Skip to main content
Springer Nature Link
Log in

SAKE: Software Attestation for Key Establishment in Sensor Networks

  • Conference paper
Distributed Computing in Sensor Systems (DCOSS 2008)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 5067))

Included in the following conference series:

  • 1224 Accesses

Abstract

This paper presents a protocol called SAKE (Software Attestation for Key Establishment), for establishing a shared key between any two neighboring nodes of a sensor network. SAKE guarantees the secrecy and authenticity of the key that is established, without requiring any prior authentic or secret information in either node. In other words, the attacker can read and modify the entire memory contents of both nodes before SAKE executes. Further, to the best of our knowledge, SAKE is the only protocol that can perform key re-establishment after sensor nodes are compromised, because the presence of the attacker’s code in the memory of either protocol participant does not compromise the security of SAKE. Also, the attacker can perform any active or passive attack using an arbitrary number of malicious, colluding nodes. SAKE does not require any hardware modification to the sensor nodes, human mediation, or secure side channels. However, we do assume the setting of a computationally-limited attacker that does not introduce its own computationally powerful nodes into the sensor network.

SAKE is based on ICE (Indisputable Code Execution), a primitive we introduce in previous work to dynamically establish a trusted execution environment on a remote, untrusted sensor node.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: Security protocols for sensor networks. Wireless Networks 8(5), 521–534 (2002)

    Article  MATH  Google Scholar 

  2. Eschenauer, L., Gligor, V.: A key-management scheme for distributed sensor networks. In: Proceedings of Conference on Computer and Communication Security, November 2002, pp. 41–47 (2002)

    Google Scholar 

  3. Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: IEEE Symposium on Security and Privacy (May 2003)

    Google Scholar 

  4. Liu, D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2003, pp. 52–61 (2003)

    Google Scholar 

  5. Du, W., Deng, J., Han, Y., Varshney, P.: A pairwise key pre-distribution scheme for wireless sensor networks. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2003, pp. 42–51 (2003)

    Google Scholar 

  6. Karlof, C., Sastry, N., Wagner, D.: TinySec: A link layer security architecture for wireless sensor networks. In: Proceedings of ACM Conference on Embedded Networked Sensor Systems (SenSys) (November 2004)

    Google Scholar 

  7. Cagalj, M., Capkun, S., Rengaswamy, R., Tsigkogiannis, I., Srivastava, M., Hubaux, J.P.: Integrity (I) codes: Message integrity protection and authentication over insecure channels. In: IEEE Symposium on Security and Privacy (May 2006)

    Google Scholar 

  8. Holmquist, L.E., Mattern, F., Schiele, B., Alahuhta, P., Beigl, M., Gellersen, H.W.: Smart-its friends: A technique for users to easily establish connections between smart artefacts. In: Proceedings of Ubicomp (2001)

    Google Scholar 

  9. Lester, J., Hannaford, B., Borriello, G.: Are you with me? Using accelerometers to determine if two devices are carried by the same person. In: Proceedings of Pervasive (2004)

    Google Scholar 

  10. Castelluccia, C., Mutaf, P.: Shake them up! a movement-based pairing protocol for cpu-constrained devices. In: Proceedings of ACM/Usenix Mobisys (2005)

    Google Scholar 

  11. Anderson, R., Chan, H., Perrig, A.: Key infection: Smart trust for smart dust. In: Proceedings of IEEE Conference on Network Protocols (ICNP) (October 2004)

    Google Scholar 

  12. Kuo, C., Luk, M., Negi, R., Perrig, A.: Message-in-a-bottle: User-friendly and secure key deployment for sensor nodes. In: Proceedings of the ACM Conference on Embedded Networked Sensor System (SenSys) 2007 (2007)

    Google Scholar 

  13. Rasmussen, K., Capkun, S.: Implications of radio fingerprinting on the security of sensor networks. In: Proceedings of the Third International Conference on Security and Privacy for Communication Networks (SecureComm) (September 2007)

    Google Scholar 

  14. Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: Secure code update by attestation in sensor networks. In: ACM Workshop on Wireless Security (WiSe) (September 2006)

    Google Scholar 

  15. Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D., Pister, K.: System architecture directions for networked sensors. In: Architectural Support for Programming Languages and Operating Systems, pp. 93–104 (2000)

    Google Scholar 

  16. Polastre, J., Szewczyk, R., Culler, D.: Telos: Enabling ultra-low power wireless research. In: Proceedings of International Conference on Information Processing in Sensor Networks: Special track on Platform Tools and Design Methods for Network Embedded Sensors (IPSN/SPOTS) (April 2005)

    Google Scholar 

  17. Wan, C.Y., Campbell, A.T., Krishnamurthy, L.: PSFQ: A reliable transport protocol for wireless sensor networks. In: Proceedings of ACM Workshop on Wireless Sensor Networks and Applications (WSNA) (September 2002)

    Google Scholar 

  18. Anderson, R., Bergadano, F., Crispo, B., Lee, J., Manifavas, C., Needham, R.: A new family of authentication protocols. ACM Operating Systems Review 32(4), 9–20 (1998)

    Article  Google Scholar 

  19. Rivest, R.: The RC5 encryption algorithm. In: Proceedings of Workshop on Fast Software Encryption, pp. 86–96 (1994)

    Google Scholar 

  20. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: Security protocols for sensor networks. In: Proceedings of Conference on Mobile Computing and Networks (Mobicom) (July 2001)

    Google Scholar 

  21. Lenstra, A., Verheul, E.: Selecting cryptographic key sizes. Journal of Cryptology: The Journal of the International Association for Cryptologic Research (1999)

    Google Scholar 

  22. Zhu, S., Setia, S., Jajodia, S.: LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In: Proceedings of ACM Conference on Computer and Communications Security (CCS) (October 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, PA 15213, USA

    Arvind Seshadri, Mark Luk & Adrian Perrig

Authors
  1. Arvind Seshadri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark Luk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Adrian Perrig
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Sotiris E. Nikoletseas Bogdan S. Chlebus David B. Johnson Bhaskar Krishnamachari

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Seshadri, A., Luk, M., Perrig, A. (2008). SAKE: Software Attestation for Key Establishment in Sensor Networks. In: Nikoletseas, S.E., Chlebus, B.S., Johnson, D.B., Krishnamachari, B. (eds) Distributed Computing in Sensor Systems. DCOSS 2008. Lecture Notes in Computer Science, vol 5067. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69170-9_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69170-9_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69169-3

  • Online ISBN: 978-3-540-69170-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics