a practical secure neighbor verification protocol for wireless sensor networks

1

A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks

A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks

Reza Shokri, Marcin Poturalski, Gael Ravot, Panos Papadimitratos, and Jean-Pierre Hubaux

Laboratory for Computer Communications and Applications, EPFL, Switzerland

Second ACM Conference on Wireless Network Security (WiSec'09) March 2009 Zurich, Switzerland

2

Wormhole AttackWormhole Attack

3

Wormhole AttackWormhole Attack

WormholeWormhole

4

Wormhole AttackWormhole Attack

False Links over the WormholeFalse Links over the Wormhole

5

Neighbor Verification ProtocolNeighbor Verification Protocol

Protocol StagesProtocol Stages

i. Ranging ii. Exchanging the Neighbor Tables (include distance)iii. Neighbor Verification (security tests)

Our Main IdeaOur Main Idea

Local geometric consistency tests

MotivationMotivation

- The other proposed methods are not implementable on sensor networks (e.g., directional antennas) or are not secure enough considering the sensor networks’ limitations (e.g., tight time synchronization in nanosecond precision is required). - Our goal is to propose a secure and practical protocol for WSN.

6

The Ranging ProtocolThe Ranging Protocol

7

The Ranging ProtocolThe Ranging Protocol

?

?

?

A

B

C D

8

The Ranging ProtocolThe Ranging Protocol

A B

tREQ/A tREQ/B

C

REQ

Fresh Random Nonce

9

The Ranging ProtocolThe Ranging Protocol

A B

REP

tREQ/A tREQ/B

C

tREP/BtREP/A

REQ

10

The Ranging ProtocolThe Ranging Protocol

A B

REP

tREQ/A tREQ/B

C

tREP/BtREP/A

REQ

tRNG/B

tRNG/A

RNG

(Ultra)Sound

11

The Ranging ProtocolThe Ranging Protocol

A B

REP

tREQ/A tREQ/B

C

tREP/BtREP/A

REQ

tRNG/B

tRNG/A

RNG

ACK

(Ultra)Sound

12

The Ranging ProtocolThe Ranging ProtocolA B

REP

tREQ/A tREQ/B

C

tREP/BtREP/A

REQ

tRNG/B

tRNG/A

RNG(Ultra)Sound

ACK

Node B:

“Synchronization Test”

Speed of sound

Empirical Synchronization Error

13

C

B

The Ranging Protocol (Over Attack)The Ranging Protocol (Over Attack)

A dwadwb

dwc dbc

A

C

B

dbc

>= dwb + dwb

>= dwb + d

wb

The adversary can change adjust the distance between nodes only by introducing different delay values while relaying RNG messages

14

Neighbor Table ExchangeNeighbor Table Exchange

AB

C D

F

E

G

Each node broadcasts its neighbor table to its direct neighbors.Neighbor tables include distance between nodes.

We assume nodes are deployed on a plane. (it can be extended to 3D)

15

Neighbor Verification (Security Tests)Neighbor Verification (Security Tests)

16

Neighbor Verification (Security Tests)Neighbor Verification (Security Tests)

Link Symmetry Test d(B->A) = d(A->B)

(1)

17

Neighbor Verification (Security Tests)Neighbor Verification (Security Tests)

Maximum Range Test d(B->A) < RR

(1) (2)

Link Symmetry Test d(B->A) = d(A->B)

18

Neighbor Verification (Security Tests)Neighbor Verification (Security Tests)

Quadrilateral Test Each 4 neighbors that form a clique must belong to a quadrilateral. (embedding graph on a plane)

Maximum Range Test d(B->A) < RR

(1)

(3)

(2)

Link Symmetry Test d(B->A) = d(A->B)

19

Neighbor Verification (Security Tests)Neighbor Verification (Security Tests)

Quadrilateral Convexity Test A link will be marked as verified link if it belongs to a convex quadrilateral.

Maximum Range Test d(B->A) < RR

(1)

(3)

(2)

(4)

Quadrilateral Test Each 4 neighbors that form a clique must belong to a quadrilateral. (embedding graph on a plane)

Link Symmetry Test d(B->A) = d(A->B)

20

Security AnalysisSecurity Analysis

21

Security AnalysisSecurity Analysis

To successfully create a false link:the attacker has to convince 4 nodes that form a convex quadrilateral

(2-2)

(3-1)

A

B C

D

D

A

BC

22

Security AnalysisSecurity Analysis

(2-2)A

B C

D

C

DA

B C

DA

B

Nodes’ perception (1) Nodes’ perception (2)

We have proved that neither of these perceptions are possible. Thus, 2-2 attack is impossible.

23

Security AnalysisSecurity Analysis

(3-1)D

A

BC

A

B

C

DNodes’ perception

DA

BC

We have proved that the attack is possible only if:

24

Experimental ResultsExperimental Results

SettingsSettings

The ranging protocol has been implemented on Crossbow Cricket motes

25

Experimental ResultsExperimental Results

SettingsSettings

The ranging protocol has been implemented on Crossbow Cricket motes

ResultsResults

Time Synchronization Error: 99.55% below 5 microsecondDistance Measurement Error: Below 5cm error (Range up to 4m)Link Symmetry Error: 97% below 7cm (74% below 2cm)

26

Performance Evaluation in Benign SettingPerformance Evaluation in Benign Setting

Links have to satisfy the convex quadrilateral test to be verified by our protocol.

Yet, even in a benign setting, some links might not belong to any convex quadrilateral, and therefore remain unverifiable.

How percentage of true links can be verified?

27

Performance Evaluation in Benign SettingPerformance Evaluation in Benign Setting

CoverageCoverage

Uniform distribution of nodes in a field measuring 400m*400m“R”: Transmission range = 100m“e”: Maximum distance estimation error as percentage of R.

28

ConclusionConclusion

- Neighbor Verification Protocol for Wireless Sensor Networks

- Based on estimation of node distance and simple, local tests

- Practical solution, implemented on Cricket motes

- Formal analysis and proof of correctness

- Highly effective against powerful adversaries

- Adding detection of adversary increases security (see tech-report)