Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi...
-
Upload
matthew-obrien -
Category
Documents
-
view
212 -
download
0
Transcript of Secure Data Aggregation in Wireless Sensor Networks: A Survey Yingpeng Sang, Hong Shen Yasushi...
Secure Data Aggregation in Wireless Sensor Networks: A Survey
Yingpeng Sang, Hong Shen Yasushi Inoguchi, Yasuo Tan, Naixue XiongProceedings of the Seventh International Conference on Parallel and Distributed Computing,Applications and Technologies (PDCAT'06)Presented by kevin wang
Preview
Main contributions Outline Classify by infrastructure in WSNs Classify by encryption in WSNs Proposed two general schemes
Hop by hop End to end
Conclusions
Main contributions
Past Only focus on data confidentiality or data integrity
Now Survey the work
Hop-by-hop End-to-end
Propose security frameworks respectively for Hop-by-hop End-to-end
Both on Data confidentiality and Data integrity
What is confidentiality
Confidentiality Ensuring that information is accessible only to
those authorized to access One of the cornerstones of Information security The delivering data is confidential in WSNs
For avoiding to leak secret information, the sensed data have to encrypt to keep confidentiality
M Enk(M) Dnk(M)=M
Sensor or aggregator sink node
What is integrity
Integrity Ensuring that only authorized parties are able to
modify computer system assets and transmitted information
One of the cornerstones of Information security The delivering data is sensitive in WSNs
For avoiding to modify the secret information, the sensed data have to keep integrity
Especially, in a cheaper and simple device
Outline in this paper
A survey paper for data aggregation in WSN Proposed two data aggregation scheme for
HBH and ETE respectively
Problem definition
How to satisfy the confidentiality and integrity in WSN
Classify with Infrestructure
Wireless sensor networks HWSN
Hierarchical Wireless Sensor Networks DWSN
Distributed Wireless Sensor Networks
Server
Header
Sensor NodesSacrificed NodeSensor Nodes
Server
Classify with Data aggregation
Hop-by-hop Adv: deliver package size small Disadv: key management
Pair wise key dist. DWSN Group wise key dist. HWSN
perform operators: sum, min, max, avg, count, median…
Classify with Data aggregation End-to-end
Adv: the secrets share between sink and sensor Disadv: much redundant are sent Can not perform above operators
The sensed data have been encrypted
Background-network model-HWSN
Server
Header
Sensor NodesSacrificed Node
S
A
R
F
A
Background-network model-DWSN
Sensor Nodes
Server
S
s
R
Background-security requirements Confidentiality
Eavesdropping Compromised node’s key Using the compromised node’s keys to deduce all secret
information in entire network Using the compromised key to inject unauthorized
malicious nodes in network. Integrity
Injecting arbitrary chosen malicious data into the compromised S.
Modifying, forging, or discarding messages in the compromised A and F.
Background-aggregation functions Sum Average Median Minimum Maximum Count
11( ,... ) /i nin if s s s n
11( ,... ) i nin if s s s
11 1( ,... ) , ( 1) / 2,and ,... has sortedi nin r nf s s s r n s s
1( ,... ) min{ 1... }n if s s s i n
1( ,... ) max{ 1... }n if s s s i n
1( ,... ) { 1... }n if s s s i n
Hop-by-hop encrypted data aggregation in WSN
1.Security bootstrapping 1.1Pair-wise key distribution DWSN (confidentiality)
Master key based solution [14] All nodes use one key
Pair-wise key pre-distribution solution Each node shares one key with sink
Random key pre-distribution solution [10] [7] Using key ring to find one common key
Key pre-distribution schemes with deployment knowledge [15][10] DDHV’s scheme
Other solution [5][9][16]
Hop-by-hop encrypted data aggregation in WSN
1.Security bootstrapping 1.2Group-wise key distribution HWSN
(confidentiality) Symmetric group-wise key distribution [2],1992
A symmetric key can be generate among t nodes
Asymmetric group-wise key distribution [18], 2004 ECC EC-public/private
Hop-by-hop encrypted data aggregation in WSN
2.Data integrity Some related work assume that confidentiality is protected by pre-
deployed key. [12], L. Hu and D. Evans, “Secure aggregation for wireless
networks”, In Workshop on Security and Assurance in Ad hoc Networks, Jan 2003.
[18], A. Mahimkar, T. S. Rappaport, “SecureDAV: A Secure Data Aggregation and Verification Protocol for Sensor Networks”, Proceedings of IEEE GlobalTelecommunications Conference (Globecom) 2004,Nov, 2004, Dallas, TX, USA.
[21], B. Przydatek, D. Song, and A. Perrig, “SIA: Secure Information Aggregation in Sensor Networks”,In Proc. of ACM SenSys 2003, 2003.
Secure aggregation for wireless networks, 2003 Node A, deployment, symmetric pair-wise key, KAS,
RA=reading data from node A Data transmission phase
KASi=E(KAS, i)
Parent node B and aggregated result =Aggr MAC(KAS
i,Aggr) Data validation phase
R will verifies the final aggregated results using the pair-wise keys
Lower communication cost Vulnerable
Nodes, aggregators, forwarding nodes are easy to be compromised
KASi
MAC(KASi,Aggr
)
Sum(Aggr)
SecureDAV: A Secure Data Aggregation and Verification Protocol for Sensor Networks, 2004
Using Merkle Hash Tree to improve [12] Data transmission phase
A: MAC (KASi=E(KAS, i), RA)
Parent node B and aggregated result =Aggr, generate a hash value of RA by Merkle Hash function: H(RA)
Aggregator sends MAC (Aggr, H(RA, i)) to sink node, R Data validation phase
R will verifies the final aggregated results using the pair-wise keys and queries the aggregators what hash values did they sent
The queries is to check individual readings Vulnerable
high communication cost
KASi
MAC(KASi,Aggr
)
Sum(Aggr)
SIA: Secure Information Aggregation in Sensor Networks,2003 It can engage an interactive proof with the
aggregator and check whether the aggregator result is correct.
Key point Their correct build on the related trust
KASi
MAC(KASi,Aggr
)
Sum(Aggr)
Consequence
Communication cost [21]<[18]<[12]
End-to-end data aggregation in WSN
Network-wise key distribution Master key based solutions, 2005, CEG[6], 2005, CDA[11] Public key based solution, 2006[19]
Data integrity Compared to HBH, there is no efficient scheme to protect integrity
in ETE In [23], 2004, each node sends its reading to R using ETE, The R employs truncation and trimming on the RA
’s to achieve robust aggregation result against spoofed sensor.
Proposed two frameworks for data aggregation in WSN-HBH
Framework 1: Hop-by-hop encrypted data aggregation 1.The bootstrapping phase
For controlled environment HWSN, group-wise key can be generated for all nodes within each cluster
For uncontrolled environment DWSN, Pair-wise key can be distributed among each pair of sensor node
2.The aggregator selection phase R can select aggregators to construct a transmission structure
with minimum energy cost
Proposed two frameworks for data aggregation in WSN Framework 1: Hop-by-hop encrypted data
aggregation 3.The data aggregation phase
EKai,A(xi)A:(DKai,A(xi)):sum then R
4.The data transmission phasec EKai,A(xi)+MHT(EKsi,R, (xi))
5.The data integrity verification phase R hashes all (EKsi,R) to check again
Decrypt (EKsi,R) and aggregate to check correct?
Consequence
Framework 1. Confidentiality
For HWSN group-wise key For DWSN Pair-wise key
Integrity Merkle Hash Tree
Proposed two frameworks for data aggregation in WSN-ETE
Framework 2: End-to-end encrypted data aggregation 1.The bootstrapping phase and the aggregator selection
phase For HWSN and DWSN use network-wise public key K
2.The data aggregation phase Using ECC-ElGamal to aggregate and reach homomorphic
encryption
Proposed two frameworks for data aggregation in WSN Framework 2: End-to-end encrypted data
aggregation 3.The data transmission phase
Noses will commit all (EKsi,R,(xi)) of its children by MHT to R
4.The data integrity verification phase R check the commitment hash of all (EKsi,R,(K))
Consequence
Confidentiality network-wise public key K
Integrity Merkle Hash Tree
Security analysis
Compromised some nodes, R will detect with Merkle hash tree
Compromised some aggregators, R will detect with Merkle hash tree
Compromised some nodes and aggregators, R will not detect with Merkle hash tree
HBH more efficient than ETE HBH less secure than ETE, in compromised
some nodes.
Conclusions
Survey and classify the related work into HBH and ETE data aggregation scheme
Proposed two schemes for data aggregation in HBH and ETE, respectively.
Comment
Good Know the data aggregation field Research history
More This schemes did not consider the no response nodes
problem Consider MST + dynamic routing path to reduce the end-to-
end communication cost to increase entire lifetime Past did not consider nodes will be exhausted, then have to
change path in end to end environment.