Presented By: Hathal ALwageed 1

 R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on Network Protocols,     2

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 3

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 4

 Distributed sensor nodes to cooperatively monitor physical or environmental conditions.  Multihop routing algorithms.  Base stations.  Ad-hoc technology between the nodes(peer-to-peer communication).  Usually covers large areas. 5

 Sensor nodes Constraints: ◦ Battery powered. ◦ Memory resources are limited ◦ No Tamper-resistance hardware. ◦ limited bandwidth transmission and computation power. 6

Agriculture Military applications Under seas And many others 7

 Developed by Brett Warneke and Kris Pister at the University of California Berkeley, CA  Microelectromechanical systems (MEMS)  Radio frequency (RF) & Optical communication.  Memory size around 8k.  The goal is to reach less than 1 node size.  Sensors options: ◦ temperature, pressure, humidity, vibration, Sound,….. 8

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 9

 The problem of establishing shared keys between sensor nodes.  Due to the sensor nodes constraints, the problem is considered a challenge.  Public key cryptography is infeasible (computation power limitation).  So a symmetric key cryptography is a convenient choice. 10

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 11

 Using base stations as key-distribution centers(KDCs) ◦ Master keys used by nodes to establish secured keys. ◦ Drawback:  Compromising the base stations(usually they are more active than sensor nodes so it is easy for attackers to discover and compromise them).  Random key pre-distribution. ◦ Before deployment phase, each node gets a certain number of keys from large pool of keys. ◦ Probability of sharing keys with another node is p. ◦ Drawbacks:  Pre-computation phase.  Large enough memory required in each node to store m keys(cost issue). 12

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 13

 Possibility of global active adversary. ◦ Todays huge traffic volume. ◦ Licenses to install surveillances(law constraint). ◦ Knowledge of deploying at the target area. ◦ Long term surveillance. ◦ Importance of network application (trade-off between security and network application). ◦ Deployment time window is small(key establishment phase may continue for seconds). SO, it is more realistic to consider no attacks during the deployment stage. If yes, small amount of communication links may be compromised. 14

 Paper assumptions:  During the deployment: ◦ No physical access. ◦ Small amount of links compromised. ◦ No active attacks(e.g. jamming). After completing key exchange phase, passive & active attacks are possible. 15

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 16

 Key distributed by contact(virus infection)  Two methods:  Speaking loudly: ◦ Each node chooses a key and broadcasts it in clear to its neighbors. ◦ If the signal received, the neighbor establishes a pairwise key. 17

 Node A Send in clear its key to its neighbors speaking with its maximum communication power. 18

 As a response, each neighbor establishes a session key and encrypts it, along with A identity, using A key.  These session keys are used to secure communication between nodes. 19

 Whispering : initiate transmission power while (transmission power <= transmission power.max) start transmission If (there is a respond) establish a secret key Increase the transmission power 20

21  Whispering:  Assume A wants to establish pairs of keys with its neighbors

 Whispering: 22

 Whispering: 23

 Whispering: 24

 Whispering: 25

 Whispering: 26

 Whispering 27

28 AB r

29

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 30

 Combine keys distributed along different paths.  Used to update keys of suspicious links.  The Adversary needs to compromise all paths to get the updated key. 31

Example: ◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 32

◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 33

◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 34

◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 35

◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 36

◦ A  C : { B, A, N A } K AC ◦ C  D : { B, A, N A } K CD ◦ D  E : { A, B, N A } K DE ◦ E  B : { A, B, N A } K EB ◦ B: K ’ AB = H( K AB | N A ) ◦ B  A : { N B } K’ AB ◦ A  B : {N B } K’ AB 37

38

39

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 40

 Amplify links keys through multible- hop technique.  All nodes between must erase keys after the establishment( protect keys from future compromising).  It supports End-to-end cryptography.  It is convenient to use this method between nodes and base stations. 41

42

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 43

 Their approaches do not need a particular routing strategy.  Can support mechanisms used to recover after nodes being compromised. ◦ E.g. re-run initial network discovery algorithm ◦ Instead of run discovery routing many time along a certain path, multipath key infection protocol automatically can discover paths.  Multi-hop keying has the ability to discover different paths along the same physical path. ◦ This may use to isolate compromised nodes. 44

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 45

 Trade-off between attack and security concepts. ◦ Do we have strong attack and important application? This Implies needing Strong security.  E.g. What is the change required after adopting a certain technology ?  Take a look from the defender side and the attacker side. Which side does pay more? If Attacker we are good.  Is the network long life ? We should concentrate on security maintenance not the key establishing. 46

 What is the sensor network?  Bootstrapping (key establishment)  Previous work  Attacker model  Key infection (basic, whispering)  Multipath key establishment(secrecy amplification)  Multi-hop keys establishment  Interacting with routing algorithms  Economic issues  Conclusion 47

 Each node broadcasts its key in clear and establishes secured keys with its neighbors.(remember no concentrated attack at the deployment phase).  The simple idea behind these protocols is trust. Our relationships with others depend on the word trust. And since the impact of sensor ad-hoc communication (as the authors claim) in the future will flood our lives, it’s easy to adopt. 48

 RF communication => specific antenna size required.( small antenna causes very short wavelength).  Active optical communication(power consumption).  Laser beam should be directed ; it needs time (this causes delay).  …………. 49

Questions!! 50