collusion attack on a self-healing key distribution with revocation in wireless sensor networks

Abstract

Ministry of Public Administration and Security (MoPAS); Korea Communications Commission (KCC)A self-healing key distribution enables non-revoked users to recover the lost session keys on their own from the received broadcast messages and their private information. It decreases the load on the group manager and is very suitable for the unreliable wireless sensor networks. In 2008, Du and He [5] proposed a self-healing key distribution with revocation in wireless sensor networks which is claimed to resist to the collusion attack. In this paper, we show that the scheme 2 in [5] is not secure against the collusion attack. A newly joined user colluding with a revoked user can recover the group session keys that are not supposed to be known to them. Then the scheme will be improved and the modified one, through the analysis, is able to resist the collusion attack. Moreover, the modified scheme has the properties of constant storage, long life-span, forward secrecy and backward secrecy. © 2011 Springer-Verlag