A Seminar on

SECURITY PROTOCOL
FOR SENSOR NETWORK
 
Presented by
Ayush Ranjan
B.E Comp. 2
Roll No. - 02 

 
Under the Kind Guidance of
Prof. S.B. Vanjale
 OVERVIEW

 Introduction to Sensor Networks.

 Need of Security 0n Sensor Networks
 Sensor Hardware.
 Is Security on Sensors Possible?.
 Requirements for Sensor Network Security.
 Sensor Network Security Building Blocks
 Implementation and Evaluation.
 Conclusion.
 WIRELESS SENSOR NETWORK

 A wireless sensor network (WSN) consists of spatially

distributed autonomous sensors to cooperatively monitor
physical or environmental conditions, such as temperature,
sound, vibration, pressure, motion or pollutants.
• In addition to one or more sensors, each node is equipped
with a wireless communications device, a small
microcontroller and an energy source (Battery).

• Initially motivated by military applications such as battlefield

surveillance.

• Now used in many industrial and civilian application areas:

• Machine health monitoring

• Industrial process monitoring and control
• Environment and habitat monitoring
• Traffic control
NEED OF SECURITY ON SENSOR NETWORK
• As sensor networks edge closer towards wide-spread
deployment, security issues become a central concern.

• So far, much research has focused on making sensor

networks feasible and useful, and has not concentrated on
security.
• Without security, third parties can read or tamper
with sensor data.

• In the future, we envision wireless sensor networks being used

for emergency and life-critical systems – and here the questions
of security are foremost.
 SENSOR HARDWARE
• At UC Berkeley, researchers are building prototype networks of
small sensor devices under the SmartDust program.

• The current prototype consists of nodes, small battery powered

devices that communicate with a more powerful base station,
which in turn is connected to an outside network.
Table summarizes the performance characteristics of these devices.

CPU 8-bit, 4 MHz

STORAGE 8KB Instruction Flash
512 bytes RAM
512 bytes EEPROM

Communication 916 MHz Radio

Bandwidth 10 Kilobits per Second
OS Code Space 3500 bytes
Available Code Space 4500 bytes
Operating System TinyOS
TinyOS is an embedded operating system written in the
nesC programming language as a set of cooperating tasks
and processes. It is intended to be incorporated into
smartdust.

Smartdust is a hypothetical wireless network of tiny

microelectromechanical sensors (MEMS), robots, or
devices that can detect light, temperature, or vibration.
 Is Security on Sensors Possible?
• Tight constraints make it impractical to use the majority of the
current secure algorithms.

• For example, the working memory of a sensor node is insufficient

to even hold the variables that are required in asymmetric
cryptographic algorithms

• But, Researchers have implemented all of these primitives

Their measurements show that adding security to a highly
resource-constrained sensor network is feasible.
 REQUIREMENTS
FOR
SENSOR NETWORK SECURITY

 Data Confidentiality :
A sensor network should not leak sensor readings
to neighboring networks.

 Data Authentication :

Data authentication allows a receiver to verify that

the data really was sent by the claimed sender.
 Data Integrity:
Data integrity ensures the receiver that the
received data is not altered

 Data Freshness:

Data freshness implies that the data is recent,

and it ensures that no adversary replayed
old messages.
 SENSOR NETWORK SECURITY
BUILDING BLOCKS

• To achieve the security requirements the researchers have

designed and implemented two security building blocks:

1. SNEP (Sensor Network Security Protocol).

2. µTESLA
SNEP provides a number of unique advantages.
• It has low communication overhead, adds 8 bytes per
message only.

• It achieves even semantic security.

• It also gives us data authentication, replay protection, and

message freshness.
Semantic security:

A strong security property which prevents eavesdroppers

from inferring the message content from the encrypted
message.

 
 The counter value is incremented after each message, the
same message is encrypted differently each time.
Replay protection:
 
 The counter value prevents replaying old messages.
Without counter value an adversary could easily replay
messages.

Message freshness:
 
 If the message is verified correctly, a receiver knows that the
message must have been sent after the previous message it
received correctly and this enforces a message ordering and
provides message freshness.
µTESLA is a new protocol which provides authenticated
broadcast for severely resource-constrained environments.

• Without authenticated broadcast any compromised

receiver could forge messages from the sender.

• µTESLA uses asymmetric mechanism through a delayed

disclosure of symmetric keys, which results in an efficient
broadcast authentication scheme.
• µTESLA requires that the base station and nodes are loosely
time synchronized.

• To send an authenticated packet, the base station simply

computes a MAC on the packet with a key that is secret at
that point in time.

• When a node gets a packet, it can verify that the

corresponding MAC key was not yet disclosed by the base
station

• The node stores the packet in a buffer

 IMPLEMENTATION
Due to the tight resource constraints of the sensor nodes,
the implementation of the cryptographic primitives is a
major challenge.

• A hard constraint is the memory size:

The sensor nodes have 8 KBytes of read-only program
memory, and 512 bytes of RAM

• To save program memory we implement all cryptographic

primitives from single block cipher
Block cipher:

• RC5 is used because of its small code size and high

efficiency.

• It does not rely on multiplication, and does not

require large tables.

• Using RC5 helps in achieving an additional 40%

reduction in code size.
Encryption function:

• To save code space, the same function is used for

both encryption and decryption.
 EVALUATION

Evaluation of the implementation of the protocols is done in terms of

Code size, Performance, Energy costs and communication
overheads.
Code size:
The smallest version of the crypto routines occupies about
20% of the available code space.

Implementation of µTESLA protocol uses another 574

bytes.
Together, the crypto library and the protocol
implementation consume about 2 KBytes of program
memory
Performance:
The performance of the cryptographic primitives is
adequate for the bandwidth supported by the current
generation of network sensors.

Energy Cost:

Most Energy costs will come from extra transmissions

required by the protocols but we use a stream cipher for
encryption.
 CONCLUSION
Security protocols for sensor networks are feasible and can be
successfully implemented on a sensor network.

The design is Universal and can be easily applied to all sensor

networks.

The computation costs of cryptography are low and

communication costs are also small.

With these techniques, it is believed that security systems can

become an integral part of practical sensor networks.
Thank You….
Questions