HaG: Hash graph based key predistribution scheme for multiphase wireless sensor networks

Wireless Sensor Networks (WSN) consist of small sensor nodes which operate until their energy reserve is depleted. These nodes are generally deployed to the environments where network lifespan is much longer than the lifetime of a node. Therefore, WSN are typically operated in a multiphase fashion, as in [1-3, 9-10], which use different key pools for nodes deployed at different generations. In multiphase WSN, new nodes are periodically deployed to the environment to ensure constant local and global network connectivity. Also, key ring of these newly deployed nodes is selected from their deployment generation key pool to improve the resiliency of WSN. In this paper, we propose a key predistribution scheme for multiphase WSN which is resilient against permanent and temporary node capture attacks. In our Hash Graph based (HaG) scheme, every generation has its own key pool which is generated using the key pool of the previous generation. This allows nodes deployed at different generations to have the ability to establish secure channels. Likewise, a captured node can only be used to obtain keys for a limited amount of successive generations. We compare the connectivity and resiliency performance of our scheme with other multiphase key predistribution schemes and show that our scheme performs better when the attack rate is low. When the attack rate is high, our scheme still has better resiliency performance inasmuch as using less key ring size compared to the existing multiphase schemes

Key propagation in wireless sensor networks

With reference to a network consisting of sensor nodes connected by wireless links, we approach the problem of the distribution of the cryptographic keys. We present a solution based on communication channels connecting sequences of adjacent nodes. All the nodes in a channel share the same key. This result is obtained by propagating the key connecting the first two nodes to all the other nodes in the channel. The key propagation mechanism is also used for key replacement, as is required, for instance, in group communication to support forms of forward and backward secrecy, when a node leaves a group or a new node is added to an existing group

Protected pointers in wireless sensor networks

With reference to a distributed architecture consisting of sensor nodes connected by wireless links in an arbitrary network topology, we consider a segment-oriented implementation of the single address space paradigm of memory reference. In our approach, applications consist of active entities called components, which are distributed in the network nodes. A component accesses a given segment by presenting a handle for this segment. A handle is a form of pointer protected cryptographically. Handles allow an effective implementation of communications between components, and key replacement. The number of messages generated by the execution of the communication primitives is independent of the network size. The key replacement mechanism is well suited to reliable application rekeying over an unreliable network

Key revocation in wireless sensor networks: a survey on a less-addressed yet vital issue

Key management in wireless sensor network (WSN) includes two important aspects namely key distribution, which constitutes the task of distributing secret keys to nodes in the network, and key revocation, which refers to the task of securely withdrawing the key information relating to any compromised node or because of tactical reasons. While in the existing literature, key distribution has been extensively studied, key revocation has received relatively little attention. A vital security issue like this needs proper recognition to be considered as a critical research area, not just as a partial segment of key management. With this motivation, in this paper, we present our rationale behind recognising the area and analyse the state-of-the-art key revocation techniques. Alongside our survey on the prominent schemes, we also present an analysis of security and performance that highlights the advantages and disadvantages of each scheme that explicitly mentions the method of key revocation

A hierarchical key pre-distribution scheme for fog networks

Security in fog computing is multi-faceted, and one particular challenge is establishing a secure communication channel between fog nodes and end devices. This emphasizes the importance of designing efficient and secret key distribution scheme to facilitate fog nodes and end devices to establish secure communication channels. Existing secure key distribution schemes designed for hierarchical networks may be deployable in fog computing, but they incur high computational and communication overheads and thus consume significant memory. In this paper, we propose a novel hierarchical key pre-distribution scheme based on “Residual Design” for fog networks. The proposed key distribution scheme is designed to minimize storage overhead and memory consumption, while increasing network scalability. The scheme is also designed to be secure against node capture attacks. We demonstrate that in an equal-size network, our scheme achieves around 84% improvement in terms of node storage overhead, and around 96% improvement in terms of network scalability. Our research paves the way for building an efficient key management framework for secure communication within the hierarchical network of fog nodes and end devices. KEYWORDS: Fog Computing, Key distribution, Hierarchical Networks

Distributed storage protection in wireless sensor networks

With reference to a distributed architecture consisting of sensor nodes connected in a wireless network, we present a model of a protection system based on segments and applications. An application is the result of the joint activities of a set of cooperating nodes. A given node can access a segment stored in the primary memory of a different node only by presenting a gate for that segment. A gate is a form of pointer protected cryptographically, which references a segment and specifies a set of access rights for this segment. Gates can be freely transmitted between nodes, thereby granting the corresponding access permissions. Two special node functionalities are considered, segment servers and application servers. Segment servers are used for inter-application communication and information gathering. An application server is used in each application to support key management and rekeying. The rekey mechanism takes advantage of key naming to cope with losses of rekey messages. The total memory requirements for key and gate storage result to be a negligible fraction of the overall memory resources of the generic network node

Uneven key predistribution scheme for multiphase wireless sensor networks

In multiphase Wireless Sensor Networks (WSNs), sensor nodes are redeployed periodically to replace nodes with depleted batteries. In order to keep the network resilient against node capture attacks across different deployment epochs, called generations, it is necessary to refresh the key pools from which cryptographic keys are distributed. In this thesis, we propose Uneven Key Predistribution (UKP) scheme that uses multiple different key pools at each generation. Keys are drawn unevenly from these key pools and loaded to sensor nodes prior to deployment. Nodes are loaded with keys not only from their current generation, but also from future generations. We conduct simulation based performance evaluation in mobile environments using three different mobility models. One of them, Circular Move Mobility model, is first proposed in this thesis. Our UKP scheme provides self healing that improves the resiliency of the network up to 50% under heavy attack as compared to an existing scheme in the literature. Moreover, our scheme provides almost perfect local and global connectivity

Hash graph based key predistribution scheme for mobile and multiphase wireless sensor networks

Wireless Sensor Networks (WSN) consist of small sensor nodes which operate until their energy reserve is depleted. These nodes are generally deployed to the environments where network lifespan is much longer than the lifetime of a node. Therefore, WSN are typically operated in a multiphase fashion, where new nodes are periodically deployed to the environment to ensure constant local and global network connectivity. Besides, significant amount of the research in the literature studies only static WSN and there is very limited work considering mobility of the sensor nodes. In this thesis, we present a key predistribution scheme for mobile and multiphase WSN which is resilient against eager and temporary node capture attacks. In our Hash Graph based (HaG) scheme, every generation has its own key pool which is generated using the key pool of the previous generation. This allows nodes deployed at different generations to have the ability to establish secure channels. Likewise, a captured node can only be used to obtain keys for a limited amount of successive generations. We also consider sensor nodes as mobile and use different mobility models to show its effects on the performance. We compare the connectivity and resiliency performance of our scheme with a well-known multiphase key predistribution scheme and show that our scheme performs better when the attack rate is low. When the attack rate increases, our scheme still has better resiliency performance considering that it requires less key ring size compared to a state-of-the-art multiphase scheme