ABSTRACT
Several mechanisms have been proposed to efficiently authenticate multicast of finite data streams as needed for code image updates in wireless sensor networks (WSNs). They involve either a public-key digital signature or loose time synchronization between the sender and the receivers. What usually does not get any attention is the program memory (ROM) occupied by these mechanisms which do not fulfill the primary task of a sensor network.
An optimized implementation of the elliptic curve digital signature scheme occupies up to 25% of the ROM of a TelosB node; the same or even more is needed for time synchronization schemes. Therefore, if sensor networks do not need public-key operations or time synchronization for their primary task, these SCU mechanism are not suitable for coexistence with the application code on the sensor nodes. This work contributes in two directions. Firstly, we propose a stateful-verifier T-time signature scheme based on Merkle's one-time signature. Secondly, we propose a protocol exploiting our signature scheme for securing existing code image update protocols for WSNs minimizing ROM overhead to 1% on TelosB motes.
- TinyOS: An open-source operating system designed for wireless embedded sensor networks, 2007. http://www.tinyos.net/.Google Scholar
- Piotr Berman, Marek Karpinski, and Yakov Nekrich. Optimal trade-off for merkle tree traversal. Theor. Comput. Sci., 372(1):26--36, 2007. Google ScholarDigital Library
- Jens-Matthias Bohli, Alban Hessler, Osman Ugus, and Dirk Westhoff. A secure and resilient WSN roadside architecture for intelligent transport systems. In WiSec '08: Proceedings of the first ACM conference on Wireless network security, pages 161--171, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- Ran Canetti, Juan Garay, Gene Itkis, Daniele Micciancio, Moni Naor, and Benny Pinkas. Multicast security: A taxonomy and some efficient constructions. In Proc. IEEE INFOCOM'99, volume 2, pages 708{716, New York, NY, March 1999. IEEE.Google Scholar
- Jing Deng, Richard Han, and Shivakant Mishra. Secure code distribution in dynamically programmable wireless sensor networks. In IPSN '06: Proceedings of the fifth international conference on Information processing in sensor networks, pages 292--300, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- Benedik Driessen, Axel Poshmann, and Christof Paar. Coparison of innovative signature algorithms for WSNs. In WiSec '08: ACM Conference on Wireless Network Security. ACM, 2008. Google ScholarDigital Library
- Prabal K. Dutta, Jonathan W. Hui, David C. Chu, and David E. Culler. Securing the deluge network programming system. In IPSN '06: Proceedings of the fifth international conference on Information processing in sensor networks, pages 326--333, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- Christian Gehrmann and Mats Näslund. ECRYPT Yearly Report on Algorithms and Keysizes (2006), D.SPA.21 Rev. 1.1, January 2007.Google Scholar
- Rosario Gennaro and Pankaj Rohatgi. How to sign digital streams. In CRYPTO '97: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, pages 180--197, London, UK, 1997. Springer-Verlag. Google ScholarDigital Library
- Jonathan W. Hui and David Culler. The dynamic behavior of a data dissemination protocol for network programming at scale. In SenSys '04: Proceedings of the 2nd international conference on Embedded networked sensor systems, pages 81--94, New York, NY, USA, 2004. ACM. Google ScholarDigital Library
- Sangwon Hyun, Peng Ning, An Liu, and Wenliang Du. Seluge: Secure and dos-resistant code dissemination in wireless sensor networks. In IPSN'08: International Conference on Information Processing in Sensor Networks. IEEE Computer Society, April 2008. Google ScholarDigital Library
- Markus Jakobsson, Tom Leighton, Silvio Micali, and Michael Szydlo. Fractal merkle tree representation and traversal. In Topics in Cryptology - CT-RSA 2003: The Cryptographers' Track at the RSA Conference 2003, pages 314--326. Springer, 2003. Google ScholarDigital Library
- Donnie H. Kim, Rajeev Gandhi, and Priya Narasimhan. Exploring symmetric cryptography for secure network reprogramming. In ICDCSW '07: Proceedings of the 27th International Conference on Distributed Computing Systems Workshops, page 17, Washington, DC, USA, 2007. IEEE Computer Society. Google ScholarDigital Library
- Patrick E. Lanigan, Rajeev Gandhi, and Priya Narasimhan. Sluice: Secure dissemination of code updates in sensor networks. In ICDCS '06: Proceedings of the 26th IEEE International Conference on Distributed Computing Systems, page 53, Washington, DC, USA, 2006. IEEE Computer Society. Google ScholarDigital Library
- An Liu and Peng Ning. TinyECC: Elliptic Curve Cryptography for Sensor Networks (Version 1.0), 2007 2007.Google Scholar
- Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 2001. Google ScholarDigital Library
- Ralph C. Merkle. A certified digital signature. In CRYPTO'89: Proceedings on Advances in cryptology, pages 218--238, New York, NY, USA, 1989. Springer-Verlag. Google ScholarDigital Library
- Adrian Perrig, Robert Szewczyk, J. D. Tygar, Victor Wen, and David E. Culler. Spins: security protocols for sensor networks. Wireless Networks, 8(5):521--534, 2002. Google ScholarDigital Library
- Kun Sun, Peng Ning, and Cliff Wang. Tinysersync: secure and resilient time synchronization in wireless sensor networks. In CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, pages 264--277, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- Michael Szydlo. Merkle tree traversal in log space and time. In Advances in Cryptology - EUROCRYPT'04, pages 541--554. Springer, 2004.Google ScholarCross Ref
- Hailun Tan, Sanjay Jha, Diethelm Ostry, John Zic, and Vijay Sivaraman. Secure multi-hop network programming with multiple one-way key chains. In WiSec '08: ACM Conference on Wireless Network Security. ACM, 2008. Google ScholarDigital Library
- O. Ugus, D. Westhoff, R. Laue, A. Shoufan, and S.A. Huss. Optimized implementation of elliptic curve based additive homomorphic encryption for wireless sensor networks. In 2nd Workshop on Embedded Systems Security, WESS'2007, 2007.Google Scholar
Index Terms
- A ROM-friendly secure code update mechanism for WSNs using a stateful-verifier τ-time signature scheme
Recommendations
Secure universal designated verifier signature without random oracles
In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature ...
A novel identity-based strong designated verifier signature scheme
Unlike ordinary digital signatures, a designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third ...
Digital signature of multicast streams secure against adaptive chosen message attack
We design a secure multicast stream signature scheme which can resist adaptive chosen message attack through splitting a multicast stream into a sequence of blocks. Firstly, we propose the definition of one-time block signature scheme and its ...
Comments