Multi-receiver/multi-sender network security: efficient authenticated multicast/feedback
IEEE INFOCOM '92 Proceedings of the eleventh annual joint conference of the IEEE computer and communications societies on One world through communications (Vol. 3)
Digital signatures for flows and multicasts
IEEE/ACM Transactions on Networking (TON)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
IEEE/ACM Transactions on Networking (TON)
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
Perfectly-Secure Key Distribution for Dynamic Conferences
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Random Key Predistribution Schemes for Sensor Networks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Graph-Based Authentication of Digital Streams
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
A pairwise key pre-distribution scheme for wireless sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
Establishing pairwise keys in distributed sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
Establishing Pairwise Keys for Secure Communication in Ad Hoc Networks: A Probabilistic Approach
ICNP '03 Proceedings of the 11th IEEE International Conference on Network Protocols
Location-based pairwise key establishments for static sensor networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Multilevel μTESLA: Broadcast authentication for distributed sensor networks
ACM Transactions on Embedded Computing Systems (TECS)
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Sizzle: A Standards-Based End-to-End Security Architecture for the Embedded Internet (Best Paper)
PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications
Authenticated Query Flooding in Sensor Networks
PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
How public key cryptography influences wireless sensor node lifetime
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
IEEE Communications Magazine
Hi-index | 0.24 |
To achieve scalable and efficient broadcast authentication in large-scale networks, two asymmetry mechanisms have often been employed: the cryptographic asymmetry and the time asymmetry. Authentication schemes using digital signatures are based on the cryptographic asymmetry, while TESLA and related protocols using hash chains and delayed-key release methods are based on the time asymmetry. However, the former is computationally expensive while the latter provides delayed authentication only. Therefore, they are vulnerable to denial of service attacks that repeatedly request signature verifications with false messages. In this paper, we propose a novel broadcast authentication mechanism based on our ''Information Asymmetry'' model. It leverages an asymmetric distribution of keys between a sink and sensor nodes and uses the Bloom filter as an authenticator, which efficiently compresses multiple authentication information. In addition, with a novel ''false negative'' tuning knob introduced in construction of the Bloom filter, we show that scalability of our authentication method can greatly be improved. Through an intensive analysis, we demonstrate optimized trade-off relationships between resiliency against compromised nodes and scalability of system size. Optimization results indicate that the proposed authentication scheme achieves low false positive rates with small signature verification costs.