tinyos on wsn security
DESCRIPTION
Wireless SecurityTRANSCRIPT
TinyOS
TinyOS
on
WSN Security
Piyush Mittal
NIT, Rourkela
1 13/11/2010
2
Learn From History…
analog cellphones: AMPS 1980
1990
2000
analog cloning, scanners
fraud pervasive & costly
digital: TDMA, GSM
TDMA eavesdropping [Bar]
more TDMA flaws [WSK]
GSM cloneable [BGW]
GSM eavesdropping
[BSW,BGW]
Future: 3rd gen.: 3GPP, …
cellphones
802.11, WEP
2001
2002
WEP broken [BGW]
WEP badly broken [FMS]
WPA
2000
1999
Future: 802.11i
2003
attacks pervasive
wireless networks
Berkeley motes
2002
TinyOS 1.0
TinyOS 1.1, TinySec
2003
sensor networks
Let’s get it right the from the start
802.15.4 AES
AR TinyOS 2 AES TinyOS 13/11/2010
3
Sensor Network Security
What’s different about sensor nets?
• Strict resource constraints
• Insecure wireless networks
• No physical security
• Interaction with the physical environment
New
13/11/2010 TinyOS
4
Communications Security
“It doesn’t matter how good your crypto is if it is
never used.”
13/11/2010 TinyOS
Implementation of security in WSN
• There are two dominant sensor network implementations in the market today, namely TinyOS and IEEE 802.15.4
TinyOS targets devices where energy and computation power are significant resource constraints.
IEEE 802.15.4 takes a more modular approach to its design, and is suited for a variety of devices and applications.
13/11/2010 TinyOS 5
Need of TinyOS
• Problems with traditional OS
Multithreaded Architecture not useful
Large Memory Footprint
Does not help to conserve energy and power
• Requirements for Wireless Sensor Networks
Efficient utilization of energy and power
Small Footprint
Should support variety in design and usage
More emphasis on Concurrent execution
13/11/2010 TinyOS 6
Introduction to TinyOS
• TinyOS began as a collaboration between University of California, Berkeley and Intel Research.[4]
• It is a free open source operating system designed for wireless sensor networks.
• It is an embedded operating system written in NesC
• It is power efficient as it makes the sensors sleep as soon as possible.
• Has small footprint as it uses a non-preemtable FIFO task scheduling.
• A typical TinyOS 'mote' platform has 10 KB of RAM, 100 KB of ROM.
13/11/2010 TinyOS 7
nesC
• nesC (network embedded system C) is a language used to build applications in TinyOS.
• It is designed such a way to exhibit the concepts and execution model of TinyOS.
• nesC uses the filename extension “.nc”.
• Refer the tutorial given below to see a simple program in nesC.
http://docs.tinyos.net/index.php/The_simplest TinyOS program
13/11/2010 TinyOS 8
Application-Specific Platform Support
• A typical TinyOS configuration has four subsystems
1.sensors/actuators
2.communications
3.storage
4.processor/power management
13/11/2010 TinyOS 9
EXECUTIVE SUMMARY
• The focus is on link layer security because, like other wireless networking technologies, the threat of interception by an adversary is always present.
• For resource-limited sensor networks, TinyOS is still the better choice.
• TinyOS packets can be encapsulated inside IEEE 802.15.4 frames, just like TCP/IP packets are encapsulated inside IEEE 802.11 frames.
13/11/2010 TinyOS 10
EXECUTIVE SUMMARY
• The design and implementation of a TinyOS Sniffer tool is presented.
• A sniffer is the perfect tool for modern day network and security analysis. But such a tool is presently lacking in today’s sensor network development kits.
• The current design is based on existing sensor network hardware and software components to enable a low-cost sniffer implementation.
13/11/2010 TinyOS 11
SECURITY ARCHITECTURE OF TINYOS
• TinyOS's component library includes network protocols, distributed services, sensor drivers, and data acquisition tools.
• The topology of a sensor network based on TinyOS devices depends entirely on the application and the networking stack used.
• A TinyOS device is addressed by a 16-bit address, augmented with an 8-bit group ID.
• The group ID is similar to the network address for a group of cooperating nodes.
• It allows multiple distinct groups of motes to share the same radio channel.
13/11/2010 TinyOS
12
Continue…
• TinyOS implements the Active Message (AM) system. AM types are similar to port numbers in TCP/IP.
• Each TinyOS packet includes an 8-bit AM type in the header.
13/11/2010 TinyOS 13
TinySec [3,5]
• Early versions of TinyOS did not have security built in at all. In late 2004, the developers of TinyOS introduced TinySec.
• A lightweight generic link layer security package that developers can easily integrate into their TinyOS applications.
13/11/2010 TinyOS 14
SECURITY SERVICES
• The security provided by TinyOS centers on message integrity and message confidentiality.
• TinyOS supports two security options:
1.authenticated-encryption (TinySec-AE)
2. authentication-only (TinySec-Auth)
• The default security mode of a TinySec-enabled application is TinySec-Auth.
13/11/2010 TinyOS 15
SECURITY SERVICES
• The TinySec mode is indicated in the upper 2 bits (MSB) of the length field of the packet header.
• This modification is harmless because the maximum size of the data field in a TinyOS packet is 29 bytes,
i.e., at most 5 bits of the length field will be used.
• That the TinyOS and the TinySec-Auth packets do
not have a field for the source address.
• Receiver can’t identify where the packet came from.
• Source address is only included in the TinySec-AE packet, if an application wants to implement ACL then it can only do so with TinySec-AE.
13/11/2010 TinyOS 16
TinyOS packet format
Dest (2) AM (1) Len (1) Scr(2) Ctr (2) Encrypted Data (0…29) MAC (4)
13/11/2010 TinyOS 17
Dest (2) AM (1) Grp (1) Len (1) Data(0…29) CRC (2)
Dest (2) AM (1) Len(1) Data(0…29) MAC (4)
(c) TinyOS packet format
(b) Tiny Sec-Auth packet format
(a) Tiny Sec-AE packet format IV
AM- Active Message Ctr- Counter for bit
Dest- Destination Address Scr- Source address
Len- Length of packet MAC- Message Authentication Codes
SECURITY PRIMITIVES
1. Message Authentication Codes (MAC)
• The MAC is 32-bit long, and is computed over
the headers.
• While the security of the MAC is directly related to the length of the MAC.
• The developers argued in that given the expected low data rate of the sensor network, a 32-bit MAC may provide an enough level of security against blind forgeries.
• For example, if adversary tries to flood a19.2 kb/s channel with blind forgery attempts, it may take him over 20 months to succeed.
13/11/2010 TinyOS 18
SECURITY PRIMITIVES
2. Encryption Scheme
• The TinyOS source code includes implementation for both Skipjack and RC5.
• AES was later deemed to be equally suitable as well.
• Block cipher (Skipjack) mode is believed to degrade more gracefully when IV reuse occurs.
• Between two communicating nodes, the IV could be as small as a 16-bit value.
• If the IV is not expected to repeat in a long time, then a stream cipher like (RC5) performs much better.
13/11/2010 TinyOS 19
SECURITY PRIMITIVES
3. Initialization Vectors (IV)
• The first four bytes of the IV are borrowed from the existing header fields of the TinyOS packet: the destination address, the AM type, and the length of the packet.
• The last four bytes are comprised of the source address and a 16-bit counter.
• The last four bytes of the IV is chosen in this way to maximize the number of packets each node can send.
.
13/11/2010 TinyOS 20
Continue…
• Since sensor networks must conserve power to be long-lived, the average packet rate in most sensor networks will be very low – on the order of one packet per minute.
• In short, information may only leak when one node sends two different packets with the same first eight bytes and IV, to the same destination, with the same AM type, and of the same length.
13/11/2010 TinyOS 21
13/11/2010 22
Hard Problems
• Communication security
– Defeating traffic analysis.
• A library of secure distributed services & protocols
• Security against node compromise/capture
– e.g., routing that can tolerate just one malicious insider?
– Byzantine attack tolerance, on the cheap?
• Privacy
TinyOS
13/11/2010 23
Summary
• Crypto helps, but isn’t a total solution
– Be aware of the systems tradeoffs
• Seek robustness against insider attack
– Resilience gives a way to think about malicious/captured nodes
– The law of large numbers is your friend
TinyOS
THANK YOU !
References :
[1] Hong-Siang Teo “Security of Sensor Networks” Naval post graduate school Monterey, California June 2006.
[2] D. Whiting, R.Housley, and N. Ferguson. Counter with CBC-MAC (CCM). RFC 3610. Sep. 2003.
[3]http://www.xbow.com/Support/Support_pdf_files/Get ting_Started_Guide.pdf
[4] http://en.wikipedia.org/wiki/TinyOS
[5] http://www.cs.berkeley.edu/~nks/tinysec/TinySec-
userguide.pdf
13/11/2010 24 TinyOS