TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.

Slides:



Advertisements
Similar presentations
TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.
Advertisements

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Incentive-Compatible Opportunistic Routing for Wireless Networks Fan Wu, Tingting Chen, Sheng Zhong (SUNY Buffalo) Li Erran Li Li Erran Li (Bell Labs)
P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.
Cryptography for Backup Navigation
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.
Wired Equivalent Privacy (WEP)
1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.
Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.
Radio Stack Iteration How to improve the CC1000 Joe Polastre January 15, 2004 NEST Retreat.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J.D. Tygar – University of California, Berkeley.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Versatile low power media access for wireless sensor networks Joseph PolastreJason HillDavid Culler Computer Science Department University of California,Berkeley.
MAC Layer Protocols for Sensor Networks Leonardo Leiria Fernandes.
CS 6401 IPv6 Outline Background Structure Deployment.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Midterm Review - Network Layers. Computer 1Computer 2 2.
Security Considerations for IEEE Networks Karthikeyan Mahadevan.
Air-Interface Application Layer Security: A follow up to C Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Hai Yan Computer Science & Engineering University of Connecticut.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks – Chris Karlof, Naveen Sastry & David Wagner Dr. Xiuzhen Cheng Department of Computer.
SENSOR NETWORK SECURITY Group Members Pardeep Kumar Md. Iftekhar Salam Ahmed Galib Reza 1 Presented by: Iftekhar Salam 1.
Slide 1 DESIGN, IMPLEMENTATION, AND PERFORMANCE ANALYSIS OF THE ISCSI PROTOCOL FOR SCSI OVER TCP/IP By Anshul Chadda (Trebia Networks)-Speaker Ashish Palekar.
IVEC: Off-Chip Memory Integrity Protection for Both Security and Reliability Ruirui Huang, G. Edward Suh Cornell University.
RTP Encryption for 3G Networks Rolf Blom, Elisabetta Carrara, Karl Norrman, Mats Näslund Communications Security Lab Ericsson.
Security for Sensor Networks: Cryptography and Beyond David Wagner University of California at Berkeley In collaboration with: Chris Karlof, David Molnar,
Security on Sensor Networks Presented by Min-gyu Cho SPINS: Security Protocol for Sensor Networks TinySec: Security for TinyOS SPINS: Security Protocol.
Security in WSN Vinod Kulathumani West Virginia University.
Delay Aware, Reconfigurable Security for Embedded Systems Philip Brisk 2 Tammara Massey 1 Foad Dabiri 1 Majid Sarrafzadeh
Measuring of the time consumption of the WLAN’s security functions Jaroslav Kadlec, Radek Kuchta, Radimír Vrba Dept. of Microelectronics.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.
SSL/TLS How to send your credit card number securely over the internet.
TinySec : Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Anil Karamchandani 10/01/2007.
TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
PPR: Partial Packet Recovery for Wireless Networks Kyle Jamieson and Hari Balakrishnan MIT Computer Science and Artificial Intelligence Laboratory.
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Software Overhead in Messaging Layers Pitch Patarasuk.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam Modified by Sarjana Singh.
© N. Ganesan, Ph.D., All rights reserved. Chapter Formatting of Data for Transmission.
PPR: Partial Packet Recovery Brad Karp UCL Computer Science CS 4038 / GZ06 23 rd January, 2008.
MiniSec: A Secure Sensor Network Communication Architecture Carnegie Mellon UniversityUniversity of Maryland at College Park Mark Luk, Ghita Mezzour, Adrian.
Doc.: IEEE /634r1 Submission November 2001 Ferguson, Housley, WhitingSlide 1 AES Mode Choices OCB vs. Counter Mode with CBC-MAC Niels Ferguson,
Cryptography CSS 329 Lecture 13:SSL.
Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
Future Internet: Sensor Networks Security Yongkoo Han.
Encryption and Network Security
TinySec: Security for TinyOS
What's the buzz about HORNET?
Reliable Transport CS 3700 Project 3.
SCTP v/s TCP – A Comparison of Transport Protocols for Web Traffic
Reliable Transport CS 3700 Project 3.
Security Of Wireless Sensor Networks
Security of Wireless Sensor Networks
SPINS: Security Protocols for Sensor Networks
Presentation transcript:

TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004

This Talk Recent results Recent results Measurements on Mica2s (TOS 1.1.2) Measurements on Mica2s (TOS 1.1.2) Latency Latency Bandwidth Bandwidth Power Power Stress testing Stress testing Hardware crypto comparison & implications Hardware crypto comparison & implications (e.g. CC2420) (e.g. CC2420)

TinySec Review: How & Why Link layer security mechanism Link layer security mechanism Hop-by-hop, not end-to-end Hop-by-hop, not end-to-end Better support for aggregation Better support for aggregation Enables higher level keying protocols Enables higher level keying protocols Low overhead security in software Low overhead security in software Cryptographic checksum Cryptographic checksum Ensures integrity Ensures integrity Enforces access control Enforces access control Optional encryption Optional encryption

TinySec Performance Characterize Overhead: Energy, Latency, Bandwidth. Characterize Overhead: Energy, Latency, Bandwidth. Factors for TinySec overhead Factors for TinySec overhead Computation Computation Larger Packet Sizes Larger Packet Sizes Can predict overhead caused by packet sizes Can predict overhead caused by packet sizes Measurement goal: Show computation overhead is minimal Measurement goal: Show computation overhead is minimal Note: crypto HW only reduces computation overhead Note: crypto HW only reduces computation overhead

Packets & Predicted Overhead Old packet (CRC): +7 b Authentication Only (TinySec-Auth): +8 b Authentication, Encryption (TinySec-AE) : +12 b IV Overhead (b) Total Size (b) Xmit time (ms) IncreaseCRC TinySec-Auth % TinySec-AE %

Latency Test Setup Test purpose: Test purpose: Measure latency at different hopcounts Measure latency at different hopcounts Determine difficulty in adding TinySec to existing application Determine difficulty in adding TinySec to existing application Integrate with SystemC Integrate with SystemC Successfully transmitted 70,000+ packets: Successfully transmitted 70,000+ packets: Our stress test Setup : Setup : 4x9 grid in Woz of Mica2s 4x9 grid in Woz of Mica2s Landmark routing code from midterm demo Landmark routing code from midterm demo 200 measurements per hopcount 200 measurements per hopcount LM A B BS

Latency

Latency: Byte Times

Energy Test Setup Single mote transmitting a packet Single mote transmitting a packet Measure voltage drop with oscilloscope Measure voltage drop with oscilloscope

Energy +3% +10%

Bandwidth Test Setup Vary number of senders Vary number of senders Each sender sends as fast as it can Each sender sends as fast as it can Measure number of packets successfully received in a time period Measure number of packets successfully received in a time period

Bandwidth TinySec-Auth: same throughput TinySec-AE: 6% less throughput

Performance Summary Predicted (packet size only) Latency Overhead BW Overhead Energy Overhead CRC (No TinySec) TinySec- Auth 1.5%1.7%Negligible3% TinySec- AE 8%7.3%6%10%

TinySec Status New version working with stack New version working with stack To use: TINYSEC=true To use: TINYSEC=true Suggestion: base new stacks off of TinySec stack Suggestion: base new stacks off of TinySec stack

New standard supported by ChipCon New standard supported by ChipCon Link-layer security provisions Link-layer security provisions Key management left to higher protocols (ZigBee) Key management left to higher protocols (ZigBee) Design similarities to TinySec: Design similarities to TinySec: 3 security modes: off, auth, auth + encryption (also include encryption only). 3 security modes: off, auth, auth + encryption (also include encryption only). Block cipher based Block cipher based 16 byte IV; format similar to TinySec format 16 byte IV; format similar to TinySec format

: (cont) Design differences to TinySec Design differences to TinySec Larger security parameter choices Larger security parameter choices Performance hit? Performance hit? AES in hardware AES in hardware MAC size variable, bytes MAC size variable, bytes Encryption: CTR mode Encryption: CTR mode Encryption: 16 byte IV. Similar to TinySec Format Encryption: 16 byte IV. Similar to TinySec Format

Conclusion Increased packet length dominant factor in overhead Increased packet length dominant factor in overhead HW right long term solution HW right long term solution Ease Ease Energy savings Energy savings Faster block cipher ops, but not the right metric Faster block cipher ops, but not the right metric But: requires design at chip time But: requires design at chip time Hardware not needed for acceptable performance Hardware not needed for acceptable performance Software Crypto is efficient and feasible Software Crypto is efficient and feasible Relies on an underutilized CPU Relies on an underutilized CPU Our implementation is low overhead Our implementation is low overhead

Acknowledgements D. Molnar for help in running the latency test D. Molnar for help in running the latency test R. Szewczyk for measuring the energy plots R. Szewczyk for measuring the energy plots A. Woo for the key piece of Matlab trivia so we could write our scripts A. Woo for the key piece of Matlab trivia so we could write our scripts

: IV Format