簡易檢索 / 詳目顯示

研究生: 阮明科
Nguyen - Minh Khoa
論文名稱: End-to-End Data Authentication Using Digital Signature in Wireless Sensor Networks
End-to-End Data Authentication Using Digital Signature in Wireless Sensor Networks
指導教授: 馮輝文
Huei-Wen Ferng
口試委員: 張宏慶
Hung-Chin Jang
黎碧煌
Bih-Hwang Lee
吳中實
Jung-Shyr Wu
鄭 傑
Jie Zheng
學位類別: 碩士
Master
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2011
畢業學年度: 99
語文別: 英文
論文頁數: 26
外文關鍵詞: wireless sensor networks, cryptography, digital signature, authentication, security, End-to-end
相關次數: 點閱:171下載:2
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

  • Guaranteeing end-to-end data security in wireless sensor networks (WSNs) is important and has drawn much attention of researchers over past years. Because an attacker may take control of compromised sensor nodes to inject bogus report into WSNs, enhancing data authenticity becomes a must in WSNs. Although LEDS, which is a symmetric key-based protocol, was proposed recently to take care of the end-to-end data security, it still suffers from some drawbacks, including inefficient report generation and collection, no guarantee on enough legitimate sensor nodes participating in report generation, improper bogus report filtering, and unavoidable fraud commitment. To get rid of aforementioned drawbacks in LEDS, an efficient security protocol to guarantee end-to-end data authentication using digital signature is proposed in this thesis. Via analytical analysis, the effectiveness and efficiency of our proposed protocol is examined. From the obtained results, we show that our proposed protocol significantly outperforms LEDS in term of both security strength and protocol overhead.

    Abstract i Contents i List of Tables iii List of Figures iv 1 Introduction 1 2 Related work 3 3 System and Threat Models 5 4 Proposed Authentication Protocol 7 4.1 Deployment and Node Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.2 Report Generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.3 Report Collection at the CH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.4 En-Route Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4.5 Sink Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5 Security Analysis of The Proposed Protocol 14 5.1 Security Strength of the Proposed Protocol Regarding Data Authenticity . . . . . 14 5.2 Expected Filtering Position of the Bogus Reports in the Proposed Protocol . . . . 15 5.3 Security Strength of the Proposed Protocol Regarding Data Availability . . . . . . 16 6 Performance Analysis of The Proposed Protocol 20 6.1 Key Storage Overhead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 6.2 Computation Overhead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 6.3 Communication Overhead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 7 Conclusions 23

    [1] X. Cao, W. Kou, L. Dang, and B. Zhao, ”IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks,” Comput. Commun., vol. 31, no. 4, pp. 659 - 667, 2008.
    [2] H. Chan, A. Perrig, and D. Song, ”Random Key Pre-distribution Schemes for Sensor Networks,” In Security and Privacy, 2003. Proceedings. 2003 Symposium on, vol., no., pp. 197-213, 11-14 May 2003.
    [3] H. Chan, A. Perrig, ”Security and privacy in sensor networks,” IEEE Computer, pp. 103-105, Oct 2003.
    [4] W. Diffie and M. E. Hellman, New Directions in Cryptography, IEEE Trans. Info. Theory, vol. IT-22, no. 6, 1976, pp.64454.
    [5] J. Drissi and Q. Gu, ”Localized broadcast authentication in large sensor networks,” in Proc. ICNS ’06. IEEE, p. 25.
    [6] W. Du, J. Deng, Y. Han, and P. Varshney, ”A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks,” In Proc. of the 10th ACM CCS, Washington, Oct., 2003.
    [7] W. Du, J. Deng, Y. Han, S. Chen and P. Varshney, ”A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge,” IEEE INFOCOM04, Hongkong, 2004.
    [8] L. Eschenauer and V. Gligor, ”A key-management scheme for distributed sensor networks,” In Proc. of the 9th ACM CCS, Washington, 2002.
    [9] S. Even, O. Goldreich, and S. Micali, On-Line/Off-Line digital signatures, in Proc. Advances in Cryptology CRYPTO 89, ser. LNCS, vol. 435. Springer Berlin, 1990, pp. 263275.
    [10] P. Ganesan, R. Venugopalan, P. Peddabachagari, A. Dean, F. Mueller, and M. Sichitiu. Analyzing and modeling encryption overhead for sensor network nodes. In Proceedings of the 1st ACM international workshop on Wireless sensor networks and applications, San Diego, California, USA, September 19 2003.
    [11] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography. New York: Springer-Verlag, 2004.
    [12] I. Krontiris, T. Dimitriou, ”A practical authentication scheme for in-network programming in wireless sensor networks,” In: REALWSN 2006.
    [13] D. Liu and P. Ning. Efficient distribution of key chain commitments for broadcast authentication in distributed sensor networks. In Proceedings of the 10th Annual Network and Distributed System Security Symposium, pages 263276, February 2003.
    [14] D. Liu and P. Ning, ”Establishing Pairwise Keys in Distributed Sensor Networks,” In Proc. of the 10th ACM CCS, Washington, Oct., 2003.
    [15] D. Liu and P. Ning, ”Multilevel TESLA: Broadcast authentication for distributed sensor networks,” ACM Trans. Embed. Comput. Syst., vol. 3, no. 4, pp. 800-836, 2004.
    [16] D. Liu, P. Ning, S. Zhu, and S. Jajodia, ”Practical broadcast authentication in sensor networks,” in Proc. MobiQuitous ’05: Networking and Services. IEEE Computer Society, pp. 118-132.
    [17] A. Liu and P. Ning, ”TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks,” in Proc. IPSN, Apr. 2008, pp. 245-256.
    [18] M. Mitzenmacher, ”Compressed bloom filters,” IEEE/ACM Trans. Netw., vol. 10, no. 5, pp. 613-620, Oct. 2002.
    [19] D. Naccache and J. Stern, ”Signing on a postcard,” in Proc. FC, 2001, pp. 121-135.
    [20] National Institute of Standards and Technology, Keyed-Hashing for Message Authentication (HMAC), Federal Information processing Standards Publication 198, 6 Mar. 2002.
    [21] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, ”SPINS: Security Protocols for Sensor Networks,” In Proc. of Mobicom, Rome, Ytaly, Jul. 2001, pp. 189-199.
    [22] K. Ren, W. Lou, K. Zeng, and P. Moran, ”On broadcast authentication in wireless sensor
    networks,” Wireless Communications, IEEE Transactions on, vol. 6, no. 11, pp. 4136-4144, Nov. 2007.
    [23] K. Ren, W. Lou, and Y. Zhang, ”LEDS: Providing location-aware end-to-end data security in wireless sensor networks,” IEEE Trans. Mobile Comput., vol. 7, no. 5, pp. 585-598, May 2008.
    [24] K. Ren, W. Lou, and Y. Zhang, ”Multi-user broadcast authentication in wireless sensor networks,” IEEE Transactions on Vehicular Technology, Vol. 58, NO. 8, Oct 2009.
    [25] A. Shamir, How to Share a Secret, Communications of the ACM, 22(11):612-613, Nov 1979.
    [26] Adi Shamir. Identity-based cryptosystems and signature schemes. In CRYPTO, pages 4753, 1984.
    [27] E. Shi and A. perrig, ”Designing secure sensor networks,” Wireless Communication, IEEE, vol.11, no.6, pp. 38- 43, December 2004.
    [28] Standard Specifications for Public Key Cryptography, IEEE Std. P1363a, 2000. [Online]. Available: http://grouper.ieee.org/groups/1363/index.html.
    [29] A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Shantz, ”Energy analysis of public-key cryptography on small wireless devices,” in Proc. IEEE PerCom, Kauai, HI, Mar. 2005, pp. 324-328.
    [30] H. Yang, F. Ye, Y. Yuan, S. Lu and W. Arbaugh, ”Toward Resilient Security in Wireless Sensor Networks,” In Proc. of ACM MOBIHOC’05, 2005.
    [31] R. Yasmin, E. Ritter, Guilin Wang , ”An Authentication Framework for Wireless Sensor Networks using Identity-Based Signatures,” Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on, vol., no., pp.882-889, June 29 2010-July 1 2010.
    [32] F. Ye, H. Luo, S. Lu, and L. Zhang, ”Statiscal Enroute Filtering of Injected False Data in Sensor Networks,” IEEE Infocom, Mar. 2004.
    [33] Y. Zhang, W. Liu, W. Lou, Y. Fang, ”Location-based compromise-tolerant security mechanisms for wireless sensor networks,” Selected Areas in Communications, IEEE Journal on, vol.24, no.2, pp. 247- 260, Feb. 2006.
    [34] S. Zhu, S. Setia, and S. Jajodia. LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS03), pages 6272, October 2003.
    [35] S. Zhu, S. Setia, S. Jajodia, and P. Ning, ”An Interleaved Hop-by-hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks,” Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on, vol., no., pp. 259- 271, 9-12 May 2004.
    [36] R. Watro et al., TinyPK: Securing Sensor Networks with Public Key Technology, Proc. 2nd ACM Wksp. Security of Ad Hoc and Sensor Networks (SASN04), Washington, DC, Oct. 2004.
    [37] Crossbow (2008) Mica2/Imote2 Mote Datasheet. http://www.xbow.com.

    QR CODE