Presentation is loading. Please wait.

Presentation is loading. Please wait.

Multi-user Broadcast Authentication in Wireless Sensor Networks Kui Ren, Wenjing Lou, Yanchao Zhang SECON2007 Manar Mahmoud Abou elwafa.

Published byMorgan Ferguson Modified over 8 years ago

Similar presentations

Presentation on theme: "Multi-user Broadcast Authentication in Wireless Sensor Networks Kui Ren, Wenjing Lou, Yanchao Zhang SECON2007 Manar Mahmoud Abou elwafa."— Presentation transcript:

1 Multi-user Broadcast Authentication in Wireless Sensor Networks Kui Ren, Wenjing Lou, Yanchao Zhang SECON2007 Manar Mahmoud Abou elwafa

2 Problem Wireless sensor networks (WSNs) have enabled data gathering from a vast geographical region and present unprecedented opportunities for a wide range of tracking and monitoring applications from both civilian and military domains. In these applications, WSNs are expected to process, store, and provide the sensed data to the network users upon their demands

3 Other Solution Broadcast authentication in WSNs was first addressed by μTESLA users of WSNs are assumed to be one or a few fixed sinks, which are always assumed to be trustworthy. use the hash preimages as keys in a message authentication code (MAC) algorithm

4 Tesla works K0 = h^n(x), K1 =h^(n-1)(x), time interval I1. time interval I2, sensor nodes verify h(K1) = K0. delayed disclosure technique is used for the entire hash chain and thus demands loosely synchronized clocks between the sink and sensor nodes resource-constrained, computation capability, bandwidth availability, and energy supply

5 public key cryptography (PKC)” another solution” Computationally expensive for WSNs, though it could provide much simpler solutions with much stronger security strength. In this paper, we address multiuser broadcast authentication problem in WSNs by designing PKC-based solutions with minimized computational and communication costs.

6 Paper solution Bloom filter: is a simple space-efficient randomized data structure for representing a set in order to support membership queries a set S = s1, s2,..., sn of n elements is described by a vector V of m bits, initially all set to 0. uses k independent hash functions h1,..., hk with range 0,...,m ¡ 1, which map each item in the universe to a random number uniform over [0,...,m ¡ 1]. For each element s 2 S, the bits hi(s) are set to 1 for 1 · i · k. Note that a bit of V can be set to 1 multiple times. To check if an item x is in S, we check whether all bits hi(x) are set to 1. If not, x is not a member of S for certain, A Bloom filter may yield a false positive. It may suggest that an element x is in S even though it is not.

7 The Merkle Hash Tree: A Merkle Tree is a construction to build secure authentication schemes from hash functions. It is a tree of hashes where the leaves in the tree are hashes of the authentic data values n1, n2,..., nw. The value of an internal node A is ha = h(h(n1)||h(n2)) the value of the root node is hr = h(ha||hb). AAI :

8 Design goal Is straightforward: all messages broadcasted by the network users of the WSN should be authenticated focus on minimizing the overheads of the security design. Especially, energy efficiency and storage overhead are given priority to cope with the resource- constrained nature of WSNs.

9 BASIC SCHEMES A. The Certificate-Based Authentication Scheme (CAS) sensor nodes are preloaded with PKSink before the network deployment; and message verification contains two steps:the user certificate verification and the message signature verification not efficient in communication, authenticate each message, it always takes two expensive signature verification operations.

10 B. The Direct Storage Based Authentication Scheme (DAS) straightforward approach is then to let sensor nodes simply store all the current users’ID

11 The Bloom Filter Based Authentication Scheme (BAS)

12 The sink generates the public keys for all network users W pub =PK UID checks the authenticity of the message in two steps: 1-it checks the authenticity of the corresponding public key by verifying its membership in S. 2-it verifies the attached signature

13 Supporting More Users using the Merkle Hash Tree: The Hybrid Authentication Scheme (HAS)

14 Performance Evaluation Communication Overhead.

15 Computational Overhead

16 Conclusions we studied the problem of multiuser broadcast authentication in WSNs. μTESLA are insufficient, delayed authentication of the messages can easily lead to severe energy-depletion DoS attacks. Both computational and communication costs of the schemes are minimized through a novel integration of several cryptographic techniques.

17 My Conclusions Propose the problem of multiuser broadcast authentication in WSNs Come up with several PKC-based schemes to address the proposed problem with minimized computational and communication costs. Analyze both the performance and security resilience of the proposed schemes.

18 Any question Any questions???

Download ppt "Multi-user Broadcast Authentication in Wireless Sensor Networks Kui Ren, Wenjing Lou, Yanchao Zhang SECON2007 Manar Mahmoud Abou elwafa."

Similar presentations

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.

Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
Authentication paramount practices in wireless networks By: Ahmad Almadhor and Aaron Black.

Authentication paramount practices in wireless networks By: Ahmad Almadhor and Aaron Black.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.

Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.
Presented By- Sayandeep Mitra 13000110043 7 TH SEMESTER Sensor Networks(CS 704D) Assignment.

Presented By- Sayandeep Mitra TH SEMESTER Sensor Networks(CS 704D) Assignment.
DoS Attacks on Sensor Networks Hossein Nikoonia Department of Computer Engineering Sharif University of Technology

DoS Attacks on Sensor Networks Hossein Nikoonia Department of Computer Engineering Sharif University of Technology
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.

An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU 20082065 Myunghan Yoo.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
Location-Aware Security Services for Wireless Sensor Networks using Network Coding IEEE INFOCOM 2007 최임성.

Location-Aware Security Services for Wireless Sensor Networks using Network Coding IEEE INFOCOM 2007 최임성.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.

Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.

Efficiently Authenticating Code Images in Dynamically Reprogrammed Wireless Sensor Networks PerSec 2006 Speaker: Prof. Rick Han Coauthors Jing Deng and.

Similar presentations

Ads by Google