Study of a new link layer security scheme in a wireless sensor network Nasrin Sultana* Tanvir Ahmed** Professor Dr. ABM Siddique Hossain ψ Abstract — Security of wireless sensor network Encryption and authentication using cryptographic (WSN) is always considered a critical issue and has techniques makes a system significantly more secure a number of considerations that separate them against eavesdropping and other attacks. Encryption from traditional wireless sensor network. First, can be used to keep data secure from the adversary, sensor devices are typically vulnerable to physical and authentication can be used to safeguard against compromise. Second, they have significant power spurious data. In essence, these techniques attempt to and processing constraints. Third, the most critical ensure system-level confidentiality by protecting all security issue is protecting the aggregate output of links. the system, even if individual nodes may be The security issues in WSN are more challenging than compromised. While a variety of security those in traditional wired networks. Most sensor techniques are being developed and lots of networks actively monitor their surroundings, and it is researches are going on security fields. In this often easy to deduce information other than the data paper we have proposed a new technique to monitored. Such unwanted information leakage often provide data authentication and privacy in faster, results in privacy breaches of the people in the scalable and cost effective way. environment. Moreover, the wireless communication Keywords: Wireless sensor Network, Block Cipher, employed by sensor networks facilitates Mode of Operation, Link Layer, MISTY1, OFB. eavesdropping and packet injection by an adversary. The combination of these factors demands security for 1. Introduction sensor networks at the time of design to ensure Wireless sensor networks are application dependent operation safety, secrecy of sensitive data, and privacy and primarily designed for real-time collection and for people in sensor environment [1]. Significant analysis of low level data in hostile environments. efforts and research have been undertaken to enhance Popular wireless sensor network applications include security levels of wireless networks. wildlife monitoring, bushfire response, military Security in sensor networks is complicated by the command, intelligent communications, industrial constrained capabilities of sensor node hardware and quality control, observation of critical infrastructures, the properties of the deployment [1], [2] and [3]. smart buildings, distributed robotics, traffic monitoring, examining human heart rates etc. Depending on application we are being motivated to Majority of the sensor network are deployed in hostile propose efficient and effective block cipher environments with active intelligent opposition. architecture of link layer security in a wireless sensor Hence security is a crucial issue for such type of network. Effective eavesdropping can be prevented in applications. One obvious example is battlefield wireless sensor network with faster and cost effective applications where there is a pressing need for secrecy way with a minimum good security like of location and resistance to subversion and message/entity authentication or a combination of destruction of the network [4]. The wireless medium confidentiality and authentication. This new class of is inherently less secure because its broadcast nature networks closely resembles the behavior of wireless makes eavesdropping simpler. Any transmission can networks. Nevertheless, they have a few unique easily be intercepted, altered, or replayed by an differences; the principal one is the small size of adversary. The wireless medium allows an attacker to Nodes constituting a WSN. Although smaller nodes easily intercept valid packets and easily inject make WSNs suitable for several existing and malicious ones. emerging applications related to information sensing, this also implies that the nodes have limited resources, like CPU speed, memory, battery, and radio interface. *Lecturer, Department of Computer Science, American International Because the nodes are resource constrained, they University Bangladesh (AIUB) Kemal Ataturk Avenue, Dhaka, Bangladesh, require network designs that can be customized for Email: - [email protected] different types of application environments, thus **Lecturer, Department of Computer Science, American International placing significant demands on algorithm design, University Bangladesh (AIUB) Kemal Ataturk Avenue, Dhaka, Bangladesh, protocol specification, and technologies. Email:- [email protected] Ψ Professor and Dean, Faculty of Engineering, American International Sensor networks simplify the simultaneous collection University Bangladesh (AIUB) Kemal Ataturk Avenue, Dhaka, and organization of data from multiple locations, Bangladesh,,Email : [email protected] which may be unreachable, inhospitable, or even secure, to choose the parameters of the cryptographic hostile environments. Merging wireless primitives used. TinySec has two modes of operation: communications with sensor network capabilities authenticated encryption (TinySec-AE) and enables rapid deployment and reduces the cost of the authentication only (TinySec-Auth). With infrastructure. However, adopting wireless authenticated encryption, TinySec encrypts the data communications introduces a new set of challenges. payload and authenticates the packet with a message authentication code (MAC). The MAC is computed Sensor nodes are susceptible to physical capture, but over the encrypted data and the packet header. In because of their targeted low cost, tamper-resistant authentication only mode, TinySec authenticates the hardware are unlikely to prevail. Sensor nodes use entire packet with a MAC, but the data payload is not wireless communication, which is particularly easy to encrypted. eavesdrop on. An important feature of TinySec is its ease of use and Attacker can easily inject malicious messages into the transparency, as many application developers will wireless network. either implement the security features incorrectly or Anti-jamming techniques such as frequency- hopping leave out any security entirely if the security API is spread spectrum and physical tamper proofing of difficult to use. TinySec solves this problem by nodes are generally impossible in a sensor network integrating into TinyOS at a low level. due to the requirements of greater design complexity MiniSec [6] is a secure network layer protocol that and higher energy consumption. claims to have lower energy consumption than The use of radio transmission, along with the TinySec while achieving a level of security which constraints of small size, low cost, and limited energy, matches that of Zigbee. A major feature of MiniSec is make WSNs more susceptible to denial-of-service that it uses offset codebook (OCB) mode as its block attacks. cipher mode of operation, which offers authenticated encryption with only one pass over the message data. Ad-hoc networking topology of WSN facilitates Normally two passes are required for both secrecy and attackers for different types of link attacks ranging authentication. Another major benefit of using OCB from passive eavesdropping to active interfering. mode is that the ciphertext is the same length as the Most current standard security protocols were plaintext, disregarding the additional fixed length tag, designed for two-party settings and do not scale to a four bytes in MiniSec’s case, so padding or ciphertext large number of participants. stealing is not necessary. Another primary feature MiniSec has over the other security suites mentioned There is a conflicting interest between minimization here is strong replay protection without the of resource consumption and maximization of security transmission overhead of sending a large counter with level. each packet or the problems associated with Since sensor nodes usually have severely constrained synchronized counters if packets are dropped. To applications. Thus, a promising approach is to use achieve this MiniSec has two modes of operation, one more efficient symmetric cryptographic alternatives. for unicast packets MiniSec-U and one for broadcast Instead, most security schemes make use of packets, MiniSec-B as explained. symmetric key cryptography. One thing required in Exploring security issues in wireless sensor networks, either case is the use of keys for secure and in particular, we propose an efficient link layer communication. Managing key distribution is not security scheme inspired by TinySec [5]. To meet the unique to WSNs, but again constraints such as small desideratum of minimizing computation and memory capacity make centralized keying techniques communication overhead, our focus is the CBC-X impossible. mode Encryption/Decryption algorithm, which In section 2 we discussed the related works. Our enables encryption/decryption and authentication of proposed model for a new link layer security scheme packets a One-pass operation. In particular, the main is described in section 3. We have a discussion in contributions of the paper are as follows: section 4. Finally the paper concludes with the idea We present an efficient link layer security scheme that for future advancement in section 5. attains confidentiality and authentication of packets in wireless sensor networks. Security services are provided transparently to the upper (link) layers of the 2. Related Works protocol stack. We devise