Cumulated Checksum and Dynamic Addresses for Secure Wireless Sensor Networks

Due to the broadcast nature of wireless channel, attacks against wireless sensor networks are much easier to carry out as compared to wired networks. Passive attacks such as eavesdropping and traffic analysis cannot be eliminated even if cryptographic technologies are used. Conventional frames are usually designed to include checksum, which facilitates to adversaries capturing correct frames for further attacks. In most wireless sensor networks, source address and destination address at data link layer are unprotected, which makes traffic analysis quite easy. In this paper, we argue that the long-hold design principles of data link layer protocols are unreasonable from the perspective of wireless security. A secure ARQ scheme for wireless sensor networks named Sec-ARQ is proposed. Without the help of preshared keys or complex authentication infrastructure, Sec-ARQ protects frame checksum and addresses by cumulated checksum. Cumulated checksum is unknown to adversaries because of unavoidable wireless transmission errors. As frame checksum is unavailable to adversaries, error frames caused by collision cannot be detected, rendering eavesdropping useless. Addresses protection provided by cumulated checksum disables traffic analysis attacks. Sec-ARQ can defend against passive attacks effectively. Simulation results prove that Sec-ARQ can improve wireless security with little performance sacrifice, which is more suitable for resource-constrained wireless sensor networks.