Securing transmissions between nodes of WSN using TPM

Nowadays, Wireless Sensors Networks (WSN) are the most important components in the booming Internet of Things (IoT). Given the use of WSN in systems that are part of the critical infrastructure of a country, the primary task is continuous authentication of WSN nodes. This paper describes how to use the Trusted Platform Module (TPM) to authenticate sensors which create a sensors' domain in WSN. A model of wireless sensor network as well as operations associated with authentication in the sensors domain are presented. Additionally, an implementation of selected operations in the sensors domain is described; this includes: the master node initialization, slave nodes registration, and data transfer between them. Testing environment including the construction of nodes equipped with the TPM is described. The solution developed by the authors of the paper is only a partial realization of a broader concept of authentication in WSNs supported by the TPM.


I. INTRODUCTION
n the age of common electronic communications security plays an increasingly important role.This applies to a wide range of aspects of everyday life starting from household to complex control systems.Mainly results used for communication generally available network in order to minimize costs, increase the efficiency of data processing, as well as reducing access time to data.In this issue also part of Wireless Sensor Networks WSNs networks that have a wide application.
A WSN can be defined as a group of independent nodes, communicating wirelessly over limited frequency and bandwidth [1].Execution of the tasks by the WSNs compared to typical sensor networks depends on dense deployment and coordination of sensors.Only the level of technology and human imagination are a limitation in applying of WSNs in any field of life.In a certain implementations of WSNs (e.g. in military areas) an ensuring of adequate level of security is required.In various implementations of WSNs confidentiality and reliability play an important role.A suitable level of confidentiality and reliability of data as well as security level against attacks can be achieved by applying a data encryption and an authentication of the nodes.
An attempt to design a secure WSN requires that the security components should be included into each node in the system.Any component of a network implemented without any security could easily become a point of attack.This means that security must permeate every aspect of design applications of wireless sensor networks that collect or disseminate sensitive information.Such solutions require a high level of safety.
Considering the military, police, emergency services or others, secrecy is part of their nature, so the data (sensed/disseminated/stored) are required to remain confidential.This is critical to the successful operation of a military, police, emergency applications.Enemy/threat tracking and targeting are among the most useful applications of wireless sensor networking.
Usually, the wireless sensor networks (WSNs) consist of large number of ultra-small, low-power and inexpensive wireless sensor nodes with sensing, computing and communication capabilities [2], [3].It is assumed that such sensors must operate unattended for long periods of time such as several months or even years.In military applications, where the most important element is the safety, the times of maintenance-free operation are not most important, more that, often the life of the sensor will be limited to, for example, a few hours or days.In consequence, the power consumption may not be a critical parameter.
Security mechanisms deployed in WSNs should involve collaborations among the nodes due to the decentralized nature of the networks and absence of any infrastructure.The situation becomes critical when the nodes are equipped with cryptographic materials such as keys and other important data in the sensor nodes.Moreover, enemies/ adversaries can introduce fake nodes similar to the nodes available in the network which further leave the sensor nodes as un-trusted entities.
A characteristic property of WSN are limited resources of nodes creating the network.Attempting to implement an additional functions in such network is always a big challenge for designers of such a network.Introduction to WSN of any security mechanism is also the subject to this rule.Therefore, scientists have tried to offer various network security solutions tailored to the limited resources WSN.These proposals includes: secure and efficient routing protocols [1], [4], secure data aggregation protocols [5], [6], [7], [8] and additional security mechanisms supported by Trusted Platform Module (TPM) [9], [10], [11], [12], [13], [14], [15] A characteristic property of WSN are limited resources of nodes creating the network.Attempting to implement an additional functions in such network is always a big challenge for designers of such a network.Introduction to WSN of any security mechanism is also the subject to this rule.Therefore, scientists have tried to offer various network security solutions tailored to the limited resources WSN.These proposals includes: secure and efficient routing protocols [4], [1], secure data aggregation protocols [5], [6], [7], [8] and additional security mechanisms supported by Trusted Platform Module (TPM) [9], [10], [11], [12], [13], [14], [15].
Usually, the sensors used in military applications should be capable of being used for a relatively short period of time (e.g.several hours or days rather than months or years).The time is limited to the execution of a single task.In such situations typically, there is no restriction on energy consumption by sensor.Examples of such applications are shown in Fig. 1.

Fig. 1 WSN in military applications
Considering the above, the secure method of transmitting and storing data in WSNs is proposed in the paper.The Trusted Platform Module (TPM) is the basis of the presented method.A TPM is used for secure storing the necessary data to authenticate the nodes, and generate symmetric keys, and asymmetric keys (private/public).The solution presented in the paper uses the concept of authentication in WSNs using TPM developed by the authors of the paper and described in detail in [13].
In the second section proposed architecture of WSNs, and basic definitions are presented.The basic data of each node are stored in every nodes (type and scope of stored data depends on the role they played in the network e.g.domain master (node M), and slave (node S)).In the section the basic data structures used in the nodes are also defined.The third section shortly describes procedures to ensure proper authentication of sensors in domain and correct data transfer between sensors and in detail describes a certain operations in sensors' domain.In the fourth section a few experiments with selected operations in sensors domain and obtained results are presented.Finally, a few concluding remarks are presented.

II. THE MODEL OF WIRELESS SENSOR NETWORK WITH
In the domain of sensors there are two authorities.The first is the node (Data Collector) which is the recipient of the data emitted by the domain sensors.The node which manages the Root of trust is the second authority.The Root of trust is to be used to authenticate all sensors involved in the exchange of data between elements of the domain of sensors.The second authority is to act as a master of domain and will be called the node M. The presented concept assumes that both the role of the recipient of data from the sensors (i.e.Data Collector) and the role of the master of domain plays the same node.
In the sensors' domain is exactly the one node that acts as the domain master (node M).To this domain belong sensors of type slave (nodes S), which are registered by the node M. Nodes S are the source of data.Node S is initiated and authenticated by node M of domain.Node M stores the root trust of sensors' domain.The sensors' domain structure is shown in Fig. 2. Fig. 2 The structure of sensors' domain In the domain may be designated nodes acting as backups masters (replicas of master -rM).Such a node may be a S node after the establishment the role rM for him, on condition that its hardware and software resources provide this capability.In the domain may be no node type rM (this is not recommended), but there may be a few such nodes.The task of node rM is to store a copy of the root of trust from the node M of domain.
From the viewpoint of authentication procedures nodes M and rM for nodes S are the same.Node rM can become a new node M of domain after changing its role, due to proven inactivity of old node M. In this case the node, which has so far acted as a node M, becomes a node rM, or node S, or is removed.
When the sensor does not function, is turned off or damaged, it is assumed that this node is in a non-active state, and when the sensor is functioning, then the node is in the active state.
Sensor, which acts as a node M receives data from S nodes.

1060
PROCEEDINGS OF THE FEDCSIS.Ł ÓD Ź, 2015 Minimum requirements for a sensor type S are as follows:  sensor must be equipped with a TPM (see the next section);  sensor must have an interface that allows direct connection to the node M (e.g. via USB or Serial) in the registration procedure of the node in the domain;  the ability to send sensor data (i.e.measurement data) to M node using only wireless connection.In order to enable automatic authentication procedure of the node and regeneration procedure for S node credentials, S node should be able to receive data transmitted by node M via a wireless connection.Otherwise, the node authentication procedure is not possible and change of credentials of this node will be possible only after the re-registration of the node.Nodes that are designed to play the role of M or rM must be able to bi-directional communication with other nodes, and should also have adequate resources in terms of power, processing capability and storage capacity.

A. Trusted Platform Module
In the presented model for authentication sensors are used mechanisms offered by the Trusted Platform Module (TPM).It is assumed that each element of the domain of sensors is equipped with TPM.
TPM is an implementation of a standard developed by the Trusted Computing Group [16].This module is designed to support the cryptographic procedures and protocols that can be used for securing data [17].Trusted Platform Module provides the following functions:  generating an asymmetric key pair,  secure storage of keys,  generating an electronic signatures,  encryption and decryption,  implementation of an operation defined by the standard PKCS #11.
In addition, each TPM chip stores a unique serial number and its RSA private key that is never available to read.TPM components are shown in Fig. 3.In laboratory stand was used TPM (AT97SC3205) developed by Atmel, which was designed in accordance with the security requirements for cryptographic modules (FIPS 140-2) Level 1 [20].Used module additionally meets the requirements described in Security Policy for Atmel TPM [21], which says that authentication mechanisms meet the strength requirements of FIPS 140-2, Level 2.

B. Resources of sensors
Each sensor is equipped with a TPM.The necessary data to authenticate the node in domain are stored in non-volatile memory of TPM.Access to the memory is protected by Endorsment Key of the module.The data structure of the node acting as the S is shown on Fig. 4 3 .Sensors, which are to play the role of M or rM must be equipped with additional memory, which is intended to store the description of the domain and descriptions of remaining domain nodes.after which the rM node is required to establish communication with the node M and refresh the domain data;  PNR (Period of Non-success Replication) -the time (in msec) after which the node rM is obliged to repeat the attempt to establish communication with the M node if the previous attempt refreshing the domain data was not successful;  TDV (Time of data validity)after this time (in msec) and the inability to refresh, the domain data are invalid and node becomes a node S. All the data of domain description are encrypted using the NSK key and IV vector of M node. NSK -symmetric key to encrypt the data sent from this node to M node and to decrypt the data received from M node; obtained during the procedure for registering the node in the domain and renovated in the procedure for the regeneration of S node credentials;  IVinitiating vector for encryption using NSK key in Cipher Block Chaining mode;  Stat -status of the node; it can take one of the values: non-active(-1), active(0), active non-confirmed (n), where n is the number of consecutive unsuccessful attempts to establish communication with the node  Time (in msec) -moment of the last and the effective transmission 4 ; 4 It was assumed that Time field is modified each time the field SQ is modified.In order not to complicate the understanding of the procedures outlined in the following sections, this field has not been included in these procedures. SQ -the sequence number of the last sent frame (modified after each message).All node description data except N_ID field are encrypted using the NSK key and IV vector of M node.Key EK, SRK, NK and DK form a root of trust node M. Access to keys from a root of trust and access to other data in the non-volatile memory is protected by the secret of the TPM module owner.
Because the description of the domain and descriptions of nodes are encrypted, they can be stored outside the TPM module non-volatile memory, for example in SD memory.

AUTHENTICATION
In [19] was presented the concept of authentication in WSNs using TPM.Ensuring proper authentication of sensors in domain and correct data transfer between sensors were taken into account in the concept.The concept consist the following procedures: 1. Procedure for initiating M node.
2. Procedure for registering the S node in the domain of sensors.3. Procedure for removing rM or S node from the sensors' domain.4. Authentication procedure of the node. 5. Integration test of nodes in sensors' domain.6. Procedure for the regeneration of S node credentials.7. Procedure of sending data from S node to M node.8. Procedure of reading data on M node which were received from S node.9. Procedure for giving role rM in the domain for S node.10.Procedure for updating resources of rM node based on resources of M node.11.Procedure for changing the node role from rM role to role M; 12. Procedure for determining the "new" node M after the failure of the "old" node M. 13.Integration test of resources of M and rM nodes.In this study in the following sections the procedures listed in paragraphs 1, 2, 7 and 8 are comprehensively described.The procedures implementation details are described in the next section.

A. The procedure for initiating M node
This procedure is intended to create the domain of sensors and to initiate the node that will play the master of the domain role.
Input data:  M node owner secret;  NK usage secret;  DN -sensors' domain name;  N_ID -node identifier;  time periods (i.e.PR, PNR and TDV) associated with the operation of nodes rM..
The procedure for initiating M node comprises the following steps: 1.Take ownership of the TPM and SRK key generation.2. Generate asymmetric key NK (NK attributes: Binding, Non-Migratable, Authority_always), SRK is a parent of NK); 3. Put NK into the root of trust stored in the TPM of "M" node.4. Generate the data for M node:  generate asymmetric key DK for sensors' domain and put it into the root of trust stored in the TPM of "M" node (DK attributes: Storage, Migratable, Authority_always), SRK is a parent of DK; later public part of DK will be used by "S" node to bind the data which will be sent from "S" node to "M" node);  generate symmetric key (NSKsize 32 bytes) and initialization vector (IVsize 16 bytes) for AES cryptography;  generate sequential number SQ for M node;  put M node data into non-volatile memory of the TPM of S node. 5. Prepare of the domain description, which includes the fields DN, RN, PR, PNR, TDV and then encrypt this description using the NSK key and IV vector.
The RN field should have a content of "M".

B. The procedure for registering the S node in the domain of sensors
In the procedure of registration S node in the domain is assumed that during this procedure S node is connected to the node M via the Serial interface 5 .
Input data:  N_ID -node identifier;  public part of the DK key.
After installing S node in serial port of M node the procedure for registering S node in the domain comprises the following steps: 1.On S node take ownership of the TPM and SRK key generation.
2. Generate asymmetric key NK of S node (NK attributes: Binding, Non-Migratable, Authority_always); SRK is a parent of NK).The confirmation should contain N_ID, Time and SQ and be encrypted using NSK key and IV vector of node S.  from S to M node containing encrypted SD field with NSK, but without binding the frame with the public part of DK; c) sending a third bound frame with the public part of DK from S to M node containing encrypted SD field with NSK.

STAGE 1.
The entire first stage is initiated and implemented autonomously on the node that will act as the Master.After this step this step the TPM is initiated and node ownership is acquired.The description of M node is written in non-volatile memory of TPM.Moreover, encrypted 6 description of sensors domain, in which is registered one node (i.e.Master), is created.Exemplary, encrypted description of sensors domain which was created as a result of this step for M node (node ID is 0xCC CC CC CC) is shown in Fig. 12. Fig. 12 Description of sensors domain after M node initiating procedure 6 In description of sensors domain all fields are encrypted with the exception of node IDs STAGE 2.
Before the start of the second stage S node should be connected to the node M over a Serial.The data shown have been partially modified during the implementation of the method to those described in [13], as shown in Fig. 13.In the first three steps of the stage TPM of S node is initiated, node ownership is acquired and the root of trust on S node is created.Then direct connection to M by Serial interface node is needed to transfer public part of the DK.DK is transferred as a plain text.In next step NSK and IV is randomly generated and put into non-volatile memory of S node.Then N_ID, NSK, IV and public part of NK key are bound using public part of DK key and transferred to M node through the Serial interface.On the basis of these data M node prepares a description of the node S and attach it to the sensors' domain description.Now domain description.

XBee
After it the domain description might look like on the Fig. 14.
In the last step confirmation of S node registering (encrypted using NSK key of S node) is sent to S node.In this moment S node is registered and should be disconnected from Serial interface connecting it with M node.

STAGE 3.
The S node is ready to transfer its sensor data by XBee interface -Serial line used in stage 2 is disconnected.In experiment takes part, in addition to S and M node, Observer station equipped with Xbee interface as shown on Fig. 15 and Fig. 16.This node is designed to interception the data transmission between nodes S and M.      The experiment shows that the data transferred between nodes S and M are secured.Unauthorized nodes that are not registered in the domain of sensors, even if they are able to receive the data, they are not able to use them.

V. CONCLUSION
This paper presents the model, concept of authentication in sensors' domain and implementation of securing transmissions between nodes of WSN.For this purpose, the mechanisms provided by the TPM are used.In paper was presented only the most important operations in sensors domain: nodes initiating and transfer data between the nodes.Particular attention was paid to secure the transmission and to secure the nodes of network.In all procedures hardware support provided by the TPM was used.If you apply all the requirements specified in the security Requirements for cryptographic modules (FIPS 140-2), the securing data is very strong.The effect is, however, come at a price relatively high power consumption and requires the use of modules that have more computing power and more resources of RAM.The biggest problem during the implementation was the shortage of sufficient RAM in used Arduino modules.For this reason, in further work we anticipate to use the EEP-ROM and/or SDRAM memory.

Fig. 4 Fig. 5 Fig. 6
Fig.4 The data stored on S node Content of credentials stored in non-volatile memory of the TPM, which are used by a node S (Slave data):  EK (Endorsment Key) -key pair (private/public) generated in the development phase of the TPMthe private part of the key never leaves the module and it is not possible to read this part of the key;  SRK (Storage Root Key) -key pair (private/public) generated during the process of initiating the TPM in the procedure for registering a S node in the domain of sensors; private part of the key is wrapped by public part of EK, and access to the key is protected by secret of module owner;  NK (Node Key) -key pair (private/public) of node; generated during the procedure for registering a S node in the domain of sensors; private part of the key is bound by public part of SRK;  N_ID (Node ID) -ID of the sensor;  NSK (Node Symmetric Key)symmetric key to encrypt the data sent from this node to M node and to decrypt the data received from M node; obtained during the procedure for registering the node

Fig. 7
Fig. 7 The data structure describing a node o Description of domain nodes.Description of each node contains the following data (the structure of the data is showed on Fig. 7):  N_ID (Node ID) -ID of the node (4 bytes length);  RN (Role of Node)the role filled by the node in the domain; it can take values from the set {M, rM, S};  SlvK -public part of an asymmetric key N_ID node of sensors' domain;  NSK -symmetric key to encrypt the data sent from 1062PROCEEDINGS OF THE FEDCSIS.Ł ÓD Ź, 2015

6 .
Prepare of the M node description and then encrypt this description using the NSK key, and IV.The fields of the description should have the following values:  N_ID = input data N_ID (the field is not encrypted);  RN = "M";  SlvK = public part of the node NK key;  NSK = the node NSK key;  IV = initiating vector for NSK key;  Stat = 0;  Time = current time;  SQ = random number from the range <0; 65535>.7. Save the M node description in M node resources.

3 .
Put NK to TPM resources of S node.4. Generate the data for S node:  obtain the public part of the DK key from nonvolatile memory of the TPM of M node; send a dom_pub_key_req packet from S node to M node through the serial line: dom_pub_key_req code where: code = 101 for dom_pub_key_req packet; and get from M node a dom_pub_key_ans packet: dom_pub_key_ans code DK where: code = 102 for dom_pub_key_ans packet; DK public part of Domain Key of sensors' domain;  generate symmetric key (NSKsize 32 bytes), initialization vector (IVsize 16 bytes) for AES cryptography;  put S node data into TPM non-volatile memory of S node. 5. Prepare S node_description_req packet node_description_req for node_description_req packet; N_ID, NSK, IV and public part of NK key (the first three fields are bound using public part of DK key).6. Transfer the blob to M node and then unbind it using the private part of DK key. 7. On M node prepare the S node description and then encrypt this description using NSK key and IV vector of M node.The fields of the S node description should have the following values:  N_ID = input data N_ID (the field is not encrypted)  RN = "S";  SlvK = public part of the S node NK key which be registered;  NSK = the NSK key of node which be registered;  IV = initiating vector for NSK key;  Stat = 0;  Time = current time;  SQ = random number from the range <0; 65535>.Save the S node description in M node resources.8. Send a confirmation of registration to the node S.

Fig. 11
Fig. 11 Atmel I2C/SPI Demonstration Kit In this laboratory stand was realized an experiment consisting of the following stages: 1. Initiating M node.2. Registering the S node in the domain of sensors.3. Transferring data from S node to M node:

Fig. 13
Fig. 13 Block diagram of M node and S node during the procedure of S node registering

Fig. 15
Fig. 15 Block diagram of M node, S node and observer during transferring data between S node and M node

Fig. 17
Fig. 17 Data received on M node and on Observer node in step a)Data received in step b) by nodes M and Observer are also the same, but for M node NSK key of S node is known and it can decrypt the SD field from received frame.The result is showed on Fig.18.

Fig. 18
Fig. 18 Data after step b) Data received in step c) by nodes M and Observer are also the same, but M node knows NSK key of S node and private part of DK and M node can first unbind received frame and then decrypt the SD field from the frame.The result is showed on Fig. 19.