Скачать презентацию The Cryptographic Sensor FTO Libor Dostálek Václav Скачать презентацию The Cryptographic Sensor FTO Libor Dostálek Václav

fd09316ba8e95b615353935557b53c2a.ppt

  • Количество слайдов: 15

The Cryptographic Sensor FTO Libor Dostálek , Václav Novák The Cryptographic Sensor FTO Libor Dostálek , Václav Novák

The Cryptographic Sensor Wireless sensor networks • Low power consumption • In the past, The Cryptographic Sensor Wireless sensor networks • Low power consumption • In the past, finding alternative cryptographic algorithms

The Cryptographic Sensor The proposed solution • Each of us carry a number of The Cryptographic Sensor The proposed solution • Each of us carry a number of things equipped with cryptographic processors (credit cards, mobile phones, passports, ID cards etc. ) • What if such a processor connect to a node of wireless sensor network? • Such processors today produced in millions, and thus they have a low price • The solution is to convert the energy-intensive cryptographic operations from the microcontroller of WSN to the cryptographic processor. • Not store important cryptographic assets to FALSH memory of node of WSN, but in the cryptographic processor.

The Cryptographic Sensor The proposed solution • For the first experiments we connect a The Cryptographic Sensor The proposed solution • For the first experiments we connect a smart card to the node of WSN • We connected smart card like are connected sensors to the node of WSN. • We obtained The Cryptographic Sensor

The Cryptographic Sensor Cryptographic operations • Operations before deploying WSN node (personalization of cryptographic The Cryptographic Sensor Cryptographic operations • Operations before deploying WSN node (personalization of cryptographic sensor). • Operations during security initialization of node into WSN. • Operations when regular communication node in WSN.

The Cryptographic Sensor Energy demands Personalization • Personalization of cryptographic sensor performs during the The Cryptographic Sensor Energy demands Personalization • Personalization of cryptographic sensor performs during the sensor is connected to an external power source. For operation the node in the WSN is not relevant. During personalization will into a cryptographic sensor load: • Public key of certification authority. • Pair public and private key of cryptographic sensor. • Certificate of public key of cryptographic sensor. • Secret key for secure messaging - secure communication between a node and its cryptographic sensor. • Optionally additional secret key for secure communication between crypto-graphic sensor and base station of WSN. This communication can be useful, for example in the case of a renewal certificate of the certification authority.

The Cryptographic Sensor Energy demands Initialization - Security • During security initialization node uses The Cryptographic Sensor Energy demands Initialization - Security • During security initialization node uses cryptographic sensor. Outside the security initialization cryptographic sensor is switched off. Frequency of initialization is of the order of days, weeks or months depending on the specific WSN. Although, cryptographic initialization is energy intensive (< 25 m. Ws) and due to the fact that during the life cycle of the sensor is activated a few times, so the total share of the consumption of the sensor will be negligible.

The Cryptographic Sensor Energy demands communication - Current • Public key cryptography don't use. The Cryptographic Sensor Energy demands communication - Current • Public key cryptography don't use. Cryptographic operations does not increase the current state of energy intensity (the cryptographic sensor is off).

Used cryptographic protocol 1. The neighbors shall exchange their cryptographic sensor’s certificates of public Used cryptographic protocol 1. The neighbors shall exchange their cryptographic sensor’s certificates of public keys (certificates are stored in the cryptographic sensors during its initialization). 2. Both neighbors verify the received certificate by the public key of certification authority stored in the cryptographic modules during their personalization. 3. Nodes generate random numbers and encrypt it by public key of neighbor. The result sign by its private key. 4. Nodes exchange results of previous step. 5. Nodes verify arrived message: (a) verify digital signature of neighbor, (2) decrypt content of message by its private key. 6. Nodes derived from decrypted content: secret session cryptographic keys, initialization vectors and shared secret for MAC calculation from received random numbers.

The Cryptographic Sensor Nodes with cryptographic sensors and nodes without cryptographic sensors • Node The Cryptographic Sensor Nodes with cryptographic sensors and nodes without cryptographic sensors • Node with a cryptographic sensor can report an event to prove the authenticity of the supplement information (e. g. MAC). • The base station can subsequently ask sensor node equipped with cryptographic sensor of proof of authenticity of the information (e. g. . MAC)

The Cryptographic Sensor nodes with cryptographic provide guaranteed information The Cryptographic Sensor nodes with cryptographic provide guaranteed information

The Cryptographic Sensor What we are solving with now? • • • How many The Cryptographic Sensor What we are solving with now? • • • How many nodes must be equipped with cryptographic sensor to get information that the event undoubtedly occurred? May be nodes with cryptographic sensor randomly scattered in WSN? The aim is to minimize the consumption of all components sensors. On the one hand, more efficient measurement the values and on the other hand found nearby power-optimized cryptographic algorithm

The Cryptographic Sensor Senzors Procesor Battery Pack Cryptographic procesor The Cryptographic Sensor Senzors Procesor Battery Pack Cryptographic procesor

The Cryptographic Sensor Debuger for sensors procesor Sensor Master The Cryptographic Sensor Debuger for sensors procesor Sensor Master

Q&A {libor. dostalek, vacnovak}@prf. jcu. cz Q&A {libor. dostalek, vacnovak}@prf. jcu. cz