Pieter H. Hartel

Survey and benchmark of block ciphers for wireless sensor networks

Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far. We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications.

Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols

A typical wireless sensor node has little protection against radio jamming. The situation becomes worse if energy-efficient jamming can be achieved by exploiting knowledge of the data link layer. Encrypting the packets may help to prevent the jammer from taking actions based on the content of the packets, but the temporal arrangement of the packets induced by the nature of the protocol might unravel patterns that the jammer can take advantage of, even when the packets are encrypted. By looking at the packet interarrival times in three representative MAC protocols, S-MAC, LMAC, and B-MAC, we derive several jamming attacks that allow the jammer to jam S-MAC, LMAC, and B-MAC energy efficiently. The jamming attacks are based on realistic assumptions. The algorithms are described in detail and simulated. The effectiveness and efficiency of the attacks are examined. In addition, we validate our simulation model by comparing its results with measurements obtained from actual implementation on our sensor node prototypes. We show that it takes little effort to implement such effective jammers, making them a realistic threat. Careful analysis of other protocols belonging to the respective categories of S-MAC, LMAC, and B-MAC reveals that those protocols are, to some extent, also susceptible to our attacks. The result of this investigation provides new insights into the security considerations of MAC protocols.

POSEIDON: a 2-tier anomaly-based network intrusion detection system

We present POSEIDON, a new anomaly-based network intrusion detection system. POSEIDON is payload-based, and has a two-tier architecture: the first stage consists of a self-organizing map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD

Formalizing the safety of Java, the Java virtual machine, and Java card

We review the existing literature on Java safety, emphasizing formal approaches, and the impact of Java safety on small footprint devices such as smartcards. The conclusion is that although a lot of good work has been done, a more concerted effort is needed to build a coherent set of machine-readable formal models of the whole of Java and its implementation. This is a formidable task but we believe it is essential to build trust in Java safety, and thence to achieve ITSEC level 6 or Common Criteria level 7 certification for Java programs.

Link-layer jamming attacks on S-MAC

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone. In this paper, we investigate some jamming attacks on S-MAC, the level of effectiveness and efficiency the attacks can potentially achieve and a countermeasure that can be implemented against one of these attacks.

Computationally efficient searchable symmetric encryption

Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer from two disadvantages. First, searching the stored documents takes time linear in the size of the database, and/or uses heavy arithmetic operations. Secondly, the existing schemes do not consider adaptive attackers; a search-query will reveal information even about documents stored in the future. If they do consider this, it is at a significant cost to the performance of updates. In this paper we propose a novel symmetric searchable encryption scheme that offers searching at constant time in the number of unique keywords stored on the server. We present two variants of the basic scheme which differ in the efficiency of search and storage. We show how each scheme could be used in a personal health record system.

Music2Share - copyright-compliant music sharing in P2P systems

Peer-to-peer (P2P) networks are generally considered to be free havens for pirated content, in particular with respect to music. We describe a solution for the problem of copyright infringement in P2P networks for music sharing. In particular, we propose a P2P protocol that integrates the functions of identification, tracking, and sharing of music with those of licensing, monitoring, and payment. This highly decentralized music-aware P2P protocol will allow access to large amounts of music of guaranteed quality; it merges in a natural way the policing functions for copyright protection and an efficient music-management infrastructure for the benefit of the user.

A Formally Verified Decentralized Key Management Architecture for Wireless Sensor Networks

We present a decentralized key management architecture for wireless sensor networks, covering the aspects of key deployment, key refreshment and key establishment. Our architecture is based on a clear set of assumptions and guidelines. Balance between security and energy consumption is achieved by partitioning a system into two interoperable security realms: the supervised realm trades off simplicity and resources for higher security whereas in the unsupervised realm the vice versa is true. Key deployment uses minimal key storage while key refreshment is based on the well-studied scheme of Abdalla et al. The keying protocols involved use only symmetric cryptography and have all been verified with our constraint solving-based protocol verification tool CoProVe.

Conjunctive wildcard search over encrypted data

Searchable encryption allows a party to search over encrypted data without decrypting it. Prior schemes in the symmetric setting deal only with exact or similar keyword matches. We describe a scheme for the problem of wildcard searches over encrypted data to make search queries more flexible, provide a security proof for our scheme and compare the computational, communication and space complexity with existing schemes. We develop an efficient scheme, using pseudorandom functions and Bloom filters, that supports wildcard searches over encrypted data. The scheme also supports conjunctive wildcard searches, efficient and secure updates and is more efficient than previous solutions. Besides, our construction is independent of the encryption method of the remote data and is practical to use in real world applications.

Efficient Tree Search in Encrypted Data

Abstract In this paper the authors have developed a tree search algorithm based on the linear search algorithm that is suitable for XMP databases. Nowadays the need grows to store data securely on an untrusted system. Think, for instance, of a remote database server administered by somebody else. If you want your data to be secret, you have to encrypt it. The problem then arises how to query the database. The most obvious solution is to download the whole database locally and then perform the query. This, of course, is terribly inefficient. Song, Wagner, and Perrig (SWP)1 have introduced a protocol to search for a word in an encrypted text. We summarize this protocol in the following.