:

: 5653

802.15.4

MSP430

:

: 1508 / 2009
, 2009

:
802.15.4
MSP430


.. 5653

20 2009

: 1508 / 2009

802.15.4
MSP430

:
:

(MAC)
802.15.4. , MAC
TinyOS TelosB, backoff
CSMA-CA 802.15.4.

. , (driver) CC2420
radio
, , (SW
security) CC2420 (HW security). ,

.
, ECC (elliptic curve cryptography)
.

Abstract
The thesis dealt with the implementation of the main medium access and security
mechanisms in a wireless sensor network based on the IEEE 802.15.4 standard. More
specifically, starting from the tinyos2.1 medium access implementation on the TelosB
platform, the backoff mechanism was altered, in order to become fully 802.15.4 compliant,
while the appropriate mechanisms were also developed in order to introduce the protocol's
security features in the stack. For the latter, a driver for the CC2420 chip was developed and
energy and performance meassurements were conducted, comparing the system under
three modes of operation, namely with no security, with SW encryption/authentication and
with HW encryption/authentication. Finally, the main mechanisms of key management and
distribution in a deployed wireless sensor network were studied and developed. Specifically,
we implemented two key management schemes. The first was a probalistic pre-distribution
mechanism and the second an ECC (elliptic curve cryptography) mechanism of public
cryptography in order to install symmetric keys on the motes.

............................................................................................................................................ 5
Abstract ............................................................................................................................................... 5
........................................................................................................................................ 6
................................................................................................................................. 9
1 - ..................................................................................................................... 11
2 .................................................................................. 16
2.1 ................................................................................................................................. 16
2.2 ............................................................................................................................... 17
2.3 ................................................................................................................ 21
2.4 ................................................................. 23
2.5 motes ....................................................................................... 25
2.6 motes ............................................................. 27
2.7 motes ............................................................................................. 32
2.7.1. TinyOS 1.x ........................................................................................................................ 32
2.7.2. TinyOS 2.0 ........................................................................................................................ 33
2.7.3. Contiki.............................................................................................................................. 33
2.7.4. RETOS .............................................................................................................................. 34
2.8 ................................................................................................................................. 34
3 (MAC) ......... 35
3.1 ................................................................................................................................. 35
3.2 Sensor-MAC ............................................................................................................................. 36
3.3 -MAC ...................................................................................................................................... 37
3.4 -MAC...................................................................................................................................... 37
3.5 X-MAC ...................................................................................................................................... 39
3.6 IEEE 802.15.4 ........................................................................................................................... 39
3.6.1. 802.15.4 ........................................................................................... 39
3.6.2. IEEE 802.15.4 non-beacon ............................................................................ 40
3.6.3. IEEE 802.15.4 Super-frame (beacon ) ............................................................ 40
3.6.4. IEEE 802.15.4 ..................................................................................................... 41
3.6.5. CSMA-CA IEEE 802.15.4 ............................................................................... 42
3.6.6. IEEE802.15.4 ............................................................................................ 43
6

3.7 ................................................................................................................................. 43
4 .................................................................................................................... 44
4.1 .............................................................. 44
4.1.1. ........................................................................................ 44
4.1.2. , 45
4.2 IEEE 802.15.4 (ver. 2003) .............................................................. 46
4.2.1. PIB Security Material ....................................................................................................... 46
4.2.2. PIB Format (CTR mode) ................................................................................................... 47
4.2.3. CTR input block ................................................................................................................ 47
4.2.4. .................................................................................................... 49
4.3 Security IEEE 802.15.4 (ver.2006) .................................................................. 50
4.3.1. MAC PIB ........................................................................... 50
4.4 ................................................................................................................................. 51
5 ........................................................................... 52
5.1 ................................................................................................................................. 52
5.2 Hardware .................................................................................................................... 52
5.2.1. Tmote Sky ..................................................................................................................... 52
5.2.2. MSP430............................................................................................................................ 57
5.2.3. CC2420............................................................................................................................. 57
5.3 Software .............................................................................................................. 59
5.3.1. NesC................................................................................................................................. 59
5.3.2. TinyOS.............................................................................................................................. 60
5.4 ................................................................................................................................. 67
6 .................................................................................................................. 68
6.1 ................................................................................................................................. 68
6.2 CC2420 Stack ........................................................................................................................... 68
6.2.1. CC2420 Stack..................................................................................................... 68
6.2.2. CC2420 ............................................................................................................... 69
6.2.3. CC2420 Stack ........................................................................... 70
6.2.4. CSMA CC2420 Radio Stack.................................................................... 70
6.3 CSMA: ......................................................................................................... 70
6.4 CC2420 ............................................................................................................. 72
6.4.1. ........................................................................................................................ 72
6.4.2. (Nonce / Counter) ................................................................................... 72

6.4.3. CTR encryption ............................................................................................. 73

6.4.4. SECCTRL0 ......................................................................................................................... 74
6.4.5. SECCTRL1 ......................................................................................................................... 74
6.5 : .................................................................................................. 75
6.5.1. ........................................................................................................ 75
6.5.2. MAC ................................................................................................................... 75
6.6 ................................................................................................................................. 77
7 ................................................................................................... 78
7.1 ................................................................................................................................. 78
7.2 ................................................................................................... 78
7.2.1. (pair-wise)........................................................... 78
7.2.2. - ..................................................................... 79
7.3 ................................................................................................................. 80
7.3.1. - ............................................................. 80
7.3.2. public ECC..................................................................... 84
7.4 ................................................................................................................................. 90
8 - ................................................................................................................... 91
8.1 ................................................................................................................................. 91
8.2 ........................................................................................................ 91
8.2.1. ......................................................................................................... 91
8.2.2. ................................................................ 93
8.3 ................................................................................................................. 99
8.3.1. / ............... 100
8.4 ............................................................................................................................... 101
9 ......................................................................................................... 103
10 - .......................................................................................................... 105

1 ....................................................................... 12
2 Code Blue project (Telos mote, EMG sensor) ........................................................................ 17
3 .................................................................................. 18
4 ............................................................................................................... 18
5 Great Duck Island ............................................................................................... 19
6 Redwood (Berkeley)..................................................................................... 19
7 ........................................................................................................... 20
8 FabApp .................................................................... 21
9 () () ............. 22
10 ........................................ 24
11 .................................................................................................. 25
12 ............................................................................................... 28
13 Dust ...................................................................................................................... 28
14 ( ) ........................................................................ 29
15 (high bandwidth) ............................................................................. 29
16 Gateway................................................................................................................... 30
17 MAC ................................................................................. 36
18 throughput MAC/SMAC .................................................................................. 38
19 802.15.4 (FFD/RFD) ............................................................................ 40
20 IEEE 802.15.4 Super-frame ................................................................................................... 40
21 MAC 802.15.4 ................................................................................................. 41
22 CSMA-CA IEEE 802.15.4 .................................................................................... 42
23 CTR .................................................................................................. 47
24 .................................................................... 47
25 CTR ......................................................................................... 48
26 CTR encryption................................................................................................... 48
27 (-) CTR ...................................................... 49
28 Tmote-sky ( ) ........................................................................................................... 53
29 mote-sky ( ) ......................................................................................................... 54
30 Tmote-sky ................................................................................................... 54
31 mote-sky.............................................................................................. 55
32 MSP430 ............................................................................................................. 57
33 CC2420 .............................................................................................................. 58
34 CC2420 .................................................................................................. 58
35 RSSI CC2420 ............................................................................................... 58
36 nesC .................................................................................................... 60
37 TinyOS ............................................................................................... 61
38 (schedulers) ....................................................................... 62
39 TinyOS .......................................................................................... 63
40 TinyOS Component ............................................................................................................... 64
41 CC2420 Nonce ...................................................................................................................... 72
42 CC2420 nonce .............................................................................................. 72

43 CC2420 ........................................................ 73
44 SECCTRL0 .............................................................................................................................. 74
45 SECCTRL1 .............................................................................................................................. 75
46 Pool Key Ring (k = Key Ring,
P = Pool)................................................................................................................................................. 82
47 , .............................. 83
48 ECDH ............................................................ 88
49 ECC.................................................. 90
50 ....................................................................................... 91
51 .................................................................................................. 93
52 Tmote Sky / CC2420...... 94
53 / CC2420
leds.................................................................................................................................................... 95
54 14 Bytes................................................... 96
55 104 Bytes................................................. 96
56 HW AES 14Bytes ......................................... 97
57 SW AES 14Bytes ......................................... 97
58 HW AES 104Bytes ...................................... 98
59 SW AES 104Bytes ...................................... 98
60 AES/RC6 .......................... 101

10

1 -

,

. , / ,
, 3G, GPRS, Wi-Fi, .
, . ,
, ,

.


, .

(), ,
.

,

, , , , ,
, , ,
, ,
.
2
.
UC Berkley
sensor motes, mica
mote-iv, TinyOS.
,

,
.

,

.
,

:
, , ,
, , , , .,
,

11

, ,
, .


. -
-
.
1
[1]:

,

, ,
GPS .
.




, , , .


- -

12

,
21 .


(, )
. , ,
,
.


, ,

.
.


. .

(, , , .)
( , ,
)
,
.
, , ,
,
(
, . ),
(), ,
.
,


.
,
,
.
,
(, )
.

( , ,
, ),
, ,

,

13

.

() .
(encryption /
authentication) IEEE 802.15.4
.

(MAC) IEEE 802.15.4
TinyOS
. .
:
2 : .
. ,
, ,
.
3 : (MAC).

: SMAC, TMAC, XMAC, BMAC, IEEE 802.15.4 TinyOS
.
4 : .
(
). IEEE 802.15.4.
5 : .
mote sky
CC2420. TinyOS, NesC. TOS 2.x
NesC.
6 : .
CSMA-CA
802.15.4.
CC2420 802.15.4
7 : .

. -
,
,
.
(ECC).
8 :

14

.
9 : .

15

2.1
wireless sensor networks (WSN)
.
(RF systems)
.

, .
,
.
, ,
.
.
WSN
.
, , ,
.
;
. :
WSN


.

.
WSN
.

,
.

.

. -
.

.
16

2.2


. .

.
:
:
(nodes)
,
.

,
.
,
.

, :
, , ,
().

.
Code Blue
Harvard [2]. 2 mote
Telos, USB ,
EMG (Accelerometer, gyroscope, and
electromyogram ) .

2 Code Blue project (Telos mote, EMG sensor)

:

.
.

17

3,
[3].

:
, , ,
, , ,
,
, ,
, .
:

. ,

.
4

[4].

Great
Duck Island [5]. -

Storm-Petrel. ,
(1) 10

18

(2).
node
(4) (5)
.

5 Great Duck Island

Redwood (Berkeley)[6].
.

:

6 Redwood (Berkeley)

19

[8].
,
. ,
,

.
,
,
.
:


[7].

( , )
( ).
.
,

.
.

.
20

.
,
.
.

8 FabApp

2.3
(deployment)
. ,
,

, , (
) [50]. ,
: .
()
,

-.
, ,
. ,
[48], [49], [54]:
- :
10

.

. ,
,
,
.
:
.
, *50], [51], [52].

21

.
,

,
.

9 () ()

:

. ,


- (). ,
,
.
:

- ( ),
,
[53+.
,
.
ad hoc
( ) [55], [56].
10.000 100.000
. ad
hoc
.
,
,
.

22

-. , ,

.
.

.
ad hoc
. ,
.
,
.
,
.

, .

.


.
.
.
, , ,

. .

,
.

.
.

2.4
(routing)
[47]. ,

(global addressing)
(overhead) (IDs) .
IP (internet protocol)
. , adhoc - (self-organizing).
.
,

, (base station). ,
(.. multicast, peer to peer). ,

23

, .
. ,
,
.
,
. ,
(application specific). ,
.
, GPS (global positioning system).
(triangulation) [45],[46]

. ,
,
.
.
,
.
, .


.
(data aggregation),
(in-network processing), (clustering),
(role assignment)
(data centric).
(flat), (hierarchical) (locationbased).
multipath ( ), query ( ), negotiation
(), QoS (quality of service ), coherent
(). ,

(clusters)
.

. :

10

,
() proactive, () reactive () hybrid

24

. proactive ,
reactive
. hybrid .
, (proactive)
. reactive
.
cooperative. ,
(base station)
.
.

2.5 motes
(mote) 6 (components),
12. - (microcontroller). ,
, -- (ADC). ADC
.
[9],[14].

11

() - ( micro controller )
- .
,
. -
, ,
FPGAs (field programmable gate arrays)
(ASICs). -
mote
,
(sleep state)
. , ,
.
, .


. FPGAs
,
. ASICs

25

,
-
.
() ( transceiver)
motes ISM (industrial, scientific, medicine)
.
,
(radio frequency RF), (laser)
(infrared). laser
(line of sight - LOS).
. , ,
, .
(RF)
.
433 MHz 2,4 GHz.
, (transceiver).
: , , .
,
.

.
() (External Memory)
,
- , FLASH
. flash
.
.
: ()
() .

.
() (Power Source)
motes
, .
,
.
kb 100
3 100
/W .
. motes. motes
,
. .
(dynamic power management)
26

. (dynamic
voltage scaling) .

.

() (Sensors)

.

-- (ADC)
.

,
,
. ( 0.5Ah 1.2V ).
.
, - .
. -
.
.
, .

. .
.
,
, .

2.6 motes
(nodes)
. : () ,
() , () () (gateways).

.
.
.

. ,

, Ethernet, 802.11
(WANs). 13 [10].

27

12

.
() (special purpose)
2003 UC Berkeley
Spec Mote [11].
(smart dust). ,

Berkeley. Spec (RF). 2mm2 X 2,5mm2. o Spec
RISC 3Kbytes .
902.4 MHz 12
19.2 Kbps . Mote on Chip (MoC)
Dust Inc. DN2510 12 12 mm,
2,4GHz 250Kbps
300 .
13 Dust

() (generic)
.
crossbow, mote-iv, Intel Dust Inc. Crossbow [13]
WeC, 1998, Rene
1999. Rene II, 2000, ,
(wakeup time).
Dot .
Mica (Mica, Mica2Dot, Mica 2, MICAz)
(128), ( CC1000 TR1000)
. mote-iv Telos
a & b Tmote-sky. MSP430 Texas Instruments
28

Atmel .
USB RS232
IEEE 1284. CC2420 .
mote-iv Tmote-sky
.

14 ( )

() (high bandwidth)
, ,
,
. , ,
. Intel
nodes [12]. Intel mote
, ,
. Mote Intel
ARM, SRAM flash . motes
Bluetooth.

15 (high bandwidth)

() Gateway
mote (interfaces) Ethernet, WiFi, USB - motes
, , .
Crossbow 3 gateway RS-232,
USB Ethernet ( 510,520,600) [13]. gateway node
Stargate NetBridge gateway .
Intel 420 XScale Debian Linux
. 32MB RAM, 2GB Flash, Ethernet USB 2.0.

29

16 Gateway

[9]:

BEAN

BTnode

COTS

Dot
Eyes

motes

(.)
(.)

MSP430F169
CC1000 (3004 Mbit
1000 MHz)
with 78.6
kbit/s
Atmel ATmega
Chipcon
64+180
128K
C and NesC
128L (8 MHz @
CC1000 (433K RAM
FLASH
Programmi
8 MIPS)
915 MHz) and
ROM, 4K
ng
Bluetooth (2.4
EEPROM
GHz)
ATMEL
Microcontroller
916 MHz
ATMEGA163
1K RAM
8-16K
WeC
Flash
MSP430F149
TR1001
8 Mbit

EyesIFX v1

MSP430F149

EyesIFX v2

MSP430F1611

GWnode

PIC18LF8722

IMote

ARM core 12
MHz

IMote 1.0

ARM 7TDMI 1248 MHz

IMote 2.0

Marvel PXA271
ARM 11-400
MHz

Iris

ATmega1281

TDA5250 (868
MHz) FSK
TDA5250 (868
MHz) FSK
BiM (173 MHz)
FSK
Bluetooth with
the range of
30m
Bluetooth with
the range of
30m
TI CC2420
802.15.4/ZigB
ee compliant
radio
Atmel
AT86RF230
802.15.4/ZigB

8 Mbit
8 Mbit

BTnut and
TinyOS
support

PeerOS
Support
TinyOS
Support
TinyOS
Support
Custom OS

64k
RAM
64K
SRAM

128k flash
512K
Flash

TinyOS
Support

64K
SRAM

512K
Flash

TinyOS
Support

32MB
SRAM

32MB
Flash

8K RAM

128K
Flash

Microsoft
.NET Micro,
Linux,
TinyOS
Support
TinyOS,
MoteWork
s Support

30

YATOS
Support

NesC

ee compliant
radio
250 kbit/s 2.4
GHz IEEE
802.15.4
Chipcon
Wireless
Transceiver
RFM TR1000
radio 50 kbit/s

KMote

TI MSP430
microcontroller

Mica

Mica2

Atmel
ATMEGA103 4
MHz 8-bit CPU
ATMEGA 128L

Mica2Dot

ATMEGA 128

MICAz

ATMEGA 128

TI CC2420
802.15.4/ZigB
ee compliant
radio

4K RAM

Mulle

Renesas M16C

Bluetooth 2.0

31K
RAM

Nymph

ATMEGA128L

CC1000

Rene

ATMEL8535

512
bytes
RAM

SenseNode

MSP430F1611

916 MHz radio

with
bandwidth of
10 kbit/s
Chipcon
CC2420

Spec

4-8 MHz
Custom 8-bit
processor (AVR-

CC1000

3K Ram

SunSPOT

ARM 920T

802.15.4

512K
RAM

4 MB
Flash

Telos
TelosB

Motorola HCS08
Texas
Instruments
MSP430

4K RAM
10k
RAM

48k Flash

Chipcon
868/916 MHz

10k
RAM

48k Flash

128+4K
RAM

512K
Flash

4K RAM

128K
Flash

4K RAM

128K
Flash
128K
Flash

10K
RAM

384K+4K
Flash, 2
MB
EEPROM

TinyOS and
SOS
Support

NesC
Programmi
ng

TinyOS,
SOS and
MantisOS
Support

NesC

C
programmi
ng

64 kB
EEPROM
8K Flash

48K Flash

TinyOS
Support

C and NesC
programmi
ng
C

TinyOS,
SOS,
MantisOS
and NanoRK Support
TCP/IP and
Bluetooth
Profiles:
LAP, DUN,
PAN and
SPP
Support
MantisOS
Support
TinyOS
Support

GenOS
and
TinyOS
Support
TinyOS

like RISC)

250 kbit/s 2.4

GHz IEEE
802.15.4

31

Java

Squawk
J2ME
Virtual
Machine
Contiki,
TinyOS,
SOS and

microcontroller

T-Mote Sky

Texas
Instruments
MSP430
microcontroller

WeC

Atmel AVR
AT90S2313
ML67 series
ARM/THUMB
microcontroller

XYZ

FireFly

Atmel ATmega
1281

Chipcon
Wireless
Transceiver
250 kbit/s 2.4
GHz IEEE
802.15.4
Chipcon
Wireless
Transceiver
RFM TR1000
RF
CC2420 ZigBee
compliant
radio from
Chipcon
Chipcon
CC2420

MantisOS
Support
10k
RAM

48k Flash

Contiki,
TinyOS,
SOS and
MantisOS
Support

32K
RAM

256K
Flash

C
Programmi
ng

8K RAM

128K
FLASH
ROM, 4K
EEPROM

C
Programmi
ng

SOS
Operating
System
Support
Nano-RK
RTOS
Support

2.7 motes


(hardware) [15].
.
,
.
, .

.
. TinyOS [16], Contiki [17] RETOS [18].

2.7.1. TinyOS 1.x

TinyOS 1.x

.
Berkeley
. (open-source)
,
.
components,

. components TinyOS ,
,

. event-driven.
32

(scheduling) .
TinyOS sensor boards.
(tossim)
.

2.7.2. TinyOS 2.0

TinyOS 1.x TinyOS 2.0.
1.x . TinyOS 2.0
1.x 1.x 2.0. ,
2.0
. , 1.x 2.0
.
TOS 2.0
, .
, (active
messages), ..
(portability), TinyOS 2.0
, .
, ,
(components) .
(Hardware Presentation Layer
HPL) ,
(interrupts) .
(Hardware Abstraction Layer - HAL)
.
(Hardware Independent Layer - HIL)
. ,
chips,
. ,
NesC,

TinyOS 2.0. (robustness)
(reliability), TinyOS 2.0
TinyOS 1.x, ,
.

2.7.3. Contiki
Contiki ,
(multi-tasking)
. MICA, TELOS,
T-mote Sky. Contiki 2Kbytes RAM 40 Kbytes ROM.
Contiki (stacks): uIP Rime. uIP
TCP/IP, Contiki
Internet. Rime
.

33

Contiki event driven ,

.
Protothreads [19],[20] ,
C. Protothreads
,
. , -
,
. , Contiki
TinyOS ,
,
.

2.7.4. RETOS
RETOS Resilient, Expandable and Threaded Operating System,
/ , .
RETOS

Yonsei.

-
, ,
,
.

2.8


. , ,
. ,
.
ad-hoc .

.
.
TinyOS.

34

3
(MAC)

3.1
(medium Access Control MAC)
OSI.

.
MAC (logical link
control LLC) (PHY). MAC
.
- (unicast), (multicast)
(broadcast).



.
( ),
. (
)
, , . ,

, .

(medium access) (multiple access).
MAC
, .

.
.
[25], [26], [27].

35

17 MAC

3.2 Sensor-MAC
sensor MAC Ye, Heidemann Estrin An energyefficient MAC protocol for wireless sensor networks [21]. SMAC
(time division multiplexing).
(listening) (sleeping). ,
(cluster) .

(worst case). ,

.
, (traffic shaping) .
SMAC
.

,
.
SMAC :
: ,
.
Overhearing:
, , .
Overhead : ,
, .
(idle listening):
,
.
CSMA .
SMAC (fairness)
.
,

36

(Multihop) (
).


.
, S-MAC
.
(frame),
.
SYNC,

. ,
,
. ,
.
, .
,
. ,
(time slots). slotted CSMA RTS/CTS (request to send /
clear to send) .

3.3 -MAC
T-MAC (timeout-MAC) [22] MAC
S-MAC . T-MAC
S-MAC,

. o T-MAC

.
T-MAC , S-MAC
.
T
( , ,

).
.
T-MAC

.
.

3.4 -MAC
B-MAC (Berkeley Media Access Control) [23]
MAC ,
, .. BMAC
.
middleware

37

. , .
CCA (clear channel assessment)
(backoff),
(acknowledgments). RTS/CTS
, S-MAC.
, , B-MAC
CSMA,
.
, ,
LPL ( msec), .
, .
,

.
. ,
,
, .
FIFO
.
. B-MAC

.
LPL
. BMAC ,
.

18 throughput MAC/SMAC

:
CCA, packet backoff
Link layer
Low power listening
link layer ,

38

fragmentation

CCA, , backoff LPL

3.5 X-MAC
X-MAC MAC
[24]. low power listening
B-MAC.
. , (preamble)
(hop)

non-target receivers. X-MAC
(preamble)
low power listening, ,
(scheduler) .
preamble
, (hops)
(adaptation)
( ).
X-MAC:
(preamble)
, overhead
low power listening not-target .
(pause) ,
strobe preamble, strobe preamble
.

(pre-hop).

(duty cycle)
, .

3.6 IEEE 802.15.4

802.15.4
(low-rate wireless personal area network LR-WPAN).


[28], [29], [30].

3.6.1. 802.15.4
IEEE 802.15.4
(), (full functional device FFD)
(reduced function device RFD).
, (personal area network PAN),
. FFDs RFDs,
RFD FFD .
,

39

. FFD .
64-bit 16-bit
. IEEE 802.15.4 65535 ( 216-1)
0xFFFF (broadcast).
802.15.4 () () peer-to-peer
. (cluster) ,
(PAN identifier).

19 802.15.4 (FFD/RFD)

3.6.2. IEEE 802.15.4 non-beacon

IEEE 802.15.4 beacon .
beacon .
(multi hop)

. non-beacon , IEEE 802.15.4,
un-slotted, (non-persistent) CSMA.
IEEE 802.15.4 ( PHY 133bytes)
RTS/CTS. (backoff),
CSMA ,
(backoff) . ,
MAC (channel access
failure) .

3.6.3. IEEE 802.15.4 Super-frame (beacon )

beacon,
-
(super-frame)

beacon
(coordinator) .

(cluster)
-.
- (super 20 IEEE 802.15.4 Super-frame

40

frame duration SD). ,

. slots.
beacon slot 0
(contention access period CAP)
beacon. CAP
(guarantee time slots GTS).
GTS slots ( 7)
(jitter)
CSMA . GTS slots,
(contention-free period CFP)
( beacon) CAP. slots
(backoff), MAC
. backoff
.
2,4GHz 250kbps.

,
.

3.6.4. IEEE 802.15.4

MAC (MAC protocol data unit MPDU)
:
(MAC header MHR) ,
(sequence number),
.
( ) ,
.
(acknowledgement) .
(MAC footer MFR) (frame
check sequence FCS).
21 :

21 MAC 802.15.4

41

3.6.5. CSMA-CA IEEE 802.15.4

CSMA-CA IEEE 802.15.4
MAC CAP.
: ()
un-slotted CSMA-CA () slotted CSMA-CA.
beacon.
.
,
(backoff) .
backoff
. slotted CSMA-CA
beacon . backoff-slots
beacon.
CAP, (slot) .
,
. ,
. , backoff
aUnitBackoffPeriod (20 ).
backoff 0 5 (channel
access failure). beacon,
CFP .
CSMA IEEE802.15.4 :

22 CSMA-CA IEEE 802.15.4

42

3.6.6. IEEE802.15.4
ad-hoc, ,
, .

, .
IEEE 802.15.4

. 802.15.4
: () , ()
() .
.
, .

3.7

(MAC) .

IEEE 802.15.4 .

43

4
4.1

, , .
.
,
.

[31].

4.1.1.

.
. ,
.

.

, ,

.


. ,
.
(MAC)
. MAC ,
. ,
(broadcast)
.

44

.
,
. , RAM,
.

, ,
.
.

4.1.2. ,

.

. ,
. ,
.

. ,
.

.
.
.
,
,
.
.
, ,
(loops) , ,
,
.
.
Sybil

Sybil (IDs)
.
,
.
( )
Sybil . ,
45

.

( ).
,
.
.
Needham-Schroeder [32]
.
,
.
(sinkhole)

sinkhole,
,
() .

.
(wormholes)

,

.

.
,
. (sink),

,
.

4.2 IEEE 802.15.4 (ver. 2003)

CTR ( )
,
block
nonce (exclusive OR XOR)
. nonce (time
stamp),
.
XOR
.
CTR () , ()
() [29].

4.2.1. PIB Security Material

( CTR, CCM, CBC-MAC )
MAC PIB.

46

(symmetric key): AES (advance encryption

standard) ACL (access control list)

.
.
(frame counter):
MAC .
.
, nonce CCM
.
(key sequence counter):
( )
MAC.
.

(optional external frame and key sequence counters):

(ACL)

. , MAC

.

4.2.2. PIB Format (CTR mode)

CTR ,
,
. 23
.

23 CTR

MAC CTR
,
24 :

24

4.2.3. CTR input block

, ,
block.
25 :

47

25 CTR

CTR :

26 CTR encryption

CTR
( ..) block ,
, block
XOR
.
block .
,
, . standard ,
Tn (1 , 2 ,3 ,,n).
, CTR :
CTR :
Oi = CIPHk (Tj) for j=1, 2 n;
Ci = Pj Oj for j = 1, 2 n-1;
Cj* = Pj* MSBu (On);
CTR :
Oi = CIPHk (Tj) for j=1, 2 n;
Pi = Cj Oj for j = 1, 2 n-1;
Pj* = Cj* MSBu (On);
CTR,
. 27 .

48

27 (-) CTR

4.2.4.

:

CTR
, MAC :
1) 64-bit (aExtendedAddress)
MAC PIB.
(input block)
.
2) MAC
CTR
.
3) ,

.
4) ,
, MAC PIC.
,
FAILED_SECURITY_CHECK
.

49

CTR
, MAC :
1) (
) macDefaultSecurityMaterial,


. ,

.
,
FAILED_SECURITY_CHECK.
2) 64-bit
ACL,
MAC
. nonce
,
FAILED_SECURITY_CHECK.
3) CTR

.
4)
.
1 ,

.

4.3 Security IEEE 802.15.4 (ver.2006)

IEEE802.15.4/2003 2006
[30]. , , .
.
. .
security-related
MAC PIB (PAN Information Base).

4.3.1. MAC PIB

MAC PIB :
( Key table ) : (descriptors)
( ),
.
( Device table ) : descriptors ,

.

.

50

( minimum security level table ) :

,
MAC, (identifier)
.
.
( frame counter ) :
(4-octet)
(semantic)
. counter

. counter
. (0xffffffff 16,7
),
,
.
.
( automatic request attributes ) :


, (automatic data request).
( default key source ) :
,
,
.
(overhead)
.
PAN ( PAN coordinator address ) :

,
,

.

4.4

, .

IEEE 802.15.4
.

51

5

5.1

Tmote-sky .
mote, MSP430
(CC2420).

TinyOS nesC.

5.2 Hardware
5.2.1. Tmote Sky
mote Tmote-sky
moteiv [33]. Tmote-sky Telos.
Telos A Tmote sky
.
MSP430 F1611: Texas Instruments
F149 Telos-A. O F1611 10kB RAM 48kB Flash
2kB 60kB F149. Tmote-Sky 16Hz
.
ESR ( 20) 580ms.
flash 4Mbit Atmel AT45DB
Telos-A, 8Mbit ST M25P80 .
SPI .
M25P80 . Tmote-Sky
USB , bits reset
. USB
bits
. 45DB ST M25P80
, 64kb (sectors) (pages) 256byte
45DB. , 10-pin Telos-A
Tmote-Sky. . 6-pin
IDC 10-pin ADC,
Timer pin /. 2-pin IDC
USB .
JTAG. : ()
SMA , , , ()
(USER) reset , ()

52

reset
USB, () (jumper) R14/15/16.
Telos-B, Tmote-Sky 8-pin JTAG
, USB
.

PC. RF FCC IC
RoHS .
Tmote Sky Telos B.
mote ( ) :

28 Tmote-sky ( )

53

29 mote-sky ( )

mote Sky ( ) :

30 Tmote-sky

54

31 mote-sky

Tmote-Sky .
.
2.1 3.6 Volts DC,
2.7V . Tmote Sky
USB , .
mote USB 3V. Tmote
USB, .

Tmote-sky USB FTDI

. Mote,
(drivers) FTDI . FTDI
: Windows, Linux, BSD, Macintosh Windows CE.
motes .

mote-sky Chipcon CC2420

. CC2420 IEEE 802.15.4

55

(PHY)
(MAC). 802.15.4
.
,
802.15.4. 2.4GHz 250kbps.
CC2420 .
CC2420 MSP430 SPI
/ .
.
CC2420 .

Sensirion AG. SHT11 SHT15
Tmote-Sky U3. SHT11/15
.
EEPROM . SHT11 SHT15
.
CMOS 14-bit /D .

.
Tmote-Sky
. moteiv
Hamamatsu Corp. S1087
S1087-01
.

2.1
2.7
-40

: MCU on, Radio RX
: MCU on, Radio TX
: MCU on, Radio off
: MCU idle, Radio off
: MCU standby

3.6
3.6
85
21.8
23
19.5
21
1800 2400
54.5 1200
5.1
21

V
V

C
mA
mA

ADC, DAC, Supply Voltage Supervisor DMA Controller

50 125
.

Hardware link-layer encryption and authentication
TinyOS : mesh

56

5.2.2. MSP430
Texas Instruments MSP430 16-bit RISC
[34]. .
, ,
.
. JTAG (Joint Test Action Group) .
MSP430x1xx :

16-bit RISC CPU
Flash
, data logging .

32 MSP430

5.2.3. CC2420
CC2420 2.4GHz,
802.15.4,
[35]. CC2420
DSSS (digital sequence spread spectrum) 9dB
250kbps. ,
, ,
(LQI, RSSI).
(MSP430)
CC2420 .
FIFO / CC2430 SPI.
CC2420 SmartRF-03 Chipcon CMOS 0.18m.

57

33 34
:

33 CC2420

34 CC2420

CC2420 RSSI (Received Signal Strength Indicator)

8-bit
(RSSI.RSSI_VAL).
:

35 RSSI CC2420

58

5.3 Software
5.3.1. NesC
nesC (network embedded systems C) ,
(components),
TinyOS [36], [37]. C.
nesC :
C
. C
,
C . ,
C. C
:
. nesC
components.
:
components, (
wired) . components
, (
) . components
(concurrency) (task).
component .
(hardware
interrupts).
component :
component.


component .
:
(command)
(events).
components.
TinyOS (.. Send
packet) (non-blocking),
(event, .. send done).
, .. components
,
. (events)
.
components .

.
nesC wholeprogram (compilers).
data race .

59

nesC
(run-to-completion)
(interrupt handlers) .

nesC:

36 nesC

,
components. , ,
components, (modules)
(configurations). H :

5.3.2. TinyOS
TinyOS (tiny microthreading operating system) [38]
.
C , ,
.
nesC. TinyOS ,
.
(wiring) components
.

, (stack)
. .
,
, TinyOS
.

, TinyOS

60

. ,
(run-to-completion)
.
, ,

.
TinyOS Components

TinyOS [40] components

,
. components
,
. , component
.
, component
events. , component
,
(events) .
component ,
.
component (configuration). component
component . component,
,
. , TinyOS

components .
,
, .
components :

37 TinyOS

TinyOS (scheduler)
(modules).

61

. , :
(main), .
.
,
. :

Main (
)
(components )

(hardware)

TinyOS (scheduler)

TinyOS
components components
.
components.
:
FIFO (
8 ) .

38
(schedulers)

TinyOS

TinyOS [42]:

62

39 TinyOS

:
bit (RFM - RF module ):
( ) ,
bit
, RFM
.
byte (Radio byte) :
bit ( Manchester) byte,
,
,

.
(Radio packet) : 16-bit crc
.
(Messaging) : ,
(, )
(broadcast) (UART).
, AM dispatcher -
(packet handlers)
(Application) :
,
.
TinyOS Component Blink

TinyOS [39]. (configuration) component
(TinyOS Timer). timer components.
components. components TimerC
, StdControl Timer.

63

Configuration TimerC {
Provides {
Interface StdControl;
Interface Timer [uint8_t id];
}
}
Implementation {
Components TimerM, HWClock;
StdControl = TimerM.StdControl;
Timer = TimerM .Timer;
TimerM.Clk-> HWClock.Clock;
}
40 TinyOS Component

TinyOS BlinkM
LED . component
, LED.
component.
/**
* Implementation for Blink application.
* Timer fires.
**/
module BlinkM {
provides {
interface StdControl;
}
uses {
interface Timer;
interface Leds;
}
}
implementation {

Toggle the red LED when a

/**
* Initialize the component.
* @return Always returns SUCCESS
**/
command result_t StdControl.init() {
call Leds.init();
return SUCCESS;
}
/**
* Start things up. This just sets the rate for the clock
component.
* @return Always returns SUCCESS
**/
command result_t StdControl.start() {
// Start a repeating timer that fires every 1000ms
return call Timer.start(TIMER_REPEAT, 1000);
}
/**
* Halt execution of the application.

64

* This just disables the clock component.

* @return Always returns SUCCESS
**/
command result_t StdControl.stop() {
return call Timer.stop();
}
/**
* Toggle the red LED in response to the Timer.fired event.
*
* @return Always returns SUCCESS
**/
event result_t Timer.fired()
{
call Leds.redToggle();
return SUCCESS;
}
}
(active message)

, active message [41],

.

. ,

.
.
(buffers)
/.
,
.
,
. ,


. ,

busy-waiting

.
Message_T

buffer message_t
TinyOS 2.x [39]. TinyOS 1.x buffer TOS_Msg,
(active message ) - (metadata) bit
, . TOS_Msg
AM ( 29bytes).

65

TinyOS 1.x :
component buffer,
buffer
. TOS_Msg
standard 802.15.4
(header). TOS_Msg TinyOS 1.x
CC2420 :
typedef struct TOS_Msg {
//
uint8_t length;
uint8_t fcfhi;
uint8_t fcflo;
uint8_t dsn;
uint16_t destpan;
uint16_t addr;
uint8_t type;
uint8_t group;
int8_t data[TOSH_DATA_LENGTH];
//
//
//
//
//

.
.
TOS_Msg
.

uint8_t strength;
uint8_t lqi;
bool crc;
uint8_t ack;
uint16_t time;
} TOS_Msg;

TinyOS 1.x TinyOS 2.x standard message_t.

:

typedef nx_struct message_t {

nx_uint8_t header[sizeof(message_header_t)];
nx_uint8_t data[TOSH_DATA_LENGTH];
nx_uint8_t footer[sizeof(message_footer_t)];
nx_uint8_t metadata[sizeof(message_metadata_t)];
} message_t;

message_t CC2420 :
11 bytes
TOSH_DATA_LENGTH
7 bytes
+-----------+-----------------------------+-------+
message_t | header
|
data
| meta |
+-----------+-----------------------------+-------+
CC2420

+-----------+------------+
| header
|
data
|
+-----------+------------+

+-------+
| meta |
+-------+

66

offset ,
.
offset ,
(memmove(3)).
TinyOS 1.x TOS_Msg , message_t
buffer . , TinyOS
2.x ,
message_t .

5.4

.
(Tmote Sky), ( MSP 430) (CC2420 radio).

nesC TinyOS.

67

6
6.1

. CC2420
Stack, , CSMA
IEEE802.15.4
802.15.4. (HW security)
CC2420
CTR. ,
(HW security) 802.15.4
CC2420. ,
(open source) (SW) AES
RC6.

6.2 CC2420 Stack

6.2.1. CC2420 Stack
CC2420 Stack
TinyOS,
[39].
,
.
:
// SplitControl Layers
SplitControl = LplC;
LplC.SubControl -> CsmaC;
// Send Layers
AM.SubSend -> UniqueSendC;
UniqueSendC.SubSend -> LinkC;
LinkC.SubSend -> LplC.Send;
LplC.SubSend -> TinyosNetworkC.Send;
TinyosNetworkC.SubSend -> CsmaC;
// Receive Layers
AM.SubReceive -> LplC;
LplC.SubReceive -> UniqueReceiveC.Receive;
UniqueReceiveC.SubReceive -> TinyosNetworkC.Receive;
TinyosNetworkC.SubReceive -> CsmaC

:
ActiveMessageP: stack

.
IEEE 802.15.4.

68

UniqueSend: (data sequence

number DSN) .
- .
.
DSN 802.15.4.
PacketLink:
(acknowledgment).


.
CC2420AckLplP / CC2420NoAckLplP:
(low power listening LPL).
UniqueReceive:
DSN
.
TinyosNetworkC: TinyOS 2.x
TinyOS. 6LowPAN
TinyOS
.
CsmaC: FCF byte
. backoff
/
.
TransmitP / ReceiveP:
SPI,
GPIO.
6.2.2. CC2420

ActiveMessageP UniqueSend :
typedef nx_struct cc2420_header_t {
nxle_uint8_t length;
nxle_uint16_t fcf;
nxle_uint8_t dsn;
nxle_uint16_t destpan;
nxle_uint16_t dest;
nxle_uint16_t src;
nxle_uint8_t network; // 6LowPAN
nxle_uint8_t type;
} cc2420_header_t;

network IEEE 802.15.4

network
TinyOS . (type) TinyOS.
TinyOS , T-Frame I-Frame.
network.
(footer) . byte CRC
CC2420. 128 bytes (
header footer), IEEE 802.15.4.

69

. , (throughput)
RAM
.

6.2.3. CC2420 Stack

IEEE 802.15.4, ,
, CCA (clear channel assessment).
, ,
.
CSMA. backoff
: , .

6.2.4. CSMA CC2420 Radio Stack

MAC . CSMA-CA
. ().
TXFIFO CC2420. ,
TXFIFO .
backoff (myInitialBackoff). ,
( TXFIFO ) ,
.
CCA ( STXONCCA). (congestion = true)
reset backoff timer backoff
(myCongestionBackoff). ,
(interrupt) SFD .

6.3 CSMA:
CC2420 Radio Stack (TinyOS)
IEEE 802.15.4.
:
1. backoff
[0 : 2BE-1] backoff, BE (backoff exponent)

.
unslotted , , BE
macMinBE. 3.
TinyOS stack :
rand16() % (0x1F * CC2420_BACKOFF_PERIOD) + CC2420_MIN_BACKOFF
CC2420_BACKOFF_PERIOD = 20/CC2420_TIME_SYMBOL = 10
CC2420_MIN_BACKOFF = 20/CC2420_TIME_SYMBOL = 10
2. backoff (
CCA)
. CC2420 Stack
, .
802.15.4, ,

70

BE min( BE+1, amaxBE ), amaxBE 3

8 5.
3. .
CC2420 Stack
.
, FIFO
. IEEE 802.15.4
, (number of backoffs) .
(maxMacCSMABackoffs),
CSMA-CA backoff
.

(Channel Access Failure).

.
1.
requestInitialBackoff CC2420CsmaP.nc
(modulo) rand16().
myBE macMinBE = 3 ( default
802.15.4) :
rand16() % (((1<<myBE)-1) * CC2420_BACKOFF_PERIOD);
IEEE 802.15.4 CSMA-CA
( macMinBE) collision
avoidance .
2. myBE.
congestion =
TRUE, requestCongestionBackoff. :
if (myBE++ >= CC2420_MAX_BACKOFF_EXPONENT)
myBE = CC2420_MAX_BACKOFF_EXPONENT;
min ( BE+1, maxBE )
backoff .
3. , , (myNB)
. ,
,
, :
if (myNB <= CC2420_MAX_NUMBER_OF_BACKOFF){
myNB ++;

else {
call CC2420Transmit.cancel();
return;
}
(
802.15.4 5 )

(2).
5 , .

71

6.4 CC2420
CC2420 IEEE 802.15.4 [35].
(-) ( counter mode encryption /
decryption CTR ), CBC-MAC (authentication) CCM.
AES (advance encryption standard)
128 bit.

6.4.1.
128bit . RAM
CC2420 KEY0 1.
bit SECCTRL0. #0
0x100 #1 0x130 RAM.

(.. ).

6.4.2. (Nonce / Counter)

nonces (-)
0x110 0x140 16 bytes.
.
. , IEEE 802.15.4, :
Block Counter = 1
Key Sequence Counter = MAC
Frame Counter =
Source Address = 64 bit IEEE Address.

41 CC2420 Nonce

(flags) byte (MSB) nonce.

:

42 CC2420 nonce

CC2420 ,
(stand-alone) (in-line). ,

72

(0x120 RAM).
.
, , TXFIFO
RXFIFO .
(PHY header). ,
, nonce (SECCTRL0, SECCTRL1).
CC2420 :
-
- CBC-MAC (authentication)
- CTR
- CCM.
, (STXENC / STXON STXONCCA),
, .
SRXDEC /
.
.

.

6.4.3. CTR encryption

(-) (CTR) :
1. bytes byte

SECCTRL1.SEC_TXL
(SECCTRL1.RXL

). (plaintext) bytes
. IEEE 802.15.4
3+(0 20)
MAC header.
2. .
TXFIFO . ,
.
, SRDEC,
RXFIFO
IEEE 802.15.4.
,
CC2420 :

43 CC2420

73

6.4.4. SECCTRL0
SECCTRL0 :

44 SECCTRL0

6.4.5. SECCTRL1
SECCTRL1 :

74

45 SECCTRL1

6.5 :

802.15.4
CC2420 (hardware security). ,
, SW
, AES [69] RC6 [70], TinyOS / TelosB
.

6.5.1.

, ,
, .
: () , () HW security (CTR, CCM, CBCMAC) () SW security AES RC6.
myKey[16]
. ,
(radio initialization)
(HW_SECURITY_MODE / SW Security)
header .
, MAC.

(run-time) .

6.5.2. MAC

(MAC),
802.15.4. MAC

75

_setMacParams().
(acknowledgments),
. ,
, (0 1
CC2420), bytes byte
( skip CC2420) CCM CBC_MAC
byte (MIC Length).

.
_setupFrame().
, security header
(secLevel), (keyMode),
skip (reserved), nonce
(frameCounter) (keyID).
, MAC,
CC2420 (SECCTRL0 SECCTRL1)
.

(PHY), .
. ,
, .
, security header, ,
. SECCTRL0 SECCTRL1
CC2420.
nonce (TXNONCE). CC2420 BUSY
(STXENC).

TXFIFO .
, .

RXFIFO , security header
. security header keyID
(secLevel).
. , .
, ,
security header
. SECTRL0
SECCTRL1 CC2420. RXNONCE.
SRXENC CC2420 .
, RXFIFO
.
.

76

6.6
TinyOS stack
. CSMA-CA TinyOS
IEEE 802.15.4
.

CC2420 radio
802.15.4.

77

7
7.1
-
(pair-wise) peer-to-peer -
[57],[63].
.

.
.
: () -
() public-key
(ECC)
AES RC6 .

7.2
7.2.1. (pair-wise)
1. All pair wise (single master key) [57]:
.
.
2. All pair wise (distinct pair wise keys) [57]:

. , -1
.
3. Random pair wise key [59]: p . p .
p
p.
. ,
ID .
.
4. Closest pair wise keys pre-distribution [61]:
.
(grid).
.
C .
. ,i
i ,i = PRF(KBi|IDA).
.
(PRF = pseudo random function)
78

5. ID based one-way function (IOS) [57]: r regular

G / .
- .
(leaf) r/2.
6. Multiple IOS *57+: IOS.
hash HASH(KB|IDAi).
7. Lightweight key management system [64]:
master .
. (bk1)
(bk2).
bk1. (nonce) RNA / RNB
,=PRF(bk2|RNA|RNB).
.

7.2.2. -
1. Basic probabilistic [58]: Eschenauer and Gligor
- .
k KP (pool)

.
pool k. k IDs
.
2. Q-composite random key pre-distribution [59]:
q-composite -. q-composite (pool)
Q
KA,B=HASH(K1||K2||K3||||KQ).

.
3. Cluster key grouping [65]: C
(clusters) ID . IDs
-.

k c IDs.
4. Pair wise key establishment protocol [66]: ID
PRF. IDs
PRF(IDA).
ID .
, PRF(ID)
CPU.
5. Key pre-distribution by using deployment knowledge [67]:
. t*n
Gi,j (Xi,Yi) ,
t*n i,j I,j.

79

.
.
6. Key matrix based dynamic key generation [68]:
(public key). ,
G D
*. (D*G).
G.
, G

.

.
7. Polynomial based key pre-distribution [60]:
.
, t :
t

aij x i y j

f ( x, y )
i, j 0

Fq q
.
aij aij=aji
f(x,y) = f(y,x). - ID.
ni nj ( ni nj ID ).
ID
.
f(ni,nj). .
t , t
. ,
t .

*61].
8. Link Layer Key (LLK) establishment [62]:
,

.

7.3
7.3.1. -

*58+.
,
-.

, .

80

, (key ring)
,
. ,
.
.
.

, 2 , .
-

(3) :
1. (.. 1000 ) ID
.
2.
(key ring).
3. .
rand()%
- 0 -1
bits
-.
(int) ((double) rand() / ((double) RAND_MAX + 1) * N) .

-
128-bit
.
.
(pool)
. (key ring)
. , ,
.

.
- . index
. ,
, ,
, .
key ring .


.

.
, .

81

*58+ , 48.


100 .
=1000 75 100%
1 .

46 Pool Key Ring (k = Key Ring, P = Pool)

( 47)
,
(pool) (key ring).
pool 1.000 90 (key ring)
100% 3 .
2.000 140 .
100Bytes ,
.
, IDs
. 1000 , 10-bit
(counter). ID 10-bit. 100Bytes 80
. 80
.

.

82

47 ,

Bits used for

numbering

Number of Keys in
the pool

Number of keys in a Frame

(Key Ring)

MAX probability
for at least one
shared key

10

1024

80

100%

11

2048

72

92%

12

4096

66

65%

13

8192

61

36%

83

.
, IDs
, .
. , ,

,
.

.
. ,
, .

.

() .
.
. ,
.

. ,
IDs
. IDs,
.
, (
).
.
,

.

,
.
- . .
,
.

7.3.2. public ECC

,
,

.

84

public
:
,
public (
public- private). public
. ,
public
. public
- ,
, .
:
1. public


.
2. (private)
. private

.

.
3. ,
,
(certification).

*71+ ECC RSA 8-bit

. ECC ,
GF(p). ,
(projective coordinates), (non-adjacent
forms) . ,
,
ECC .
.
160-bit ECC

RSA-1024.
*72+ ,
ECC .
/ ,
1/ .
.
GF(p) GF(2m).

85

*73+ ECC
(Optimal Extension Fields OEFs [74]) GF(pm) p 2nc.
ECC 134bit.

2 .
*75+
ECC.

Jacobian
. ,
-
. ,
.
tinyECC *76+
public ECC
.
(digital signature ECDSA), (ECDH)
public (ECIES). tinyECC
.
TinyOS.
nesC in-line Assembly.
SECG 128-bit, 160-bit, 192-bit ECC.
*77+ 160-bit ECC ECDSA
GF(p) CISC (MC16).
150msec (signature generation)
630msec .
EccM *78+ ECC
GF(2p). public 34sec.
*79+ ECC GF(p)
TelosB Berkeley.
3.3sec public 6.7sec
H/W .
- Elliptic curve cryptography (ECC)

(ECC)
(public key)
.

. , RSA,
:

.
, .
,
(discrete logarithm) . P Q,
a a*P=Q.

86

.
RSA .
.

y2 = x3 + ax + b (1).
(1)
Abelian [82] .
x y ,
Abelian. ,
.
ECC
.
ECC

: ) (Fp, p>3
) ) (F2m).
Fq , q = p q = 2m.
( 0 x < p )
modulus. .
(x,y) x,y Fq
Fq * Fp.
.
(p > 3) :
, a, b Fp 4*a3 + 27*b2 0
Domain parameters

ECC
, domain parameters.
p m f .
a b . ,
G. G,
- n nG = O .
p, a, b, G, n, h.

. domain
parameter ECC :
NIST, Recommended Elliptic Curves for Government Use [83]
SECG, SEC 2: Recommended Elliptic Curve Domain Parameters [84]

ECDLP
,
.
, 128-bit Fq q 2256.

87

Elliptic Curve Diffie-Hellman (ECDH)

Elliptic Curve Diffie-Hellman (ECDH)

, (
) (elliptic curve),
.
,

.
Diffie-Hellman [85] (elliptic
curve cryptography ECC).

48 ECDH

.
(domain parameters: p, a, b, G, n, h )
.
ECC,
d Q Q = d*G. (dA,
QA) (dB, QB) .
.
(xk , yk) = dA*QB.
k = dB * QA. xk ( x ).
d*Q = dA*dB*G =
dB*dA*G = dB*QA.

(public)
(private) Elliptic Curve Discrete
Logarithm Problem [86].

88

open-source tinyECC [76].

(ECC)

RC6 AES
.
, public private ,
(Certification Authority - CA)
. ,
( ) CA, .
: ,
CA public
private CA.
ECC
.
(public, private, publicCA)
. , (
CA) WAIT FOR NETWORK PUBLICATION

.
, (sign)
CA private key. ,
(verify)
SEND SHARED KEY RESPONSE
public .
public
(verify) SHARED
public
. , , ,
, (verify)
CA SHARED key
()
. ,
hop, hop-by-hop .
49.

89

49 ECC

7.4
state of the art
.
. ,

ECC (elliptic curve cryptography)
.

90

8 -
8.1



.

8.2

data sheets

(msp430) radio transceiver (cc2420), ,
(configuration)
.

8.2.1.

DATA
TRANSLATION (DT 9816) [43] ,
*81+.
+10V

Q3
BS250/PLP

Q2
BS250/PLP

C1 12n
R1
2k
Q1
Q2N3904

SW1
DT9816 Connector

R2
5k1

1
2

Mote Connector
U1

1
2

CON2

TL431/TI

Rout1
51k

CON1

Rout2
5k1

Rout3
100

R3
10k

50

DT 9816 :

(A/D) track-and-hold.

50kHz .
16bits +/-10 +/-5
91

(8) , (8) 16-bit /

, , ,
, /, .
standard USB.
DT9816
. mote (Tmote Sky)
CON1 DT9816 CON2.
10V DC .
P-MOSFET
BS250 Q2 Q3 BJT 2N3904 Q1.
mote, Q2 Q3
Rout (1, 2 3). Q1
mote 3 3.2V.
Q1.
TL431 (U1)
3.8V Q1. , Q1 0.6 0.8V
mote 3 3.2V.

quickDAQ *44+. .NET
,
,
150KHz .
:

150kHz .

92

51

8.2.2.
data-sheets TelosB,
CPU ( sleep-mode
2,8mA active mode) CC2420 radio chip (19,7mA RX,
8,5-17,4mA TX). , *81+,
leds ( 10mA). ,

,
, 8.3,
.
*81+
CC2420 chip .
, CC2420
,
CC2420 ,
.

cc2420,
, (4msec ON 4msec
OFF).

93

52 Tmote Sky / CC2420

CPU () cc2420 4msec,
leds, Radio OFF
Radio ON, :

94

53 / CC2420 leds

,
14 104 bytes ,
-10dBm,
cc2420 .

,
(CPU cc2420),
(-10dBm). ,
cc2420 SPI bus
.
backoff , . ,
MAC, backo-off CCA
.

95

54 14 Bytes

55 104 Bytes

96

,
HW (. 56 & 58) SW (. 57 & 59)
AES-128 , , 14 104 bytes.

56 HW AES 14Bytes

57 SW AES 14Bytes

97

58 HW AES 104Bytes

59 SW AES 104Bytes

98

, ,
:
a)

b)

HW
, ,

SPI bus RX FIFO buffer CC2420.

,
:
o

()
,
.

/
cc2420 .

,
. HW
AES, ,
.

SW HW AES 104,
HW .

14, SW .
HW
( 16 bytes),
SW AES ,
cc2420.
, HW
.

8.3

/ . ,

99

8.3.1.

timer mote (32Khz).
(startTime, stopTime)
.
. msp430 4MHz.
static UINT32 startTime, stopTime;
startTime = getTicks();
//Function for mesurment
stopTime = getTicks();
DBG(U_DBG_USR1,"Time difference = %lu ticks (= %lu
msecs)\n", stopTime-startTime, (stopTime-startTime)>>5);

SW HW .
HW ,
. , SW . SW
, AES .
Packet Size
SW Encryption (AES)
SW Encryption (RC6)
SW Decryption (AES)
SW Decryption (RC6)
HW Encryption (AES)
HW Decryption (AES)
SW SetKey (AES)
SW SetKey (RC6)
HW SetKey (AES)

14 bytes
104 bytes
44 ticks (= 1,38 msecs)
263 ticks (= 8,22 msecs)
216 ticks (= 6,75 msecs)
1469 ticks (= 45,9 msecs)
44 ticks (= 1,38 msecs)
268 ticks (= 8,38 msecs)
216 ticks (= 6,75 msecs)
1471 ticks (= 45,97 msecs)
45 ticks (= 1,4 msecs)
45 ticks (= 1,4 msec)
111 ticks (= 3,46 msecs)
111 ticks (= 3,46 msecs)
72 ticks (= 2,25 msecs)
1541 ticks (= 48,16 msecs)
41 ticks (= 1,28 msecs)

AES
RC6 . 16
bytes. block
AES RC6. , RC6
AES.

100

60 AES/RC6

,
SHARED
public-key ECC.

Base / CA

Simple sensor node

90401 ticks ( 2825.03 msecs )

87785 ticks ( 2743.28 msecs )

44 ticks ( 1.37 msecs )

43 ticks ( 1.34 msecs )

eccSing

283762 ticks ( 8867.56 msecs )

280119 ticks ( 8753.71 msecs )

eccVerify

329841 ticks ( 10307.53 msecs )

331353 ticks ( 10354.78 msecs )

eccEncrypt

413550 ticks ( 12923.43 msecs )

eccDecrypt

253980 ticks ( 7936.87 msecs)

eccInit
eccSetCredentials

.
( CPU) CC2420
.

8.4


.

101

HW
. , ,
SW .
ECC.

102

9

802.15.4 ,
.
, TinyOS 2.1 MAC
backoff 802.15.4.
TinyOS stack
.
,
(HW security) CC2420,
AES-128.
,
AES RC6
.
.
MAC - .
, security header
CC2420 (SECCTRL0 SECCTRL1)
, TXNONCE.
STXENC CC2420.
.
security header ,
CC2420
SRXDEC .
,
SW HW . ,
*58+, - .
pool
.
pool
.
46 47.
(ECC).
public key ,
.
.
(hop by hop).
,
.
- CC2420 radio chip. 52
Tmote Sky
CC2420.

103

CC2420.
CC2420
HW
SW .

.
CC2420 .
, SW
. ,
HW. 104 Bytes, HW
.

/
.
SW HW .

, .
HW
. HW

SPI bus RX FIFO buffer CC2420.
SW (AES RC6)
.

104

10 -
[1]
[2]
[3]
[4]
[5]

LEWIS, F. L. (2004). Wireless Sensor Networks.

Harvard Sensor Networks Lab: http://fiji.eecs.harvard.edu/CodeBlue
Akos Ledeczi: Sensor Network-Based Countersniper System. SenSys 2004
Kirk Martinez, Jane K. Hart, Royan Ong, Environmental Sensor Networks
Robert Szewczyk, Joe Polastre, Alan Mainwaring, John Anderson, David Culler. Habitat
monitoring on Great Duck Island, ACM SenSys04
[6] David Culler. Toward the Sensor Network Macroscope. Redwood Forest experiment :
http://www.cs.berkeley.edu/~culler/talks/mobihoc.ppt
[7] Design and Deployment of Industrial Sensor Networks: Experiences from a Semiconductor
Plant and the North Sea, Lakshman Krishnamurthy, Robert Adler, Phil Buonadonna,
Jasmeet Chhabra, Mick Flanigan, Nandakishore Kushalnagar, Lama Nachman, Mark
Yarvis
[8] Forest Fire Modeling and Early Detection using Wireless Sensor Networks, Mohamed
Hefeeda, Simon Fraser University, Canada
[9] Sensor node. From Wikipedia, the free encyclopedia :
http://en.wikipedia.org/wiki/Sensor_node
[10] SNM - The Sensor Network Museum : http://www.snm.ethz.ch/Main/HomePage
[11] UC Berkeley Spec Mote : http://www.jlhlabs.com/jhill_cs/spec/
[12] BTnodes - A Distributed Environment for Prototyping Ad Hoc Networks :
http://www.btnode.ethz.ch/
[13] Crossbow website : http://www.xbow.com/index.aspx
[14] Sensor-Network Applications, Johannes Gehrke Cornell University, Ling Liu
Georgia Institute of Technology, 2006
[15] Study and Transplant of Operating System for Wireless Sensor Network Node, Yao
ming-hai, Zhu xiao-xiao, 2007 IEEE
[16] TinyOS : Ambient Intelligence (WS 06/07),Leopold-Franzens-University of Innsbruck
Institute for Informatics
[17] The Contiki OS : http://www.sics.se/contiki/
[18] RETOS: Resilient, Expandable, and Threaded Operating System for Wireless Sensor
Networks, Hojung Cha, Sukwon Choi, Inuk Jung, Hyoseung Kim, Hyojeong Shin, Jaehyun
Yoo, Chanmin Yoon
[19] Protothreads: Simplifying Event-Driven Programming of Memory-Constrained
Embedded Systems, Adam Dunkels, Oliver Schmidt, Thiemo Voigt, Muneeb Ali
[20] Using Protothreads for Sensor Node Programming, Adam Dunkels, Oliver Schmidt,
Thiemo Voigt
[21] An Energy-Efficient MAC Protocol for Wireless Sensor Networks, Wei Ye, John
Heidemann, Deborah Estrin
[22] Versatile Low Power Media Access for Wireless Sensor Networks, Joseph Polastre,
Jason Hill, David Culler
[23] An Adaptive Energy-Efficient MAC Protocol for Wireless Sensor Networks, Tijs van
Dam, Koen Langendoen

105

[24] X-MAC: A Short Preamble MAC Protocol For Duty-Cycled Wireless Sensor Networks,
Michael Buettner, Gary Yee, Eric Anderson, Richard Han
[25] Comparing Energy-Saving MAC Protocols for Wireless Sensor Networks, G.P. HALKES,
T. VAN DAM and K.G. LANGENDOEN
[26] On the Design of MAC protocols for Low-Latency Hard Real-Time Discrete Control
Applications Over 802.15.4 Hardware, Krishna Kant Chintalapudi, Lakshmi Venkatraman
[27] Medium Access Control for Wireless Sensor Networks, Zhi-Wen Ouyang,Shruthi B
Krishnan, Sang Soo Kim
[28] Performance Study of IEEE 802.15.4 Using Measurements and Simulations, Marina
Petrova, Janne Riihijarvi, Petri Mahonen and Saverio Labella
[29] 802.15.4 IEEE Standard for Information technology. Part 15.4: Wireless Medium
Access Control (MAC) and Physical Layer (PHY). Specifications for Low-Rate Wireless
Personal Area Networks (LR-WPANs) 2003
[30] 802.15.4 IEEE Standard for Information technology. Part 15.4: Wireless Medium
Access Control (MAC) and Physical Layer (PHY). Specifications for Low-Rate Wireless
Personal Area Networks (LR-WPANs) 2006
[31] Security in wireless networks, Mayank Saraogi
[32] Using Encryption for Authentication in Large Networks of Computers, Roger M.
Needham and Michael D. Schroeder
[33] Ultra low power IEEE 802.15.4 compliant wireless sensor module, TMote Sky
Datasheet
[34] TI MSP430x1xx FAMILY Users Guide
[35] CC2420 manual, 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver
[36] nesC 1.1 Language Reference Manual, David Gay, Philip Levis, David Culler, Eric
Brewer, May 2003
[37] The nesC Language: A Holistic Approach to Networked Embedded Systems
[38] TinyOS Programming, Philip Levis June 28, 2006
[39] TinyOS TEPs : http://www.tinyos.net/tinyos-2.x/doc/
[40] TinyOS: A Case of Study for Adaptable Embedded Applications Based on Sensor
Networks, Ruben Pinilla, Nacho Navarro, Marisa Gil
[41] Active messages: a mechanism for integrated communication and computation. in
19th Annual International Symposium on Computer Architecture. 1992. von Eicken T.
[42] System Architecture Directions for Networked Sensors, Jason Hill, Robert Szewczyk,
Alec Woo, Seth Hollar, David Culler, Kristopher Pister
[43] ECONseries - Economy USB Modules Datasheet
[44] quickDAQ - High-Performance, Ready-to-Measure Application for Data Acquisition
Datasheet
[45] N. Bulusu, J. Heidemann, and D. Estrin, GPS-less Low Cost Out Door Localization for
Very Small Devices, Tech. rep. 00729, Comp. Sci. Dept., USC, Apr. 2000.
[46] A. Savvides, C.-C. Han, and M. Srivastava, Dynamic Fine-Grained Localization in AdHoc Networks of Sensors, Proc. 7th ACM MobiCom, July 2001, pp. 16679.
[47] Routing Techniques in wireless sensor networks: a survey. Jamal N. Al-KarakiI, Ahmed
E. Kamal
[48] S.S. Dhillon, K. Chakrabarty, and S.S. Iyengar, Sensor placement for grid coverage
under imprecise detections, Int. Conf. Inf. Fusion (FUSION) 2002, 2, 15811587,
Annapolis, 2002.

106

[49] S. Tilak, N.B. AbuGhazaleh, and W. Heinzelman, Infrastructure trade-offs for sensor
networks, ACM WSNA02, 4958, September 2002.
[50] A. Savvides, C.-C. Han, M. Srivastava, Dynamic fine-grained localization in ad-hoc
networks of sensors, MobiCom 2001, Rome, Italy, pp. 166 179, July 2001
[51] W. Heinzelman, A. Chandrakasan, and H. Balakrishnan, Energy-efficient
communication protocol for wireless microsensor networks, HICSS 2000, 80208029,
Maui, January 2000.
[52] S. Lindsey, C. Raghavendra, and K.M. Sivalingam, Data gathering algorithms in
sensor networks using energy metrics, IEEE Trans. Parallel Distributed Syst., 13(9), 924
935, September 2002
[53] Willig, R. Shah, J. Rabaey, and A. Wolisz, Altruists in the PicoRadio sensor network,
4th IEEE Int. Workshop Factory Commun. Syst., 175184, Sweden, August 2002
[54] Sensor Networks with Random Versus Uniform Topology: MAC and Interference
Considerations. Sooksan Panichpapiboon, Gianluigi Ferrari, and Ozan K. Tonguz
[55] Distributed Topology Control for Power Efficient Operation in Multihop Wireless Ad
Hoc Networks. Roger Wattenhofer, Li Li, Paramvir Bahl, Yi-Min Wang
[56] Monotone percolation and the topology control of Wireless Networks. Anxiao
(Andrew) Jiang, Jehoshua Bruck
[57]
S. A. Camtepe and B. Yener, Key Distribution Mechanisms for Wireless Sensor
Networks: a Survey
[58]
L. Eschenauer, and V. D. Gligor, A Key-Management Scheme for Distributed Sensor
Networks
[59]
H. Chan, A. Perrig, and D. Song, Random Key Predistribution Schemes for Sensor
Networks
[60]
C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, PerfectlySecure Key Distribution for Dynamic Conferences
[61]
D. Liu, and P. Ning, Establishing Pairwise Keys in Distributed Sensor Networks
[62]
Y. Zhou, Y. Zhang, and Y. Fang, LLK: A Link-Layer Key establishment Scheme for
Wireless sensor Networks
[63] Michael Dustin, Jagadish Shankarappa, Michael Petrowski, Hesiri Weerasinghe and
Huirong Fu, Analysis of Key Management in Wireless Sensor Networks , IEEE EIT 2007
Proceedings
[64] Bruno Dutertre, Steven Cheung, Joshua Levy ,Lightweight Key Management in
Wireless Sensor Networks , 2004
[65] David D.Hwang , Energy-Memory-Security Tradeoffs in Distributed Sensor
Networks, 2004
[66] Sencun Zhu, Shouhuai Xu, Sanjeev Setia, Sushil Jajodia, Establishing pairwise keys
for secure communication in ad hoc networks: a probabilistic approach, 2003
[67] W. Du, J. Deng, Y. Han, P. Varshney. A pairwise key pre-distribution scheme for
wireless sensor networks. In Proceedings of the 10th ACM conference on Computer and
Communications Security CCS03. 2003
[68] R. Blom. An optimal class of symmetric key generation systems. In Eurocrypt 84.
1985
[69] AES Library Implementation, FIPS-197 compliant AES implementation Based on
XySSL: Copyright (C) 2006-2008 Christophe Devine ( http://polarssl.org/ )
[70] John
Hughes
RC6
Library
Implementation,
http://cpan.cc.uoc.gr/authors/id/J/JH/JHUGHES/Crypt-RC6-1.0.tar.gz, March 2002.

107

[71] Nils Gura, Arun Patel, Arvinderpal Wander, Hans Eberle, and Sheueling Chang Shantz
Comparing elliptic curve cryptography and rsa on 8-bit cpus. In CHES, Boston, Aug. 2004.
[72] S. Chang Shantz. From Euclids gcd to Montgomery multiplication to the great
divide In Technical report, Sun Microsystems Laboratories TR-2001-95, June 2001.
[73] A. D.Woodbury, D. V. Bailey, and C. Paar. Elliptic curve cryptography on smart cards
without coprocessors In The Fourth Smart Card Research and Advanced Applications
(CARDIS2000) Con-ference, Bristol, UK, Sept. 2000
[74] D. V. Bailey and C. Paar. Optimal extension fields for fast arithmetic in public-key
algorithms In Advances in Cryptography CRYPTO98, pages 472485, 1998.
[75] H. Cohen, A. Miyaji, and T. Ono. Efficient elliptic curve exponentiation using mixed
coordinates. In ASIACRYPT: Advances in Cryptology, 1998.
[76] An Liu, Peng Ning, "TinyECC: A Configurable Library for Elliptic Curve Cryptography in
Wireless Sensor Networks", Technical Report TR-2007-36, North Carolina State
University, Department of Computer Science, November 2007
[77] T. Hasegawa, J. Nakajima, and M. Matsui. A practical implementation of elliptic
curve cryptosystems over GF(p) on a 16-bit microcomputer. In Public Key Cryptography
PKC 98, pages 182194, 1998
[78] David J. Malan, Matt Welsh, and Michael D. Smith. A public-key infrastructure for
key distribution in TinyOS based on elliptic curve cryptography. First IEEE International
Conference on Sensor and Ad Hoc Communications and Networks, October 200
[79] Haodong Wang, Bo Sheng, and Qun Li TelosB Implementation of Elliptic Curve
Cryptography over Primary Field WM-CS Technical Report (WM-CS-2005-12)
[80] Elliptic Curve Cryptography : Wikipedia link
[81] Ch. Antonopoulos, T. Stoyanova, A. Prayati, C. Koulamas and G. Papadopoulos,
Experimental Evaluation of a WSN Platform Power Consumption, to appear in the 8th
International Workshop on Performance Modeling, Evaluation, and Optimization of
Ubiquitous Computing and Networked Systems (PMEO-UCNS'2009), Rome, May 2009.
[82] Abelian : http://en.wikipedia.org/wiki/Abelian_group
[83] NIST,
Recommended
Elliptic
Curves
for
Government
Use
(http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf)
[84] SECG,
SEC
2:
Recommended
Elliptic
Curve
Domain
Parameters
(http://www.secg.org/download/aid-386/sec2_final.pdf)
[85] Diffie-Hellman protocol : http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
[86] Discrete Logarithm link : http://en.wikipedia.org/wiki/Discrete_logarithm

108