Presentation is loading. Please wait.

Presentation is loading. Please wait.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder."— Presentation transcript:

1 TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder

2 Overview Challenges: Limited computing power Limited RAM Limited Bandwidth 1 bit consumes as much energy as 800-1000 instructions! Goals Authenticity, integrity, and confidentiality End-to-end security not viable Intermediate sensors must access payload Aggregation Duplicate Elimination

3 Design Goals Access Control and Message Integrity Access Control: Prevent Unauthorized nodes from participating in the network. Message Integrity: Receiver can detect modified packets Confidentiality Semantic Security: Prevents adversary from learning partial information. Explicit Omission Replay Protection: Same message played at a later time should reveal no additional information

4 Security Primitives Message Authentication Codes Requires authorized senders and receivers to share a secret key. Initialization Vectors Helps encryption achieve semantic security Typically sent in the clear

5 Design Authenticated Encryption Encrypts payload and authenticates with a MAC Authentication Only Payload not encrypted

6 IV Design IV adds overhead Length Generation IV’s repeat after 2^n + 1 packets are sent Probabilistically, expect a collision at 2^(n/2). IV structure is dst||AM||l||src||ctr. Guarantees 2^16 packets before reuse from each node. For n nodes, n*2^16 packets. At one packet per minute, no IV reuse for 45 days. No data for brute force attack on IV Can use key update protocol every 45 days to not have key reuse.

7 Encryption Scheme Block Cipher used due to potential for key reuse Stream ciphers insecure if key is reused. IV encrypted. Cipher text stealing used to ensure ciphertext is same length as plaintext. Skipjack block cipher used AES and Triple-DES too slow. RC5 requires key schedule to be pre-computed 104 bytes extra RAM per key

8 Skipjack Block Cipher Developed by NSA Declassified in 1998 More Secure than DES 80 bit key (DES: 56 bit) 32 rounds (DES: 16 rounds)

9 Packet Format Common Fields: Destination Address Message Type, and length. Sent in clear to allow early rejection. However, this gives attacker knowledge of IV and now have a better chance of brute force attack. IV: dst||AM||l||src||ctr Src||ctr = 2^16 dst||AM||l||src||ctr = 2^32

10 Implementation 3000 lines of nesC code language for TinyOS) 728 Bytes of RAM 7146 Bytes of program space Two Priority Scheduler High Priority, Real-time Schedule for Cryptographic functions Must be completed by the time the radio sends the start signal. Low priority, FIFO, run to completion schedule for all other tasks. Currently uses network wide shared key.

11 Evaluation Two components add to costs of TinySec Increased packet size 1 or 5 bytes Increased computation Authenticated Encryption: 4% Authentication only: 2%

12 Evaluation Cont. Throughput: Authentication: Almost identical throughput. Authenticated Encryption: 6% less total throughput.

13 Questions?

Download ppt "TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder."

Similar presentations

TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.

TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003

TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.

1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.

1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.
Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.

Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.

Similar presentations

Ads by Google