attacks on the link joining C and D, due to local verification
– The total number of transmitted messages• 2n for SOM and SDM, but 3n for STM when no attacks
![Page 15: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/15.jpg)
CSC 774 Adv. Net. Security
15
Group Synchronization
• Lightweight Secure Group Synchronization (LSGS)
– Step 1: G1 *: G1, sync
– Step 2: Gi (Ti) (Ti1) G1: Gi, Ni
– Step 3: G1 (T1) (T1i) *: G1, T1, ack, m, M• where m={Ti1, Gi, Ni}, M=MAC[K1i, G1, T1, ack, m] (i = 2,…n)
– Step 4: • Compute d = [(Ti1-Ti )+(T1i - T1)]/2
• If d d*, then = [(Ti1-Ti )-(T1i - T1)]/2; else abort
Note. Gi A and G1 B in a single hop
![Page 16: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/16.jpg)
CSC 774 Adv. Net. Security
16
Performance (L-SGS)
• Same as SPS– Resilient to pulse-delay attacks and message
modification attacks
• Not resilient to internal attacks (if G1 is malicious)
![Page 17: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/17.jpg)
CSC 774 Adv. Net. Security
17
Secure Group Synchronization (SGS)
• Triangle consistency
ij
Node i
Node j
Node kjk
ki
Internal attacks if ij+ jk + ki 0?
Main ideas of SGS
– Every two nodes use SPS by broadcast. No fixed node is used for time sync
– Use triangle consistency to detect internal attacks
![Page 18: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/18.jpg)
CSC 774 Adv. Net. Security
18
Comparison and Summary
Secure Sync Singlehop
Multi-hop sync over n hops(n=5)
Group sync of nnodes
Protocols SPS SOM SDM STM T-SGS SGS
Maxi sync error 3(10s)
3M
(25ms)3 n1/2
(25s)3 n1/2
(25s)3
(10s)3
(10s)
Maxi externalattacker impact
6(20s)
6M
(50ms)6 n
(120s)6 n
(120s)6
(20s)6
(20s)
Resilient tointernal attackers
- Yes No No No Yes
Total number ofmessages
2 2n 2n 3n n+1 3n
Ack packet size# - Same Large Same Large Large
#Compared to the packet size in SPS
![Page 19: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/19.jpg)
CSC 774 Adv. Net. Security
19
Conclusions
• A suite of time synchronization protocols was proposed to detect pulse-delay attacks
– Node-to-node• Single hop: SPS
• Multi-hops:
– SOM (shared pairwise key and big dM*)
– SDM (large message sizes), STM (external attacks)
– Group: L-SGS (internal attacks), SGS (big communication overhead)
• Secure group synchronization is based on the assumption: all group nodes are in each other’s power range
![Page 20: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/20.jpg)
CSC 774 Adv. Net. Security
20
Possible Research Questions
• How to sync time when some nodes are not in the power range of other nodes in a group
• Prevention? How to continue with the processing of time sync when attacks
• How to develop methods to avoid internal attacks (e.g., a hash chain?)
• Is it possible to apply Iulos’s approach or a tree-based technique to SGS for reducing communication overhead
![Page 21: Secure Time Synchronization Service for Sensor Networks S. Ganeriwal, R. Kumar, M. B. Sirvastava Presented by: Kaiqi Xiong 11/28/2005 Computer Science](https://reader035.vdocuments.us/reader035/viewer/2022062511/551774665503460e6e8b5088/html5/thumbnails/21.jpg)
CSC 774 Adv. Net. Security
21
Thank You!
Questions?