Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

State of The Art in WBAN Security & Open Research Issues

No Abstrac

Implementation of Secure Key Management Techniques in Wireless Sensor Networks

Creating a secure wireless sensor network involves authenticating and encrypting messages that are sent throughout the network. The communicating nodes must agree on secret keys in order to be able to encrypt packets. Sensor networks do not have many resources and so, achieving such key agreements is a difficult matter. Many key agreement schemes like Diffie-Hellman and public-key based schemes are not suitable for wireless sensor networks. Pre-distribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. We propose a novel key management system that works with the random key pre-distribution scheme where deployment knowledge is unknown. We show that our system saves users from spending substantial resources when deploying networks. We also test the new system’s memory usage, and security issues. The system and its performance evaluation are presented in this thesis

Multi-stage secure clusterhead selection using discrete rule-set against unknown attacks in wireless sensor network

Security is the rising concern of the wireless network as there are various forms of reonfigurable network that is arised from it. Wireless sensor network (WSN) is one such example that is found to be an integral part of cyber-physical system in upcoming times. After reviewing the existing system, it can be seen that there are less dominant and robust solutions towards mitigating the threats of upcoming applications of WSN. Therefore, this paper introduces a simple and cost-effective modelling of a security system that offers security by ensuring secure selection of clusterhead during the data aggregation process in WSN. The proposed system also makes construct a rule-set in order to learn the nature of the communication iin order to have a discrete knowledge about the intensity of adversaries. With an aid of simulation-based approach over MEMSIC nodes, the proposed system was proven to offer reduced energy consumption with good data delivery performance in contrast to existing approach

Two-tier, location-aware and highly resilient key predistribution scheme for wireless sensor networks /

Sensor nodes are low power, tiny, and computationally restricted microelectromechanical devices that usually run on battery. They are capable of communicating over short distances and of sensing information for specific purposes. In sensor networks, large amount of sensor nodes are deployed over a wide region. For secure communication among sensor nodes, secure links must be established via key agreement. Due to resource constraints, achieving such key agreement in wireless sensor networks is non-trivial. Many key establishment schemes, like Diffie-Hellman and public-key cryptography based protocols, proposed for general networks are not so suitable for sensor networks due to resource constraints. Since one cannot generally assume a trusted infrastructure, keys and/or keying materials must be distributed to sensor nodes before deployment of them. Such key distribution schemes are called key predistribution schemes. After deployment, sensor nodes use predistributed keys and/or keying materials to establish secure links using various techniques. In this thesis, we propose a probabilistic key predistribution scheme, in which we assume that certain deployment knowledge is available prior to deployment of sensor nodes. We use a two-tier approach in which there are two types of nodes: regular nodes and agent nodes. Agent nodes, which constitute a small percentage of all nodes, are more capable than regular nodes. Most of the regular nodes can establish shared keys among themselves without the help of agent nodes, whereas some other regular nodes make use of agent nodes as intermediaries for key establishment. We give a comparative analysis of our scheme through simulations and show that our scheme provides good connectivity for the sensor network. Moreover, our scheme exhibits substantially strong node-capture resiliency against small-scale attacks, while the resiliency of the network degrades gracefully as the number of captured nodes increases. In addition, the proposed scheme is scalable such that increasing the number of nodes in the network does not degrade the performance and does not increase the complexity. Another good characteristic of our scheme is that it is resistant against node fabrication and partially resistant against wormhole attacks

Uneven key predistribution scheme for multiphase wireless sensor networks

In multiphase Wireless Sensor Networks (WSNs), sensor nodes are redeployed periodically to replace nodes with depleted batteries. In order to keep the network resilient against node capture attacks across different deployment epochs, called generations, it is necessary to refresh the key pools from which cryptographic keys are distributed. In this thesis, we propose Uneven Key Predistribution (UKP) scheme that uses multiple different key pools at each generation. Keys are drawn unevenly from these key pools and loaded to sensor nodes prior to deployment. Nodes are loaded with keys not only from their current generation, but also from future generations. We conduct simulation based performance evaluation in mobile environments using three different mobility models. One of them, Circular Move Mobility model, is first proposed in this thesis. Our UKP scheme provides self healing that improves the resiliency of the network up to 50% under heavy attack as compared to an existing scheme in the literature. Moreover, our scheme provides almost perfect local and global connectivity

Implementation of key distribution schemes on real sensor network nodes

Wireless Sensor Network is a network type that consists of small sensor devices. The communication between these devices must be secured in case of an attack. Sensor devices have to share a secret key for secure communication. There are several key distribution schemes for wireless sensor networks in the literature. The most common key distribution scheme is the basic scheme which is proposed by Eschenauer and Gligor. Basic scheme has three phases; Key Predistribution, Shared Key Discovery and Path-key Establishment. Ergun proposed an alternative phase to Path-key Establishment, called Key Transfer phase. To the best of our knowledge, there is no real node implementation of the basic scheme. In this thesis, we implemented all three phases of the basic scheme and Ergun's Key Transfer phase on a real sensor device. We use TelosB devices, which have 10kB RAM, 1 MB ash memory, a microcontroller and RF interface. We design owcharts for each phase, create packet structures, implement in NesC programming language and test the implementation. We analyze the results using processing time, code space and memory usage metrics. We show that Key Transfer phase is more e cient than Path-key Establishment phase

FSDA: Framework for Secure Data Aggregation in Wireless Sensor Network for Enhancing Key Management

An effective key management plays a crucial role in imposing a resilient security technique in Wireless Sensor Network (WSN). After reviewing the existing approaches of key management, it is confirmed that existing approachs does not offer good coverage on all potential security breaches in WSN. With WSN being essential part of Internet-of-Things (IoT), the existing approaches of key management can definitely not address such security breaches. Therefore, this paper introduces a Framework for Secure Data Aggregation (FSDA) that hybridizes the public key encryption mechanism in order to obtain a novel key management system. The proposed system does not target any specific attacks but is widely applicable for both internal and external attacks in WSN owing to its design principle. The study outcome exhibits that proposed FSDA offers highly reduced computational burden, minimal delay, less energy consumption, and higher data transmission perforance in contrast to frequency used encryption schemes in WSN