Security Primitives & Encryption in WMSN & WSAN, Slides of Wireless Networking

An overview of security primitives, encryption schemes, keying mechanisms, and protocols used in wireless multimedia sensor networks (wmsn) and wireless sensor actor networks (wsan). It covers topics such as message authentication codes (mac), initialization vectors (iv), symmetric key encryption schemes, and cbc mode encryption. The document also discusses the advantages and design considerations of wmsn and wsan, as well as their motivations and differences.

Typology: Slides

2011/2012

Uploaded on 08/07/2012

shaje_69kinky
shaje_69kinky 🇮🇳

4.7

(26)

76 documents

1 / 29

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
2
Outlines
Security primitives in TinySec
Encryption Schemes
Keying mechanism
WMSN
Architecture
Applications
Advantages
Design Considerations
Protocols
WSAN
Motivation
WSN vs WSAN
Architecture
Issues
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d

Partial preview of the text

Download Security Primitives & Encryption in WMSN & WSAN and more Slides Wireless Networking in PDF only on Docsity!

2

Outlines

Security primitives in TinySec

Encryption Schemes

Keying mechanism

WMSN ►^

Architecture ►

Applications ►

Advantages ►

Design Considerations ►

Protocols

WSAN ►^

Motivation ►

WSN vs WSAN ►

Architecture ►

Issues

3

Last Lecture

Transport Protocols for WSN

TCP/UDP for WSN

Protocols ►

PSFQ

ESRT

CODA

Security Threats in WSN

TinySec

Motivations of Link Layer security

5

TINYSEC-DESIGN

2 Security Options- ►

Authentication Encryption ( Tinysec-AE)•

TinySec encrypts the data payload and authenticates thepacket with a MAC.

-^

The MAC is computed over the encrypted data and thepacket header.

Authentication only (Tinysec-Au)•

TinySec authenticates the entire packet with a MAC, but thedata payload is not encrypted.

Encryption : semantically secure encryptiontypically requires two design decisions ►

Specifying the IV format

Selecting an encryption Scheme

6

Tinysec IV format

IV too long- add unnecessary bits to the packet

Too short – Risk of repetition

How long should be the IV? N bit IV repeat after 2^n+1. ►^

If we use a n bit counter repetitions will not happen before thatpoint. ►

Pseudorandom would repeat with probability of 2^(n/2)

Active message handler type

Destination

8

CBC

IV is XOR'ed with the first data block before it is encrypted. 

Feed the result of encryption back into the encryption of the nextblock. 

The plain-text is XOR'ed with the previous cipher-text block beforeit is encrypted. 

The encryption of each block depends on all the previous blocks. 

This requires that the decryption side processes all encryptedblocks sequentially 

An error in an encrypted block ►^

causes the block with the error to be completely garbled. ►

The subsequent block will have bit errors at the same positions as theoriginal erroneous block. ►

The blocks following the second block will not be affected by the error.Hence, CBC is self-recovering

9

Keying mechanism

Use per-link keying, ►^

separate Tinysec key for each pair of node wishing tocommunicate. ►

Drawback: Key distribution becomes a challenge.

Allow a group of nodes to share a TinySec key ratherthan each pairs. ►^

Group keying provides an intermediate level of resilience.

Appropriate keying mechanism for a particular networkdepends on several factors.

Tinysec key- A pair of skipjack key-one forauthentication, one or encryption.

Simplest keying mechanism: ►^

Use a single key for the entire network, Preload the key beforedeployment.-Adversary can compromise on node and get thekey..

11

Reference Architecture of WMSN

12

New Applications

Storage and Retrieval of Interesting Activities- e.g.,IrisNet[93]. (2004)

Traffic congestion avoidance, traffic. enforcementand control systems.

Smart parking advice system. (2005)

Automated Assistance for the elderly and familymonitors. (2005)

Manufacturing process control for semiconductorchip, food or pharmaceutical products.

14

Design Considerations

Application-specific QoS requirements ►^

Snapshot and Streaming multimedia ►

Flexible architecture to support heterogeneous applications

Multimedia source coding ►^

intra-frame/inter-frame ►

distributed source coding

Multimedia in-network processing

Multimedia coverage model development

Power consumption

15

Examples of Deployed WMSN

SensEye ►^

Three tasks: object detection, recognition

and tracking. ►

Objective: Demonstrate a camera sensor

network containingheterogeneous elementsprovides numerous benefitsover traditionalhomogeneous sensornetworks.

17

Traffic Management and Admission

Control

Tasks: ►^

Prevent applications from establishing data flows when the networkresources needed are not available ►

Traffic classes - provide differentiated service between real-time anddelay-tolerant applications, and loss-tolerant and loss-intolerantapplications.

Related work: ►^

An application admission control algorithm is proposed whoseobjective is to maximize the network lifetime subject to bandwidth andreliability constraints.(2003) ►

An application admission control method is proposed to determineadmissions based on the added energy load and application rewards.(2003)

18

Transport Layer

TCP or UDP? ►

For real-time applications like streaming media, UDPseems preferred over TCP

Effect of dropping packets in UDP

Support for traffic heterogeneity

TCP with appropriate modifications ispreferable over UDP for WMSNs, ifstandardized protocols are to be used.

20

Using Multiple Paths

Regulating streaming through multiple TCP connections. (2005) ►^

Sender sends the desired streaming rate and allows throughputreduction to the receiver. ►

Receiver measures the actual throughput, controls the rate within theallowed bounds by using multiple TCP connections and dynamicallychanging its TCP window size for each connection.

Spliting a large burst of data into several smaller bursts ►^

Multi-flow Real-time Transport Protocol (MRTP). (2006)

Allows the sink to regulate multiple sources associated with asingle event ►^

COngestion Detection and Avoidance (CODA) protocol. (2003)

21

WSAN

I. Motivations

Environmental Applications ►^

Detecting and extinguishingforest fire

Distributed Robotics & SensorNetworks ►^

Mobile robots dispersedthroughout the field in sensornetworks, e.g. minesdetection and destruction.