A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Key Management in Wireless Sensor Networks, IP-Based Sensor Networks, Content Centric Networks

Cryptographic keys and their management in network communication is considered the main building block of security over which other security primitives are based. These cryptographic keys ensure the privacy, authentication, integrity and non-repudiation of messages. However, the use of these cryptographic keys and their management in dealing with the resource constrained devices (i.e. Sensor nodes) is a challenging task. A number of key management schemes have been introduced by researchers all over the world for such resource constrained networks. For example, light weight PKI and elliptic curve cryptography schemes are computationally expensive for these resource constrained devices. So far the symmetric key approach is considered best for these constrained networks and different variants of it been developed for these networks (i.e. probabilistic key distribution approach). The probabilistic key distribution approach consumes less memory than the standard symmetric key approach but it suffers from the connectivity issues (i.e. the connectivity depends on the common shared keys between the nodes). Most of those schemes were proposed by considering static sensor networks (e.g. Industrial process monitoring, Environmental monitoring, movement detection in military applications, forests etc.). However, the use of these existing key management schemes for mobile wireless sensor networks applications introduces more challenges in terms of network connectivity, energy consumption, memory cost, communication overhead and protection of key materials against some well known attacks. Keeping these challenges in mind, previous research has proposed some key management schemes considering the mobility scenarios in ad hoc networks and wireless sensor networks (e.g. vehicular networks, health monitoring systems).However these schemes consume more resource because of a much higher communication packet exchange during the handover phase for the authentication of joining and leaving nodes than the static networks where there is no extra communication for the handover and authentication. The motivation of this research work is to investigate and propose new algorithms not only to improve the efficiency of these existing authentication and key management schemes in terms of connectivity, memory and security by considering the mobility scenario in wireless sensor networks, but also to develop new algorithms that suit these constrained networks than the existing schemes. First, we choose the existing key pool approach for authentication and key management and improve its network connectivity and resilience against some well known attacks (e.g. node capturing attacks) while reduce the memory cost by storing those key pools in each sensor node. In the proposed solution, we have divided the main key pool into two virtual mutually exclusive key pools. This division and constructing a key from two chosen keys, one from each key pool, helps to reduce the memory cost of each node by assigning fewer keys for the same level of network connectivity as the existing key pool frameworks. Although, the proposed key pool approach increases the network resilience against node compromission attacks because of the smaller number of keys assigned to each node, however it does not completely nullify the effect of the attacks. Hence we proposed an online mutual authentication and key establishment and management scheme for sensor networks that provides almost 100\% network connectivity and also nullifies the effect of node compromission attacks. In the proposed online key generation approach, the secret key is dependent on both communicating parties. Once the two communicating parties authenticate each other, they would successfully establish a secret communication key, otherwise they stop communication and inform the network manager about the intruder detection and activity. The last part of the thesis considers the integration of two different technologies (i.e. wireless sensor networks and IP networks). This is a very interesting and demanding research area because of its numerous applications, such as smart energy, smart city etc.. However the security requirements of these two kind of networks (resource constrained and resourceful) make key management a challenging task. Hence we use an online key generation approach using elliptic curve cryptography which gives the same security level as the standard PKI approach used in IP networks with smaller key length and is suited for the sensor network packet size limitations. It also uses a less computationally expensive approach than PKI and hence makes ECC suitable to be adopted in wireless sensor networks. In the key management scheme for IP based sensor networks, we generate the public private key pair based on ECC for each individual sensor node. However the public key is not only dependent on the node's parameter but also the parameters of the network to which it belongs. This increases the security of the proposed solution and avoids intruders pretending to be authentic members of the network(s) by spreading their own public keys. In the last part of the thesis we consider Content Centric Networking (CCN) which is a new routing architecture for the internet of the future. Building on the observation that today's communications are more oriented towards content retrieval (web, P2P, etc.) than point-to-point communications (VoIP, IM, etc.), CCN proposes a radical revision of the Internet architecture switching from named hosts (TCP/IP protocols) to named data to best match its current usage. In a nutshell, content is addressable, routable, self-sufficient and authenticated, while locations no longer matter. Data is seen and identified directly by a routable name instead of a location (the address of the server). Consequently, data is directly requested at the network level not from its holder, hence there is no need for the DNS). To improve content diffusion, CCN relies on data distribution and duplication, because storage is cheaper than bandwidth: every content - particularly popular one - can be replicated and stored on any CCN node, even untrustworthy. People looking for particular content can securely retrieve it in a P2P-way from the best locations available. So far, there has been little investigation of the security of CCNs and there is no specific key management scheme for that. We propose an authentication and key establishment scheme for CCNs in which the contents are authenticated by the content generating node, using pre-distributed shares of encryption keys. The content requesting node can get those shares from any node in the network, even from malicious and intruder ones, in accordance with a key concept of CCNs. In our work we also provide means to protect the distributed shares from modification by these malicious/intruder nodes. The proposed scheme is again an online key generation approach but including a relation between the content and its encryption key. This dependency prevents the attackers from modifying the packet or the key share

Envisioning the Future of Cyber Security in Post-Quantum Era: A Survey on PQ Standardization, Applications, Challenges and Opportunities

The rise of quantum computers exposes vulnerabilities in current public key cryptographic protocols, necessitating the development of secure post-quantum (PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches, covering the constructional design, structural vulnerabilities, and offer security assessments, implementation evaluations, and a particular focus on side-channel attacks. We analyze global standardization processes, evaluate their metrics in relation to real-world applications, and primarily focus on standardized PQ schemes, selected additional signature competition candidates, and PQ-secure cutting-edge schemes beyond standardization. Finally, we present visions and potential future directions for a seamless transition to the PQ era

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Cryptanalysis of Some AES-based Cryptographic Primitives

Current information security systems rely heavily on symmetric key cryptographic primitives as one of their basic building blocks. In order to boost the efficiency of the security systems, designers of the underlying primitives often tend to avoid the use of provably secure designs. In fact, they adopt ad hoc designs with claimed security assumptions in the hope that they resist known cryptanalytic attacks. Accordingly, the security evaluation of such primitives continually remains an open field. In this thesis, we analyze the security of two cryptographic hash functions and one block cipher. We primarily focus on the recent AES-based designs used in the new Russian Federation cryptographic hashing and encryption suite GOST because the majority of our work was carried out during the open research competition run by the Russian standardization body TC26 for the analysis of their new cryptographic hash function Streebog. Although, there exist security proofs for the resistance of AES- based primitives against standard differential and linear attacks, other cryptanalytic techniques such as integral, rebound, and meet-in-the-middle attacks have proven to be effective. The results presented in this thesis can be summarized as follows: Initially, we analyze various security aspects of the Russian cryptographic hash function GOST R 34.11-2012, also known as Streebog or Stribog. In particular, our work investigates five security aspects of Streebog. Firstly, we present a collision analysis of the compression function and its in- ternal cipher in the form of a series of modified rebound attacks. Secondly, we propose an integral distinguisher for the 7- and 8-round compression function. Thirdly, we investigate the one wayness of Streebog with respect to two approaches of the meet-in-the-middle attack, where we present a preimage analysis of the compression function and combine the results with a multicollision attack to generate a preimage of the hash function output. Fourthly, we investigate Streebog in the context of malicious hashing and by utilizing a carefully tailored differential path, we present a backdoored version of the hash function where collisions can be generated with practical complexity. Lastly, we propose a fault analysis attack which retrieves the inputs of the compression function and utilize it to recover the secret key when Streebog is used in the keyed simple prefix and secret-IV MACs, HMAC, or NMAC. All the presented results are on reduced round variants of the function except for our analysis of the malicious version of Streebog and our fault analysis attack where both attacks cover the full round hash function. Next, we examine the preimage resistance of the AES-based Maelstrom-0 hash function which is designed to be a lightweight alternative to the ISO standardized hash function Whirlpool. One of the distinguishing features of the Maelstrom-0 design is the proposal of a new chaining construction called 3CM which is based on the 3C/3C+ family. In our analysis, we employ a 4-stage approach that uses a modified technique to defeat the 3CM chaining construction and generates preimages of the 6-round reduced Maelstrom-0 hash function. Finally, we provide a key recovery attack on the new Russian encryption standard GOST R 34.12- 2015, also known as Kuznyechik. Although Kuznyechik adopts an AES-based design, it exhibits a faster diffusion rate as it employs an optimal diffusion transformation. In our analysis, we propose a meet-in-the-middle attack using the idea of efficient differential enumeration where we construct a three round distinguisher and consequently are able to recover 16-bytes of the master key of the reduced 5-round cipher. We also present partial sequence matching, by which we generate, store, and match parts of the compared parameters while maintaining negligible probability of matching error, thus the overall online time complexity of the attack is reduced

Key Management in Wireless Sensor Networks, IP-Based Sensor Networks, Content Centric Networks

Cryptographic keys and their management in network communication is considered the main building block of security over which other security primitives are based. These cryptographic keys ensure the privacy, authentication, integrity and non-repudiation of messages. However, the use of these cryptographic keys and their management in dealing with the resource constrained devices (i.e. Sensor nodes) is a challenging task. A number of key management schemes have been introduced by researchers all over the world for such resource constrained networks. For example, light weight PKI and elliptic curve cryptography schemes are computationally expensive for these resource constrained devices. So far the symmetric key approach is considered best for these constrained networks and different variants of it been developed for these networks (i.e. probabilistic key distribution approach). The probabilistic key distribution approach consumes less memory than the standard symmetric key approach but it suffers from the connectivity issues (i.e. the connectivity depends on the common shared keys between the nodes). Most of those schemes were proposed by considering static sensor networks (e.g. Industrial process monitoring, Environmental monitoring, movement detection in military applications, forests etc.). However, the use of these existing key management schemes for mobile wireless sensor networks applications introduces more challenges in terms of network connectivity, energy consumption, memory cost, communication overhead and protection of key materials against some well known attacks. Keeping these challenges in mind, previous research has proposed some key management schemes considering the mobility scenarios in ad hoc networks and wireless sensor networks (e.g. vehicular networks, health monitoring systems).However these schemes consume more resource because of a much higher communication packet exchange during the handover phase for the authentication of joining and leaving nodes than the static networks where there is no extra communication for the handover and authentication. The motivation of this research work is to investigate and propose new algorithms not only to improve the efficiency of these existing authentication and key management schemes in terms of connectivity, memory and security by considering the mobility scenario in wireless sensor networks, but also to develop new algorithms that suit these constrained networks than the existing schemes. First, we choose the existing key pool approach for authentication and key management and improve its network connectivity and resilience against some well known attacks (e.g. node capturing attacks) while reduce the memory cost by storing those key pools in each sensor node. In the proposed solution, we have divided the main key pool into two virtual mutually exclusive key pools. This division and constructing a key from two chosen keys, one from each key pool, helps to reduce the memory cost of each node by assigning fewer keys for the same level of network connectivity as the existing key pool frameworks. Although, the proposed key pool approach increases the network resilience against node compromission attacks because of the smaller number of keys assigned to each node, however it does not completely nullify the effect of the attacks. Hence we proposed an online mutual authentication and key establishment and management scheme for sensor networks that provides almost 100\% network connectivity and also nullifies the effect of node compromission attacks. In the proposed online key generation approach, the secret key is dependent on both communicating parties. Once the two communicating parties authenticate each other, they would successfully establish a secret communication key, otherwise they stop communication and inform the network manager about the intruder detection and activity. The last part of the thesis considers the integration of two different technologies (i.e. wireless sensor networks and IP networks). This is a very interesting and demanding research area because of its numerous applications, such as smart energy, smart city etc.. However the security requirements of these two kind of networks (resource constrained and resourceful) make key management a challenging task. Hence we use an online key generation approach using elliptic curve cryptography which gives the same security level as the standard PKI approach used in IP networks with smaller key length and is suited for the sensor network packet size limitations. It also uses a less computationally expensive approach than PKI and hence makes ECC suitable to be adopted in wireless sensor networks. In the key management scheme for IP based sensor networks, we generate the public private key pair based on ECC for each individual sensor node. However the public key is not only dependent on the node's parameter but also the parameters of the network to which it belongs. This increases the security of the proposed solution and avoids intruders pretending to be authentic members of the network(s) by spreading their own public keys. In the last part of the thesis we consider Content Centric Networking (CCN) which is a new routing architecture for the internet of the future. Building on the observation that today's communications are more oriented towards content retrieval (web, P2P, etc.) than point-to-point communications (VoIP, IM, etc.), CCN proposes a radical revision of the Internet architecture switching from named hosts (TCP/IP protocols) to named data to best match its current usage. In a nutshell, content is addressable, routable, self-sufficient and authenticated, while locations no longer matter. Data is seen and identified directly by a routable name instead of a location (the address of the server). Consequently, data is directly requested at the network level not from its holder, hence there is no need for the DNS). To improve content diffusion, CCN relies on data distribution and duplication, because storage is cheaper than bandwidth: every content - particularly popular one - can be replicated and stored on any CCN node, even untrustworthy. People looking for particular content can securely retrieve it in a P2P-way from the best locations available. So far, there has been little investigation of the security of CCNs and there is no specific key management scheme for that. We propose an authentication and key establishment scheme for CCNs in which the contents are authenticated by the content generating node, using pre-distributed shares of encryption keys. The content requesting node can get those shares from any node in the network, even from malicious and intruder ones, in accordance with a key concept of CCNs. In our work we also provide means to protect the distributed shares from modification by these malicious/intruder nodes. The proposed scheme is again an online key generation approach but including a relation between the content and its encryption key. This dependency prevents the attackers from modifying the packet or the key shares