Channel-based key generation for encrypted body-worn wireless sensor networks

Body-worn sensor networks are important for rescue-workers, medical and many other applications. Sensitive data are often transmitted over such a network, motivating the need for encryption. Body-worn sensor networks are deployed in conditions where the wireless communication channel varies dramatically due to fading and shadowing, which is considered a disadvantage for communication. Interestingly, these channel variations can be employed to extract a common encryption key at both sides of the link. Legitimate users share a unique physical channel and the variations thereof provide data series on both sides of the link, with highly correlated values. An eavesdropper, however, does not share this physical channel and cannot extract the same information when intercepting the signals. This paper documents a practical wearable communication system implementing channel-based key generation, including an implementation and a measurement campaign comprising indoor as well as outdoor measurements. The results provide insight into the performance of channel-based key generation in realistic practical conditions. Employing a process known as key reconciliation, error free keys are generated in all tested scenarios. The key-generation system is computationally simple and therefore compatible with the low-power micro controllers and low-data rate transmissions commonly used in wireless sensor networks

Algebraic Watchdog: Mitigating Misbehavior in Wireless Network Coding

We propose a secure scheme for wireless network coding, called the algebraic watchdog. By enabling nodes to detect malicious behaviors probabilistically and use overheard messages to police their downstream neighbors locally, the algebraic watchdog delivers a secure global self-checking network. Unlike traditional Byzantine detection protocols which are receiver-based, this protocol gives the senders an active role in checking the node downstream. The key idea is inspired by Marti et al.'s watchdog-pathrater, which attempts to detect and mitigate the effects of routing misbehavior. As an initial building block of a such system, we first focus on a two-hop network. We present a graphical model to understand the inference process nodes execute to police their downstream neighbors; as well as to compute, analyze, and approximate the probabilities of misdetection and false detection. In addition, we present an algebraic analysis of the performance using an hypothesis testing framework that provides exact formulae for probabilities of false detection and misdetection. We then extend the algebraic watchdog to a more general network setting, and propose a protocol in which we can establish trust in coded systems in a distributed manner. We develop a graphical model to detect the presence of an adversarial node downstream within a general multi-hop network. The structure of the graphical model (a trellis) lends itself to well-known algorithms, such as the Viterbi algorithm, which can compute the probabilities of misdetection and false detection. We show analytically that as long as the min-cut is not dominated by the Byzantine adversaries, upstream nodes can monitor downstream neighbors and allow reliable communication with certain probability. Finally, we present simulation results that support our analysis.Comment: 10 pages, 10 figures, Submitted to IEEE Journal on Selected Areas in Communications (JSAC) "Advances in Military Networking and Communications

A hierarchical group model for programming sensor networks

A hierarchical group model that decouples computation from hardware can characterize and aid in the construction of sensor network software with minimal overhead. Future sensor network applications will move beyond static, homogeneous deployments to include dynamic, heterogeneous elements. These sensor networks will also gain new users, including casual users who will expect intuitive interfaces to interact with sensor networks. To address these challenges, a new computational model and a system implementing the model are presented. This model ensures that computations can be readily reassigned as sensor nodes are introduced or removed. The model includes methods for communication to accommodate these dynamic elements. This dissertation presents a detailed description and design of a computational model that resolves these challenges using a hierarchical group mechanism. In this model, computation is tasked to logical groups and split into collective and local components that communicate hierarchically. Local computation is primarily used for data production and publishes data to the collective computation. Similarly, collective computation is primarily used for data aggregation and pushes results back to the local computation. Finally, the model includes data-processing functions interposed between local and collective functions that are responsible for data conversion. This dissertation also presents implementations and applications of the model. Implementations include Kensho, a C-based implementation of the hierarchical group model, that can be used for a variety of user applications. Another implementation, Tables, presents a spreadsheet-inspired view of the sensor network that takes advantage of hierarchical groups for both computation and communication. Users are able to specify both local and collective functions that execute on the sensor network via the spreadsheet interface. Applications of the model are also explored. One application, FUSN, provides a set of methods for constructing filesystem-based interfaces for sensor networks. This demonstrates the general applicability of the model as applied to sensor network programming and management interfaces. Finally, the model is applied to a novel privacy algorithm to demonstrate that the model isn\u27t strictly limited to programming interfaces

Energy-efficient task-scheduling and networking protocols for secure wireless networks

The performance of wireless networks is dependent on a number of factors including the available energy, energy-efficiency, data processing delay, transmission delay, routing decisions, security overhead, etc. Traditionally, due to limited resources, nodes were tasked with only collecting measurements and sending them to a base station or central unit for processing. With increased capabilities of microprocessors the data processing is pushed more toward network and its more capable nodes. This thesis focuses to virtualize the processing resources of the entire network and dynamically distribute processing steps along the routing path while optimizing performance. Additionally, a new multi-key encryption (MKE) scheme is proposed to optimize efficiency while enhancing security. The main benefit of the MKE scheme is the improved resilience of the advanced encryption standard (AES) against correlation power analysis (CPA) attack by breaking the correlation between power consumption and the used secret key. The MKE security scheme is analyzed with network implementation and studied for its effects on network parameters such as network connectivity, resilience against node capture and energy efficiency of the scheme. Moreover, a new analysis methodology is proposed to quantify a resilience of a network against node capture such that the strength of the underlying security mechanisms is taken into account. Furthermore, the tradeoff between security and network performance is addressed by the proposed task-scheduling scheme. Also, the proposed methodology does not make assumption of homogenous [sic] network that is often used in literature to simplify analysis and scheme design. In contrast, the proposed formulation is generic, thus allowing heterogeneous nodes to be used while guaranteeing network performance. Consequently, the proposed scheme creates a wireless computing cloud where the processing tasks are dynamically assigned to the nodes using the Dynamic Programming (DP) methodology. The processing and transmission decisions are analytically derived from network models in order to optimize the utilization of network resources including: available energy, processing capacity, security overhead, bandwidth etc. As a result, the online optimization of network resources is achieved --Abstract, page iv

A Multi-hop Multi-source Algebraic Watchdog

In our previous work "An Algebraic Watchdog for Wireless Network Coding", we proposed a new scheme in which nodes can detect malicious behaviors probabilistically, police their downstream neighbors locally using overheard messages; thus, provide a secure global "self-checking network". As the first building block of such a system, we focused on a two-hop network, and presented a graphical model to understand the inference process by which nodes police their downstream neighbors and to compute the probabilities of misdetection and false detection. In this paper, we extend the Algebraic Watchdog to a more general network setting, and propose a protocol in which we can establish "trust" in coded systems in a distributed manner. We develop a graphical model to detect the presence of an adversarial node downstream within a general two-hop network. The structure of the graphical model (a trellis) lends itself to well-known algorithms, such as Viterbi algorithm, that can compute the probabilities of misdetection and false detection. Using this as a building block, we generalize our scheme to multi-hop networks. We show analytically that as long as the min-cut is not dominated by the Byzantine adversaries, upstream nodes can monitor downstream neighbors and allow reliable communication with certain probability. Finally, we present preliminary simulation results that support our analysis.Comment: 5 pages, 2 figures, to appear in IEEE ITW Dublin 201

A Blockchain-Based Mutual Authentication Method to Secure the Electric Vehicles’ TPMS

Despite the widespread use of Radio Frequency Identification (RFID) and wireless connectivity such as Near Field Communication (NFC) in electric vehicles, their security and privacy implications in Ad-Hoc networks have not been well explored. This paper provides a data protection assessment of radio frequency electronic system in the Tire Pressure Monitoring System (TPMS). It is demonstrated that eavesdropping is completely feasible from a passing car, at an approximate distance up to 50 meters. Furthermore, our reverse analysis shows that the static n -bit signatures and messaging can be eavesdropped from a relatively far distance, raising privacy concerns as a vehicles' movements can be tracked by using the unique IDs of tire pressure sensors. Unfortunately, current protocols do not use authentication, and automobile technologies hardly follow routine message confirmation so sensor messages may be spoofed remotely. To improve the security of TPMS, we suggest a novel ultra-lightweight mutual authentication for the TPMS registry process in the automotive network. Our experimental results confirm the effectiveness and security of the proposed method in TPMS.©2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.fi=vertaisarvioitu|en=peerReviewed