A new family of authentication protocols
ACM SIGOPS Operating Systems Review
System architecture directions for networked sensors
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
PSFQ: a reliable transport protocol for wireless sensor networks
WSNA '02 Proceedings of the 1st ACM international workshop on Wireless sensor networks and applications
SPINS: security protocols for sensor networks
Wireless Networks
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
Random Key Predistribution Schemes for Sensor Networks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A pairwise key pre-distribution scheme for wireless sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
Establishing pairwise keys in distributed sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
LEAP: efficient security mechanisms for large-scale distributed sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
Key Infection: Smart Trust for Smart Dust
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Shake them up!: a movement-based pairing protocol for CPU-constrained devices
Proceedings of the 3rd international conference on Mobile systems, applications, and services
Integrity (I) Codes: Message Integrity Protection and Authentication Over Insecure Channels
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Telos: enabling ultra-low power wireless research
IPSN '05 Proceedings of the 4th international symposium on Information processing in sensor networks
SCUBA: Secure Code Update By Attestation in sensor networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes
Proceedings of the 5th international conference on Embedded networked sensor systems
Toward trusted wireless sensor networks
ACM Transactions on Sensor Networks (TOSN)
SBAP: software-based attestation for peripherals
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Conqueror: tamper-proof code execution on legacy systems
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Secure code update for embedded devices via proofs of secure erasure
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A software-based root-of-trust primitive on multicore platforms
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Reliable telemetry in white spaces using remote attestation
Proceedings of the 27th Annual Computer Security Applications Conference
KALwEN: a new practical and interoperable key management scheme for body sensor networks
Security and Communication Networks
A security framework for the analysis and design of software attestation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A novel delay-resilient remote memory attestation for smart grid
WASA'13 Proceedings of the 8th international conference on Wireless Algorithms, Systems, and Applications
Hi-index | 0.00 |
This paper presents a protocol called SAKE (Software Attestation for Key Establishment), for establishing a shared key between any two neighboring nodes of a sensor network. SAKE guarantees the secrecy and authenticity of the key that is established, without requiring any prior authentic or secret information in either node. In other words, the attacker can read and modify the entire memory contents of both nodes before SAKE executes. Further, to the best of our knowledge, SAKE is the only protocol that can perform key re-establishment after sensor nodes are compromised, because the presence of the attacker's code in the memory of either protocol participant does not compromise the security of SAKE. Also, the attacker can perform any active or passive attack using an arbitrary number of malicious, colluding nodes. SAKE does not require any hardware modification to the sensor nodes, human mediation, or secure side channels. However, we do assume the setting of a computationally-limited attacker that does not introduce its own computationally powerful nodes into the sensor network.SAKE is based on ICE (Indisputable Code Execution), a primitive we introduce in previous work to dynamically establish a trusted execution environment on a remote, untrusted sensor node.