Advertisement

Wireless Networks

, Volume 8, Issue 5, pp 521–534 | Cite as

SPINS: Security Protocols for Sensor Networks

  • Adrian Perrig
  • Robert Szewczyk
  • J.D. Tygar
  • Victor Wen
  • David E. Culler
Article

Abstract

Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. We present a suite of security protocols optimized for sensor networks: SPINS. SPINS has two secure building blocks: SNEP and μTESLA. SNEP includes: data confidentiality, two-party data authentication, and evidence of data freshness. μTESLA provides authenticated broadcast for severely resource-constrained environments. We implemented the above protocols, and show that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of our network. Additionally, we demonstrate that the suite can be used for building higher level protocols.

secure communication protocols sensor networks mobile ad hoc networks MANET authentication of wireless communication secrecy and confidentiality cryptography 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    Atmel, Secure Microcontrollers for SmartCards, http://www. atmel.com/atmel/acrobat/1065s.pdfGoogle Scholar
  2. [2]
    S. Basagni, K. Herrin, E. Rosti and D. Bruschi, Secure Pebblenets, in: ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2001) (2001) pp. 156–163.Google Scholar
  3. [3]
    M. Bellare, A. Desai, E. Jokipii and P. Rogaway, A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation, in: Symposium on Foundations of Computer Science (FOCS) (1997).Google Scholar
  4. [4]
    M. Beller and Y. Yacobi, Fully-fledged two-way public key authentication and key agreement for low-cost terminals, Electronics Letters 29(11) (1993) 999–1001.Google Scholar
  5. [5]
    S. Bellovin and M. Merrit, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, in: ACM Conference on Computer and Communications Security CCS-1 (1993) pp. 244–250.Google Scholar
  6. [6]
    P. Bergstrom, K. Driscoll and J. Kimball, Making home automation communications secure, IEEE Computer 34(10) (2001) 50–56.Google Scholar
  7. [7]
    A. Biryukov and D. Wagner, Slide attacks, in: International Workshop on Fast Software Encryption (1999).Google Scholar
  8. [8]
    C. Boyd and A. Mathuria, Key establishment protocols for secure mobile communications: A selective survey, in: Australasian Conference on Information Security and Privacy (1998) pp. 344–355.Google Scholar
  9. [9]
    D.W. Carman, P.S. Kruus and B.J. Matt, Constraints and approaches for distributed sensor network security, NAI Labs Technical Report No. 00-010 (2002).Google Scholar
  10. [10]
    S.E. Czerwinski, B.Y. Zhao, T.D. Hodes, A.D. Joseph and R.H. Katz, An architecture for a secure service discovery service, in: ACM International Conference on Mobile Computing and Networking (MobiCom'99) (1999) pp. 24–35.Google Scholar
  11. [11]
    D. Johnson, D.A. Maltz and J. Broch, The dynamic source routing protocol for mobile ad hoc networks, Internet draft, Mobile Ad-Hoc Network (MANET) Working Group, IETF (1999).Google Scholar
  12. [12]
    J. Daemen and V. Rijmen, AES proposal: Rijndael (1999).Google Scholar
  13. [13]
    Dallas, iButton: A Java-powered cryptographic iButton, http:// www.ibutton.com/ibuttons/java.htmlGoogle Scholar
  14. [14]
    W. Diffie and M.E. Hellman, Privacy and authentication: An introduction to cryptography, Proceedings of the IEEE 67(3) (1979) 397–427.Google Scholar
  15. [15]
    Fortezza, Fortezza: Application implementers guide (1995).Google Scholar
  16. [16]
    A. Fox and S.D. Gribble, Security on the move: Indirect authentication using Kerberos, in: International Conference on Mobile Computing and Networking (MobiCom'96) (1996) pp. 155–164.Google Scholar
  17. [17]
    R. Gennaro and P. Rohatgi, How to sign digital streams, in: Advances in Cryptology – Crypto'97, Lecture Notes in Computer Science, Vol. 1294 (1997) pp. 180–197.Google Scholar
  18. [18]
    O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions, Journal of the ACM 33(4) (1986) 792–807.Google Scholar
  19. [19]
    S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer Security 28 (1984) 270–299.Google Scholar
  20. [20]
    Z. Haas and M. Perlman, The Zone Routing Protocol (ZRP) for ad hoc networks, Internet draft, Mobile Ad-Hoc Network (MANET) Working Group, IETF (1998).Google Scholar
  21. [21]
    N.M. Haller, The S/KEY one-time password system, in: Symposium on Network and Distributed Systems Security (1994).Google Scholar
  22. [22]
    D. Harkins and D. Carrel, The Internet key exchange (IKE), RFC 2409, Information Sciences Institute, University of Southern California (1998).Google Scholar
  23. [23]
    J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler and K. Pister, System architecture directions for networked sensors, in: International Conference on Architectural Support for Programming Languages and Operating Systems.Google Scholar
  24. [24]
    J.-P. Hubaux, L. Buttyán and S. Čapkun, The quest for security in mobile ad hoc networks, in: ACM Symposium on Mobile Ad Hoc Networking and Computing (2001).Google Scholar
  25. [25]
    D.B. Johnson and D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: Mobile Computing (Kluwer Academic, 1996) chapter 5, pp. 153–181.Google Scholar
  26. [26]
    Y.-B. Ko and N. Vaidya, Location-Aided Routing (LAR) in mobile ad hoc networks, in: International Conference on Mobile Computing and Networking (MobiCom'98) (1998).Google Scholar
  27. [27]
    J. Kohl and C. Neuman, The Kerberos network authentication service (V5), RFC 1510 (1993).Google Scholar
  28. [28]
    S. Marti, T. Giuli, K. Lai and M. Baker, Mitigating routing misbehaviour in mobile ad hoc networks, in: International Conference on Mobile Computing and Networking (MobiCom 2000) (2000) pp. 255–265.Google Scholar
  29. [29]
    A.J. Menezes, P.C. van Oorschot and S.A. Vanstone, Handbook of Applied Cryptography (CRC Press, 1997).Google Scholar
  30. [30]
    S.P. Miller, C. Neuman, J.I. Schiller and J.H. Saltzer, Kerberos authentication and authorization system, Project Athena Technical Plan (1987).Google Scholar
  31. [31]
    N. Modadugu, D. Boneh and M. Kim, Generating RSA keys on a hand-held using an untrusted server, RSA 2000 (2000).Google Scholar
  32. [32]
    National Bureau of Standards (NBS), Specification for the data encryption standard, Federal Information Processing Standards (FIPS) Publication 46 (1977).Google Scholar
  33. [33]
    National Institute of Standards and Technology (NIST), DES model of operation, Federal Information Processing Standards Publication 81 (FIPS PUB 81) (1981).Google Scholar
  34. [34]
    National Institute of Standards and Technology (NIST), Security requirements for cryptographic modules, Federal Information Processing Standards (FIPS) Publication 140-1 (1994).Google Scholar
  35. [35]
    National Institute of Standards and Technology (NIST), Security requirements for cryptographic modules, Federal Information Processing Standards (FIPS) Publication 140-2 (1999).Google Scholar
  36. [36]
    National Institute of Standards and Technology (NIST), Advanced encryption standard (AES) development effort (2000) http:// csrc.nist.gov/encryption/aes/Google Scholar
  37. [37]
    C. Park, K. Kurosawa, T. Okamoto and S. Tsujii, On key distribution and authentication in mobile radio networks, in: Advances in Cryptology – EuroCrypt'93, Lecture Notes in Computer Science, Vol. 765 (1993) pp. 461–465.Google Scholar
  38. [38]
    V. Park and M. Corson, A highly adaptable distributed routing algorithm for mobile wireless networks, in: IEEE INFOCOMM'97 (1997).Google Scholar
  39. [39]
    B. Patel and J. Crowcroft, Ticket based service access for the mobile user, in: International Conference on Mobile Computing and Networking (MobiCom'97) (1997) pp. 223–233.Google Scholar
  40. [40]
    C. Perkins and P. Bhagwat, Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers, in: ACM SIG-COMM Symposium on Communication, Architectures and Applications (1994).Google Scholar
  41. [41]
    C. Perkins and E. Royer, Ad hoc on-demand distance vector routing, in: IEEE WMCSA'99 (1999).Google Scholar
  42. [42]
    A. Perrig, R. Canetti, D. Song and J.D. Tygar, Efficient and secure source authentication for multicast, in: Network and Distributed System Security Symposium, NDSS'01 (2001).Google Scholar
  43. [43]
    A. Perrig, R. Canetti, J. Tygar and D. Song, Efficient authentication and signing of multicast streams over lossy channels, in: IEEE Symposium on Security and Privacy (2000).Google Scholar
  44. [44]
    A. Perrig, R. Szewczyk, V. Wen, D. Culler and J.D. Tygar, SPINS: Security protocols for sensor networks, in: International Conference on Mobile Computing and Networking (MobiCom 2001), Rome, Italy (2001).Google Scholar
  45. [45]
    K.S.J. Pister, J.M. Kahn and B.E. Boser, Smart dust: Wireless networks of millimeter-scale sensor nodes (1999).Google Scholar
  46. [46]
    R. Rivest, The MD5 message-digest algorithm. RFC 1321, Internet Engineering Task Force (1992).Google Scholar
  47. [47]
    R.L. Rivest, The RC5 encryption algorithm, in: Workshop on Fast Software Encryption (1995) pp. 86–96.Google Scholar
  48. [48]
    R.L. Rivest, A. Shamir and L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21(2) (1978) 120–126.Google Scholar
  49. [49]
    P. Rohatgi, A compact and fast hybrid signature scheme for multicast packet authentication, in: ACM Conference on Computer and Communications Security (1999).Google Scholar
  50. [50]
    B. Schneier, Applied Cryptography, 2nd ed. (Wiley, 1996).Google Scholar
  51. [51]
    F. Stajano and R. Anderson, The resurrecting duckling: Security issues for ad-hoc wireless networks, in: International Workshop on Security Protocols (1999).Google Scholar
  52. [52]
    M. Tatebayashi, N. Matsuzaki and D.B.J. Newman, Key distribution protocol for digital mobile communication systems, in: Advances in Cryptology – Crypto'89, Lecture Notes in Computer Science, Vol. 435 (1989) pp. 324–334.Google Scholar
  53. [53]
    D. Tennenhouse, Embedding the Internet: Proactive computing, Communications of the ACM 43(5) (2000) 43.Google Scholar
  54. [54]
    D. Wheeler and R. Needham, TEA, a Tiny Encryption Algorithm (1994) http://www.ftp.cl.cam.ac.uk/ftp/papers/ djw-rmn/djw-rmn-tea.htmlGoogle Scholar
  55. [55]
    B. Yee and J.D. Tygar, Secure coprocessors in electronic commerce applications, in: USENIX Workshop on Electronic Commerce, NewYork (1995).Google Scholar
  56. [56]
    G. Yuval, Reinventing the Travois: Encryption/MAC in 30 ROM bytes, in: Workshop on Fast Software Encryption (1997).Google Scholar
  57. [57]
    L. Zhou and Z. Haas, Securing ad hoc networks, IEEE Network Magazine 13(6) (1999).Google Scholar

Copyright information

© Kluwer Academic Publishers 2002

Authors and Affiliations

  • Adrian Perrig
    • 1
  • Robert Szewczyk
    • 1
  • J.D. Tygar
    • 1
  • Victor Wen
    • 1
  • David E. Culler
    • 1
  1. 1.Department of Electrical Engineering and Computer SciencesUniversity of California, BerkeleyBerkeleyUSA

Personalised recommendations