Wake-up-radio-based sensing systems make use of radio-triggering techniques and ultra-low power wake-up receivers (WuRs) to enable on-demand asynchronous network wake ups. Thanks to this, they have the potential to achieve low latency data collection at minimum energy cost, thus meeting the challenging lifetime and quality-of-service demands of emerging Internet of Things (IoT) and Wireless Sensor Networks (WSNs) applications. However, the fact that nodes can be remotely activated on-demand makes wake-up-radio-based networks vulnerable to energy exhausting attacks. In this paper, with a focus on practical implementation and validation, we present a full-fledged solution to counteract Denial-of-Sleep (DoS) attacks to wake-up-radio-based sensing systems. A core component of our proposed solution is a key exchange protocol based on Elliptic Curve Cryptography (the Fully Hashed MQV protocol), which we use in conjunction with implicit certificates.
This work is motivated by a general question: Can micro-scale energy harvesting techniques be exploited to support low-cost standard security solutions on resource-constrained devices? We focus on guaranteeing integrity and authentication in Internet of Things (IoT) and Wireless Sensor Network (WSN) applications. In this paper we propose techniques to make ECDSA signatures low cost and implementable on resource-constrained devices. By combining precomputation techniques and energy harvesting capabilities of modern sensor nodes, we achieve significant improvement over prior works. In addition, we show the cost of ECDSA signatures can be reduced of up to a factor 10 by using harvesting-aware optimizations.
In this paper we introduce R-CARP, a reputation based channel aware routing protocol for underwater acoustic sensor networks (UASNs). While many routing protocols have been proposed for UASNs, solutions to secure routing protocols from attacks such as sinkhole attack and selective forwarding are still overlooked. These routing attacks can dramatically disrupt network performance, especially in some application scenarios such as homeland security and critical infrastructure monitoring, where a high reliability on message delivery is required. Designing secure and reliable protocols for UASNs is particularly challenging due to acoustic modems unique characteristics such as low bandwidth and bit rate, high propagation delays and high energy consumption when in transmit mode. The aim of this work is therefore to propose R-CARP, a secure and reliable routing protocol tailored to such communication constrained environment. R-CARP is an improved version of CARP, the channel aware routing protocol, enriched with a reputation based mechanism to contrast malicious node behavior. To secure R-CARP we employ BLS, a short digital signature algorithm, exploiting its aggregation property to reduce the additional communication overhead. By means of simulation based performance evaluation, we show that, under attack, R-CARP is effective at bypassing malicious nodes and outperforms CARP in terms of packet delivery ratio (PDR) and energy per bit (EPB) by a factor of up to 2, at the cost of a slight increment in terms of latency.
The growing number of applications based on Internet of Things (IoT) technologies is pushing towards standardized protocol stacks for machine-to-machine (M2M) communication and the adoption of standard-based security solutions, such as the Datagram Transport Layer Security (DTLS). Despite the huge diffusion of DTLS, there is a lack of optimized implementations tailored to resource constrained devices. High energy consumption and long delays of current implementations limit their effective usage in real-life deployments. The aim of this paper is to explain how to integrate the DTLS protocol inside the Constrained Application Protocol (CoAP), exploiting Elliptic Curve Cryptography (ECC) optimizations and minimizing ROM occupancy. We have implemented our solution on an off-the-shelf mote platform and evaluated its performance. Results show that our ECC optimizations outperform priors scalar multiplication in state of the art for class 1 mote platforms, and improve network lifetime by a factor of up to 6.5 with respect to a standard-based not optimized implementation.
In this paper we introduce SecFUN, a security framework for underwater acoustic sensor networks (UASNs). Despite the increasing interest on UASNs, solutions to secure protocols from the network layer up to the application layer are still overlooked. The aim of this work is therefore manyfold. We first discuss common threats and countermeasures for UASNs. Then, we select the most effective cryptographic primitives to build our security framework (SecFUN). We show that SecFUN is flexible and configurable with different features and security levels to satisfy UASN deployment security requirements. SecFUN provides data confidentiality, integrity, authentication and non-repudiation by exploiting as building blocks AES in the Galois Counter Mode (GCM) and short digital signature algorithms. As a proof of concept of the proposed approach, we extend the implementation of the Channel-Aware Routing Protocol (CARP) to support the proposed cryptographic primitives. Finally, we run a performance evaluation of our proposed secure version of CARP in terms of the overall energy consumption and latency, employing GCM and the state of the art in short digital signature schemes such as ZSS, BLS and Quartz. Results show that a flexible and full-fledged security solution tailored to meet the requirements of UASNs can be provided at reasonable costs.
This paper proposes a Key Management Protocol for mo- bile and industrial Internet of Things systems, targeting, at the same time, robust key negotiation, lightweight node au- thentication, fast re-keying, and efficient protection against replay attacks. The proposed approach pragmatically lever- ages widely accepted Elliptic Curve Cryptography construc- tions, specifically the (Elliptic Curve) “Fixed” Diffie Hellman key exchange and the (Elliptic Curve) Qu-Vanstone implicit certificates. Our value added is their suitable integration into a security protocol exchange, designed at layer 2, in the 802.15.4 protocol stack, which permits to i) avoid Elliptic Point multiplications upon rekeying of previously paired de- vices, and ii) support mutual authentication while securing the protocol exchange. To prove its viability, the proposed Key Management Protocol has been implemented and as- sessed on severely constrained devices. As expected, but made explicit and quantified by our experimental perfor- mance evaluation, the usage of implicit certificates in con- junction with an optimized message exchange yields impres- sive gains in terms of airtime consumption with respect to state of the art schemes.
Effective pre-computation techniques have been proposed almost 15 years ago for trimming the cost of modular exponentiations at the basis of several standard signature and key management schemes, such as the (Elliptic Curve) Digital Signature Algorithm or Diffie-Hellman key exchange. Despite their promises, the actual application of such techniques in the wireless sensor security arena has been apparently overlooked, and most of the research effort has rather focused on the identification of alternative lightweight constructions. However, modern sensor are equipped with relatively large flash memories which make memory consumption a less critical requirement, and emerging energy harvesting technologies provide occasional energy peaks which could be exploited for anticipating otherwise costly computational tasks. These trends push for a reconsideration of pre-computation techniques, which are explored in this paper as follows: (1) we further optimize prior pre-computation techniques by exploiting more recent results on Cayley graph expanders, (2) we implement an ECDSA scheme relying on pre-computations over two different wireless sensor node platforms (TelosB and MICA2), and (3) we experimentally assess the relevant performance and energy costs. In the traditional scenario of wireless sensor networks without energy harvesting, our prototype ECDSA implementation, despite still not fully optimized, outperforms prior work by almost 50%, and achieves an efficiency superior to NTRU signatures, natural candidates for low-power devices. Finally, (4) we quantitatively discuss ways to exploit harvested energy peaks to further improve efficiency.
This work is motivated by a general question: can energy harvesting capabilities embedded in modern sensor nodes be exploited so as to support security mechanisms which otherwise would be too demanding and hardly viable? More specifically, in this work we focus on the support of extremely powerful, but complex, fine-grained data-centric access control mechanisms based on multi-authority Ciphertext Policy Attribute Based Encryption (CP-ABE). By integrating access control policies into the (encrypted) data, such mechanisms do not require any server-based access control infrastructure and are thus highly desirable in many wireless sensor network scenarios. However, as concretely shown by a proof-of-concept implementation first carried out in this paper on TelosB and MicaZ motes, computational complexity and energy toll of state-of-the-art multi-authority CP-ABE schemes is still critical. We thus show how to mitigate the relatively large energy consumption of the CP-ABE cryptographic operations by proposing AGREE (Access control for GREEn wireless sensor networks), a framework which exploits energy harvesting opportunities to pre-compute and cache suitably chosen CP-ABE-encrypted keys, so as to minimize the need to perform CP-ABE encryptions when no energy from harvesting is available. We assess the performance of AGREE by means of simulation and actual implementation, and by validating its operation with real-world energy-harvesting traces collected indoors by Telos B motes equipped with photovoltaic cells, as well as public available traces of radiant light energy. Our results show that complex security mechanisms may become significantly less demanding when implemented so as to take advantage of energy harvesting opportunities.
Despite recent improvements of the capabilities of Wireless Sensor Networks (WSN) nodes, network protocol support for key management is still lagging behind. While in traditional networks well known protocol suites (e.g., IPsec IKE and the TLS handshake), are commonly used for flexible negotiation of the cryptographic and key exchange protocols, to the best of our knowledge no similar support has been provided for the same operation in WSNs. The goal of this paper is therefore threefold. We discuss the design of a flexible security negotiation protocol for WSNs, and we suggest to adapt TLS handshake ideas to obtain maximum flexibility. We design and implement a security association set up protocol, tailored to the resource constraints and limits of WSN nodes. Finally, we run an experimental assessment of this protocol operations in support of RSA key transport, Elliptic Curve Diffie-Hellman key agreement, and Identity Based Encryption key agreement.
Copyright Notice: Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage. To copy otherwise, or to republish, requires a fee and/or specific permission of the ACM/IEEE.