An Enhanced Secure Pairwise Broadcast Time Synchronization Protocol in Wireless Sensor Networks Chafika BENZAID LSI, USTHB, Alg´ erie Email: cbenzaid@usthb.dz Amin SAIAH LSI, USTHB, Alg´ erie Email: a.saiah@univ-chelf.dz Nadjib BADACHE LSI, USTHB, Alg´ erie Email: badache@cerist.dz Abstract—This paper proposes an Enhanced Secure Pairwise Broadcast Time Synchronization (E-SPBS) protocol that allows authenticated MAC-layer timestamping on high-data rate radio interfaces. E-SPBS ensures the security of the Receiver-Only synchronization approach using a Public-Key-based Cryptogra- phy authentication scheme. The robustness and accuracy of E- SPBS were evaluated through simulations and experiments on a MICAz platform. Both simulation and experimental results demonstrate that E-SPBS achieves high robustness to external and internal attacks with low energy consumption. However, while the simulation results indicate that E-SPBS can achieve an average accuracy of less than 1μs, the experimental results show that the synchronization error is higher and not stable. This comparison gives us a good indication on how much confidence can be put into simulation results. I. I NTRODUCTION Designing a secure time synchronization service is crucial to maintain the proper functioning of WSN applications in hostile environments. Nevertheless, designing such a service for WSNs with constrained resources imposes challenging requirements in terms of low-cost, accuracy, and robustness to attacks. Firstly, the time synchronization service should minimize the number of timing messages in order to improve en- ergy efficiency. The existing time synchronization protocols rely on one of the following synchronization approaches: Sender-Receiver (SR), Receiver-Receiver (RR) or Receiver- Only (RO). In SR (e.g. TPSN [1], FTSP [2]), a receiver adjusts its clock according to the timestamp received from a reference node. In RR (e.g. RBS [3]), receivers within one hop use a number of synchronization pulses initiated by a sender to synchronize among themselves. While in RO (e.g. PBS [4]), a group of nodes can be synchronized by only overhearing the timing message exchanges of a pair of nodes. RO shows a promising approach to achieve time synchronization with a significantly reduced number of timing messages. Secondly, time synchronization should be accurate to within the limits imposed by the application. To this end, several time synchronization protocols were proposed for WSNs [3], [1], [2], [4], [5], [6] achieving accuracy of few microseconds. Thirdly, time synchronization must be secure against at- tacks. Several schemes [7], [8], [9], [10], [11] have been proposed to secure time synchronization protocols in WSNs. The existing solutions defend attacks by using authentication schemes, adding a random nonce, and/or detecting outliers. The proposed authentication schemes rely on symmetric cryp- tography using either one of two approaches: shared pairwise secret keys or a single shared group-wise key. While the former approach incurs a heavy storage and communication overhead and lacks scalability, the latter is vulnerable to a single node compromise, and in some cases requires itself prior time synchronization. All these shortcomings make such schemes unsuitable for broadcast authentication. Public key cryptography (PKC), on the other hand, is desirable for broadcast authentication as it provides simple solutions, strong security resilience, good scalability and immediate message authentication, when compared to symmetric-key based so- lutions [12]. More recently, a Secure Pairwise Broadcast Synchronization (SPBS) protocol [13], which secures the RO approach using a PKC-based authentication scheme, was proposed. In SPBS, the sender uses the authenticated Medium Access Control (MAC) layer timestamping by adding a digital signature once the MAC layer timestamp is embedded into the timing messages. While this approach works for low-data rate radio interfaces, it cannot keep up with recent IEEE 802.15.4 compliant sensor radios such as CC2420, whose data rate is 250Kbps. Due to this high-data rate, the timing message will be sent out before the digital signature is added. In order to overcome this limitation, we propose an En- hanced Secure Pairwise Broadcast Synchronization (referred to as E-SPBS) that allows authenticated MAC layer timestamping on high-data rate radio interfaces. The rest of the paper is organized as follows. Section II gives an overview on SPBS, while Section III gives the details of the enhanced version of SPBS. After describing the implementation details in Section IV, we present simulation and experimental results in Section V. Finally, Section VI concludes this paper. II. SPBS OVERVIEW SPBS is a secure time synchronization protocol [13] that aims to secure the RO approach. It is focused on achieving instantaneous synchronization between sensor nodes. In other terms, the skew error as well as the drift error are assumed negligible; the protocol only aims to estimate the offset error