• DocumentCode
    1426942
  • Title

    Constrained Function-Based Message Authentication for Sensor Networks

  • Author

    Yu, Chia-Mu ; Tsou, Yao-Tung ; Lu, Chun-Shien ; Kuo, Sy-Yen

  • Author_Institution
    Dept. of Electr. Eng., Nat. Taiwan Univ., Taipei, Taiwan
  • Volume
    6
  • Issue
    2
  • fYear
    2011
  • fDate
    6/1/2011 12:00:00 AM
  • Firstpage
    407
  • Lastpage
    425
  • Abstract
    Sensor networks are vulnerable to false data injection attack and path-based denial of service (PDoS) attack. While conventional authentication schemes are insufficient for solving these security conflicts, an en-route filtering scheme, enabling each forwarding node to check the authenticity of the received message, acts as a defense against these two attacks. To construct an efficient en-route filtering scheme, this paper first presents a Constrained Function-based message Authentication (CFA) scheme, which can be thought of as a hash function directly supporting the en-route filtering functionality. Obviously, the crux of the scheme lies on the design of guaranteeing each sensor to have en-route filtering capability. Together with the redundancy property of sensor networks, which means that an event can be simultaneously observed by multiple sensor nodes, the devised CFA scheme is used to construct a CFA-based en-route filtering (CFAEF) scheme. In addition to the resilience against false data injection and PDoS attacks, CFAEF is inherently resilient against false endorsement-based DoS attack. In contrast to most of the existing methods, which rely on complicated security associations among sensor nodes, our design, which directly exploits an en-route filtering hash function, appears to be novel. We examine the CFA and CFAEF schemes from both the theoretical and numerical aspects to demonstrate their efficiency and effectiveness. Moreover, prototype implementation on TelosB mote demonstrates the practicality of our proposed method.
  • Keywords
    cryptography; information filtering; message authentication; wireless sensor networks; TelosB mote; constrained function based message authentication; en-route filtering functionality; false data injection attack; hash function; path based denial of service attack; sensor nodes; wireless sensor network; Authentication; Base stations; Message authentication; Polynomials; Resilience; Wireless sensor networks; Authentication; en-route filtering; security; sensor networks;
  • fLanguage
    English
  • Journal_Title
    Information Forensics and Security, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1556-6013
  • Type

    jour

  • DOI
    10.1109/TIFS.2011.2106120
  • Filename
    5688238