A highly resilient and zone-based key predistribution protocol for multiphase wireless sensor networks

Pairwise key distribution among the sensor nodes is an essential problem for providing security in Wireless Sensor Networks (WSNs). The common approach for this problem is random key predistribution, which suffers from resiliency issues in case of node captures by adversaries. In the literature, the resiliency problem is addressed by zone-based deployment models that use prior deployment knowledge. Another remedy in the literature, which is for multiphase WSNs, aims to provide self-healing property via periodic deployments of sensor nodes with fresh keys over the sensor field. However, to the best of our knowledge, these two approaches have never been combined before in the literature. In this paper, we propose a zone-based key predistribution approach for multiphase WSNs. Our approach combines the best parts of these approaches and provides self-healing property with up to 9-fold more resiliency as compared to an existing scheme. Moreover, our scheme ensures almost 100% secure connectivity, which means a sensor node shares at least one key with almost all of its neighbors

A unified approach to combinatorial key predistribution schemes for sensor networks

There have been numerous recent proposals for key predistribution schemes for wireless sensor networks based on various types of combinatorial structures such as designs and codes. Many of these schemes have very similar properties and are analysed in a similar manner. We seek to provide a unified framework to study these kinds of schemes. To do so, we define a new, general class of designs, termed “partially balanced t-designs”, that is sufficiently general that it encompasses almost all of the designs that have been proposed for combinatorial key predistribution schemes. However, this new class of designs still has sufficient structure that we are able to derive general formulas for the metrics of the resulting key predistribution schemes. These metrics can be evaluated for a particular scheme simply by substituting appropriate parameters of the underlying combinatorial structure into our general formulas. We also compare various classes of schemes based on different designs, and point out that some existing proposed schemes are in fact identical, even though their descriptions may seem different. We believe that our general framework should facilitate the analysis of proposals for combinatorial key predistribution schemes and their comparison with existing schemes, and also allow researchers to easily evaluate which scheme or schemes present the best combination of performance metrics for a given application scenario

Distinct difference configurations: multihop paths and key predistribution in sensor networks

A distinct difference configuration is a set of points in Z2 with the property that the vectors (difference vectors) connecting any two of the points are all distinct. Many specific examples of these configurations have been previously studied: the class of distinct difference configurations includes both Costas arrays and sonar sequences, for example. Motivated by an application of these structures in key predistribution for wireless sensor networks, we define the k-hop coverage of a distinct difference configuration to be the number of distinct vectors that can be expressed as the sum of k or fewer difference vectors. This is an important parameter when distinct difference configurations are used in the wireless sensor application, as this parameter describes the density of nodes that can be reached by a short secure path in the network. We provide upper and lower bounds for the k-hop coverage of a distinct difference configuration with m points, and exploit a connection with Bh sequences to construct configurations with maximal k-hop coverage. We also construct distinct difference configurations that enable all small vectors to be expressed as the sum of two of the difference vectors of the configuration, an important task for local secure connectivity in the application

A Key Predistribution Scheme for Sensor Networks Using Deployment Knowledge

To achieve security in wireless sensor networks, it is important to be able to encrypt messages sent among sensor nodes. Keys for encryption purposes must be agreed upon by communicating nodes. Due to resource constraints, achieving such key agreement in wireless sensor networks is nontrivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and public-key-based schemes, are not suitable for wireless sensor networks. Predistribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. Recently, a random key predistribution scheme and its improvements have been proposed. A common assumption made by these random key predistribution schemes is that no deployment knowledge is available. Noticing that, in many practical scenarios, certain deployment knowledge may be available a priori, we propose a novel random key predistribution scheme that exploits deployment knowledge and avoids unnecessary key assignments. We show that the performance (including connectivity, memory usage, and network resilience against node capture) of sensor networks can be substantially improved with the use of our proposed scheme. The scheme and its detailed performance evaluation are presented in this paper

Efficient key establishment for group-based wireless sensor deployments

Establishing pairwise keys for each pair of neighboring sensors is the first concern in securing communication in sensor networks. This task is challenging because resources are limited. Several random key predistribution schemes have been proposed, but they are appropriate only when sensors are uniformly distributed with high density. These schemes also suffer from a dramatic degradation of security when the number of compromised sensors exceeds a threshold. In this paper, we present a group-based key predistribution scheme, GKE, which enables any pair of neighboring sensors to establish a unique pairwise key, regardless of sensor density or distribution. Since pairwise keys are unique, security in GKE degrades gracefully as the number of compromised nodes increases. In addition, GKE is very efficient since it requires only localized communication to establish pairwise keys, thus significantly reducing the communication overhead. Our security analysis and performance evaluation illustrate the superiority of GKE in terms of resilience, connectivity, communication overhead and memory requirement. Categories and Subject Descriptors C.2 [Computer-Communication Networks]: secuirty and protection

On Security and Reliability using Cooperative Transmissions in Sensor Networks

Recent work on cooperative communications has demonstrated benefits in terms of improving the reliability of links through diversity and/or increasing the reach of a link compared to a single transmitter transmitting to a single receiver (single-input single-output or SISO). In one form of cooperative transmissions, multiple nodes can act as virtual antenna elements and provide such benefits using space-time coding. In a multi-hop sensor network, a source node can make use of its neighbors as relays with itself to reach an intermediate node, which will use its neighbors and so on to reach the destination. For the same reliability of a link as SISO, the number of hops between a source and destination may be reduced using cooperative transmissions. However, the presence of malicious or compromised nodes in the network impacts the use of cooperative transmissions. Using more relays can increase the reach of a link, but if one or more relays are malicious, the transmission may fail. In this paper, we analyze this problem to understand the conditions under which cooperative transmissions may fare better or worse than SISO transmissions

MPKMS: a Matrix-based Pairwise Key Management Scheme for Wireless Sensor Networks

Due to the sensitivity of the Wireless Sensor Networks (WSN) applications and resource constraints, authentication and key management emerge as a challenging issue for WSN. In general, various approaches have been developed for the key management in WSN. This paper has come up with a new robust key pre-distribution scheme using random polynomial functions and matrix. This new proposed scheme significantly increases the storage efficiency and provides resilience to network against node capture by using random prime numbers, polynomial functions and matrix properties. The effectiveness of the scheme is demonstrated through a security analysis and comparison with the existing schemes