TinyAKE: A More Practicable and Trustable Scheme for Authenticated Key Establishment in WSNs

The characteristics of high loss rate, resource constraint, being eager for good security haven't been fully considered in the existing key establishment protocols of wireless sensor networks. Analyzing the key establishing problem from the MAC and physical layers, existing protocols are not practicable enough due to their overlong agreement packets and single round key establishment. To mitigate the impact of these problems, a group of design principles for secure sensor networks has been presented and TinyAKE, an authenticated key transport protocol based on lightweight certificate, is proposed in this paper. The security of TinyAKE are proved with the theory of indistinguishability, meanwhile, the correctness is also proved, the performance is analyzed and compared with the existing similar protocols. Finally TinyAKE is implemented in the TinyOS with TinyECC. Our evaluation shows that TinyAKE is a more practicable and trustable authenticated key establishment protocol than existing protocols. The experimental result shows that the key transport with certificate mechanism is feasible in WSNs. Moreover, the simulation results show that the optimal number of repeated negotiation is one when the secure connectivity rate of TinyAKE is improved by using the repeated key negotiation

A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks

Abstract — The challenging characteristics of sensor nodes, including the constrained resources, the ad-hoc nature of their deployment and the vulnerability of wireless media, pose a need for unique security solutions. The advantages of Public Key Cryptography (PKC) for sensor network security are widely acknowledged and include resilience, scalability and decentralized management. Recent work has indicated that PKC is feasible in the wireless sensor network (WSN) environment, paving the way for many new security services and opportunities. However, the computational effort involved in performing PKC operations remains substantial. From an energy consumption perspective, it is imperative that the processing and communication resources be utilized only when required. To that end, PKC implementations are more vulnerable to Denial of Service (DoS) attacks, when compared to traditional security methods that require less resources. In particular, if a malicious party attacks a sensor node by repetitive requests to establish a key, the resources of the attacked node can be exhausted quite rapidly. In this paper, we propose a novel RSA-based framework for combating DoS attacks in WSN by ensuring that the malicious party will exhaust its resources prior to exhausting those of its counterparts. Under the proposed approach, the mathematical operations performed by the malicious party require two or three orders of magnitude more resources than those required by the attacked party. We also present three methodologies for establishing an ephemeral key, in which the proposed DoS mitigation mechanism is an embedded component. Implementation results on the Intel Mote 2 platform substantiate the clear advantages of the proposed method. I