Key revocation in wireless sensor networks: a survey on a less-addressed yet vital issue

Key management in wireless sensor network (WSN) includes two important aspects namely key distribution, which constitutes the task of distributing secret keys to nodes in the network, and key revocation, which refers to the task of securely withdrawing the key information relating to any compromised node or because of tactical reasons. While in the existing literature, key distribution has been extensively studied, key revocation has received relatively little attention. A vital security issue like this needs proper recognition to be considered as a critical research area, not just as a partial segment of key management. With this motivation, in this paper, we present our rationale behind recognising the area and analyse the state-of-the-art key revocation techniques. Alongside our survey on the prominent schemes, we also present an analysis of security and performance that highlights the advantages and disadvantages of each scheme that explicitly mentions the method of key revocation

Solutions and Tools for Secure Communication in Wireless Sensor Networks

Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability. As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase. This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures

An efficient key revocation protocol for wireless sensor networks

In this paper, we present a scalable and secure protocol for key revocation in wireless sensor networks. The protocol guarantees an authenticated distribution of new keys that is efficient in terms of storage, communication and computing overhead. The proposed protocol reduces the number and the size of rekeying messages. It achieves the necessary level of confidentiality and authenticity of rekeying messages by only using symmetric ciphers and one-way functions. Hence, the protocol results scalable, and particularly attractive for large and/or highly dynamic group

Location dependent key management schemes supported by random selected cell reporters in wireless sensor networks

PhD ThesisIn order to secure vital and critical information inside Wireless Sensor Net- works (WSNs), a security requirement of data con dentiality, authenticity and availability should be guaranteed. The leading key management schemes are those that employ location information to generate security credentials. Therefore, this thesis proposes three novel location-dependent key manage- ment schemes. First, a novel Location-Dependent Key Management Protocol for a Single Base Station (LKMP-SBS) is presented. As a location-dependent scheme, the WSN zone is divided virtually into cells. Then, any event report generated by each particular cell is signed by a new type of endorsement called a cell- reporter signature, where cell-reporters are de ned as a set of nodes selected randomly by the BS out of the nodes located within the particular cell. This system is analysed and proved to outperform other schemes in terms of data security requirements. Regarding the data con dentiality, for three values of z (1,2,3) the improvement is 95%, 90% and 85% respectively when 1000 nodes are compromised. Furthermore, in terms of data authenticity an enhancement of 49%, 24%, 12.5% is gained using our approach with z = 1; 2; 3 respectively when half of all nodes are compromised. Finally, the optimum number of cell reporters is extensively investigated related to the security requirements, it is proven to be z = n 2 . The second contribution is the design of a novel Location-Dependent Key Man- agement Protocol for Multiple Base Stations (LKMP-MBS). In this scheme, di erent strategies of handling the WSN by multiple BSs is investigated. Ac- cordingly, the optimality of the scheme is analysed in terms of the number of cell reporters. Both data con dentiality and authenticity have been proven to be / e / 1 N . The optimum number of cell reporters had been calculated as zopt = n 2M , PM `=1 jz(`) optj = n 2M . Moreover, the security robustness of this scheme is analysed and proved to outperform relevant schemes in terms of data con- dentiality and authenticity. Furthermore, in comparison with LKMP-SBS, the adoption of multiple base stations is shown to be signi cantly important in improving the overall system security. The third contribution is the design of the novel Mobility- Enabled, Location- dependant Key Managment Protocol for Multiple BSs (MELKMP-MBS). This scheme presents a key management scheme, which is capable of serving a WSN with mobile nodes. Several types of handover are presented in order to main- tain the mobile node service availability during its movement between two zones in the network. Accordingly, the communication overhead of MELKMP- MBS is analysed, simulated and compared with the overhead of other schemes. Results show a signi cant improvement over other schemes in terms of han- dover e ciency and communication over head. Furthermore, the optimality of WSN design such as the value of N; n is investigated in terms of communi- cation overhead in all protocols and it is shown that the optimum number of nodes in each cell, which cause the minimum communication overhead in the network , is n = 3 p 2N.Ministry of Higher Education and Scienti c Research in Iraq and the Iraqi Cultural Attach e in Londo