Location-Aware Security Services for Wireless Sensor

Networks using Network Coding

IEEE INFOCOM 2007

최임성

2

Agenda

• Introduction• Preliminaries• Location-aware Network Coding Security (LNCS)• Security Analysis and Performance Evaluation• Comparison with LEDS• Conclusion and Discussion

3

Introduction

• Wireless Sensor Networks (WSNs)

Sink node

Source node

4

Introduction

• End-to-End Data Security Requirements

– Data Confidentiality – Data Authenticity – Data Availability

Sink node

Source node

5

Introduction

• Previous work– IHA [ZSJN04]– SEF [YLLZ05]– LBRS [YYYLA05]– LEDS [RLZ06]

Cannot provide Data Availability since data is transmitted on a path.

1

2 3

6

Preliminaries

• Network coding– Present novel way to distribute information – Allow mixing of data at intermediate nodes

7

Preliminaries

• Naïve Secret Sharing Algorithm– Divide a secret into pieces called shares, and distribute

them amongst a set of user– User can reconstruct the secret with pieces

• (T,n)-threshold scheme (T ≧ n)– Divide a secret into T pieces– Anyone has n pieces can reconstruct the secret

8

Preliminaries

• Pseudo-random Function– Randomly mapping a input in the domain to a value in

the range

9

Preliminaries

• Hash Tree

10

Notations

11

LNCS-Overview

• Setup • Secure Initialization• Report Generation• Report Authentication and Filtering• Report Forwarding• Sink Verification

12

LNCS-Secure Initialization

13

LNCS-Report Generation

1. Broadcast its own sensor read-ing to other selected nodes2. Aggregate all sensor reading with median3. Make the report using secret sharing algorithm as like

4. Broadcast the di to other node

5. Make the coefficients ma-trix C0

14

LNCS-Report Generation

6. Encodes the vector d as fol-lows

7. Divide e0 and C0 uniformly as much as T0

8. Each node broadcasts the packets

15

LNCS-Report Authentication and Filtering

16

LNCS-Report Forwarding

17

LNCS-Sink Verification

18

Security Analysis

• Data Confidentiality– To recover original report data, the adversary should

have the node keys of T0 at least t.

– In case of cell key

19

Security Analysis

• Data Authenticity

20

Security Analysis

21

Security Analysis

• Data Availability

22

Security Analysis

23

Performance Evaluation

• No simulation

• Computation Overhead– O(T0

3)

• Communication Overhead– O(T0

2)

24

Comparison with LEDS

• More resilient against node compromise, but more Communication overhead occur due to transmission of coefficients matrix

25

Conclusion

• LNCS provides end-to-end data security with net-work coding.

• LNCS has higher resilience against node compro-mise and provides better data availability than LEDS.

26

Discussion

• No simulation

• High overhead

• Long end-to-end delay compared with shortest path

• Meaningful? LEDS already have sufficient re-silience to node compromise

27

Reference[ZSJN04] S. Zhu, S. Setia, S. Jajodia, and P. Ning, “An interleaved hop-by-hop authentication scheme for fil-tering of injected false data in sensor networks,” in Proc. IEEE Symp. Secur. and Privacy. CA: IEEE Comput. Soc., May2004, pp. 259–271.[YLLZ05] F. Ye, H. Luo, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” IEEE J. Sel. Areas Commun., vol. 23, no. 4, pp. 839–850, Apr. 2005.[YYYLA05] H. Yang, F. Ye, Y. Yuan, S. Lu, and W. Arbaugh, “Toward resilient security in wireless sensor net-works,” in Proc. ACM Int. Symp. Mobile Ad Hoc Net. Comput. - MobiHoc’05. NY: ACM Press, 2005, pp. 34–45.[RLZ06] K. Ren, W. Lou, and Y. Zhang, “LEDS: Providing location-aware end-toend data security in wireless sensor networks,” in Proc. IEEE Conf. Comput. Commun. - INFOCOM’06, 2006.