TinySec: A Link Layer Security Architecture forWireless Sensor NetworksChris [email protected] BerkeleyNaveen [email protected] BerkeleyDavid [email protected] BerkeleyABSTRACTWe introduce TinySec, the first fully-implemented link layersecurity architecture for wireless sensor networks. In ourdesign, we leverage recent lessons learned from design vul-nerabilities in security protocols for other wireless networkssuch as 802.11b and GSM. Conventional security protocolstend to be conservative in their security guarantees, typi-cally adding 16–32 bytes of overhead. With small memories,weak processors, limited energy, and 30 byte packets, sensornetworks cannot afford this luxury. TinySec addresses theseextreme resource constraints with careful design; we explorethe tradeoffs among different cryptographic primitives anduse the inherent sensor network limitations to our advan-tage when choosing parameters to find a sweet spot for secu-rity, packet overhead, and resource requirements. TinySec isportable to a variety of hardware and radio platforms. Ourexperimental results on a 36 node distributed sensor net-work application clearly demonstrate that software basedlink layer protocols are feasible and efficient, adding lessthan 10% energy, latency, and bandwidth overhead.Categories and Subject DescriptorsD.4.6 [Operating Systems]: Security and Protection Cryp-tographic controlsGeneral TermsSecurity, DesignKeywordsSensor Network Security, Link Layer Security1. INTRODUCTION & MOTIVATIONThere is considerable excitement about new applicationsenabled by sensor networks, and we are on the cusp of abroader deployment of these technologies. However, onePermission to make digital or hard copies of all or part of this work forpersonal or classroom use is granted without fee provided that copies arenot made or distributed for profit or commercial advantage and that copiesbear this notice and the full citation on the first page. To copy otherwise, torepublish, to post on servers or to redistribute to lists, requires prior specificpermission and/or a fee.SenSys’04, November 3–5, 2004, Baltimore, Maryland, USA.Copyright 2004 ACM 1-58113-879-2/04/0011 ...$5.00.challenge that faces us is the question of how to secure sen-sor networks: without adequate security, widespread deploy-ment could be curtailed.We have taken up this challenge and introduce TinySec,a lightweight, generic security package that developers caneasily integrate into sensor network applications. We fore-see TinySec will cover the basic security needs of all butthe most security critical applications. As a part of this,we were motivated by an observation about 802.11 wirelessnetworks: several studies report that 50-80% of all 802.11wireless networks operate in the clear, without any crypto-graphic protection whatsoever [24, 36, 37, 45]. To achievehigh deployment rates in sensor networks, we believe that asecurity system must be easy to use and minimally impactperformance. Failure to meet either requirement creates ajustifiable reason for developers to leave out security.We base the design of TinySec on existing security primi-tives that other researchers have proven to be secure. Usingthese primitives, we design a lightweight and efficient link-layer security protocol that is tailored to sensor networks.We describe a complete solution, defining packet formatsand application interfaces, and provide a detailed perfor-mance characterization. Previous work, such as SNEP [33],analyzed aspects of the design space. Many of their designchoices are sound, but further experience with sensor net-works lead us to reevaluate their work as researchers gainmore understanding of the limitations and capabilities of thedevices. Correspondingly, we note that much of the value ofa link-layer security system comes from the higher level al-gorithms with which it is paired. We designed TinySec withthis in mind and built TinySec as a research platform foruse in testing and evaluating higher level security packages.One of the major barriers to deploying security on sensornetworks is that current sensor devices have limited compu-tation and communication capabilities. Since cryptographyis not free, these performance constraints pose a non-trivialchallenge for any system that would incorporate cryptogra-phy into sensor networks. We expect that people will useMoore’s law to drive down the cost of these devices andnot to increase their performance capabilities. But with acareful analysis, we can use the inherent limitations to ouradvantage. For example, the bandwidth of the wireless chan-nel used in sensor networks is significantly less than that ofconventional networks. This implies that even a powerfuladversary is limited in how many packets per second shecan inject or eavesdrop on. Designing protocols that rely onproperties such as these is one strategy we take in reducingoverhead. Our design choices are driven by sensor networkcapabilities and realities; this ultimately separates TinySecfrom other low overhead security protocols.Before this work, an interesting open problem was whethersoftware cryptography could achieve acceptable performanceon typical sensor platforms, or whether hardware assistancewould be needed. Many previous systems (e.g., GSM, Blue-tooth, 802.15.4) took the stance that hardware is needed. Incontrast, we show that, with sufficient engineering effort, itis possible to encrypt and authenticate all communicationsentirely in software, without special hardware, and withoutmajor performance degradation.The main contributions of this paper are:• We introduce TinySec, the first fully-implemented pro-tocol for link-layer cryptography in sensor networks.We have incorporated our implementation of TinySecinto the official TinyOS release.• We explore some of the tradeoffs between performance,transparency, and cryptographic security, and we pro-pose a design that meets the needs of applications inthe sensor network space.• We measure the bandwidth, latency, and energy costsof our implementation of TinySec and show that theyare minimal for sensor network applications. This demon-strates for the first time that it is feasible to imple-ment acceptable cryptographic protection for sensornetworks entirely in software.• TinySec is a research platform that is easily extensibleand has been incorporated into higher level protocols.We have evidence of several sensor network securityprojects using TinySec in their