Contents
1 The Task 1.1 1.2 Aims and Objectives . . . . . . . . . . . . . . . . . . . . . . . . . Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3 3 4 4 4 5 6 7 7 8 8 9 . . . . . . . . . . . . . . . . . . . 10

2 Introduction 3 Wireless Sensor Network 3.1 The Basics of WSN . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.1 3.1.2 3.1.3 3.2 3.3 3.4 Components of Sensor Nodes . . . . . . . . . . . . . . . . Key Features . . . . . . . . . . . . . . . . . . . . . . . . . Types of Sensor nodes . . . . . . . . . . . . . . . . . . . .

Constraints in WSNs . . . . . . . . . . . . . . . . . . . . . . . . . Applications of WSN . . . . . . . . . . . . . . . . . . . . . . . . . Security Threats in WSN . . . . . . . . . . . . . . . . . . . . . .

4 Cellular Automata 4.1 Reversible Cellular Automata

5 Deployment issues in WSN with specific focus on authentication 5.1 5.2 Authentication of Cluster Head and Base Station . . . . . . . . . Authentication of Nodes . . . . . . . . . . . . . . . . . . . . . . . 12 13 13 14 15 15 15 16

6 Schemes as well as Supporting claims 6.1 6.2 6.3 Cloning attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . Replay Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Man-in-the-middle . . . . . . . . . . . . . . . . . . . . . . . . . .

7 Conclusion

List of Figures
1 2 3 4 5 Wireless sensor Network . . . . . . . . . . . . . . . . . . . . . . . Components of Sensor Nodes . . . . . . . . . . . . . . . . . . . . WSN with three types of sensor nodes . . . . . . . . . . . . . . . Elementary CA . . . . . . . . . . . . . . . . . . . . . . . . . . . . Reversible Cellular Automata . . . . . . . . . . . . . . . . . . . . 1 5 6 7 10 11

The Term Paper Based on ”Hybrid security approach for nodes authentication in wireless sensor network using cellular automata” by Herve Kabamba Mbikayi

November 11, 2014

Abstract Author Mbikayi had proposed in this paper a computationally efficient security scheme for identifying network members in wireless sensor networks. The authentication process is done by first identifying the base station as being the authentic one with the use of fingerprinting information. Once the base station is authenticated, the others members of the network can then be authenticated by the base station. These unique fingerprints are computed by the base station using the topological information of each node in the network during the deployment phase. They are then pre-loaded into each node. Cellular automata are used for authentication of the networks members, thus offering resilience against node compromise including the base station, due to the uniqueness of the fingerprint information.

1

The Task

I have referred the paper “A Hybrid Security Approach for Nodes Authentication in Wireless Sensor Network using Cellular Automata”by Herve Kabamba Mbikayi [9] to understand the concept of Wireless sensor network (WSN) and the security mechanism that he had used to authenticate each node in WSN. Main focus of this paper is on the authentication of nodes in WSN to prevent the various attacks to WSN.

2

1.1

Aims and Objectives

Following are the aims and objectives of this paper: • Before starting communication between nodes, each node in WSN must be authenticated i.e. identified as being the authentic one and not fake. • Use of cellular automata for authenticating each node in WSN. • Some unique fingerprinting information for each node must be computed, that uniquely identifies each node. And this information should also be preloaded into each node in WSN. • More emphasis should be given on the authentication of the base station as prerequisite for further processing, since compromising base station can render the entire network useless. • Other nodes of the WSN are authenticated by the base station. • Authentication of each node must be done to prevent the network from security threats or attacks, such as node cloning attack, replaying attack, and man-in-the-middle attack.

1.2 lowed: Strategies

To achieve the above mentioned aims and objectives, followings steps are fol-

• For authentication of each node in WSN, the unique fingerprinting information is computed by Base Station for each node which is then preloaded into them before deployment. • Cellular automata is used for the authentication process. • Authentication process includes encryption and decryption of unique keys using reversible cellular automata properties, while sending message from one node to another. • Finally analysis of the authentication process is done to confirm that it is able to prevent the security threats.

3

2

Introduction

Wireless Sensor Networks (WSN) are composed of large number of sensor nodes[13]. Sensor nodes are small and cheap devices that respond to physical stimuli, such as pressure, magnetism, and motion by producing radio signals and are very constrained in terms of resources and power. Mbikayi had assumed that WSN consists of three types of sensor nodes— Clients, Cluster Head (CH), Base Station (BS). The Client nodes make observation of their environment, collect data and send them to their base station for further processing. Base Stations are responsible for centralizing information sent by nodes, they route communication between nodes and are responsible for their authentication[9]. Wireless sensor nodes are mostly deployed in hostile and dangerous areas, where they are physically exposed, resulting in security threats, such as node cloning, replaying attack, man-in-the-middle attack among them. To prevent these attacks, some security mechanism must be implemented. So Mbikayi had proposed a hybrid security scheme in WSN, based on the authentication of base nodes as prerequisite for any further communication [9]. Hybrid word is used because this scheme is based on the combination of RSA key based identification methods with zero knowledge properties and key exchange. Details about RSA technique, zero knowledge property can be obtained in [14], [4] and [2]. Due to the various constraints in WSN (i.e. Computational, Power, Storage Constraints). Mbikayi had not used RSA technique as a whole, but only theoretical foundation of RSA technique is implemented to authenticate WSN entities. This Scheme is based on the use of cellular automata that are one way hash functions, whose inverse is hard to find[9].

3
3.1

Wireless Sensor Network
The Basics of WSN

A wireless sensor network is composed of large number of autonomous devices, called sensor nodes. The WSN is built of ”nodes” from a few to several hundreds or even thousands, where each node is connected to one (or sometimes several) sensors as shown in figure 1. A sensor node might vary in size from that of a shoebox down to the size of a grain of dust, although functioning ”motes” of genuine microscopic dimensions have yet to be created. The cost of sensor nodes is similarly variable, ranging from a few to hundreds of dollars, depending

4

on the complexity of the individual sensor nodes. Size and cost constraints on sensor nodes result in corresponding constraints on resources such as energy, memory, computational speed and communications bandwidth. The topology of the WSNs can vary from a simple star network to an advanced multi-hop wireless mesh network. The propagation technique between the hops of the network can be routing or flooding.

Figure 1: Wireless sensor Network Wireless sensors are small and low cost devices, responsible for responding to physical stimuli, such as pressure, magnetism and motion, by producing radiosignals[1]. Wireless sensor networks (WSN) are wireless networks with spatially distributed sensors (nodes) that monitor the conditions of their environment and transmit the data via radio signals to base-station, which process data and send them to the destination. The nodes can make observation of their environment,collect data, and send them to their base-stations for further processing. [9]. But unlike traditional wireless network, sensor devices in WSN have limited computation and communication capabilities and limited energy because they are battery powered . 3.1.1 Components of Sensor Nodes

These Sensor nodes are also known as mote, which integrate the processor, communication module, and power supply into a single unit. Each such sensor network node has typically several parts: a radio transceiver with an internal 5

antenna or connection to an external antenna, a microcontroller, an electronic circuit for interfacing with the sensors and an energy source, usually a battery or an embedded form of energy harvesting. Additional components can be implanted in a sensor node: location finding system: allow the node to find its position, a power generator: used for recharging battery node and prolong its lifetime, and a mobilizer: make nodes move . Sensing units are usually composed of two subunits: sensor and analog-to-digital converter (ADC) as shown in figure 2. When an event was produced (analog data) node senses analog signal observed, and convert it to digital signals by the ADC unit, and then treat it with the processing unit. A transceiver unit connects the node to the network. One of the most important components of a sensor node is the power unit (battery); it is the fuel of the node[10].

Figure 2: Components of Sensor Nodes

3.1.2

Key Features

Generally , WSN sensor nodes has following key features: • it is self organized, • it can take decisions locally, • it supports wireless communication, • its traffic flow is almost unidirectional towards the destination[13].

6

• Sensor can monitor pressure,humidity, temperature, vehicular movement, lightning conditions, mechanical stress levels on attached objects and other properties . • They are autonomous, since they dont need human intervention, and can be deployed for long periods with very little to no maintenance in unattended and hostile environments. 3.1.3 Types of Sensor nodes

Author Mbikayi assumed that WSN is composed of three types of sensor nodes— clients (also called motes) , cluster head, base station as shown in Figure 3. Base Station is also known as sink node. Nodes as clients, collect data but don’t process this information locally, the data are sent to their base station for further processing.The node in WSN plays two roles: collect data and route data back to the base station. Base station are responsible for centralizing the information sent by nodes, they route communication between nodes and are responsible for their authentication. The cluster head handles all the communication from nodes within the cluster[9].

Figure 3: WSN with three types of sensor nodes

3.2

Constraints in WSNs

Wireless Sensor nodes have following constraints:

7

• Nodes have computational constraints i.e. complex computation should be avoided. • Nodes have small amount of memory , so huge data cannot be stored in the nodes. • Nodes get their energy /power from battery, so extra computation will decrease the battery power as well as node power also[13].

3.3

Applications of WSN

The Wireless Sensor network has become a very emerging field in computer science now-a-days due to its multifarious applicability that includes military applications,industrial applications, home applications, monitoring temperature, humidity, vehicular movement etc. WSNs can be applied in various areas. WSNs can be used following situations: • Environment - Monitoring of environmental variables such as buildings, residences and external locations such as oceans, volcanoes, deserts, etc.. • Traffic - Monitoring of vehicle trafc on highways, railroads, rivers, oceans, etc.. • Security - To provide security in homes, shopping centers, farms, among others. • Military - To detect the presence of enemies, explosions, presence of hazardous materials as poison gas and radiation.

3.4

Security Threats in WSN

The WSN is usually physically exposed ,resulting in security threats that they can face, such as node cloning, replaying attack, man in the middle attack among them. These attacks tries to break the integrity and confidentiality of data being transmitted. There are many attacks that can take place in WSN. However, the important attacks for which solution is provided by our paper are described here. • Clone Attack: It is an attack employed by hackers in order to get cryptographic information by capturing a sensor node and copying it to their own sensor node. Through this cloned information, they can install their own 8

sensor node somewhere so that they can access the WSN and steal important information or involve in malicious activities. As physical monitoring of nodes in WSN is not possible in the real world it causes this attack to take place. Therefore a strong security mechanism is required to prevent such attack in WSN [8] [6] ,[5]. • Man in the Middle Attack This attack is done by adversaries to gain private information in a conversation. Between any two nodes when there is some private conversation is going on attackers can make independent connections and intercept messages in the original conversation. They can also inject their responses and make the receivers believe that they are actually talking to genuine senders. This way hackers gain access to sensitive information and perform malicious activities for monetary or other gains[8]. • Replay Attack It is a kind of network attack in which data transmission is recorded by hackers and then reused to gain access to WSN. This kind of attack can overrule the encryption mechanisms as well. This attack basically records the authentication related packets and reuse them in order to gain access to the network illegally. Some kind of security mechanism must be taken in order to protect the network from these attacks, because compromising a sensor network may lead to unpredictable consequences[8].

4

Cellular Automata

A cellular automaton (CA) is a collection of cells on a grid of discrete structure. The grid may be one-dimensional or two-dimensional[13]. It consists of regular lattice of cells, each of which can be in one of finite number of states and each cell follows a simple rule for updating its states. In cellular automata, all cells update their states simultaneously at discrete time steps t depending on their current state and state of their immediate neighbors. The Figure 4 desribes the cellular automata that produces an intricate nested pattern. The rule in this case is that a cell should be black whenever one or the other, but not both of its neighbors were black on the step before. Even though the rule is very simple, the picture shows the overall pattern obtained over the course of 50 steps starting from a single black cell is not so simple. The particular rule used here is rule no. 90.of cellular automata[11]. 9

Figure 4: Elementary CA Cellular automata is a model that can be used to show how the elements of a system interact with each other. The rules are applied iteratively for as many time steps as desired. The simplest class of one-dimensional CA is the elementary CA which have two possible values for each cell (0 or 1), and rules that depend only on nearest neighbor values. A 3neighbourhood CA can be expressed as: xi (t + 1) = f (xi−1 (t), xi+1 (t)) A particular cell is represented as xi , the left neighbor by xi−1 and xi+1 represents right neighbor of xi . The current time is represented by t and t+1, represents the next time period, f is the function which implements the CA rule. CA are one way functions whose inverse is very hard to find thus, making them good models that can be used in security particularly in cryptography. The hybrid security scheme is based on the use of cellular automata (CA) that are one-way hash functions for which the inverse is hard to find. A variant of these models called reversible cellular automata are used (RCA).

4.1

Reversible Cellular Automata

Reversible Cellular Automata also known as invertible CA, RCA are CA that fully preserve information. Their new states are determined not only by the present states of the cell and its neighbors, but also by the previous state of 10

that cell. They are capable to mimic reversible physical phenomena more closely than any other computational model proposed so far, and can be used as models in many other areas. The RCA are not the invert rules of the original ones[13]. A 3-neighbor RCA can be expressed as (2). xi (t + 1) = f (xi−1 (t), xi+1 (t), xi (t − 1)) If a cellular automaton is invertible, it therefore is deterministic in both directions of time. The rule that makes a cellular automaton go backward is called the inverse rule opposite to the direct rule that runs the cellular automaton forward direction of time[12].

Figure 5: Reversible Cellular Automata Figure 5 shows some examples of the reversible cellular automata from Wolfram. They follow the original rules, but new state of a cell is inverted if the cell was black two steps back[12]. The Reversible cellular automata property, that is used in various security schemes is as shown: RCA(X, RCA(X, Y )) = Y This property is used for decryption purposes. Decrypting the information ,say Y, which is encrypted using some key, say X, we use this property,when X is known. Other property that is used for encryption purposes in security schemes. In this property , information Y is encrypted using key X. It is as shown: RCA(X, Y ) 11

5

Deployment issues in WSN with specific focus on authentication

Author of the paper A Hybrid Security Approach for Nodes Authentication in Wireless Sensor Network using Cellular Automata Mbikayi had assumed that WSN consists of three types of nodes, namely Client, Cluster head(CH) and Base station(BS). If any Client wants to communicate data to another client, then client must first send data to the CH, which forwards the data to BS and then BS routes the data to particular destination. WSN are used for many purposes that include collecting data in dangerous environments for scientific research, monitoring borders, and tracking military targets. Since Wireless Sensor nodes are mostly deployed in dangerous and hostile areas, there is always a threat to security of WSN. WSN are physically exposed, resulting in security threats that they can face, such as node cloning, replaying attack, man-in-the-middle attack among them. Correct security mechanism should be implemented in order to counter them, since compromising a sensor network may have unpredictable consequences[9]. Each node in WSN must be authenticated so that any fake node dont intercept in the communication. To authenticate each node, some kind of keying or fingerprinting information is required that uniquely identifies each node. Each node must know its fingerprinting information. According to Mbikayi, this unique fingerprinting information is computed through superimposed s-disjunct code using the neighborhood information of each node. Details about the generation process using s-disjunct code can be obtained in [7] [3]. Mbikayi had assumed that BS is aware of the topology of the network and all neighborhood information. So using this information, BS computes the fingerprinting information for all nodes. And before deployment, the computed fingerprinting information of each node is preloaded into each node, along with 4 bytes unique number S. BS also keeps record of the fingerprinting information of all the nodes, along with 8 bytes number, which is kept secret. This unique information is used for authentication process of each node in the WSN. After each node gets unique identification information, cluster head is chosen by the nodes within the cluster. Cluster head is responsible for handling communication within the cluster.

12

5.1

Authentication of Cluster Head and Base Station

A selected node in each cluster i.e. cluster head(CH) is responsible for authenticating the BS. This is two-way-authentication method used by CH, in which both BS and CH are authenticated. The Chosen CH will first authenticate itself by sending message to the BS that it wants to proceed to authentication. BS, on receiving the message, will respond by generating 8 bytes key KBS . BS also uses the stored information i.e. fingerprinting information of CH in BS, FCH . Using KBS and FCH , BS performs the reversible cellular automata operation as RCA(KBS , FCH ) RCA(FCH , KBS ) BS will send this encrypted message back to CH. CH will try to decrypt this message to get KBS and FCH as: FCH = RCA(KBS , RCA(KBS , FCH )) KBS = RCA(FCH , RCA(FCH , KBS ) CH will only be able to decrypt this message if it knows either KBS or FCH . CH will use FCH to get KBS . FCH is unique fingerprinting information of CH known by BS and KBS is the public key generated by BS. If CH is unable to decrypt the message then CH or BS is fake node. And then, authentication process is stopped immediately. After decrypting the message and getting KBS and FCH , CH will then generate a random 4 bytes key KCH and perform RCA operation as: RCA(KCH , FCH ) And send this message to BS. Receiving this message, if BS is able to decrypt it, then both BS and CH will be authenticated.

5.2

Authentication of Nodes

Now that BS is authenticated, other nodes can be authenticated by the BS. CH will broadcast to all the nodes that they can now authenticate themselves. Any node, say N1 , that wants to be authenticated, will respond by generating 4 bytes key KN 1 and perform RCA operation using fingerprinting information

13

, FN 1 as: RCA(KN 1 , FN 1 ) RCA(FN 1 , KN 1 ) This Encrypted message is sent to CH, which will forward this message to BS for authentication. Base Station will try to decrypt this message using FN 1 stored within BS to get KN 1 and FN 1 as: KN 1 = RCA(FN 1 , RCA(FN 1 , KN 1 )) FN 1 = RCA(KN 1 , RCA(KN 1 , FN 1 )) If BS is not able to decrypt the message using FN 1 , authentication with the node is automatically stopped. If BS successfully decrypt the message, then BS will perform RCA operation using its generated key KBS as: RCA(KBS , FN 1 ) RCA(KBS , KN 1 ) BS will send this message to CH. CH decrypts this message using KBS (BS key) and RCA operation to get FN 1 and KN 1 . CH stores FN 1 on its table and uses KN 1 to send reply to N1 . CH then encrypts random number R with KN 1 and sends it to N1 . Receiving this message N1 must be able to decrypt the message to get R and send it back to CH. If CH is able to get R from N1 , then N1 is authenticated. Otherwise CH deletes the fingerprint information of N1 that it stored and sends a rejection message to N1 . This process is done for all the nodes in cluster.

6

Schemes as well as Supporting claims

Mbikayi had presented a efficient security scheme for identifying network members in WSN. Each node has a unique fingerprinting information. Base station (BS) also keeps record of the fingerprinting information of all the nodes. BS is also aware of the topological information and all the neighborhood information of the network. Random keys are also generated by all the nodes. Thus , any intruder who wants to attack on the security of network , will

14

not be able to do so without the knowledge of fingerprinting information and random keys. WSN can suffer from following attacks, Cloning attack, Replaying attack, Man-in-the-middle attack. Security analysis is done to check whether this hybrid scheme is successful to prevent all kinds of attacks:

6.1

Cloning attack

Cloned node can be Base station, Cluster head, Client node. • (Case 1): If cloned base station is used in the network, it will not be authenticated, because this cloned BS will not contain the fingerprinting information of all the nodes in the network and will not be able to send this secret information. Authentication is done between CH and BS, but cloned BS does not know the unique fingerprinting information of CH. So Cloned BS is not authenticated. • (Case 2): If Cloned CH is used, when BS will reply, CH will not be able to decrypt the message sent by BS, because to decrypt the message, CH must have either unique fingerprinting information of CH i.e. FCH or KBS . However, this information is not sent in clear. • (Case 3): If a cloned client node is placed within a cluster C, since it needs to have valid fingerprint information, C having secret information about all the nodes within it will reject it immediately. At the other side if a valid client is inserted in a different cluster C , it will be rejected by the base station since from its fingerprint information BS will know that it is not member of the current cluster C.

6.2

Replay Attack

This attack will almost be impossible to launch because, during the communication, new random keys are generated and the authentication is performed in short amount of time making it very hard to succeed.

6.3

Man-in-the-middle

To launch such attack, the intruder must have information about the unique fingerprint of the nodes involved and the information about the generated session

15

keys. Those keys will be constantly changing for each authentication processes thus making it impossible to succeed.

7

Conclusion

This paper presented a security scheme for authentication in of nodes in WSN using CA. This scheme gives emphasis on the authentication of the BS as prerequisite for further processing, since compromising a BS can render the entire SN useless. Keying information is pre-loaded in each node along with computed unique fingerprints for each of them, based on the topological information of the sensor network. A selected node in each cluster is responsible for authenticating the BS and, this bidirectional authentication constitutes a powerful scheme to counter both client nodes and BS compromising.

References
[1] K. EL-Khatib A. Boukerch, L. Xu. Trusted-based security for wireless ad hoc and sensor networks. [2] D. Anshul and S. Roy. A zero-knowledge-proof identification scheme for base nodes in wireless sensor networks. [3] A. G. Dyachkov and V. V. Rykov. Optimal superimposed codes and designs for renyis search model,. [4] Behrouz A. Forouzan. Data communication and networking 2nd edition. [5] S.Zhu H.Choi and T.Laporta. Detecting node clones in sensor networks. [6] Cheng David H. C. Du Kai Xing Fang, Liu Xiuzhen. Real- time detection of clone attacks in wireless sensor networks,. [7] A. J. Macula. A simple construction of d-disjunct matrices with certain constant weights. [8] SWAMI NAIK.Ji MAHESH.P. Full proof secured environment for wireless sensor networks. [9] Herve Kabamba Mbikayi. Hybrid security approach for nodes authentication in wireless sensor network using cellular automata. 16

[10] Mohamed-Lamine Messai. Classification of attacks in wireless sensor networks. [11] Adekunle Onaopepo. Cellular automata : A simple intro-

duction (http://www.slideshare.net/lxsjoules/cellular-automata-a-simpleintroduction). [12] Kwanghyun Paek. Reversible cellular au-

tomata(http://sjsu.rudyrucker.com/ kwanghyung.paek/paper/). [13] Nilanjan Sen and Indrajit Banerjee. Caws-security algorithms for wireless sensor networks: A cellular automata based approach. [14] Sammy Lin . Stephen Keith. Zero-knowledge proofs as authentication method in wireless sensor networks.

17