EFFICIENTANDSECUREDREKEYINGBASEDKEYDISTRIBUTIONIN WIRELESSSENSORARCHITECTUREWITHARDUINOANDXBEE A.F.MSULTANULKABIR MastersofScience,RoyalInstituteofTechnology,2009 AThesis SubmittedtotheSchoolofGraduateStudies oftheUniversityofLethbridge inPartialFulfillmentofthe RequirementsfortheDegree MASTEROFSCIENCE DepartmentofMathematicsandComputerScience UniversityofLethbridge LETHBRIDGE,ALBERTA,CANADA (cid:13)c A.F.MSultanulKabir,2015 EFFICIENTANDSECUREDREKEYINGBASEDKEYDISTRIBUTIONIN WIRELESSSENSORARCHITECTUREWITHARDUINOANDXBEE A.F.MSULTANULKABIR DateofDefense: April24,2015 Dr. HuaLi Supervisor AssociateProfessor Ph.D. Dr. GongbingShan CommitteeMember Professor Ph.D. Dr. RobertBenkoczi CommitteeMember AssociateProfessor Ph.D. Dr. HowardCheng Chair, Thesis Examination Com- AssociateProfessor Ph.D. mittee Dedication Tomyparentsandwife. iii Abstract Since the time of their introduction, Wireless Sensor Networks (WSN) have been catching the interest of researchers. WSN have a wide range of applications, some even involving sensitive and secret information, thereby raising security concerns. Nevertheless, WSN have some constraints like limited memory, energy and computational capability, which pose an obstacle for the addition of proper security in sensor nodes. This thesis introduces anewrekeyingdesignforWSNsecurityframeworkwhoseimplementationwoulddispense effective security in the sensor nodes. This proposed security framework is endowed with the capacity to address security issues, such as message integrity, confidentiality, authen- ticity and freshness based on symmetric key cryptography. In addition, this design does not allow the storage of any key except the initial master key in the sensor nodes prior to network deployment. This thesis also investigates reconfigurable sensor nodes in terms of execution time, memory, power consumption, and cost while running the security frame- work. Finally, the findings of this thesis are compared with previous studies conducted in thisinterestingfield. iv Acknowledgments Firstandforemost,Iwouldliketorendermyutmostthanksandgratitudetomysupervisor, Dr. Hua Li, for his continuous guidance, support and cooperation throughout the journey of my MSc program. His direction, valuable opinion and effort have led me on the path of mythesis. IwishtoexpressmythankstoDr. RobertBenkocziforhisencouragementandinsight- ful advice which certainly has helped me to ascertain my research objective. He took the timetoreviewmythesisandhisvaluablefeedbackhashelpedmeinthesuccessfulcomple- tion of my thesis. My sincere thanks also to Dr. Gongbing Shan for his thoughtful advice andinvaluablefeedbackregardingmythesiswork. Iamverythankfultoallmyfellowgraduatestudents,familymembersandlabmembers whose cooperation has made this path easier for me. Special thanks go to my wife for her tremendoussupport,encouragementandhelpthroughoutmymaster’sprogram. v Contents Contents vi ListofTables ix ListofFigures x 1 Introduction 1 1.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Maincontribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.3 Thesisorganization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2 BackgroundStudy 5 2.1 WirelessSensorNetworks . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 ApplicationsofWirelessSensorNetworks . . . . . . . . . . . . . . . . . . 6 2.3 AttacksonWSN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3.1 Attacksonsecrecyandauthentication . . . . . . . . . . . . . . . . 6 2.3.2 Attacksonnetworkavailability . . . . . . . . . . . . . . . . . . . 7 2.3.3 Stealthyattack . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.4 Physicallayerattacks . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.5 Datalinklayerattacks . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.6 Networklayerattacks . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3.7 Transportlayerattacks . . . . . . . . . . . . . . . . . . . . . . . . 9 2.3.8 Applicationlayerattacks . . . . . . . . . . . . . . . . . . . . . . . 9 2.4 PerformanceRequirementsinWSN . . . . . . . . . . . . . . . . . . . . . 10 2.4.1 Energyefficiency . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.4.2 Memoryrequirementandexecutiontime . . . . . . . . . . . . . . 10 2.5 SecurityRequirementsinWSN . . . . . . . . . . . . . . . . . . . . . . . . 10 2.5.1 Confidentiality . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.5.2 Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.5.3 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.5.4 Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.5.5 CurrentData . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.5.6 Forwardandbackwardsecrecy . . . . . . . . . . . . . . . . . . . . 12 2.6 SymmetricEncryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.6.1 Cryptographicdimension . . . . . . . . . . . . . . . . . . . . . . . 13 2.7 RC4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.8 HashFunctions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 vi CONTENTS 2.8.1 PropertiesofHashvalue . . . . . . . . . . . . . . . . . . . . . . . 16 2.9 SecureHashAlgorithm(SHA-1) . . . . . . . . . . . . . . . . . . . . . . . 17 2.10 IEEE802.15.4Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 2.11 ZigBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 2.12 DigiMeshNetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3 RelatedContributionsandMotivation 21 4 ProposedFrameworkDesign 26 4.1 SecurityIssuesAttainedbytheDesign . . . . . . . . . . . . . . . . . . . . 28 4.1.1 Confidentiality . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.1.2 Dataintegrityandauthenticity . . . . . . . . . . . . . . . . . . . . 29 4.1.3 Forwardandbackwardsecrecy . . . . . . . . . . . . . . . . . . . . 29 4.2 AttackPrevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.2.1 Maninthemiddleattack . . . . . . . . . . . . . . . . . . . . . . . 29 4.2.2 Replyattack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.2.3 Tampering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 4.2.4 Sybilattackandhellofloodattack . . . . . . . . . . . . . . . . . . 30 5 HardwareComponent 31 5.1 Arduino . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 5.2 ArduinoUno . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 5.3 ArduinoXBeeShield . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5.4 XBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5.5 XBeeExplorerUSB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.6 TemperatureSensor TMP36 . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.7 RelatedSensorMotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.7.1 TelosB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.7.2 MicaZ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.7.3 Waspmote . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.7.4 Shimmer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 6 ImplementationoftheProposedFramework 39 6.1 ArchitectureoftheSystem . . . . . . . . . . . . . . . . . . . . . . . . . . 39 6.1.1 CircuitandWiring . . . . . . . . . . . . . . . . . . . . . . . . . . 39 6.2 SystemProgrammingPhase . . . . . . . . . . . . . . . . . . . . . . . . . 40 6.2.1 Communicationestablishment . . . . . . . . . . . . . . . . . . . . 40 6.2.2 Replacingtheoldkeyandrekeying . . . . . . . . . . . . . . . . . 42 6.2.3 Datatransferbetweenthesensornodesandthereceiver . . . . . . . 43 6.2.4 ImplementingthewholeconceptinMeshnetwork . . . . . . . . . 45 6.2.5 Graphicaluserinterfaceonthereceiverside . . . . . . . . . . . . . 46 7 TestingandEvaluation 49 7.1 ExecutionTime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 7.2 Executiontimeforvariablesizeofsensordata . . . . . . . . . . . . . . . . 51 7.2.1 Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 vii CONTENTS 7.2.2 Signaturegeneration . . . . . . . . . . . . . . . . . . . . . . . . . 52 7.3 Currentconsumption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 7.4 Energyconsumption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 7.5 Introducingpowersavingonthesensornode . . . . . . . . . . . . . . . . 56 7.6 Comparisonwithpreviousworks . . . . . . . . . . . . . . . . . . . . . . . 58 7.6.1 Executiontimefork . . . . . . . . . . . . . . . . . . . . . . . . . 58 7.6.2 Currentconsumption . . . . . . . . . . . . . . . . . . . . . . . . . 59 7.6.3 Energyconsumption . . . . . . . . . . . . . . . . . . . . . . . . . 60 7.6.4 Explanationforlowenergyconsumption . . . . . . . . . . . . . . 61 7.7 Latency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 7.8 LatencycalculationinDigimesh . . . . . . . . . . . . . . . . . . . . . . . 64 7.9 Throughput . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 7.10 ThroughputinDigimesh . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 8 ConclusionandFutureworks 69 8.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 8.2 Futureworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Bibliography 72 viii List of Tables 2.1 FactsregardingSHA-1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 4.1 Notationusedinrekeyingframework . . . . . . . . . . . . . . . . . . . . . 26 7.1 Executiontimeforasensornode . . . . . . . . . . . . . . . . . . . . . . . 50 7.2 Currentconsumptionbyasensornode . . . . . . . . . . . . . . . . . . . . 53 7.3 Currentconsumptionbyasensornodeincludingradio . . . . . . . . . . . 53 7.4 Energyconsumptionbyasensornode . . . . . . . . . . . . . . . . . . . . 55 ix List of Figures 2.1 WirelessSensorNetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Symmetricencryptionmodel [44] . . . . . . . . . . . . . . . . . . . . . . 13 2.3 RC4operation [44] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.4 CryptographicHashfunction [44] . . . . . . . . . . . . . . . . . . . . . . 16 2.5 RelationshipamongtheHashfunctionproperties [44] . . . . . . . . . . . 17 2.6 TheZigBeenetworkarchitecture [35] . . . . . . . . . . . . . . . . . . . . 19 2.7 TheZigBenetwork [10] . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 2.8 TheDigiMeshnetwork [10] . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1 Rekeyinganddatatransferbetweensensornodeandreceiver . . . . . . . . 27 5.1 ArduinoUNO [3] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 5.2 ArduinoXBeeShield [4] . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5.3 XBee [11] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.4 XBeewithexplorer [12] . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.5 Temperaturesensor [7] . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.6 TelosBmote [46] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.7 MicaZmote [5] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.8 Waspmotesenornode [8] . . . . . . . . . . . . . . . . . . . . . . . . . . 38 6.1 CircuitwiringofArduino,BreadboardandSensor . . . . . . . . . . . . . . 39 6.2 Workingsensornodeandreceiverend . . . . . . . . . . . . . . . . . . . . 40 6.3 Simplecommunicationbetweenthesenderandthereceiver . . . . . . . . . 41 6.4 Keyestablishmentduringexperiment . . . . . . . . . . . . . . . . . . . . 43 6.5 Datatransferbetweenthesenderandthereceiver . . . . . . . . . . . . . . 44 6.6 ThewholeconceptinDigimesh . . . . . . . . . . . . . . . . . . . . . . . 46 6.7 Theworkinggraphicaluserinterface . . . . . . . . . . . . . . . . . . . . . 47 7.1 Executiontimetakenbyasensornode . . . . . . . . . . . . . . . . . . . . 50 7.2 Executiontimefordifferentsizesofsensordatawithencryption . . . . . . 51 7.3 Executiontimerequiredbydifferentsizesofsensordataforsignaturegen- eration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 7.4 Currentconsumptionbyasensornode . . . . . . . . . . . . . . . . . . . . 54 7.5 Energyconsumptionbyasensornode . . . . . . . . . . . . . . . . . . . . 55 7.6 CircuitdesigntosleepXBeeradio . . . . . . . . . . . . . . . . . . . . . . 56 7.7 Comparisonofcurrentconsumptionwithsleepmodeonandsleepmodeoff 57 7.8 Comparisonofenergyconsumptioninsleepmodeonandsleepmodeoff . 57 7.9 ComparisonofexecutiontimewithHerreraetal.[26]andHuetal.[27] . . 59 7.10 ComparisonofcurrentconsumptionwithHerreraetal.[26]andHuetal.[27] 60 x
Description: