Jamming for Good: A Fresh Approach to Authentic Communication in WSNs Ivan Martinovic, Paul Pichota, and Jens B. Schmitt TU Kaiserslautern Distributed Computers and Systems Lab 67653 Kaiserslautern, Germany {martinovic,p pichota,jschmitt}@informatik.uni-kl.de ABSTRACT While properties of wireless communications are often considered as a disadvantage from a security perspective, this work demon- strates how multipath propagation, a broadcast medium, and fre- quency jamming can be used as valuable security primitives. In- stead of conventional message authentication by receiving, verify- ing, and then discarding fake data, sensor nodes are prevented from receiving fake data at all. The erratic nature of signal propaga- tion distributes the jamming activity over the network which hin- ders an adversary in predicting jamming nodes and avoids selective battery-depletion attacks. By conducting real-world measurements, we justify the feasibility of such a security design and provide de- tails on implementing it within a realistic wireless sensor network. Categories and Subject Descriptors C.2.1 [Computer-Communication Networks]: Network Archi- tecture and Design—Wireless communication General Terms Design, Security, Performance Keywords Wireless Sensor Networks, Authentication, Jamming 1. MOTIVATION The conventional approach for protecting computer networks is to rely on cryptographic primitives. Such an approach is consid- ered as beneficial because it abstract from the physical properties of communication and thus supports security design in different net- works and scenarios. However, it has evolved from wired medium and point-to-point communication. Consequently, assumptions upon which the current security mechanisms are based, such as sim- ilar hardware capability of devices and their energy availability, are often contradictory in nature to those of wireless communica- tion. Wireless devices are heterogeneous to such an extent that even a common key-exchange computation, which may be consid- ered as trivial for some devices, oftentimes presents a high com- putational burden for others. Another example in which discrepan- cies between a conventional security design and wireless networks Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. WiSec’09, March 16–18, 2009, Zurich, Switzerland. Copyright 2009 ACM 978-1-60558-460-7/09/03 ...$5.00. become visible is message authentication. To verify the crypto- graphic authenticity of a message, a device is forced to receive it (depending on the MAC protocol even an ACK is returned), com- pute the message digest, and then eventually discard it. For battery- powered devices, e.g., sensors or mobile phones, such tasks are not an advantageous resource investment and inherently allow for selective battery-depletion attacks. Additionally, attacks against stateful protocols, which are usually a precondition for conven- tional key-exchanges, are especially effective on the shared broad- cast medium. The adversary can simply choose to block any mes- sage exchange by taking advantage of frequency jamming or launch- ing a number of resource-depletion attacks by flooding with fake requests. This leaves us with mixed feelings – while an adversary takes full advantage of the wireless communication to attack, the security design abstracts from it, even though there is a wide spec- trum of features that can be used to strengthen security. Recently, a number of contributions apply properties of wireless communi- cation to extend cryptographic methods (see, e.g., [3, 9, 1, 14, 15, 12, 8, 5]). For example, in [9] authors experimentally show how to derive a cryptographic key from the wireless channel using commodity hardware and as such avoid traditional key-exchange protocols. However, in this work we completely abandoned cryp- tographic methods and demonstrated how a novel security design can be created relying merely on physical properties of wireless communications. One important property that can enrich existing protection mech- anisms is the ability of frequency jamming. Although it is usually considered as one of the most powerful adversarial tools (and the reason why availability in wireless networks is often downgraded as a security objective), the ability to jam is not an exclusive prop- erty of the adversary. In this work, we introduce the concept of at- tack cancelation, a mechanism to prevent legitimate sensor nodes to receive impersonated and unauthenticated transmissions. By turning jamming against the adversary and using signal properties to detect impersonation, legitimate WSN nodes are able to destroy fake frames while still being ”in-the-air” and as such avoid use- less investment of resources by first receiving and acknowledging, then verifying, and finally rejecting the fake data. Since only fake frames are jammed, correctly received frames can be considered authentic and no further security-related tasks are required. This also implies, that during a normal network operation security mech- anisms are not visible (in contrast to ”always-on” cryptographic authentication) and additional costs are avoided. 2. WIRELESS SECURITY PRIMITIVES In the following, we describe some experimental results that demon- strate the unpredictable nature of the signal propagation. The sce- nario we focus on is an indoor WSN assuming that an adversary