Abstract
Given the extremely limited hardware resources on sensor nodes and the inclement deploying environment, the adversary Denial-of-Service (DoS) attack becomes a serious security threat toward wireless sensor networks. Without adequate defense mechanism, the adversary can simply inundate the network by flooding the bogus data packets, and paralyze the partial or whole sensor network by depleting node battery power. Prior work on false packet filtering in sensor networks are mostly based on symmetric key schemes, with the concern that the public key operations are too expensive for the resource constrained sensors. Recent progress in public key implementations on sensors, however, has shown that public key is already feasible for sensors. In this paper, we present PDF, a Public-key based false Data Filtering scheme that leverages Shamir’s threshold cryptography and Elliptic Curve Cryptography (ECC), and effectively rejects 100% of false data packets. We evaluate PDF by real world implementation on MICAz motes. Our experiment results support the conclusion that PDF is practical for real world sensor deployment.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Yang, H., Ye, F., Yuan, Y., Lu, S., & Arbaugh, W. (2005, May). Toward resilient security in wireless sensor networks. Urbana-Champaign, IL: Mobihoc.
Ye, F., Luo, H., Lu, S., & Zhang, L. (2004). Statistical en-route filtering of injected false data in sensor networks. INFOCOM.
Yu, Z., & Guan, Y. (2006, April). A dynamic en-route scheme for filtering false data in wireless sensor networks. INFOCOM’06, Spain.
Zhu, S., Setia, S., Jajodia, S., & Ning, P. (2004, May). An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. In Proceedings of the IEEE symposium on security and privacy, Oakland, CA.
Zhang, Y., Liu, W., Lou, W., & Fang, Y. (2006). Location-based compromise-tolerant security mechanisms for wireless sensor networks. IEEE Journal on Selected Areas in Communications (Special Issue on Security in Wireless Ad Hoc Networks), 24(2), 247–260.
Eschenauer, L., & Gligor, V. D. (2002, November). A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM conference on computer and communication security.
Chan, H., & Perrig, A. (2005, March). Pike: Peer intermediaries for key establishment in sensor networks. Miami, FL: INFOCOM.
Chan, H., Perrig, A., & Song, D. (2003, May). Random key predistribution schemes for sensor networks. In IEEE symposium on Security and Privacy (pp. 197–213). Berkeley, California.
Du, W., & Deng, J. (2003). A pairwise key pre-distribution scheme for wireless sensor networks. ACM CCS.
Liu, D., & Ning, P. (2003, October). Establishing pairwise keys in distributed sensor networks. Washington, DC: ACM CCS.
Liu, D. & Ning, P. (2005). Improving key pre-distribution with deployment knowledge in static sensor networks. ACM Transaction on Sensor Networks, 20, 1–32.
Traynor, P., Choi, H., Cao, G., Zhu, S., & T. L. Porta. (2006, April). Establishing pair-wise keys in heterogeneous sensor networks. Barcelona, Spain: INFOCOM.
Traynor, P., Kumar, R., Saad, H. B., Cao, G., & Porta, T. L. (2006, June). Liger: Implementing efficient hybrid security mechanisms for heterogeneous sensor networks. Uppsala, Sweden: Mobisys.
Zhang, Y., Liu, W., Lou, W., & Fang, Y. (2005, March). Securing sensor networks with location-based keys. New Orleans, Louisiana: WCNC’05.
Kong, J., Zerfos, P., Luo, H., Lu, S., & Zhang, L. (2001). Providing robust and ubiquitous security support for mobile ad hoc networks. In Proceedings of the ninth international conference on network protocols (p. 251). Washington, DC, USA: IEEE Computer Society.
Zhou, L., & Haas, Z. J. (1999). Securing ad hoc networks. IEEE network, special issue on network security, 13(2), 24–30
Amis, A. D., Prakash, R., Vuong, T. H. P., & Huynh, D. T. (2000). Max-min D-cluster formation in wireless ad hoc networks. INFOCOM.
Bandyopadhyay, S., & Coyle, E. (2003). An energy-efficient hierarchical clustering algorithm for wireless sensor networks. INFOCOM.
Bannerjee, S., & Khuller, S. (2001). A clustering scheme for hierarchical control in multi-hop wireless networks. INFOCOM.
Basagni, S. (1999). Distributed clustering algorithm for ad-hoc networks. I-SPAN.
Chatterjee, M., Das, S. K., & Turgut, D. (2002). WCA: A weighted clustering algorithm for mobile ad hoc networks. Cluster Computing.
Heinzelman, W. R., Chandrakasan, A., & Baladrishnan, H. (2002). An application-specific protocol architecture for wireless microsensor networks. IEEE Transaction on Wireless Communication, 1(4), 660–670.
Younis, O. & Fahmy, S. (2004). Distributed clustering in ad-hoc sensor networks. INFOCOM.
Intanagonwiwat, C., Govindan, R., & Estrin, D. (2000). Directed diffusion: A scalable and robust communication paradigm for sensor networks. MOBICOM.
Karp, B., & Kung, H. T. (2000). GPSR: Greedy perimeter stateless routing for wireless neworks. MOBICOM.
Ferreira, A. C., Vilaa, M. A., Oliveira, L. B., Wong, H. C., & Loureiro, A. A. (2005). Networking-ICN (pp. 449–458).
Newsome, J., Shi, E., Song, D., & Perrig, A. (2004). The sybil attack in sensor networks: Analysis and defenses. IPSN.
Certicom. (2004). Code and cipher. Certicom’s Bulletin of Security and Cryptography, 1(3), 1–5.
Shamir, A. (1979). How to share a secret. Communication of the ACM, 22(11), 612–613.
Wang, H., Sheng, B., Tan, C. C., & Li, Q. (2008, June). Comparing symmetric-key and public-key based schemes in sensor networks: A case study for user access control. In Proceedings of ICDCS, Beijing, China.
Du, X. (2008). Detection of compromised sensor nodes in heterogeneous sensor networks (pp. 1446–1450). Beijing, China: ICC.
Zhang, Q., Yu, T., & Ning P. (2008). A framework for identifying compromised nodes in wireless sensor networks. ACM Transactions on Information and System Security, 11(3), 1–37.
Zhang, Y., Yang, Y., Jin, L., & Li, W. (2006). Locating compromised sensor nodes through incremental hashing authentication. San Francisco, CA: DCOSS.
Crossbow Technology INC. Wireless sensor networks. http://www.xbow.com/Products/Wireless_Sensor_Networks.htm.
Tiny OS. (2006). Tinyos 1.1.10. http://www.tinyos.net.
NIST. (2001, October). Key management guideline. In Workshop document (DRAFT).
Malan, D. J., Welsh, M., & Smith, M. D. (2004, October). A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. In The first IEEE international conference on sensor and ad hoc communications and networks, Santa Clara, CA.
Wang, H., & Li, Q. (2006, December). Efficient implementation of public key cryptosystems on mote sensors (Short Paper). In International conference on information and communication security (ICICS). LNCS 4307 (pp. 519–528). Raleigh, NC.
Wang, H., & Li, Q. (2006). Distributed user access control in sensor networks. San Francisco, CA: DCOSS.
Acknowledgments
The authors would like to thank all the reviewers for their insightful comments and kind guidances to improve the paper. This project was supported in part by US National Science Foundation grants CNS-0721443, CNS-0831904, and CAREER Award CNS-0747108.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, H., Li, Q. Achieving robust message authentication in sensor networks: a public-key based approach. Wireless Netw 16, 999–1009 (2010). https://doi.org/10.1007/s11276-009-0184-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-009-0184-z