Towards Secure and Practical MACs for Body Sensor Networks

  • Zheng Gong
  • Pieter Hartel
  • Svetla Nikova
  • Bo Zhu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5922)

Abstract

In this paper, some practical problems with the Message Authentication Codes (MACs), which are suggested in the current security architectures for wireless sensor network (WSN), are reconsidered. The analysis exploits the fact that the recommended MACs for WSN, e.g., TinySec (CBC-MAC), MiniSec (OCB-MAC), and SenSec (XCBC-MAC), are not exactly suitable for body sensor network (BSN). Particularly a dedicated attack is elaborated on the XCBC-MAC. Considering the hardware limitations of BSN, we propose a tunable lightweight MAC based on the PRESENT block cipher, which is named TuLP. A 128-bit variant TuLP-128 is proposed for a higher resistance against internal collisions. Compared to the existing schemes, our lightweight MACs are time and resource efficient on hardware-constrained devices.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    AAL: The Ambient Assisted Living Joint Programme. European Union (January 2008), http://www.aal-europe.eu/about-aal
  2. 2.
    Albrecht, M., Cid, C.: Algebraic Techniques in Differential Cryptanalysis. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 193–208. Springer, Heidelberg (2009)Google Scholar
  3. 3.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)Google Scholar
  4. 4.
    Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences 61(3), 362–399 (2000)MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Biryukov, A., Bogdanov, A., Khovratovich, D., Kasper, T.: Collision Attacks on AES-Based MAC: Alpha-MAC. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 166–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: Fast and Secure Massage Authentication. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 216–233. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Black, J., Rogaway, P.: CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions. Journal of Cryptology 18(2), 111–131 (2005)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Black, J., Rogaway, P., Shrimpton, T.: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y.: Hash Functions and RFID Tags: Mind the Gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Collard, B., Standaert, F.-X.: A Statistical Saturation Attack against the Block Cipher PRESENT. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 195–210. Springer, Heidelberg (2009)Google Scholar
  12. 12.
    Daemen, J., Rijmen, V.: A New MAC Construction ALRED and a Specific Instance ALPHA-MAC. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 1–17. Springer, Heidelberg (2005)Google Scholar
  13. 13.
    Daemen, J., Rijmen, V.: The Pelican MAC Function. Unpublished manuscript, http://eprint.iacr.org/2005/088
  14. 14.
    Feldhofer, M., Rechberger, C.: A Case Against Currently Used Hash Functions in RFID Protocols. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 372–381. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Ferguson, N.: Collision attacks on OCB. Preprint (Febuary 2002)Google Scholar
  16. 16.
    Federal Information Processing Standard 198, The Keyed-Hash Message Authentication Code (HMAC), NIST, U.S. Department of Commerce (March 2002)Google Scholar
  17. 17.
    Healy, M., Newe, T., Lewis, E.: Analysis of Hardware Encryption Versus Software Encryption on Wireless Sensor Network Motes. In: Mukhopadhyay, S.C., Gupta, G.S. (eds.) Smart Sensors and Sensing Technology. Springer, Heidelberg (2008)Google Scholar
  18. 18.
    Huang, J., Seberry, J., Susilo, W.: On the internal Structure of ALPHA-MAC. In: Nguyên, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 271–285. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    ISO/IEC 9797-1, Information technology - Security Techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher, ISO (1999)Google Scholar
  20. 20.
    ISO/IEC 10118-2:1994. Information technology - Security techniques - Hash-functions - Part 2: Hash-functions using an n-bit block cipher algorithm, Revised in (2000)Google Scholar
  21. 21.
    Karlof, C., Sastry, N., Wagner, D.: TinySec: A Link Layer Security Architecture for Wireless Sensor Networks. In: SenSys 2004, Baltimore, Maryland, USA, November 3-5 (2004)Google Scholar
  22. 22.
    Knudsen, L., Mendel, F., Rechberger, C., Thomsen, S.: Cryptanalysis of MDC-2. In: Ghilardi, S. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 106–120. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  23. 23.
    Lai, X., Massey, J.: Hash Functions Based on Block Ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 474–494. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  24. 24.
    Li, T., Wu, H., Wang, X., Bao, F.: SenSec Design. I2R Sensor Network Flagship Project (SNFP: security part): Technical Report-TR v1.0 (February 2005)Google Scholar
  25. 25.
    Luk, M., Mezzour, G., Perrig, A., Gligor, V.: MiniSec: A Secure Sensor Network Communication Architecture. In: IPSN 2007, Cambridge, Massachusetts, USA, April 25-27 (2007)Google Scholar
  26. 26.
    Performance of optimized implementations of the NESSIE primitives, v2.0, The NESSIE Consortium (2003), https://www.cosic.esat.kuleuven.be/nessie/deliverables/D21-v2.pdf
  27. 27.
    Özen, O., Varici, K., Tezcan, C., Kocair, Ç.: Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT. In: Boyd, C., Nieto, J.G. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 90–107. Springer, Heidelberg (2009)Google Scholar
  28. 28.
    Paar, C., Poschmann, A., Robshaw, M.: New Designs in Lightweight Symmetric Encryption. In: Kitsos, P., Zhang, Y. (eds.) RFID Security: Techniques, Protocols and System-on-Chip Design, pp. 349–371. Springer, Heidelberg (2008)Google Scholar
  29. 29.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: security protocols for sensor networks. In: Proceedings of the 7th annual international conference on Mobile computing and networking, Rome, Italy, pp. 189–199 (July 2001)Google Scholar
  30. 30.
    Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. ACM Transactions on Information and System Security (TISSEC) 6(3), 365–403 (2003)CrossRefGoogle Scholar
  31. 31.
    Wang, M.: Differential Cryptanalysis of Reduced-Round PRESENT. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 40–49. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  32. 32.
    Wang, W., Wang, X., Xu, G.: Impossible Differential Cryptanalysis of PELICAN, MT-MAC-AES and PC-MAC-AES, http://eprint.iacr.org/2009/005
  33. 33.
    Yang, G.Z. (ed.): Body Sensor Network. Springer, London (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Zheng Gong
    • 1
  • Pieter Hartel
    • 1
  • Svetla Nikova
    • 1
    • 2
  • Bo Zhu
    • 3
  1. 1.Faculty of EWIUniversity of TwenteThe Netherlands
  2. 2.Dept. ESAT/SCD-COSICKatholieke Universiteit LeuvenBelguim
  3. 3.Dept. Computer Science and EngineeringShanghai Jiaotong UniversityChina

Personalised recommendations