scispace - formally typeset
Search or ask a question
Author

Chris Karlof

Bio: Chris Karlof is an academic researcher from University of California, Berkeley. The author has contributed to research in topics: Wireless sensor network & Ranging. The author has an hindex of 15, co-authored 20 publications receiving 6077 citations.

Papers
More filters
Journal ArticleDOI
11 May 2003
TL;DR: This work proposes security goals for routing in sensor networks, shows how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensors, and introduces two classes of novel attacks against sensor networks sinkholes and HELLO floods.
Abstract: We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.

2,946 citations

Proceedings ArticleDOI
03 Nov 2004
TL;DR: TinySec is introduced, the first fully-implemented link layer security architecture for wireless sensor networks, and results on a 36 node distributed sensor network application clearly demonstrate that software based link layer protocols are feasible and efficient, adding less than 10% energy, latency, and bandwidth overhead.
Abstract: We introduce TinySec, the first fully-implemented link layer security architecture for wireless sensor networks. In our design, we leverage recent lessons learned from design vulnerabilities in security protocols for other wireless networks such as 802.11b and GSM. Conventional security protocols tend to be conservative in their security guarantees, typically adding 16--32 bytes of overhead. With small memories, weak processors, limited energy, and 30 byte packets, sensor networks cannot afford this luxury. TinySec addresses these extreme resource constraints with careful design; we explore the tradeoffs among different cryptographic primitives and use the inherent sensor network limitations to our advantage when choosing parameters to find a sweet spot for security, packet overhead, and resource requirements. TinySec is portable to a variety of hardware and radio platforms. Our experimental results on a 36 node distributed sensor network application clearly demonstrate that software based link layer protocols are feasible and efficient, adding less than 10% energy, latency, and bandwidth overhead.

1,751 citations

Journal ArticleDOI
TL;DR: This study demonstrates that RSS can be used to localize a multi-hop sensor network, and it is shown that this result is highly sensitive to subtle environmental factors such as the grass height, radio enclosure, and elevation of the nodes from the ground.
Abstract: Radio signal strength (RSS) is notorious for being a noisy signal that is difficult to use for ranging-based localization. In this study, we demonstrate that RSS can be used to localize a multi-hop sensor network, and we quantify the effects of various environmental factors on the resulting localization error. We achieve 4.1m error in a 49 node network deployed in a half-football field sized area, demonstrating that RSS localization can be a feasible alternative to solutions like GPS given the right conditions. However, we also show that this result is highly sensitive to subtle environmental factors such as the grass height, radio enclosure, and elevation of the nodes from the ground.

363 citations

Proceedings ArticleDOI
24 Apr 2005
TL;DR: It is revealed that both the connectivity and noise components of Noisy Disk fail to accurately represent real-world ranging characteristics and it is shown that these shortcomings affect localization in different ways under different circumstances.
Abstract: This paper presents a study of how empirical ranging characteristics affect multihop localization in wireless sensor networks. We use an objective metric to evaluate a well-established parametric model of ranging called Noisy Disk: if the model accurately predicts the results of a real-world deployment, it sufficiently captures ranging characteristics. When the model does not predict accurately, we systematically replace components of the model with empirical ranging characteristics to identify which components contribute to the discrepancy. We reveal that both the connectivity and noise components of Noisy Disk fail to accurately represent real-world ranging characteristics and show that these shortcomings affect localization in different ways under different circumstances.

180 citations

Proceedings ArticleDOI
28 Oct 2007
TL;DR: Two locked same-origin policies for web browsers are proposed, one of which can be deployed today and interoperate seamlessly with the vast majority of legacy web servers, and the other a simple incrementally deployable opt-in mechanism for legacy servers using policy files.
Abstract: We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim's browser malicious Javascript, which then exploits DNS rebinding vulnerabilities and the name-based same-origin policy to hijack a legitimate session after authentication has taken place. As a result, the attack works regardless of the authentication scheme used. Dynamic pharming enables the adversary to eavesdrop on sensitive content, forge transactions, sniff secondary passwords, etc. To counter dynamic pharming attacks, we propose two locked same-origin policies for web browsers. In contrast to the legacy same-origin policy, which regulates cross-object access control in browsers using domain names, the locked same-origin policies enforce access using servers' X.509 certificates and public keys. We show how our policies help two existing web authentication mechanisms, client-side SSL and SSL-only cookies, resist both pharming and stronger active attacks. Also, we present a deployability analysis of our policies based on a study of 14651 SSL domains. Our results suggest one of our policies can be deployed today and interoperate seamlessly with the vast majority of legacy web servers. For our other policy, we present a simple incrementally deployable opt-in mechanism for legacy servers using policy files, and show how web sites can use policy files to support self-signed and untrusted certificates, shared subdomain objects, and key updates.

155 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This survey presents a comprehensive review of the recent literature since the publication of a survey on sensor networks, and gives an overview of several new applications and then reviews the literature on various aspects of WSNs.

5,626 citations

Journal ArticleDOI
TL;DR: A survey of state-of-the-art routing techniques in WSNs is presented and the design trade-offs between energy and communication overhead savings in every routing paradigm are studied.
Abstract: Wireless sensor networks consist of small nodes with sensing, computation, and wireless communications capabilities. Many routing, power management, and data dissemination protocols have been specifically designed for WSNs where energy awareness is an essential design issue. Routing protocols in WSNs might differ depending on the application and network architecture. In this article we present a survey of state-of-the-art routing techniques in WSNs. We first outline the design challenges for routing protocols in WSNs followed by a comprehensive survey of routing techniques. Overall, the routing techniques are classified into three categories based on the underlying network structure: flit, hierarchical, and location-based routing. Furthermore, these protocols can be classified into multipath-based, query-based, negotiation-based, QoS-based, and coherent-based depending on the protocol operation. We study the design trade-offs between energy and communication overhead savings in every routing paradigm. We also highlight the advantages and performance issues of each routing technique. The article concludes with possible future research areas.

4,701 citations

Book ChapterDOI
04 Oct 2019
TL;DR: Permission to copy without fee all or part of this material is granted provided that the copies arc not made or distributed for direct commercial advantage.
Abstract: Usually, a proof of a theorem contains more knowledge than the mere fact that the theorem is true. For instance, to prove that a graph is Hamiltonian it suffices to exhibit a Hamiltonian tour in it; however, this seems to contain more knowledge than the single bit Hamiltonian/non-Hamiltonian.In this paper a computational complexity theory of the “knowledge” contained in a proof is developed. Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question. Examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity. These are the first examples of zero-knowledge proofs for languages not known to be efficiently recognizable.

1,962 citations

Proceedings ArticleDOI
03 Nov 2004
TL;DR: TinySec is introduced, the first fully-implemented link layer security architecture for wireless sensor networks, and results on a 36 node distributed sensor network application clearly demonstrate that software based link layer protocols are feasible and efficient, adding less than 10% energy, latency, and bandwidth overhead.
Abstract: We introduce TinySec, the first fully-implemented link layer security architecture for wireless sensor networks. In our design, we leverage recent lessons learned from design vulnerabilities in security protocols for other wireless networks such as 802.11b and GSM. Conventional security protocols tend to be conservative in their security guarantees, typically adding 16--32 bytes of overhead. With small memories, weak processors, limited energy, and 30 byte packets, sensor networks cannot afford this luxury. TinySec addresses these extreme resource constraints with careful design; we explore the tradeoffs among different cryptographic primitives and use the inherent sensor network limitations to our advantage when choosing parameters to find a sweet spot for security, packet overhead, and resource requirements. TinySec is portable to a variety of hardware and radio platforms. Our experimental results on a 36 node distributed sensor network application clearly demonstrate that software based link layer protocols are feasible and efficient, adding less than 10% energy, latency, and bandwidth overhead.

1,751 citations

Journal ArticleDOI
TL;DR: The fast progress of research on energy efficiency, networking, data management and security in wireless sensor networks, and the need to compare with the solutions adopted in the standards motivates the need for a survey on this field.

1,708 citations