Kalvinder Singh

Authenticated Key Establishment Protocols for a Home Health Care System

Wireless sensor networks provide solutions to a range of monitoring problems. However, they also introduce a new set of problems mainly due to small memories, weak processors, limited energy and small packet size. Thus only a very few conventional protocols can readily be used in sensor networks. Sensor networks can exist in many different environments, and each environment has its own unique characteristics and requirements. As an example application, a home health care system is proposed and examined in detail in this paper. We show how cryptographically weak physiological data can be used to establish keys between body sensors, where the sensors have no other prior secret. This paper also proposes a protocol where a hand held device, such as a PDA, can establish a key with the majority of sensors found in our home health care system. This is achieved without the necessity of using traditional encryption. Detailed analysis of each of the protocols is provided. The protocols were implemented in TinyOS and simulated using TOSSIM and ATEMU. Energy consumption and memory requirements are analysed and it was found that an RSA implementation of our protocols has some advantages over an ECC implementation.

An Encryption Scheme Using Chaotic Map and Genetic Operations for Wireless Sensor Networks

Over the past decade, the application domain of wireless sensor networks has expanded steadily, ranging from environmental management to industry control, and from structural health monitoring to strategic surveillance. With the proliferation of sensor networks at home, work place, and beyond, securing data in the network has become a challenge. A number of security mechanisms have been proposed for sensor networks to provide data confidentiality: 1) advanced encryption system; 2) KATAN; 3) LED; and 4) TWINE. However, these schemes have drawbacks, including security vulnerabilities, need for hardware-based implementation, and higher computational complexity. To address these limitations, we propose a lightweight block cipher based on chaotic map and genetic operations. The proposed cryptographic scheme employs elliptic curve points to verify the communicating nodes and as one of the chaotic map parameters to generate the pseudorandom bit sequence. This sequence is used in XOR, mutation, and crossover operations in order to encrypt the data blocks. The experimental results based on Mica2 sensor mote show that the proposed encryption scheme is nine times faster than the LED protocol and two times faster than the TWINE protocol. We have also performed a number of statistical tests and cryptanalytic attacks to evaluate the security strength of the algorithm and found the cipher provably secure.

Key establishment protocols using environmental and physiological data in wireless sensor networks

Wireless sensor networks provide solutions to a range of monitoring problems. However, they also introduce a new set of challenges mainly due to small memories, weak processors, and limited energy. As an example application, body sensor network is examined in detail in this paper. It is used as the basis for the requirements for the proposed key establishment protocols. Four protocols are proposed, which body sensors can use to derive keys from cryptographically weak environmental data. This is achieved without the necessity of using traditional encryption. We map the applicability of each protocol to the corresponding characteristics found in different types of environmental data. Detailed analysis of each of the protocols is provided. The protocols were implemented in TinyOS and simulated using TOSSIM. Energy consumption and memory requirements are analysed and found that an RSA implementation of our protocols has some advantages over an ECC implementation.

Analysis of Proposed Key Establishment Protocols in Multi-Tiered Sensor Networks

Wireless sensor networks provide solutions to a range of monitoring problems. However, they introduce a new set of problems mainly due to small memories, weak processors, limited energy and small packet size. Thus only a very few conventional protocols can readily be used in sensor networks. This paper closely examines the currently available key distributions protocols, their strengths and limitations. The performance of these protocols under different scenarios are thoroughly investigated using theoretical analysis and using a simulation study with TinyOS. First a number of single server protocols were proposed and their performance was analysed. Then we propose a new set of multi–server key distribution protocols, where base stations (or controller nodes) are untrusted. The proposed solutions replicate the authentication server such that a group of malicious and colluding servers cannot compromise security or disrupt service. A detailed comparison of the performance of the proposed protocols with that of other available protocols show the advantages of our protocols. We show that the proposed multiple server authentication protocols will only have O(n) complexity, where n is the number of authentication servers. The protocols use information from the sensor nodes and the servers to generate a new key, and do not solely rely on the sensor nodes to generate good random numbers. The proposed protocols guarantee that the new key is fresh and that the communicating nodes use the same key.

A Minimal Protocol for Authenticated Key Distribution in Wireless Sensor Networks

Wireless sensor networks provide solutions to a range of monitoring problems. However, they introduce a new set of problems mainly due to small memories, weak processors, limited energy and small packet size. Thus only a very few conventional protocols can readily be used in sensor networks. This paper proposes efficient protocols to distribute keys in wireless sensor networks. This is achieved without the necessity of using traditional encryption. The proposed solution replicates the authentication server such that a group of malicious and colluding servers cannot compromise security or disrupt service. We show that the proposed multiple server authentication protocols will only have O(n) complexity, where n is the number of authentication servers. The protocols use information from the sensor nodes and the servers to generate a new key, and do not solely rely on the sensor nodes to generate good random numbers. The scheme works well even when the base stations are untrusted. The proposed protocols guarantee that the new key is fresh and that the communicating nodes use the same key.

An Analytical Model for Lifetime Estimation of Wireless Sensor Networks

We propose an analytical model to formally define the lifetime of Wireless Sensor Networks by considering various input factors including remaining energy, link quality, and location of the sensor nodes in the network. The model derives an expression for lifetime estimation on the basis of distribution of sensor nodes in the deployment area. The proposed model can be used to evaluate the performance of any routing protocol. We validate the model by means of simulation and show that the analytical outcomes are close to the experimental results.

A Simple Lightweight Encryption Scheme for Wireless Sensor Networks

Security is a critical issue in many sensor network applications. A number of security mechanisms are developed for wireless sensor networks based on classical cryptography. AES, RC5, SkipJack and XXTEA are some symmetric-key encryption algorithms that are deployed in sensor network environments. However, these algorithms have their own weakness, such as vulnerable to chosen-plaintext attack, brute force attack and computational complexity. We propose an energy efficient lightweight encryption scheme based on pseudorandom bit sequence generated by elliptic curve operations. We present experimental results of our proposed algorithm employed on real sensor nodes operating in TinyOS. We also discuss the security strength of our algorithm by presenting the security analysis of various tests and cryptanalytic attacks.

Using physiological signals for authentication in a group key agreement protocol

A Body Area Network (BAN) can be used to monitor the elderly people or patients with chronic diseases. Securing broadcasted data and commands within BANs is essential for preserving the privacy of health data and for ensuring the safety of the patient. We show how a group key can be securely established between the different sensors within a BAN. The proposed mechanism uses the inherent secure environmental values. An implementation of the protocols is carried out on mica2 motes and performance is examined in detail. The time elapsed, complexity of the code and memory requirements are analysed. The results confirm the potential benefits in real-world application. We show that a key establishment protocol based on RSA has advantages over a protocol based on ECC for this application.

Performance of Flow-based Anomaly Detection in Sampled Traffic

In recent years, flow-based anomaly detection has attracted considerable attention from many researchers and some methods have been proposed to improve its accuracy. However, only a few studies have considered anomaly detection with sampled flow traffic, which is widely used for the management of high-speed networks. This gap is addressed in this study. First, we optimize an artificial neural network (ANN)-based classifier to detect anomalies in flow traffic. The results show that although it has a high degree of accuracy, the classifier loses significant information in the process of sampling. In this regard, we propose a sampling method to improve the performance of flow-based anomaly detection in sampled traffic. While existing sampling methods for anomaly detection preserve only small malicious flows, the proposed algorithm samples both small and large malicious flows. Therefore, the detection rate of the flow-based anomaly detector is improved by about 5% using our algorithm. To evaluate the proposed sampling method, three flow-based datasets are generated in this study

Implementation and Analysis of Sensor Security Protocols in a Home Health Care System

A Wireless Sensor Network can be used in a home health care system to monitor the elderly or patients with chronic diseases. The quality of security of the home health care system is an important requirement. If the security services or servers malfunction then the system itself may become compromised. We show that with multi--server protocols, even if one or more servers become unavailable or untrustworthy, it may still be possible for the sensor nodes to establish a good session key. We compare and contrast different multi--server protocols. We also show which protocols are more suited for our system. The protocols were implemented in TinyOS and run on mica2 motes. The time elapsed, complexity of the code, and memory requirements are analysed in detail. We show that a symmetric key implementation has advantages over an asymmetric implementation.