Fast Response PKC-Based Broadcast Authentication in Wireless Sensor Networks
Public Key-based (PKC) approaches have gained popularity in Wireless Sensor Network (WSN) broadcast authentication due to their simpler protocol operations, e.g., no synchronization and higher tolerance to node capture attack compared to symmetric key-based approaches. With PKC’s security strength, a sensor node that authenticates messages before forwarding them can detect a bogus message within the first hop. While this prevents forged traffic from wasting the sensor nodes’ energy, performing PKC operations in the limited computing-power sensor nodes can result in undesirably long message propagation time. At the other extreme, the sensor node can forward messages to other nodes prior to authenticating them. This approach diminishes propagation time with the trade-off of allowing forged messages to propagate through the network. To achieve swift and energy efficient broadcast operation, sensor nodes need to decide wisely when to forward first and when to authenticate first.
In this paper, we present two new broadcast authentication schemes, called the key pool scheme and the key chain scheme, to solve this dilemma without any synchronization or periodic key redistribution. Both schemes utilize a Bloom filter and the distribution of secret keys among sensor nodes to create fast and capture-resistant PKC-based broadcast authentication protocols. Our NS-2 simulation results for a 3,000-node WSN confirm that broadcast delays of our protocol are only 46.7% and 39.4% slower than the forwarding-first scheme for the key pool and the key chain scheme respectively. At the same time, both protocols are an order of magnitude faster than the authentication-first scheme. The key pool scheme is able to keep forged message propagation to the minimal even when the majority of the nodes have been captured by the attacker. The key chain scheme has smaller transmission overhead than the key pool scheme at the expense of less resistance to node capturing.
Two generic improvements to these schemes are also described. One reduces the marking limit on the Bloom filter vector (BFV), which makes it more difficult for an attacker to forge a BFV for a bogus message. The other limits broadcast forwarding to a spanning tree, which reduces the number of nodes forwarding bogus messages by one to two orders of magnitude depending on the percentage of compromised nodes. The first improvement can be applied to any BFV scheme, while the second is even more generally applicable.
Keywordswireless sensor network broadcast authentication bloom filter public key cryptography
The authors would like to thank Prapaporn Rattanatamrong and David Wolinsky for their helpful feedback. We would also like to thank Kittipat Kampa for his comments on our statistical analysis model.
- 1.Basagni S, Herrin K, Bruschi D, Rosti E (2001) Secure pebblenets. In: MobiHoc. ACM, pp 156–163Google Scholar
- 3.Chuchaisri P (2010) Simulator source code. https://com/Alpha-Sim
- 4.Crossbow Technology (2010) MICA2 mote datasheet. http://126.96.36.199/Products/Wireless_Sensor_Networks.htm
- 5.Dong Q, Liu D, Ning P (2008) Pre-authentication filters: providing dos resistance for signature-based broadcast authentication in sensor networks. In: WiSec ’08: proceedings of the first ACM conference on wireless network security. ACM, New York, NY, USA, pp 2–12. doi: 10.1145/1352533.1352536
- 6.Fan X, Gong G (2010) Accelerating signature-based broadcast authentication for wireless sensor networks. In: Zheng J, Simplot-Ryl D, Leung VCM (eds) ADHOCNETS. Lecture notes of the institute for computer sciences, social informatics and telecommunications engineering, vol 49. Springer, pp 328–343Google Scholar
- 7.Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and rsa on 8-bit cpus. Cryptographic Hardware and Embedded Systems—CHES 2004, pp 119–132Google Scholar
- 8.Han P, Zhu Y, Hu Y (2007) Design of multi-signature scheme in wireless networks. In: ACIS-ICIS. IEEE Computer Society, pp 247–251Google Scholar
- 11.Karlof C, Sastry N, Wagner D (2004) TinySec: a link layer security architecture for wireless sensor networks. In: Stankovic JA, Arora A, Govindan R (eds) SenSys 2004. ACM, pp 162–175Google Scholar
- 13.Liu D, Ning P (2003) Multi-level μTESLA: a broadcast authentication system for distributed sensor networks. Tech. Rep. TR-2003-08, Department of Computer Science, North Carolina State University, 1 Mar 2003Google Scholar
- 14.Luk M, Perrig A, Whillock B (2006) Seven cardinal properties of sensor network broadcast authentication. In: SASN ’06. ACM, New York, NY, USA, pp 147–156. doi: 10.1145/1180345.1180364
- 15.Manna Research Group (2010) Mannasim framework. http://www.mannasim.dcc.ufmg.br/index.htm
- 16.Mykletun E, Girao J, Westhoff D (2006) Public key based cryptoschemes for data concealment in wireless sensor networks. In: ICC2006, vol 5, pp 2288–2295Google Scholar
- 19.Perrig A, Canetti R, Song D, Tygar JD (2001) Efficient and secure source authentication for multicast. In: In Network and Distributed System Security Symposium, NDSS ’01, pp 35–46Google Scholar
- 21.Perrig A, Szewczyk R, Wen V, Culler D, Tygar JD (2001) SPINS: security protocols for sensor networks. In: MobiCom ’01: proceedings of the 7th annual international conference on mobile computing and networking. ACM, New York, NY, USA, pp 189–199. doi: 10.1145/381677.381696
- 22.Postel J (1981) Transmission Control Protocol. RFC 793 (Standard). http://www.ietf.org/rfc/rfc793.txt. Updated by RFCs 1122, 3168
- 23.Ren K, Yu S, Lou W, Zhang Y (2009) Multi-user broadcast authentication in wireless sensor networks. IEEE Trans Veh Technol PP(99):1. doi: 10.1109/TVT.2009.2019663
- 26.Wang R, Du W, Ning P (2007) Containing denial-of-service attacks in broadcast authentication in sensor networks. In: MobiHoc ’07: proceedings of the 8th ACM international symposium on Mobile ad hoc networking and computing. ACM, New York, NY, USA, pp 71–79. doi: 10.1145/1288107.1288118
- 28.Ye F, Luo H, Lu S, Zhang L (2004) Statistical en-route filtering of injected false data in sensor networks. In: Proc. INFOCOM 2004, vol 4, pp 2446–2457Google Scholar