Multiple Bridge Secret Delivery in Wireless Sensor Networks

Achieving security in wireless sensor networks is a challenging problem due to the inherent resource and computing constraints. Several key distribution techniques have been proposed in the technical literature for efficient distribution of keys to the nodes prior deployment. These techniques establish secure links for some pairs of physically connected nodes but leave other pairs alone. Remaining nodes use multi-hop scheme to form a secured path connecting these links. Using this technique, the secret is disclosed to all the nodes on the path. Therefore, if any of the nodes is compromised by an adversary, secret is disclosed to the adversary. To solve this problem, a scheme called Babel was proposed recently that finds common bridge node to deliver secret link keys to their neighbors. In this scheme regular paths are used to deliver multiple keys with the common bridge node, hence key compromise probability is lowered compared to previous techniques. Our work is based on the Babel scheme and has several advantages. In our work we propose a new scheme that finds multiple bridge nodes to deliver secret link keys to all its physical neighbors. Keys are distributed to multiple bridge nodes instead of one common bridge node to establish secure connections to the disconnected nodes. Hence even if a few of the bridge nodes are compromised, secret will not be disclosed to the adversary. We present the details of our scheme's design and investigate the connectivity and security performance of our scheme in this thesis

An Efficient Pairwise Key Establishment Scheme for Ad-hoc Mobile Clouds

An Ad-hoc Mobile Cloud (AMC) is a new computing model that allows sharing computing power of multiple mobile devices. For a diverse group of individuals that employ such computing model, in an ad-hoc manner, secure peer-to-peer communication becomes very important. Using private or pairwise keys to secure such communication is preferable to public-keys because of computation and energy requirements. With the advent of sensor enabled mobile devices, a protocol (SekGens) that uses sensor data to generate pairwise keys on demand has been proposed. To work successfully SekGens requires devices to be closely located and becomes infeasible for devices situated multiple hops away. SekGens is also expensive in computation and slow in key generation. In this thesis, we investigate how to enable devices in an AMC to establish pairwise keys. We propose an efficient solution which tries to reduce the number of executions of SekGens in the AMC, and establishes pairwise keys between mobile phones multiple hops away by distributing parts of the key on multiple routing paths. Our results show a reduction of up to 75% in the number of SekGens required to establish keys in an AMC, when compared to a naive approach. Also the execution time to come up with the optimal pairs is within 10s of seconds for reasonably large networks

Application of Transversal Design and Secure Path Key Establishment for Key Pre-Distribution in WSN

Wireless sensor network is composed of a number of sensor devices which can communicate with each other through radio wave. The sensor devices are limited with computation ability, communication ability, and memory capacity and battery power. This makes the implementation of any task in Wireless Sensor Network is very challenging. Amid various requirements, secure communication in Wireless sensor Network is a major requirement. Suppose two or more sensor nodes want to communicate with each other securely, they need such an environment which can fulfill all the security requirements amid the constraints mentioned earlier. Therefore, secure communication in this network is not an easy task. Two or more nodes can communicate using any cryptography scheme which can be applicable to this network. Nodes under communication process have to use one or more key for encryption and decryption. Single key for the entire network can serve for encryption and decryption of shared information. However compromising of that key may reveal the whole communication in the network. Therefore, although a single key for an entire network provides a certain range of security to the communication of the network, the resiliency of the network is very low which is not at all acceptable for secure communication. Keeping shared keys for every other node in the network is another option. However, increment of number of nodes in the network increases the key ring size of each node. Although it provides maximum resiliency, however, it suffers from non scalability due to memory constraints of sensor node. Another scheme is public key cryptography, which requires public key and private key for secure communication. It provides good resiliency to the network. However, it consumes much computation which is a limitation for its application in wireless sensor network. Key pre-distribution is an optimum scheme which loads a finite number of keys to each node taking from a set of predefined keys before deployment of the network. Pair of node which wants to communicate with each other searches for existence of any common key between them and if find start communication using that common key. If no such common key found, they establish a path for exchange of temporarily generated key and start communication using that key. Several key pre-distribution schemes have been proposed for distributing keys for secure communication. Pre-key distribution with merging of blocks is one of the major key pre-distribution schemes. We have studied that merging of nodes randomly incurred an amount of communication cost due to its randomness. We propose a scheme which will merge different blocks in a deterministic way yields a pattern of block ids in a node. Our aim is to decrease the communication task during key establishment. For our case, the communication cost during common key establishment is only O(1) which is constant, whereas in case of random merging it is O(z), where z is the merging factor. Therefore, scheme proposed by us mostly suitable for this type of network. Again in case of those communications which require temporary key, the communication is not secure due to the fact that if any intermediate nodes in the path between actual communicators become compromise, then the newly generated communication is revealed to the attacker. We have proposed two schemes which provide security to such temporarily generated key. One of them is Identity based public key cryptography for path key establishment which exchange the newly generated temporary key using Identity based public key encryption process using ηT pairing as bilinear tool. Although Public key encryption along with pairing needs only once for a particular session, however, due to public key encryption, it may not be appropriate for Wireless Sensor Networks. Therefore, we have revised our scheme and proposed another scheme Identity based symmetric key cryptography for path key establishment. This scheme consumes less computation cost due to symmetric approach for encryption of temporarily generated key. Therefore, this scheme is more appropriate for application in wireless Sensor Networks. Thus for the purpose of our thesis work, we have proposed a scheme which optimize the Key-pre Distribution strategy by using Deterministic technique of merging blocks to form node and hence facilitates less communication cost for pair-wise common key establishment. Again, for securing temporary key during Path Key Establishment, we have proposed two schemes which provide full security to the temporary key