Reliable Authentication and Anti-replay Security Protocol for Wireless Sensor Networks Laura Gheorghe, Răzvan Rughiniş, Răzvan Deaconescu, Nicolae Ţăpuş Politehnica University of Bucharest, Bucharest, Romania {laura.gheorghe, razvan.rughinis, razvan.deaconescu, ntapus}@cs.pub.ro Abstract—Wireless Sensor Network provide monitoring services such as environmental, military and medical monitoring. Sensor networks are often deployed in hostile environments and are vulnerable to attacks and failures. Security need to be implemented in order to prevent unauthorized access to the network and malicious attacks. The Authentication and Anti- replay Security Protocol is a combination of two lightweight mechanisms that ensure authentication, anti-replay and intrusion detection: the “Last Hash” method, and the authentication handshake. This paper introduces three reliability enhancements to the first version of the protocol: acknowledgements, re- authentication and a current hash computed with a different key to ensure integrity. Reliable AASP was implemented in TinyOS and tested using TOSSIM. Simulations indicate that Reliable AASP is able to provide a reliable authentication connection between any two communicating nodes, and it meets the critical security requirements: integrity, authentication and freshness. Keywords-wireless sensor networks, security, reliability, integrity I. INTRODUCTION A Wireless Sensor Network (WSN) consists of a large number of sensor devices characterized by reduced dimension, low cost and low power, which are able to organize themselves into a network by communicating through a wireless medium, collaborating in order to accomplish a common task [1]. WSNs provide monitoring services in different areas, such as industrial, military, public safety, automotive, agriculture, localization, seismic, medical, commercial and emergency situations. Some of the most interesting applications are detecting the enemy units during military monitoring, person locator, disaster detection, and health condition monitoring [2]. Because WSNs have the advantage of being deployable in inhospitable fields, such as battlefields, outer space and deep waters, they are highly recommended in military applications, environmental monitoring, security and surveillance, industrial process control and health care applications [3]. The network design objectives and requirements include: reduced dimension, low cost and low power, scalability, adaptability, reliability, fault-tolerance, security, self- configurability and QoS. Fault tolerance includes capacities for self-testing, self-calibrating, self-repairing and self-recovering [4]. Securing WSNs is essential when they are used in critical applications such as battlefield surveillance and homeland security. This is a challenging task because of several limitations deriving from the wireless channels, resource constraints, and hostile environments. Because the wireless medium is open, anyone can intercept traffic and inject fake data packets if they have the radio interface configured on the same frequency band. Traditional security mechanisms cannot be applied to sensor networks because of their severe resource constrains. Sensor nodes do not have the computational capacity to manage public key cryptography or other complex protocols. For this reason, the best choice for WSNs is to use symmetric keys, though they must be used with precaution in order to avoid performance degradation. Another challenge regarding security in WSNs is their deployment in hostile environments and the fact that they must work unattended. They are vulnerable to physical attacks, such as tampering and node capturing. The rest of the paper is structured as follows: Section II presents the related work, Section III contains the basic protocol design, Section IV describes the basic protocol issues, Section V presents the reliability improvements brought to the basic protocol, Section VI describes the implementation of the protocol, Section VII presents the experimental results, in Section VIII we discuss the potential problems and solutions, and Section IX presents the conclusions of the paper and some of the future work. II. RELATED WORKS Various security solutions were developed for WSNs, and the most important are SPINS, LEAP, TinySec, and SM [5]. SPINS is a set of security protocols that consist of two building blocks: SNEP and μTESLA [6]. Both were implemented to run on top of TinyOS [7]. SNEP is used to provide authentication, integrity, confidentiality and freshness, and μTESLA provides authenticated broadcasts [5]. Authentication and integrity is provided by Messsage Authentication Code (MAC), confidentiality through encryption, and freshness through nonce. μTESLA emulates asymmetry through the delayed disclosure of symmetric keys. 208 SERVICE COMPUTATION 2010 : The Second International Conferences on Advanced Service Computing Copyright (c) IARIA, 2010 ISBN: 978-1-61208-105-2