Ad Hoc Networks

Mira Vrbaski

mvrbaski@gmail.com

IntroductionAttacks and Treats in WSNInformation and node authenticationHolistic security approach and ISAQuiz – questions and answers

IntroductionAttacks and Threats in WSNInformation and node authenticationHolistic security approach and ISAQuiz – questions and answers

WSN applications are: deployed in military, national security... mission-critical tasks deployed in hostile environments more difficult to secure than in wired communication

networks, the Internet or MANETs (Wireless mobile ad hoc networks) due to the resource limitations of sensor nodes: Nodes can be physically removed by an adversary very easily Small storage Limited computational power

monitoring actively their surroundings, and it is often easy to deduce information other than the data monitored

open to packet injection by an adversary

Monitoring patients conditions

Tracking medical equipments

Tracking patients Personal, confidential

and sensitive data Data and time accuracy

and reliability

For example: Perimeter defence

Battlefield sensor networks high security and real-time response to fast changing events

security mechanisms directly impact system performance

strong need to develop a rigorous analytical framework for measuring the security-performance tradeoffs of arbitrary key distribution schemes

[2004] Security-Performance Tradeoffs of Inheritance based Key Predistribution for Wireless Sensor Networks –R. Kannan, L. Ray, A. Durresi and S. S. Iyengar security

performance

Sensor motes (Field devices) – Field devices are mounted in the process and must me capable of routing packets on behalf of other devices.

Gateway – enables communication between the Host and field devices

Network Manager -configures the network, schedules, monitors and reports on the health of the network.

Security Manager – generates, stores and manages keys.

The physical layer – determines frequency selection, carrier frequency generation, signal detection, and signal processing and data encryption.

The data link layer - requires multiplexing of data streams, data frame detection, medium access flow control and error control. It ensures reliable point-to-point and point-to-multipoint connections in a communication network.

The network layer - specifies the assignment of addresses and how packets are forwarded – Routing.

The transport layer - helps to maintain the flow of data if the sensor networks application requires it.

IntroductionAttacks and Threats in WSNInformation and node authenticationHolistic security approach and ISAQuiz – questions and answers

Each sensor network layer has specific attacks

Threats in Wireless Sensory Networks (WSN):Battery drainingNetwork control lossData leakage and ambiguity

Some more common attacks:1. Node capture2. Sybil attack3. Cloning attack4. Wormhole5. Key interception6. Denial of Service - DoS7. Replay

attacker picks out a node and runs any cryptanalysis on its material

leaks all secret materials, and/or

allows reconfiguration to serve attacker

captured

Leaks, serves attacker

introduces multiple entities for a single node

does not gain hardware advantage

undermines protocols in the network (leader election, voting, etc)

aimed against trust and reputation systems

inserts multiple physical nodes

provides hardware advantage

in hybrid approach, the malicious nodes gain their own identity

original node still functions -> attacker uses additional node with the same identity for own purposes

In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them into the network.

The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems.

For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication.

• Demonstration of a wormhole attack:• X and Y denote the wormhole

nodes connected through a long wormhole link. As a result of the attack, nodes connected through a long wormhole link. As a result of the attack, nodes in Area A consider nodes in Area B their neighbours and vice versa.

For example, traffic between nodes like a and e can now take a one-hop path via the wormhole instead of a multi-hop path. If the wormhole is placed carefully by the attacker and is long enough, it is easy to see that this link can attract a lot of routes.

the key is compromised by physical extraction from the captured node, or

by breach in protocol the attacker can use a

powerful equipment (for example laptop)

threat to the communication and fake nodes

Captured node

receiver

Attacker modifies message

senderreceive

r

Powerful equipment

Attacker modifies message

performs on protocols overloading with

unnecessary operations an attacker possesses

many cloned nodes can perform Distributed DoS-> difficult to localize and

lock out WSN – battery drainage ruined trust

IntroductionAttacks and Threats in WSNInformation and node authenticationHolistic security approach and ISAQuiz – questions and answers

Shared authentication where the originator of the

information uses a secret to mark the data in a way that allows verification of data by any other owners of the secret

One common secret among all

leak from single party

Each communication pair owns unique secret exponential growth in

storage requirements

Originator S

Owner of the S

S

Owner of the S

S

Originator S1,

S2

Owner of the S1

S1

Owner of the S2

S2

In node to node communication data can be substituted with other information

Can be alleviated with MAC – Message Authentication Code: Form of fingertip that can be

calculated by both communication parties.

Chaining protocols – set of chained data packages that are transmitted at different times.

The whole chain can be trusted if each element can be trusted.

Deferred disclosure – wait for key to understand the message

originator

receiver

1. MAC(M,K) where M-message, K-key

2. Give me K

3. Here is the K

originator

receiver

1. At t=t1 MAC(M,K) where M-message, K-key

2. At t=t2 K

TESLAµTESLAHash-chained authenticationMerkele trees authentication

TESLA protocol for broadcast authentication – data does not have to be authenticated at the moment of reception

For broadcast authentication

Sender can be associated with more powerful base node

Responsibility shift to sender

sender receiverMAC(r)

MAC temporarily accepted and stored in receiver bufferMAC generated using value r, known only by sender

t>timeout r NOT received => drop all MACs

r r r rt packets

Takes in consideration ad-hoc nature of WSN Allows bootstrapping of a new receiver at any time To join the network a node needs to verify the

authentication of one, any already used key from sender’s key chain and get loosely time synchronized.

ALPHA protocol:• Sender S choose random ho

and computes h1, h2 ... hn

• n depends on storage capacity• Each result is stored in

memory, hn made known to receiver R

• That means if R knows hi can calculate hi-1 by H(hi-1) = hi

Good for: broadcasting protocols unwanted traffic dropped

at the very first relaying node ->saves bandwidth

network protection against overloading

Bad for: memory size linear f(n)

where n-number of signatures

S R

S1(MAC(hi-1|| M)) sends MAC and hi-1

A1(hi,hjR) acknowledges with hi and hjR

S2(hi-1,M)

hi=H(hi-1)

Merkele tree MT is a plain binary tree Limits required memory size to log(n) where n is number of

leaves in the tree

r=H(hi-1||no||n1)

Each entity has two keys: Secret key to be used for

authentication Publically known for

verification by the information recipient

Existing problems: Availability of public keys Dealing with compromised

secret keys Complex system Large numbers-> storage

problems

requester

originator

1. Request signed

2. message

Rabin schemaDiffie –Hellman key exchange

Data sent from sensor to more powerful base station, the base station utilized this disproportion and applied similar asymmetric operation to assure security of data.

Very effective method for encryption and signature verification.

Private key is a pair of large distinct primes (p, q)

Public key is their product n=pq

Decryption complex requires p and q

Sensing network

Base station

Gathered encrypted data

Authenticated commands

c= M²modnM=√cmodp

q

Allows two nodes communication in open text to agree on a common secret

Two parameters publicly known: the generator g and prime modulus p.

A calculate Xa and send to B, a is a secret number of A

B calculate Xb and send to A, b is a secret number of B

A B

IntroductionAttacks and Threats in WSNInformation and node authenticationHolistic security approach and ISAQuiz – questions and answers

Advantages: Easy to develop Protocols of different layer

can be modified independently

Reducing inter layer interaction

Disadvantages: Redundant security (waste

of system resources) Lack of self adaptive

services De-integrated solution Cost and energy effective

Cross layer security Routing energy efficient

(network layer), minimize number of packets, retransmission (link layer) and put energy transceivers on/off.

Key management schemas make sure that all nodes possess required keys and packets reach destination.

1. Przmyslaw Blaskiewicz, Miroslaw Kutylowski “Security and Trust in Sensor Networks”

2. Hemanta Kumar Kalita1 and Avijit Kar “Wireless sensor network security analyzes” 2009

3. T.Kavitha, D.Sridharan “Security Vulnerabilities in Wireless in Sensor Networks: Survey”

4. Adrian Perrig, John Stankovic, and David Wagner “Security in Wireless Sensor Networks”

5. Kuldeep, Kalpana Sharma and M.K. Ghose “Wireless Sensor Networks Security: A New Approach”

6. Peng Ning and Donggang Liu “Broadcast Authentication and Key Management for Secure Sensor Networks”, north Carolina State University, Raleigh, North Carolina

7. Jeffery Undercoffer, Sasikanth Avancha, Anupam Joshi and John Pinkston “Security for Sensor Networks”

8. R. Kannan, L. Ray, A. Durresi and S. S. Iyengar ”Security-Performance Tradeoffs of Inheritance based Key Predistribution for Wireless Sensor Networks”

9. Ritesh Maheshwari, Jie Gao and Samir R Das Department of Computer Science, Stony Brook University “Detecting Wormhole Attacks in Wireless Networks Using Connectivity Information”

10. Yih-Chun Hu, Member, IEEE, Adrian Perrig, Member, IEEE, and David B. Johnson, Member, IEEE“Wormhole Attacks in Wireless Networks”

IntroductionAttacks and Threats in WSNInformation and node authenticationKey managementHolistic security approach and ISAQuiz – questions and answers

[Q1]Shared authentication can be done in two ways: one common secret among all and each pair shares its own secret. Explain the advantages and disadvantages of both approaches taking in consideration WSN limitations. (draw the picture)

[A1] One common secret among all:[disadvantage: leak from single party], [advantage: small number of keys]

Each communication pair owns a unique secret:[disadvantage: exponential growth in storage requirements],[advantage: more security]

[Q1]Explain how a wormhole attack occurs and the threats that attack produces

[A1] In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them there into the network.

The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems.

For example, traffic between nodes like a and e can now take a one-hop path via the wormhole instead of a multi-hop path. If the wormhole is placed carefully by the attacker and is long enough, it is easy to see that this link can attract a lot of routes.

Explain how the Diffie-Hellman key exchange protocol works. Explain and show calculations if prime numbers are given: p=3 and g=2.