Using combined keying materials for key distribution in wireless sensor networks

In this paper, we propose a probabilistic key predistribution scheme for wireless sensor networks that increases connectivity of the basic scheme while keeping sizes of keyring and key pool fixed. We introduce the concept of XORed key, which is the bitwise XOR of two regular (a.k.a. single) keys. Sensor nodes are preloaded with a mixture of single and XORed keys. Nodes establish secure links by using shared XORed keys whenever possible. If node pairs do not have any shared XORed or single keys, they transfer keys from their secure neighbors in a couple of ways, and use them to match with their XORed keys. In this way, the probability of securing links, i.e. local connectivity, increases. The decision of which key is to be transferred from which node is given based on local information at the hand of the nodes. We aim to control the resilience of the network against node capture attacks by using XORed keys since an attacker has to know either both single key operands or the XORed key itself. Simulations show that our scheme is up to 50% more connected as compared to basic scheme. Also it has better resilience performance at the beginning of a node capture attack. When it starts to deteriorate, the difference between the resilience of our proposed scheme and basic scheme is not greater than 5%

Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page

HaG: Hash graph based key predistribution scheme for multiphase wireless sensor networks

Wireless Sensor Networks (WSN) consist of small sensor nodes which operate until their energy reserve is depleted. These nodes are generally deployed to the environments where network lifespan is much longer than the lifetime of a node. Therefore, WSN are typically operated in a multiphase fashion, as in [1-3, 9-10], which use different key pools for nodes deployed at different generations. In multiphase WSN, new nodes are periodically deployed to the environment to ensure constant local and global network connectivity. Also, key ring of these newly deployed nodes is selected from their deployment generation key pool to improve the resiliency of WSN. In this paper, we propose a key predistribution scheme for multiphase WSN which is resilient against permanent and temporary node capture attacks. In our Hash Graph based (HaG) scheme, every generation has its own key pool which is generated using the key pool of the previous generation. This allows nodes deployed at different generations to have the ability to establish secure channels. Likewise, a captured node can only be used to obtain keys for a limited amount of successive generations. We compare the connectivity and resiliency performance of our scheme with other multiphase key predistribution schemes and show that our scheme performs better when the attack rate is low. When the attack rate is high, our scheme still has better resiliency performance inasmuch as using less key ring size compared to the existing multiphase schemes

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node

Energy-efficient task-scheduling and networking protocols for secure wireless networks

The performance of wireless networks is dependent on a number of factors including the available energy, energy-efficiency, data processing delay, transmission delay, routing decisions, security overhead, etc. Traditionally, due to limited resources, nodes were tasked with only collecting measurements and sending them to a base station or central unit for processing. With increased capabilities of microprocessors the data processing is pushed more toward network and its more capable nodes. This thesis focuses to virtualize the processing resources of the entire network and dynamically distribute processing steps along the routing path while optimizing performance. Additionally, a new multi-key encryption (MKE) scheme is proposed to optimize efficiency while enhancing security. The main benefit of the MKE scheme is the improved resilience of the advanced encryption standard (AES) against correlation power analysis (CPA) attack by breaking the correlation between power consumption and the used secret key. The MKE security scheme is analyzed with network implementation and studied for its effects on network parameters such as network connectivity, resilience against node capture and energy efficiency of the scheme. Moreover, a new analysis methodology is proposed to quantify a resilience of a network against node capture such that the strength of the underlying security mechanisms is taken into account. Furthermore, the tradeoff between security and network performance is addressed by the proposed task-scheduling scheme. Also, the proposed methodology does not make assumption of homogenous [sic] network that is often used in literature to simplify analysis and scheme design. In contrast, the proposed formulation is generic, thus allowing heterogeneous nodes to be used while guaranteeing network performance. Consequently, the proposed scheme creates a wireless computing cloud where the processing tasks are dynamically assigned to the nodes using the Dynamic Programming (DP) methodology. The processing and transmission decisions are analytically derived from network models in order to optimize the utilization of network resources including: available energy, processing capacity, security overhead, bandwidth etc. As a result, the online optimization of network resources is achieved --Abstract, page iv