-5-
v7.0
Introduction
Common security issues which are solved include:
- Access control:
by using AES 128 in the link layer we ensure that only nodes with the shared key can access to the routing
capabilities of the sensor network. If a strange node sends a message to the network the message will be discharged in the first
hop so no extra communication resources will be used. The AES 128 algorithm is implemented in the same radio using specific
hardware, for this reason the information will be automatically discarded and not even sent to the microcontroller. This provides
an extra layer of security as the main control unit of the node will not be interrupted from performing basic tasks or event not
awaken from the sleep mode (what ensures optimum energy usage).
- Authentication:
the library implements also RSA with asymmetric key scheme. Each node has a pair of Public/Private keys
(1024b) which uses to sign the messages in order to ensure the authenticity of origin and destination.
- Data Confidentiality (Privacy):
by doubling encryption of the messages we ensure that first that only the nodes which form
part of the network can see the general routing packets (AES 128 in the link layer) and after that we establish an encryption
tunnel by direct P2P encryption between origin and destination (using AES).
- Data Integrity:
the new library uses hash algorithms such as MD5 and SHA to create the checksum of the message and to
ensure that the final information received correspond with the original sent.
- Non-repudiation:
by signing the messages with RSA keys we have also the legal proof that the information sent really was
sent by a specific sensor node and not by other. Important in the future when all the sensitive sensor information has to be
legally approved.
Each node may store thousands of different Public Keys of the nodes of the network in its SD card. So we can establish a real P2P
encryption among any sensor and the Gateway and even between any sensor and any web or data base server directly.
The new Libraries are specifically designed to be used in the Waspmote hardware sensor platform and are distributed along
with the Waspmote IDE which is distributed under an open source license.
Note:
The Encryption Libraries are part of the Waspmote API and have been designed to work solely on top of the Waspmote and
Waspmote Plug & Sense sensor platforms. More info at: