The broadcast storm problem in a mobile ad hoc network
MobiCom '99 Proceedings of the 5th annual ACM/IEEE international conference on Mobile computing and networking
System architecture directions for networked sensors
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
The BiBa one-time signature and broadcast authentication protocol
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Dominating Sets and Neighbor Elimination-Based Broadcasting Algorithms in Wireless Networks
IEEE Transactions on Parallel and Distributed Systems
Wireless sensor networks: a survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient multicast stream authentication using erasure codes
ACM Transactions on Information and System Security (TISSEC)
The nesC language: A holistic approach to networked embedded systems
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Expander Graphs for Digital Stream Authentication and Robust Overlay Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Graph-Based Authentication of Digital Streams
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Proceedings of the 1st international conference on Embedded networked sensor systems
Multilevel μTESLA: Broadcast authentication for distributed sensor networks
ACM Transactions on Embedded Computing Systems (TECS)
New client puzzle outsourcing techniques for DoS resistance
Proceedings of the 11th ACM conference on Computer and communications security
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
The feasibility of launching and detecting jamming attacks in wireless networks
Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing
Practical Broadcast Authentication in Sensor Networks
MOBIQUITOUS '05 Proceedings of the The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services
Secure code distribution in dynamically programmable wireless sensor networks
Proceedings of the 5th international conference on Information processing in sensor networks
Wormhole-Based Antijamming Techniques in Sensor Networks
IEEE Transactions on Mobile Computing
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Using client puzzles to protect TLS
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Efficient constructions for one-way hash chains
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks Using Seluge
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
Efficient security primitives derived from a secure aggregation algorithm
Proceedings of the 15th ACM conference on Computer and communications security
On handling insider attacks in wireless sensor networks
Information Security Tech. Report
A confidential and DoS-resistant multi-hop code dissemination protocol for wireless sensor networks
Proceedings of the second ACM conference on Wireless network security
Reporter node determination of replicated node detection in wireless sensor networks
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
Proceedings of the 4th Annual International Conference on Wireless Internet
A protocol for secure and energy-aware reprogramming in WSN
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Secure and highly-available aggregation queries in large-scale sensor networks via set sampling
IPSN '09 Proceedings of the 2009 International Conference on Information Processing in Sensor Networks
Secure-TWS: Authenticating node to multi-user communication in shared sensor networks
IPSN '09 Proceedings of the 2009 International Conference on Information Processing in Sensor Networks
Practical Broadcast Authentication Using Short-Lived Signatures in WSNs
Information Security Applications
Efficient compromising resilient authentication schemes for large scale wireless sensor networks
Proceedings of the third ACM conference on Wireless network security
Random-walk based approach to detect clone attacks in wireless sensor networks
IEEE Journal on Selected Areas in Communications
EURASIP Journal on Wireless Communications and Networking - Special issue on security and resilience for smart devices and applications
Secure clustering and symmetric key establishment in heterogeneous wireless sensor networks
EURASIP Journal on Wireless Communications and Networking - Special issue on security and resilience for smart devices and applications
Enhancing broadcast authentication in sensor networks
Proceedings of the 14th Communications and Networking Symposium
A secure distance-based RFID identification protocol with an off-line back-end database
Personal and Ubiquitous Computing
Containing bogus packet insertion attacks for broadcast authentication in sensor networks
ACM Transactions on Sensor Networks (TOSN)
Using Auxiliary Sensors for Pairwise Key Establishment in WSN
ACM Transactions on Embedded Computing Systems (TECS)
Providing DoS resistance for signature-based broadcast authentication in sensor networks
ACM Transactions on Embedded Computing Systems (TECS)
Hi-index | 0.00 |
Broadcast authentication is a critical security service in wireless sensor networks. There are two general approaches for broadcast authentication in wireless sensor networks: digital signatures and μTESLA-based techniques. However, both signature-based and μTESLA-based broadcast authentication are vulnerable to Denial of Services (DoS) attacks: An attacker can inject bogus broadcast packets to force sensor nodes to perform expensive signature verifications (in case of signature-based broadcast authentication) or packet forwarding (in case of μTESLA-based broadcast authentication), thus exhausting their limited battery power. This paper presents an efficient mechanism called message-specific puzzle to mitigate such DoS attacks. In addition to signature-based or μTESLA-based broadcast authentication, this approach adds a weak authenticator in each broadcast packet, which can be efficiently verified by a regular sensor node, but takes a computationally powerful attacker a substantial amount of time to forge. Upon receiving a broadcast packet, each sensor node first verifies the weak authenticator, and performs the expensive signature verification (in signature-based broadcast authentication) or packet forwarding (in μTESLA-based broadcast authentication) only when the weak authenticator is valid. A weak authenticator cannot be precomputed without a non-reusable (or short-lived) key disclosed only in a valid packet. Even if an attacker has intensive computational resources to forge one or more weak authenticators, it is difficult to reuse these forged weak authenticators. Thus, this weak authentication mechanism substantially increases the difficulty of launching successful DoS attacks against signature-based or μTESLA-based broadcast authentication. A limitation of this approach is that it requires a powerful sender and introduces sender-side delay. This article also reports an implementation of the proposed techniques on TinyOS, as well as initial experimental evaluation in a network of MICAz motes.