Practical broadcast authentication in sensor networks

The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services Pub Date : 2005-07-17 DOI:10.1109/MOBIQUITOUS.2005.49

Donggang Liu, P. Ning, Sencun Zhu, S. Jajodia

{"title":"Practical broadcast authentication in sensor networks","authors":"Donggang Liu, P. Ning, Sencun Zhu, S. Jajodia","doi":"10.1109/MOBIQUITOUS.2005.49","DOIUrl":null,"url":null,"abstract":"Broadcast authentication is a critical security service in sensor networks; it allows a sender to broadcast messages to multiple nodes in an authenticated way. /spl mu/TESLA and multi-level /spl mu/TESLA have been proposed to provide such services for sensor networks. However, none of these techniques are scalable in terms of the number of senders. Though multi-level /spl mu/TESLA schemes can scale up to large sensor networks (in terms of receivers), they either use substantial bandwidth and storage at sensor nodes, or require significant resources at senders to deal with DOS attacks. This paper presents efficient techniques to support a potentially large number of broadcast senders using /spl mu/TESLA instances as building blocks. The proposed techniques are immune to the DOS attacks. This paper also provides two approaches, a revocation tree based scheme and a proactive distribution based scheme, to revoke the broadcast authentication capability from compromised senders. The proposed techniques are implemented, and evaluated through simulation on TinyOS. The analysis and experiment show that these techniques are efficient and practical, and can achieve better performance than the previous approaches.","PeriodicalId":129488,"journal":{"name":"The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services","volume":"150 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"165","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MOBIQUITOUS.2005.49","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 165

Abstract

Broadcast authentication is a critical security service in sensor networks; it allows a sender to broadcast messages to multiple nodes in an authenticated way. /spl mu/TESLA and multi-level /spl mu/TESLA have been proposed to provide such services for sensor networks. However, none of these techniques are scalable in terms of the number of senders. Though multi-level /spl mu/TESLA schemes can scale up to large sensor networks (in terms of receivers), they either use substantial bandwidth and storage at sensor nodes, or require significant resources at senders to deal with DOS attacks. This paper presents efficient techniques to support a potentially large number of broadcast senders using /spl mu/TESLA instances as building blocks. The proposed techniques are immune to the DOS attacks. This paper also provides two approaches, a revocation tree based scheme and a proactive distribution based scheme, to revoke the broadcast authentication capability from compromised senders. The proposed techniques are implemented, and evaluated through simulation on TinyOS. The analysis and experiment show that these techniques are efficient and practical, and can achieve better performance than the previous approaches.

查看原文本刊更多论文

传感器网络中实用的广播认证

广播认证是传感器网络中的一项重要安全服务;它允许发送方以经过身份验证的方式向多个节点广播消息。已经提出了/spl mu/TESLA和多级/spl mu/TESLA为传感器网络提供此类服务。然而，就发送者的数量而言，这些技术都是不可扩展的。虽然多级/spl mu/TESLA方案可以扩展到大型传感器网络(就接收器而言)，但它们要么在传感器节点上使用大量带宽和存储，要么在发送方需要大量资源来处理DOS攻击。本文介绍了使用/spl mu/TESLA实例作为构建块来支持潜在的大量广播发送者的有效技术。所提出的技术对DOS攻击免疫。本文还提出了基于撤销树的撤销方案和基于主动分发的撤销方案两种方案来撤销被泄露发送方的广播认证能力。提出的技术在TinyOS上实现并通过仿真进行了评估。分析和实验表明，这些方法是有效和实用的，可以达到比以前的方法更好的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services

自引率

0.00%

发文量