Multi-user Broadcast Authentication in Wireless Sensor Networks
Kui Ren2007
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetric-key-based solutions such as µTESLA and multilevel µTESLA have been proposed, they all suffer from severe energy-depletion attacks resulting from the nature of delayed message authentication. This paper presents several efficient public-key-based schemes to achieve immediate broadcast authentication and thus avoid the security vulnerability that is intrinsic to µTESLA-like schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message-recovery signature scheme, and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication.
Related papers
Effective Multi-User Broadcast Authentication in Wireless Sensor Networks
Encyclopedia on Ad Hoc and Ubiquitous Computing, 2009
Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Previous solutions on broadcast authentication are mostly symmetric-key-based solutions such as µTESLA and multilevel µTESLA. These schemes are usually efficient; however, they all suffer from severe energy-depletion attacks resulted from the nature of delayed message authentication. Being aware of the security vulnerability inherent to existing solutions, we present several efficient public-key-based schemes in this chapter to achieve immediate broadcast authentication with significantly improved security strength. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message recovery signature scheme and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption regarding both computation and communication.
Fast authentication in wireless sensor networks
Future Generation Computer Systems, 2014
• Exploit the cooperation between nodes to accelerate the signature verification. • The accelerated scheme allows a longer network lifetime.
Efficient broadcast authentication scheme in clustering sensor networks
2011
A broadcast authentication mechanism is important in wireless sensor networks, assuring receivers of a packet's validity. To provide authentication, some researchers utilize one way key chains and delayed disclosure of keys; however, such an approach requires time synchronization and delayed authentication. Another technique uses one-time signature schemes. Unfortunately, such schemes suffer from large key sizes and a limited number of uses per key. To cope with these problems, we propose an efficient, one-time signature-based broadcast authentication scheme for wireless sensor networks that reduces storage usage and includes a re-keying mechanism.
Accelerated Verification of an ID-based Signature Scheme for Broadcast Authentication in Wireless Sensor Networks
2012 IEEE 15th International Conference on Computational Science and Engineering, 2012
). Recently, several public-key-based schemes have been proposed to achieve immediate broadcast authentication with significantly improved security strength. While the public-keybased schemes obviate the security vulnerability inherent to symmetric-key-based µTESLA-like schemes, their signature verification is time-consuming. Thus, speeding up signature verification is a problem of considerable practical importance, especially in resource-constrained environments. This paper presents an accelerated verification of vBNN-IBS, a pairing-free identity-based signature with reduced signature size. A quantitative analysis demonstrates that the accelerated vBNN-IBS reduces 38.62% energy consumption in a 4×4 grid-based WSN and runs 66% faster than the traditional signature verification method. It also allows the total energy consumption to be reduced by up to 23.25% and 25.14% compared to, respectively, IMBAS [1] and EIBAS [13] ID-based broadcast authentication schemes.
Practical broadcast authentication in sensor networks
2005
Abstract Broadcast authentication is a critical security service in sensor networks; it allows a sender to broadcast messages to multiple nodes in an authenticated way. μTESLA and multi-level μTESLA have been proposed to provide such services for sensor networks. However, none of these techniques are scalable in terms of the number of senders.
Enhancing broadcast authentication in sensor networks
2010
Due to the nature of wireless sensor networks, security is a critical problem since resource constrained and usually unattended sensors are much vulnerable to malicious attackers that may impersonate the sender. Therefore authenticating received messages is a crucial matter to protect the system integrity. Generally used TESLA (Timed Efficient Stream Loss-tolerant Authentication) based authentication techniques involve consecutive delays for decryption purposes. These delays render the network vulnerable to different malicious attacks such as Denial of Service attack. As several techniques try to achieve immediate authentication to alleviate these threats, other factors such as reliability and buffer requirements may have been compromised. This project proposes an integration of Low Buffer ,uTESLA protocol and an immediate authentication protocol to achieve a new refined scheme in broadcast authentication in sensor networks. Performance analysis and simulation results demonstrate that the proposed method succeeds to achieve immediate authentication while preserving desired security and low memory requirements in sensor nodes.
A Public key distribution and Broadcast Authentication scheme for Wireless Sensor Networks
irnetexplore.ac.in
In Wireless Sensor Networks, Broadcast communication is the most fundamental and prevailing communication pattern. Securing the broadcast messages from the adversary is critical issue. To defend the WSNs against the adversary attacks of impersonation of a broadcast source or receiver, modification/fabrication of the broadcast message, attacker injecting malicious traffic to deplete the energy from the sensors, broadcast authentication of source and receivers becomes extremely inevitable. In this paper, we propose a novel ECC based public key distribution protocol and broadcast authentication scheme. The proposed method provides high security and has low overhead.
Comprehensive Analysis of Broadcast Authentication protocols in Wireless Sensor Networks
Wireless sensor networks (WSNs) due to law costs and easy communication are used in different environments for surveillance activities. One the most important issues raised in these networks is the usage of a good broadcast authentication mechanism. This mechanism helps to provide the security of these networks efficiently. User authentication is a crucial service in wireless sensor networks that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment.A broadcast authentication mechanism is important in wireless sensor networks. Researchers have provided various authentication mechanisms– which have their own advantages and disadvantages– in these networks. In this paper we analyze and review some popular authentication schemes which are recently proposed for WSNs.
Lightweight Broadcast Authentication Protocols Reconsidered
2009 IEEE Wireless Communications and Networking Conference, 2009
In the emergency broadcast system (or emergency alert system) which aims to broadcast a warning information immediately in time of emergency such as a natural or civil disaster, computational power-restricted devices such as, pocket terminals and sensors need to instantly and securely verify correctness and integrity of the received message packets. Though a lot of broadcast authentication systems were proposed, most of them require relatively high computation cost.
Secure and Time Efficient Hash-based Message Authentication Algorithm for Wireless Sensor Networks
Wireless sensor networks (WSNs) are used in many applications to gather sensitive information which is then forwarded to an analysis center. Resource limitations have to be taken into account when designing a WSN infrastructure. Authentication in WSNs is critical, as they are often deployed unattended in hostile environments and must transmit information over unsecured mediums. However, the cost of performing cryptographic operations is an extremely limiting factor because sensor devices and related equipment are constrained by storage and computational ability. Hash functions are the most widespread among all Authentication primitives, and are currently used in multiple cryptographic schemes and in security protocols. This paper presents a new Secure Hash Algorithm called (2AMD-160) which uses a famous structure of hash algorithm given by the MIT Laboratory for Computer Science and RSA Data Security, Inc. To demonstrate the effectiveness of 2AMD-l60 in terms of security and execution time, we compare our approach with two methods namely, MD5 and SHAl hash function algorithms. Simulation results demonstrate that the execution time and the security achieved by the proposed method are more effective than the MD5 and SHAI.
An efficient authentication framework for wireless sensor networks
2012
This study investigates the broadcast/multicast authentication problems in wireless sensor networks (WSNs), particularly sensor nodes broadcast authentication and outside user authentication, and proposes efficient and secure solutions for them. The low cost and immunity from cabling have become motivations for many applications of WSNs, for instance, the forest fire alarm, the intelligent traffic system etc. However, the sensitive nature of communication in these applications makes authentication a compulsory security ...
An Improved Digital Signature Protocol to Multi-User Broadcast Authentication Based on Elliptic Curve Cryptography in Wireless Sensor Networks (WSNs)
Mathematical and Computational Applications, 2018
In wireless sensor networks (WSNs), users can use broadcast authentication mechanisms to connect to the target network and disseminate their messages within the network. Since data transfer for sensor networks is wireless, as a result, attackers can easily eavesdrop deployed sensor nodes and the data sent between them or modify the content of eavesdropped data and inject false data into the sensor network. Hence, the implementation of the message authentication mechanisms (in order to avoid changes and injecting messages into the network) of wireless sensor networks is essential. In this paper, we present an improved protocol based on elliptic curve cryptography (ECC) to accelerate authentication of multiuser message broadcasting. In comparison with previous ECC-based schemes, complexity and computational overhead of proposed scheme is significantly decreased. Also, the proposed scheme supports user anonymity, which is an important property in broadcast authentication schemes for WSNs to preserve user privacy and user untracking.
Design an Enhanced Certificate Based Authentication Protocol for Wireless Sensor Networks
This paper, for effective solution public key cryptography is resorted. By designing PKC-based solutions with minimized computational and communication costs, we approach broadcast authentication problem in WSNs under multi user scenario. On one side, we want to achieve immediate message authentication and be immune to DoS attacks in the presence of both the node compromise and user revocation. On the other side, we want to optimize both the computational and communication costs.
ACCELERATED BROADCAST AUTHENTICATION WITH SIGNATURE AMORTIZATION FOR WSNS
Asymmetric Key Cryptography is widely used in broadcasting areas for authentication. But it is considered to be expensive to wireless sensor networks. This proposed system is a novel broadcast authentication scheme based on PKC with signature amortization. This scheme uses single Signature for authenticating a group of broadcast messages. As a result, the overhead is spread over that group of broadcast messages. Moreover, this scheme gives high security and low overhead also. But signature verification in ECDSA slower than signature generation. So, broadcast authentication with ECDSA has also suffered large energy consumption and lengthy verification delay. To reduce, this system uses cooperation among sensor nodes, which helps to accelerate the signature verification. During Signature verification, sensor nodes which have high energy allowed to leave the intermediary results of the signature verification process to their neighbors for accelerating the same. Simulation results show that the overhead of message authentication and t he del ay of v e ri f i c at i on of aut he nt i c at e d me ssa ge s is reduced significantly.
Efficient Cooperative Signatures: A Novel Authentication Scheme for Sensor Networks
Lecture Notes in Computer Science, 2005
This paper describes an efficient and strong authentication mechanism for ad hoc sensor networks. Our protocol focuses on providing strong authentication and privacy for requests from query nodes to the network and for the corresponding responses. Our scheme uses the asymmetrical energy consumption of the well known public key cryptosystems RSA and Rabin. As the sensor nodes are assumed to be powerrestrained, we only employ efficient public key operations at their side of the protocol, this leaves us only with the public operations encryption and signature verification. We have extended this set with a novel building block that allows nodes to sign messages cooperatively. We show that our protocol is robust against attacks from both outsiders and insiders.
Reducing the Vulnerability of Broadcast Authentication against Denial of Service Attacks in Wireless Sensor Networks
Broadcast authentication is an important process that is used to secure the applications from different kinds of attacks including Denial of service (DoS) attacks. Timed Efficient Stream Loss-tolerant Authentication (TESLA) and Digital Signature are used in Wireless Sensor Networks (WSNs) to provide broadcast authentication, but both are still vulnerable to DoS attacks; attackers keep broadcasting forged messages which will cause extra cost on the network due to the power consumption. This will exhaust the node's energy, which consequently reduces the network's lifetime. In this paper, we first present related schemes that are trying to defend against or contain such DoS attacks. Secondly, we propose a new scheme that allows the receiver sensor node to recognize forged message before verifying its authenticity in order to avoid performing many unnecessary operations and so preventing DoS from damaging the availability of the network and additionally reducing the delay that is resulted from the verification itself. The proposed scheme protects nodes by using adaptive window after passing a weak pre-authenticator test. The performance evaluation shows that the proposed scheme can reduce the damage of DoS attacks to involve only a small portion of the network, thus saving more energy and minimizing the broadcast delay on the authentic messages.
An energy-efficient symmetric cryptography based authentication scheme for wireless sensor networks
2010
Sensor networks are ad-hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, it is important to ensure security and, taking into account limited resources available in wireless sensor networks, the use of symmetric cryptography is strongly recommended. In this paper we present a light-weight authentication model for wireless sensor networks composed of a key management and an authentication protocol. It is based on simple symmetric cryptographic primitives with very low computational requirements, and it achieves better results than other similar proposals in the literature. Compared to SPINS and BROSK protocols, our system can reduce energy consumption by up to 98% and 67% respectively. It also scales well with the size of the network, due to it only requiring one interchanged message, regardless of the total number of nodes in the network.
Survey on Message Authentication and Source Privacy in Wireless Sensor Networks
Message authentication is one of the most efficient ways to prevent unauthorized and corrupted messages from being forwarded in wireless sensor networks (WSNs). That's why, numerous message authentication proposals have been developed, based on either symmetric-key cryptosystems or public-key cryptosystems. Many of them, however, have the restrictions of high computational and communication overhead in addition to lack of scalability and resilience to node compromise attacks. Wireless Sensor Networks (WSN) are being very popular day by day, however one of the main concern in WSN is its limited resources. One have to look to the resources to generate Message Authentication Code (MAC) keeping in mind the feasibility of method used for the sensor network at hand. This paper investigates different cryptographic approaches such as symmetric key cryptography and asymmetric key cryptography.
Efficient Message Authentication and Source Privacy in Wireless Sensor Networks
Abstract: Message authentication is used to prevent the unauthorized messages forwarded in the Wireless Sensor Networks (WNS). The main aim of this project is to prevent unauthorized and corrupted message by allowing intermediate efficient node authentication. Many authentication schemes have been proposed to provide message authenticity; these schemes can be either public-key based approaches or symmetric-key based approaches. Scalable authentication scheme based on Elliptic Curve Cryptography (ECC) enables the intermediate node to authenticate the message and provide Hop by Hop message authentication. Route request is encrypted for authentication of messages with source privacy. An efficient key management framework is proposed to ensure isolation of the compromised node. The compromised node will be identified and alert information sends to all nodes. Keywords: Wireless Sensor networks, Message authentication, Source privacy, Symmetric key cryptosystem, compromised node. Title: Efficient Message Authentication and Source Privacy in Wireless Sensor Networks Author: A. Arul packiaraj, M. Merlin Moses International Journal of Computer Science and Information Technology Research ISSN 2348-1196 (print), ISSN 2348-120X (online) Research Publish Journals
Performance evaluation of key disclosure delay-based schemes in wireless sensor networks
2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), 2013
Broadcast source authentication is a critical security service in wireless sensor networks which is still in its infancy. This service allows senders to broadcast messages to multiple receivers in a secure way. This paper evaluates the integration of staggered authentication in multi-level µTesla source authentication protocol called staggered multilevel µTesla. These two protocols are evaluated in terms of authentication delay, authentication probability, number of forged packets in the receiver's buffer, delay of forged packets in the receiver's buffer, memory, and energy consumption overhead. Simulation results show that these two protocols introduce negligible overhead without impeding the system performance. Moreover, staggered multi-level µTesla achieves better performance compared to multi-level µTesla, when reducing the average number and the delay of forged packets in the receiver's buffer.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.