Showing papers by "Claude Castelluccia published in 2007"

TinyRNG: A Cryptographic Random Number Generator for Wireless Sensors Network Nodes

Abstract: Wireless sensors network (WSN) security is a major concern and many new protocols are being designed. Most of these protocols rely on cryptography, and therefore, require a cryptographic pseudo-random number generator (CPRNG). However, designing an efficient and secure CPRNG for wireless sensor networks is not trivial since most of the common source of randomness used by standard CPRNGs are not present on a wireless sensor node. We present TinyRNG, a CPRNG for wireless sensor nodes. Our generator uses the received bit errors as one of the sources of randomness. We show that transmission bit errors on a wireless sensor network are a very good source of randomness. We demonstrate that these errors are randomly distributed and uncorrelated from one sensor to another. Furthermore, we show that these errors are difficult to observe and manipulate by an attacker.

RoK: A robust key pre-distribution protocol for multi-phase wireless sensor networks

Abstract: Wireless sensor networks are usually deployed to operate for a long period of time. Because nodes are battery-operated, they eventually run out of power and new nodes need to be periodically deployed to assure network connectivity. This type of networks is referred to as Multi-phase WSN in the literature [1]. Current key pre-distribution schemes, such as [2] and [3], are not adapted to multi-stage WSN. With these schemes, the security of the WSN degrades with time, since the proportion of corrupted links gradually increases. In this paper, we propose a new pre-distribution scheme adapted to multi-phase WSN. In the proposed scheme, the pre-distributed keys have limited lifetimes and are refreshed periodically. As a result, a network that is temporarily attacked (i.e. the attacker is active only during a limited amount of time) automatically self-heals, i.e. recovers its initial state when the attack stops. In contrast, with existing schemes, an attacker that corrupts a certain amount of nodes compromises a given fraction of the total number of secure channels. This ratio remains constant until the end of the network, even if the attacker stops its action. Furthermore, with our scheme, a network that is constantly attacked (i.e. the attacker regularly corrupts nodes of the network, without stopping) is much less impacted than a network that uses existing key pre-distribution protocols. With these schemes, the number of compromised links constantly increases until all the links are compromised. With our proposal, the proportion of compromised links is limited and constant.

Securing Very Dynamic Groups and Data Aggregation in Wireless Sensor Networks

Abstract: We present a new encryption mode of operation that allows nodes of a network to exchange messages securely (i.e. encrypted and authenticated) without sharing a common key or using public key cryptography. Our scheme is well adapted to networks, such as ad hoc, overlay or sensor networks, where nodes have limited capabilities and can share only a small number of symmetric keys. It provides privacy and integrity protection. We show that our proposal can be used in wireless sensor networks to send encrypted packets to very dynamic sets of nodes without having to establish and maintain group keys. These sets of nodes can be explicitly specified by the source or can be specified by the network according to some criteria, such as their location, proximity to an object, temperature range. As a result, a node can, for example, send encrypted data to all the nodes within a given geographical area, without having to identify the destination nodes in advance. Finally we show that our proposal can be used to implement a secure and scalable aggregation scheme for wireless sensor networks.

On the Privacy of Concealed Data Aggregation

Abstract: A formal treatment to the privacy of concealed data aggregation (CDA) is given. While there exist a handful of constructions, rigorous security models and analyses for CDA are still lacking. Standard security notions for public key encryption schemes, including semantic security and indistinguishability against chosen ciphertext attacks, are refined to cover the multi-sender nature and aggregation functionality of CDA in the security model. A generic CDA construction based on public key homomorphic encryption is given, along with a proof of its security in the proposed model. The security of two existing schemes is also analyzed in the proposed model.