An Identity Based Key Management Scheme in Wireless Sensor Networks

Pairwise key establishment is one of the fundamental security services in sensor networks which enables sensor nodes in a sensor network to communicate securely with each other using cryptographic techniques. It is not feasible to apply traditional public key management techniques in resource-constrained sensor nodes, and also because the sensor nodes are vulnerable to physical capture. In this paper, we introduce a new scheme called the identity based key pre-distribution using a pseudo random function (IBPRF), which has better trade-off between communication overhead, network connectivity and resilience against node capture compared to the other key pre-distribution schemes. Our scheme can be easily adapted in mobile sensor networks. This scheme supports the addition of new sensor nodes after the initial deployment and also works for any deployment topology. In addition, we propose an improved version of our scheme to support large sensor networks.Comment: 7 pages, Published in Proceedings of 4th Asian International Mobile Computing Conference (AMOC 2006), Kolkata, India, pp. 70-76, January 4-7, 200

TKP: Three level key pre-distribution with mobile sinks for wireless sensor networks

Wireless Sensor Networks are by its nature prone to various forms of security attacks. Authentication and secure communication have become the need of the day. Due to single point failure of a sink node or base station, mobile sinks are better in many wireless sensor networks applications for efficient data collection or aggregation, localized sensor reprogramming and for revoking compromised sensors. The existing sytems that make use of key predistribution schemes for pairwise key establishment between sensor nodes and mobile sinks, deploying mobile sinks for data collection has drawbacks. Here, an attacker can easily obtain many keys by capturing a few nodes and can gain control of the network by deploying a node preloaded with some compromised keys that will be the replica of compromised mobile sink. We propose an efficient three level key predistribution framework that uses any pairwise key predistribution in different levels. The new framework has two set of key pools one set of keys for the mobile sink nodes to access the sensor network and other set of keys for secure communication among the sensor nodes. It reduces the damage caused by mobile sink replication attack and stationary access node replication attack. To further reduce the communication time it uses a shortest distance to make pair between the nodes for comunication. Through results, we show that our security framework has a higher network resilience to a mobile sink replication attack as compared to the polynomial pool-based scheme with less communication tim

Multipath Key Establishment for Wireless Sensor Networks Using Just-Enough Redundancy Transmission

In random key predistribution techniques for wireless sensor networks, a relatively small number of keys are randomly chosen from a large key pool and are loaded on the sensors prior to deployment. After deployment, each sensor tries finding a common key shared by itself and each of its neighbors to establish a link key to protect the wireless communication between themselves. One intrinsic disadvantage of such techniques is that some neighboring sensors do not share any common key. In order to establish a link key among these neighbors, a multihop secure path may be used to deliver the secret. Unfortunately, the possibility of sensors being compromised on the path may render such an establishment process insecure. In this work, we propose and analyze the Just-Enough Redundancy Transmission (JERT) scheme that uses the powerful Maximum-Distance Separable (MDS) codes to address the problem. In the JERT scheme, the secret link key is encoded in (n, k) MDS code and transmitted through multiple multihop paths. To reduce the total information that needs to be transmitted, the redundant symbols of the MDS codes are transmitted only if the destination fails to decode the secret. The JERT scheme is demonstrated to be efficient and resilient against node capture. One salient feature of the JERT scheme is its flexibility of trading transmission for lower information disclosure

Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

Efficient path key establishment for wireless sensor networks

Key predistribution schemes have been proposed as means to overcome wireless sensor network constraints such as limited communication and processing power. Two sensor nodes can establish a secure link with some probability based on the information stored in their memories, though it is not always possible that two sensor nodes may set up a secure link. In this paper, we propose a new approach that elects trusted common nodes called “Proxies” which reside on an existing secure path linking two sensor nodes. These sensor nodes are used to send the generated key which will be divided into parts (nuggets) according to the number of elected proxies. Our approach has been assessed against previously developed algorithms, and the results show that our algorithm discovers proxies more quickly which are closer to both end nodes, thus producing shorter path lengths. We have also assessed the impact of our algorithm on the average time to establish a secure link when the transmitter and receiver of the sensor nodes are “ON.” The results show the superiority of our algorithm in this regard. Overall, the proposed algorithm is well suited for wireless sensor networks

A key management scheme for heterogeneous sensor networks using keyed-hash chain

We present a suite of key management scheme for heterogeneous sensor networks. In view of different types of communications, a single key can not satisfy various communication requirements. It is necessary to study the establishment and renewal of different types of keys in heterogeneous sensornetworks. In this paper, we propose a new key management scheme which can support five types of communications. Our basic scheme is based on a keyed-hash chain approach. A new cluster mechanism is used to improve the probability of key sharing between sensors and their cluster heads. Different from existing schemes where a node capture attack might lead to the disclosure of several key chains, our method can avoid this drawback through not storing network-wide generating keys inlow-cost sensors. Only pairwise keys involving the compromised node should be deleted in our scheme. It is motivated by the observation that all the information stored on a sensor may be disclosed once the sensor gets compromised. Through the analysis of both security and performance, we show the scheme meets the security requirements

A unified approach to combinatorial key predistribution schemes for sensor networks

There have been numerous recent proposals for key predistribution schemes for wireless sensor networks based on various types of combinatorial structures such as designs and codes. Many of these schemes have very similar properties and are analysed in a similar manner. We seek to provide a unified framework to study these kinds of schemes. To do so, we define a new, general class of designs, termed “partially balanced t-designs”, that is sufficiently general that it encompasses almost all of the designs that have been proposed for combinatorial key predistribution schemes. However, this new class of designs still has sufficient structure that we are able to derive general formulas for the metrics of the resulting key predistribution schemes. These metrics can be evaluated for a particular scheme simply by substituting appropriate parameters of the underlying combinatorial structure into our general formulas. We also compare various classes of schemes based on different designs, and point out that some existing proposed schemes are in fact identical, even though their descriptions may seem different. We believe that our general framework should facilitate the analysis of proposals for combinatorial key predistribution schemes and their comparison with existing schemes, and also allow researchers to easily evaluate which scheme or schemes present the best combination of performance metrics for a given application scenario

MPKMS: a Matrix-based Pairwise Key Management Scheme for Wireless Sensor Networks

Due to the sensitivity of the Wireless Sensor Networks (WSN) applications and resource constraints, authentication and key management emerge as a challenging issue for WSN. In general, various approaches have been developed for the key management in WSN. This paper has come up with a new robust key pre-distribution scheme using random polynomial functions and matrix. This new proposed scheme significantly increases the storage efficiency and provides resilience to network against node capture by using random prime numbers, polynomial functions and matrix properties. The effectiveness of the scheme is demonstrated through a security analysis and comparison with the existing schemes