Wenliang Du
Jing Deng
Abstract
To achieve security in wireless sensor networks, it is important to be able to encrypt and authenticate messages sent between sensor nodes. Before doing so, keys for performing encryption and authentication must be agreed upon by the communicating parties. Due to resource constraints, however, achieving key agreement in wireless sensor networks is nontrivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and other public-key based schemes, are not suitable for wireless sensor networks due to the limited computational abilities of the sensor nodes. Predistribution of secret keys for all pairs of nodes is not viable due to the large amount of memory this requires when the network size is large.In this paper, we provide a framework in which to study the security of key predistribution schemes, propose a new key predistribution scheme which substantially improves the resilience of the network compared to previous schemes, and give an in-depth analysis of our scheme in terms of network resilience and associated overhead. Our scheme exhibits a nice threshold property: when the number of compromised nodes is less than the threshold, the probability that communications between any additional nodes are compromised is close to zero. This desirable property lowers the initial payoff of smaller-scale network breaches to an adversary, and makes it necessary for the adversary to attack a large fraction of the network before it can achieve any significant gain.
- Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., and Cayirci, E. 2002. A survey on sensor networks. IEEE Communications Magazine 40, 8 (Aug.), 102--114. Google Scholar
- Anderson, R. and Kuhn, M. 1996. Tamper resistance---A cautionary note. In Proceedings of the 2nd Usenix Workshop on Electronic Commerce. 1--11. Google Scholar
- Bellare, M., Kilian, J., and Rogaway, P. 2000. The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences 61, 3, 362--399. Google Scholar
- Bellare, M. and Rogaway, P. 1993. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security. 62--73. Google Scholar
- Blom, R. 1985. An optimal class of symmetric key generation systems. In Advances in Cryptology: Proceedings of EUROCRYPT 84, T. Beth, N. Cot, and I. Ingemarsson, Eds. Lecture Notes in Computer Science, vol. 209, Springer-Verlag, Berlin, 335--338. Google Scholar
- Blundo, C., Santis, A. D., Herzberg, A., Kutten, S., Vaccaro, U., and Yung, M. 1993. Perfectly-secure key distribution for dynamic conferences. In Lecture Notes in Computer Science, vol. 740, 471--486. Google Scholar
- Chan, H., Perrig, A., and Song, D. 2003. Random key predistribution schemes for sensor networks. In IEEE Symposium on Security and Privacy, Berkeley, CA. 197--213. Google Scholar
- Crossbow Technology, Inc. Available at http://www.xbow.com/.Google Scholar
- Du, W., Deng, J., Han, Y. S., and Varshney, P. 2003. A pairwise key predistribution scheme for wireless sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security. 42--51. Google Scholar
- Erdös and Rényi. 1959. On random graphs I. Publ. Math. Debrecen 6, 290--297.Google Scholar
- Eschenauer, L. and Gligor, V. D. 2002. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security. 41--47. Google Scholar
- Kahn, J., Katz, R., and Pister, K. 1999. Next century challenges: Mobile networking for smart dust. In Proceedings of the 5th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom). 483--492. Google Scholar
- Liu, D. and Ning, P. 2003. Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security. 52--61. Google Scholar
- MacWilliams, F. and Sloane, N. 1977. The Theory of Error-Correcting Codes. Elsevier Science, New York.Google Scholar
- Malkhi, D., Reiter, M., Wool, A., and Wright, R. N. 2001. Probabilistic quorum systems. Information and Computation 170, 2, 184--206. Google Scholar
- Neuman, B. C. and Tso, T. 1994. Kerberos: An authentication service for computer networks. IEEE Communications 32, 9 (Sept.), 33--38.Google Scholar
- Perrig, A., Szewczyk, R., Wen, V., Cullar, D., and Tygar, J. 2001. SPINS: Security protocols for sensor networks. In Proceedings of the 7th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom). 189--199. Google Scholar
- Peterson, W. W. 1972. Error-Correcting Codes, 2nd ed. MIT Press, Cambridge, MA.Google Scholar
Index Terms
- A pairwise key predistribution scheme for wireless sensor networks
Recommendations
A pairwise key pre-distribution scheme for wireless sensor networks
CCS '03: Proceedings of the 10th ACM conference on Computer and communications securityTo achieve security in wireless sensor networks, it is important to be able to encrypt and authenticate messages sent among sensor nodes. Keys for encryption and authentication purposes must be agreed upon by communicating nodes. Due to resource ...
An Efficient Grid-Based Pairwise Key Predistribution Scheme for Wireless Sensor Networks
Research on wireless sensor networks (WSNs) has been receiving a lot of attention recently. Because of the constraints on the cost of hardware, there are a lot of restrictions regarding memory, computational ability, and energy consumption, hampering ...
Group-based key predistribution for wireless sensor networks
Many key predistribution techniques have been developed recently to establish pairwise keys between sensor nodes in wireless sensor networks. To further improve these schemes, researchers have also proposed to take advantage of the sensors' expected ...
Reviews
Tanveer Zia
Wireless sensor networks are an emerging technology. Due to their resource-starved nature, they need unique key management techniques to establish secure communication between sensor nodes. The authors propose a security framework in which they analyze various existing key predistribution techniques, and present a new flexible and scalable pairwise key predistribution scheme. Their key predistribution scheme is combined with the scheme presented by Blom [1]. Blom's key predistribution method was not for a sensor network; however, it allowed any pair of nodes in a network to be able to find a pairwise secret key. As long as no more than X nodes are compromised, the network is perfectly secure (this is called the X-secure property). In this key scheme, the authors take a concept from graph theory, and draw an edge between two nodes, if and only if they can find a secret key between themselves. Their hypothesis is that by requiring the graph to be connected, each sensor node needs to carry less key information. During the key predistribution phase, key information is assigned to each node, such that after deployment, neighboring sensor nodes can find a secret key between them. The authors' key predistribution phase generates G and D matrices, followed by the selection of a key space. Then, in the key agreement phase, after deployment, each node discovers whether it shares any key space with its neighbors. To achieve this, each node broadcasts a message containing the node's ID, the indices of key spaces it carries, and the seed of the column of G it carries. Simulation results produced by the authors show the advantage of their scheme over existing key schemes. They prove that in existing schemes, the adversary only needs to compromise less than 100 nodes in order to compromise ten percent of the rest of the secure links, whereas in this scheme, the adversary needs to compromise 500 nodes, thus lowering the payoff to the adversary of smaller scale network breaches. They also show that network resilience can be improved by using multihop neighbors. This paper is worth reading for researchers and professionals working in wireless sensor network security. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments