A Portable Random Key Predistribution Scheme for Distributed Sensor Network

A distributed sensor network (DSN) can be deployed to collect information for military or civilian applications. However, due to the characteristics of DSNs such as limited power, key distribution for a distributed sensor network is complex. In this paper, a neighbor-based path key establishing method and a seed-based algorithm are put forward to improve the original random key pre-distribution scheme. The new scheme is portable because it is independent of the routing protocol. Moreover, the connectivity of the entire network also approaches 1. In particular, the new scheme can keep high connectivity by setting a small amount of redundancy in parameter values when the number of neighbors drops because of the node dormancy or death. The resilience against node capture in our scheme is not lower than that in the l-path scheme and the basic schemes when the number of hops in a path is larger than 5, and the simulation result shows that the efficiency of our scheme is also slightly higher

Scalable Grouping Random Key Predistribution in Large Scale Wireless Sensor Networks

[[abstract]]The security issue in a wireless sensor network (WSN) has been drawing considerable research attention in recent years. Key management, a basic security service, becomes the core design for various security services, such as encryption and authentication. To increase the connectivity of each key in a large-scale WSN and to enlarge its maximum supportable network size, this paper presents a scalable grouping (SG) random key predistribution scheme. The SG scheme divides all nodes into several groups and uses the one-way function to generate group-to-group pairwise keys. To improve resilience against node capture, i.e., to fortify the security strength, the scheme takes on the concept that the link key is composed of some shared keys. For any two nodes with two or more shared keys, the SG scheme uses the exclusive-OR operation to compose the link key -- assuring the link key used to secure a link is nearly unique. Experimental results show that the SG scheme is able to generate better resilience against node capture and higher scalability than existing random key based schemes.[[notice]]補正完畢[[incitationindex]]EI[[booktype]]紙

Security in heterogeneous wireless networks

The proliferation of a range of wireless devices, from the cheap low power resource starved sensor nodes to the ubiquitous cell phones and PDA\u27s has resulted in their use in many applications. Due to their inherent broadcast nature Security and Privacy in wireless networks is harder than the wired networks. Along with the traditional security requirements like confidentiality, integrity and non-repudiation new requirements like privacy and anonymity are important in wireless networks. These factors combined with the fact that nodes in a wireless network may have different resource availabilities and trust levels makes security in wireless networks extremely challenging. The functional lifetime of sensor networks in general is longer than the operational lifetime of a single node, due to limited battery power. Therefore to keep the network working multiple deployments of sensor nodes are needed. In this thesis, we analyze the vulnerability of the existing key predistribution schemes arising out of the repeated use of fixed key information through multiple deployments. We also develop SCON, an approach for key management that provides a significant improvement in security using multiple key pools. SCON performs better in a heterogeneous environment. We present a key distribution scheme that allows mobile sensor nodes to connect with stationary nodes of several networks. We develop a key distribution scheme for a semi ad-hoc network of cell phones. This scheme ensures that cell phones are able to communicate securely with each other when the phones are unable to connect to the base station. It is different from the traditional ad hoc networks because the phones were part of a centralized network before the base station ceased to work. This allows efficient distribution of key material making the existing schemes for ad hoc networks ineffective. In this thesis we present a mechanism for implementing authenticated broadcasts which ensure non-repudiation using identity based cryptography. We also develop a reputation based mechanism for the distributed detection and revocation of malicious cell phones. Schemes which use the cell phone for secure spatial authentication have also been presented

Certificate less Effective Key Management Protocol For Secure Communications

To improve the current certificate less-effective key management (CL-EKM) convention for secure correspondence in element WSNs with Energy Efficient System. This numerical model will be used to evaluate the correct worth for the Thold and Tback off parameters in view of the speed and the coveted trade off between the vitality utilization and the security level. As a vital piece of mechanical application (IA), the wireless sensor network (WSN) has been a dynamic exploration territory in the course of recent years. Because of the constrained energy and correspondence capacity of sensor nodes, it appears to be particularly essential to outline a directing convention for WSNs so that detecting information can be transmitted to the recipient effectively. A energy-balanced routing technique taking into account forward-mindful element is proposed in this paper with effective key management procedures in it. In this framework, the next-hop node is chosen by attention to connection weight and forward energy density. Besides, an unconstrained remaking mechanism for nearby topology is outlined furthermore. In the tests comes about demonstrate that our framework adjusts the energy utilization, drags out the capacity lifetime and ensures high QoS of WSN

Multiple Bridge Secret Delivery in Wireless Sensor Networks

Achieving security in wireless sensor networks is a challenging problem due to the inherent resource and computing constraints. Several key distribution techniques have been proposed in the technical literature for efficient distribution of keys to the nodes prior deployment. These techniques establish secure links for some pairs of physically connected nodes but leave other pairs alone. Remaining nodes use multi-hop scheme to form a secured path connecting these links. Using this technique, the secret is disclosed to all the nodes on the path. Therefore, if any of the nodes is compromised by an adversary, secret is disclosed to the adversary. To solve this problem, a scheme called Babel was proposed recently that finds common bridge node to deliver secret link keys to their neighbors. In this scheme regular paths are used to deliver multiple keys with the common bridge node, hence key compromise probability is lowered compared to previous techniques. Our work is based on the Babel scheme and has several advantages. In our work we propose a new scheme that finds multiple bridge nodes to deliver secret link keys to all its physical neighbors. Keys are distributed to multiple bridge nodes instead of one common bridge node to establish secure connections to the disconnected nodes. Hence even if a few of the bridge nodes are compromised, secret will not be disclosed to the adversary. We present the details of our scheme's design and investigate the connectivity and security performance of our scheme in this thesis

TinyPBC: Pairings for Authenticated Identity-Based Non-Interactive Key Distribution in Sensor Networks

Key distribution in Wireless Sensor Networks (WSNs) is challenging. Symmetric cryptosystems can perform it efficiently, but they often do not provide a perfect trade-off between resilience and storage. Further, even though conventional public key and elliptic curve cryptosystem are computationally feasible on sensor nodes, protocols based on them are not. They require exchange and storage of large keys and certificates, which is expensive. Using Pairing-based Cryptography (PBC) protocols, conversely, parties can agree on keys without any interaction. In this work, we (i) show how security in WSNs can be bootstrapped using an authenticated identity-based non-interactive protocol and (ii) present TinyPBC, to our knowledge, the most efficient implementation of PBC primitives for an 8-bit processor. TinyPBC is an open source code able to compute pairings as well as binary multiplication in about 5.5s and 4019.46$\mu$s, respectively, on the ATmega128L 7.3828-MHz/4KB SRAM/128KB ROM processor -- the MICA2 and MICAZ node processor

Cryptographic key distribuition in sensor networks

Orientador: Ricardo DahabTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Redes de Sensores Sem Fio (RSSFs) são compostas em sua maioria por pequenos nós sensores dotados de recursos extremamente limitados. Estes, por sua vez, se comunicam com o mundo externo através de nós poderosos chamados de sorvedouros ou estações rádio base. RSSFs são empregadas com o objetivo de monitorar regiões, oferecendo dados sobre a área monitorada para o resto do sistema. Tais redes podem ser utilizadas para diferentes aplicações, tais como operações de resgate em áreas de conflito/desastre, espionagem industrial e detecção de exploração ilegal de recursos naturais. Em RSSFs existem aplicações críticas nas quais propriedades de segurança são de vital importância. Segurança, por sua vez, é comumente alavancada através de esquemas de distribuição de chaves. A maioria dos padrões de distribuição de chaves presentes na literatura, todavia, não são apropriados para RSSFs: métodos baseados em esquemas de chave pública convencionais, devido aos seus requisitos de processamento e banda; chaves de grupo, em função das suas vulnerabilidades de segurança; e chaves par-a-par (pairwise), por causa da baixa escalabilidade. Um outro dado é que há uma vasta gama de arquiteturas propostas para RSSFs e que uma mesma técnica de distribuição de chaves pode ser a melhor para uma, mas não para outra, visto que diferentes arquiteturas de rede exibem padrões de comunicação distintos. Em outras palavras, não existe uma panacéia, e mecanismos de distribuição de chaves para RSSFs devem, portanto, levar em consideração as idiossincrasias das arquiteturas para as quais são projetadas. Tudo isso torna extremamente difícil e desafiadora a tarefa de dotar RSSFs de segurança. O objetivo deste trabalho foi propor soluções de distribuição de chaves que, concomitantemente, (i) fossem compatíveis com os recursos dos sensores e (ii) considerassem as particularidades das arquiteturas para as quais são propostas. Como será mostrado ao longo desta tese, iniciamos nosso trabalho com soluções personalizadas para certas arquiteturas de RSSFs e evoluímos para soluções flexíveis em que a segurança é alavancada de forma não interativa - o que é ideal para este tipo de rede. Até onde sabemos, nosso trabalho é pioneiro em soluções de segurança para RSSFs hierárquicas e em distribuição de chaves de forma autenticada e não interativa, usando Criptografia Baseada em Identidade, neste tipo de rede.Abstract: Wireless sensor networks (WSNs) are ad hoc networks comprised mainly of small sensor nodes with limited resources and one or more base stations, which are much more powerful laptop-class nodes that connect the sensor nodes to the rest of the world. WSNs are used for monitoring purposes, providing information about the area being monitored to the rest of the system. Application areas range from battlefield reconnaissance and emergency rescue operations to surveillance and environmental protection. There are also critical WSN applications in which security properties are of paramount importance. Security, in turn, is frequently bootstrapped through key distribution schemes. Most of the key distribution techniques, however, are ill-suited to WSNs: public key based distribution, because of its processing and bandwidth requirements; global keying, because of its security vulnerabilities; complete pairwise keying, because of its memory requirements. It is worth noting, however, that a large number of WSN architectures have been proposed and a key distribution solution that is well suited to one architecture is likely not to be the best for another, as different network architectures exhibit different communication patterns. In other words, there is no panacea and the design of a key distribution scheme must therefore be driven by the peculiarities of the WSN architecture in question. This all makes extremely hard and challenging the objective of securing WSNs. In this work, we aimed at proposing key distribution schemes that are both (i) lightweight and (ii) able to fulfill architecture-specific needs. As it will be shown throughout this thesis, we began our work with customized solutions for certain types of WSNs and then, subsequently, turned our attention to more flexible solutions, where security is bootstrapped in a non-interactive way through the use of Identity-Based Cryptography.DoutoradoTeoria da ComputaçãoDoutor em Ciência da Computaçã

Attacks on Geographic Routing Protocols for Wireless Sensor Network

With the increase in the military and several other applications of Wireless Sensor Network, provisions must be made for secure transmission of sensitive information throughout the network. Most of the routing protocols proposed for ad-hoc networks and sensor networks are not designed with security as a goal. Hence, many routing protocols are vulnerable to an attack by an adversary who can disrupt the network or harness valuable information from the network. Routing Protocols for wireless sensor networks are classified into three types depending on their network structure as Flat routing protocols, Hierarchical routing protocol and Geographic routing protocols. Large number of nodes in a wireless sensor network , limited battery power and their data centric nature make routing in wireless sensor network a challenging problem. We mainly concentrate on location-based or geographic routing protocol like Greedy Perimeter Stateless Routing Protocol. Sybil attack and Selective forwarding attack are the two attacks feasible in GPSR. These attacks are implemented in GPSR and their losses caused to the network are analysed

Access Control in Wireless Sensor Networks

Wireless sensor networks consist of a large amount of sensor nodes, small low-cost wireless computing devices equipped with different sensors. Sensor networks collect and process environmental data and can be used for habitat monitoring, precision agriculture, wildfire detection, structural health monitoring and many other applications. Securing sensor networks calls for novel solutions, especially because of their unattended deployment and strong resource limitations. Moreover, developing security solutions without knowing precisely against what threats the system should be protected is impossible. Thus, the first task in securing sensor networks is to define a realistic adversary model. We systematically investigate vulnerabilities in sensor networks, specifically focusing on physical attacks on sensor node hardware. These are all attacks that require direct physical access to the sensor nodes. Most severe attacks of this kind are also known as node capture, or node compromise. Based on the vulnerability analysis, we present a novel general adversary model for sensor networks. If the data collected within a sensor network is valuable or should be kept confidential then the data should be protected from unauthorized access. We determine security issues in the context of access control in sensor networks in presence of node capture attacks and develop protocols for broadcast authentication that constitute the core of our solutions for access control. We develop broadcast authentication protocols for the case where the adversary can capture up to some threshold t sensor nodes. The developed protocols offer absolute protection while not more than t nodes are captured, but their security breaks completely otherwise. Moreover, security in this case comes at a high cost, as the resource requirements for the protocols grow rapidly with t. One of the most popular ways to overcome impossibility or inefficiency of solutions in distributed systems is to make the protocol goals probabilistic. We therefore develop efficient probabilistic protocols for broadcast authentication. Security of these protocols degrades gracefully with the increasing number of captured nodes. We conclude that the perfect threshold security is less appropriate for sensor networks than the probabilistic approach. Gracefully degrading security offers better scalability and saves resources, and should be considered as a promising security paradigm for sensor networks