Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Who’s watching your network A Communications Security Architecture and Cryptographic Mechanisms for Distributed Sensor Networks DARPA SensIT Workshop October 8, 1999 David Carman, Dr. Brian Matt, David Balenson, and Peter Kruus NAI Labs, The Security Research Division Network Associates, Inc. Sponsored by the DARPA/ITO Sensor Information Technology (SensIT) Program Through Air Force Research Laboratory (AFRL) Contract No. F30602-99-C-0185 Dr. Sri Kumar, DARPA, Program Manager Scott Shyne, AFRL, COTR http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Presentation Outline • Research Status – – – – Goals and Objectives Hard Problems Related Work New Ideas • Support for Demonstration – – – – Sensor Node Architecture User Platform Architecture Project Timeline Demo 1 Security Software SensIT-100799-2 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Goal and Objectives • Goal – Develop a communications security architecture incorporating cryptographic security mechanisms that efficiently support the provision of required integrity, authentication, and confidentiality security services within distributed networks of resource-limited sensors • Objectives – Identify practical cryptographic mechanisms and protocols that can be selectively employed by resource-limited sensor nodes – Design a communications security architecture suitable for use by distributed networks of resource-limited sensor nodes – Implement a prototype system and simulation that can be used to demonstrate efficient and practical communications security for distributed networks of resource-limited sensor in a variety of environments and scenarios SensIT-100799-3 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Hard Problems • Resource-Limitations – power budget, processing budget, continuous operation • Range of Security Services Across Different Layers – confidentiality, integrity, authentication (with varying granularity), anti-replay, non-repudiation, anonymity, denial-ofservice, authorization • • • • Minimal Preconfiguration Intermittent Group Connectivity Key Management for Multi-hop Routing Keying and authenticating unattended sensors SensIT-100799-4 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Related Work • Wireless Security Research – DARPA GloMo Program – Bluetooth Technology – Charon • Smart Card Security Research SensIT-100799-5 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network DARPA GloMo Program • GloMo provides mobile users access to a range of information services (e.g., email, www, video/voice conferencing, whiteboard). www.darpa.mil/ato/programs/glomo/index.htm • GloMo network characteristics: – Sporadic network connectivity. – Wireless spread spectrum. – Self-organizing, multi-hop, heterogeneous networks. – Security technologies and techniques applied at the application, networking, and wireless link/node layers. * Courtesy DARPA ATO GloMo Program website. SensIT-100799-6 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network GloMo - Applicability to SensIT • GloMo security research does – allocate security services to various layers – offer a scalable group key management scheme – examine implementing crypto in mPs vs. ASICs vs. FPGAs • GloMo security research does not provide solutions for – – – – intermittent group connectivity multi-hop routing security with limited preconfiguration continuous, unattended operation SensIT-100799-7 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Bluetooth Technology • Specification for wireless data/voice communication – www.bluetooth.com • Low-cost, short-range radio link facilitating protected ad hoc connections for mobile communications • Frequency-hopped transceiver with data rate of 1Mb/s • Applicability to SensIT – Does provide security solutions for link-level privacy (encryption) and entity authentication using a challenge-response scheme – Does not provide • • • • protection for other network layers intermittent group connectivity multi-hop routing unattended operation SensIT-100799-8 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Charon • Armando Fox and Steven Gribble - UC Berkeley – www.cs.berkeley.edu/~gribble/cs294-7_wireless/Charon.html • Kerberos-based protocol for indirect authentication and secure communications with PDA-class mobile devices • Uses a Kerberos-style trusted server to provide confidentiality and authentication between end-entities • Applicability to SensIT – Does provide a solution to interactively authenticate management nodes – Does not provide • • • • protection for other network layers intermittent group connectivity multi-hop routing unattended operation SensIT-100799-9 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Smart Card Characteristics • Smart cards contain small (~25mm2) micro-controllers that provide portable, relatively secure, low cost computing power and data storage. • Smart card characteristics: – Main power provided by card readers (may have battery-backed memory) – Typically 8-bit CPUs with math / crypto coprocessor, low memory – Limitations include small size / gate count and card interface – Physical vulnerabilities include fault analysis and power analysis • Smart cards security applications include: * Courtesy of cmpnet.com ©1997 – access control, secure peer-to-peer communications, e-commerce, secure storage SensIT-100799-10 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Smart Card Security - Applicability to SensIT • Applicability to SensIT – Provide some security solutions for resource-limited platforms • math, crypto co-processors • non-volatile data and key storage (EEPROM, FLASH, BBRAM) • research in new protocols / algorithms for resource limited point-to -point authentication, encryption, etc. – Does not offer solutions for group keying • Smart card client/server security model not applicable to group security - does not provide routing security • Smart card systems do not provide security with limited preconfiguration SensIT-100799-11 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network New Ideas • Multi-Layer Protection – Varying Authentication Granularity by Security Layer – Varying Confidentiality Keying Granularity by Security Layer • Confidential Query/Tasking with Minimal Preconfiguration • Anonymous Addressing with Minimal Preconfiguration • Location-Dependent Cryptography – Security for geo-routing • Rippled Key Cryptography SensIT-100799-12 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Multi-Layer Protection • Provide confidentiality and authentication with varying levels of granularity at different network layers • Provides progressively stronger key binding with minimal use of public key cryptography Confidentiality Application Layer Ephemeral Ad hoc Key Ad hoc Key Network Layer Link Layer Mission Key Device Key Authentication Public/Private Keypair Ad hoc Key Mission Key Device Key SensIT-100799-13 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Sensor Network Key Management (for Demo?) Super Node - Distributes Mission Key - Signs Mobile Code Kdevice Kmission1 Kadhoc Kmission2 SensIT-100799-14 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Confidential Query/Tasking with Minimal Preconfiguration Kquery = OWF(Attribute, KMission, Nonce) Attribute Type = ID or Capability or Location Sensor Nodes EKquery(Query or Task Message), Nonce, Attribute Type Management Node SensIT-100799-15 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Anonymous Addressing with Minimal Preconfiguration Does Nonce2 = OWF(Attribute(s), KMission, Nonce1) ? Attribute Type = ID, Capability, and/or Location, etc. Sensor Nodes EKquery(Query or Task Message), Nonce1, Nonce2, Attribute Type Management Node SensIT-100799-16 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Location-Dependent Cryptography Kadhoc = OWF(Location attributes, KMission, Nonce) Sensor Nodes Continuing research is addressing how best to express complex closed polygons and multiple areas SensIT-100799-17 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Rippled Key Cryptography • Intelligent Key Sharing Between Groups – eliminates inefficiencies of translation (decryption/re-encryption) – defines scheme for wrapping of session keys, application keys, mission keys, and attribute keys logical keying relationships SensIT-100799-18 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Near-Term Project Tasks (Task 1 only) • Architecture and Mechanisms Study and Specification – Study sensor environment, communications, security requirements and constraints – Develop an appropriate communications security architecture comprised of selected cryptographic mechanisms • Deliverables: – Requirements and Constraints REPORT; Month 06 – Draft Design and Specification REPORT; Month 18 – Final Design and Specification REPORT; Month 28 SensIT-100799-19 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Support for SensIT Demonstration • • • • • Sensor Node Architecture User Platform Architecture Sensor Network Key Management Project Timeline Demo 1 Security Software SensIT-100799-20 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Sensor Node Strawman Architecture = security functionality HI DC T/S DM DM DM Mobile Code DM IP S/P Functional DB Security Manager Data Acq. Data Acq. API Tamper Sensor Sensor HW Message Handling Data Req. Mgr. handles internal msg. traffic Func. Mgr. Network Routing handles external msg. traffic GPS Comm API Comm H/W Time, Loc Initialization - Network address - Functionality - Security parameters SensIT-100799-21 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network User Platform Strawman Architecture GUI Display = security functionality Security Mgmt. Mobile Code Device Status DM DB Language query generator DM DM Time Series Detection/ Classification DM High Level DM DM Message Handling Network Routing Security Manager Communications Link Nodes SensIT-100799-22 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp GPS Time, Loc Initialization - Security parameters Who’s watching your network Project Timeline Draft Design & Specification REPORT Requirements & Constraints REPORT Jun 1999 Apr Jun 2000 2000 Dec 1999 1 2 3 4 5 6 7 8 9 Dec 2000 10 11 12 13 14 15 16 17 18 19 20 21 Preliminary SOFTWARE for Demo 1 Final Design & Specification REPORT Apr Jun 2001 2001 Dec 2001 Final Report Jun 2002 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 Preliminary SOFTWARE for Demo 2 Demo Prototype Toolkit SOFTWARE SensIT-100799-23 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp Who’s watching your network Demo 1 Security Software • Demo 1 Approach: – Embed (hide) security functionality beneath Network API – Low-risk, very little integration (only with Sensor.com?) • Link Layer Security Software – Embedded beneath the WINS Network API on all nodes – Provides confidentiality, integrity, coarse authentication, and anti-replay • Network/Mission Layer Security Software – Embedded beneath the WINS Network API on all nodes – Provides confidentiality, integrity, mission group authentication SensIT-100799-24 http://www.nai.com/nai_labs/asp_set/crypto/crypt_senseit.asp