Cryptography for Resource-limited Network Nodes
Petr Hanacek and Petr Svenda

This talk will introduce the technology of wireless sensor networks with a special focus on the cryptographic protocols suitable for an environment, where a partial network compromise is inevitable. The relatively young technology of wireless sensor networks started to evolve together with the advance in miniaturization of electronic devices, decreasing costs and general spread of wireless communication. Data sensed by the miniature devices in a target area (e.g., temperature, pressure, location, noise, movement) are locally processed and then transmitted to end user who obtains the possibility to continuously monitor target environment. The usage of the technology starts from medical monitoring of the patients over agriculture and industrial monitoring or early warning emergency systems, ending with uses for military purposes as well -- that is where the technology originally started.

The wireless sensor networks are not just another new technology, but also exhibits new and complex problems from the security perspective and therefore drawn significant attention in research community. The combination of decentralized tasks with high numbers of resource limited and out-of-physical control nodes renders the most of the existing security approaches at least unsuitable or even impossible to deploy. Due to limited battery, communication should be kept to minimum, limiting role of the centralized party and increasing need for autonomous decision on end nodes. Because of high number of these nodes, price tag for single node should be low -- making difficult to deploy tamper resistant hardware to most of the nodes -- compromise of the fraction of the nodes therefore must be expected and integrally dealt with. The possibility to make at least some of the deployed sensor nodes tamper-resistant or partially tamper-resistant will be discussed in this context.

The talk will cover the different cryptographic approaches how to provide resilient network by non-standard or novel techniques like key distribution without predistributed secrets. The focus will be on the key distribution and key establishment protocols secure against the partial network compromise. Possibility for an automatic generation and optimization of the protocols for the particular scenario will be discussed, with the aim to provide personalized and efficient cryptography settings based on real scenario demands. Dark side of the conflict will be covered as well -- automated search for attacker's strategies with applications to secure routing and key capture attacks will be presented.