Cryptography Reference
In-Depth Information
entire neighbor's traffic and simply tunnels these authenticated messages to its colluder.
The laptop attacker, close to the sink node, plays a passive role in forwarding these
messages. Due to his furtive nature, it is difficult for his neighbors to detect whether
he is malicious. Once the authenticated messages reach the remote laptop adversary, he
could launch a black-hole attack or a selective forwarding attack.
Let us consider a situation where digital signatures are being used for authentica-
tion and, while the routing updates are in progress, the sink node's private key is leaked.
(Methods used to leak the private key are beyond the scope of this topic.) As soon as
the sink node realizes that its private key is being compromised, it immediately broad-
casts a new public key. All the nodes in close proximity to the sink node will update
their local copy of the sink node's public key. The laptop close to the sink node will
perform the same operation and convey this information to its colluding laptop. The
remote laptop can now easily impersonate the sink node and launch a sinkhole attack.
In addition, he can further create routing loops, which is a resource-exhaustion attack.
2.2.4.2 Attacks on Geographic- and Energy-Aware Routing (GEAR)
GEAR (discussed in Chapter 1) proposes a location- and energy-aware, recursive rout-
ing algorithm to address the problem of uneven energy consumption in routing in
WSN. In GEAR, every node gauges the energy levels of its neighbors along with the
distance from the target before making a routing decision. In such situations, a laptop-
class attacker can advertise that he has larger energy levels than his neighboring node
and attract all traffic to him. Thenceforth, he can execute a sybil, black-hole, or selec-
tive forwarding attack.
2.3 Countermeasures to Attacks in WSN
As attacks on WSN become more sophisticated, the demand for new security solutions
is continually increasing. Hence, an array of new security schemes have been designed
and implemented in the past decade (Healyet al. 2009; Perrig et al. 2004). Most of
these schemes have been designed to provide solutions on a layer-by-layer basis rather
than on a per-attack basis; in doing so, they have left a gap between layers that may lead
to cross-layer attacks. We will look more closely at cross-layer securit y later in this topic.
In general, any security suite should ensure authentication, integrity, confidential-
ity, availability, access control, and nonrepudiation. In addition, physical safety is abso-
lutely necessary to avoid tampering or destruction of nodes. Therefore, construction of
tamper-resistant sensor nodes is absolutely necessary. However, such tamper-resistant
schemes come at a higher manufacturing cost and are restricted to applications that are
not only critical but that use fewer nodes.
Authentication: The main objective of authentication is to prevent impersonation
attacks. Hence, authentication can be defined as the process of assuring that the
identity of the communicating entity is what it claims to be.
Search WWH ::




Custom Search