Using combined keying materials for key distribution in wireless sensor networks

In this paper, we propose a probabilistic key predistribution scheme for wireless sensor networks that increases connectivity of the basic scheme while keeping sizes of keyring and key pool fixed. We introduce the concept of XORed key, which is the bitwise XOR of two regular (a.k.a. single) keys. Sensor nodes are preloaded with a mixture of single and XORed keys. Nodes establish secure links by using shared XORed keys whenever possible. If node pairs do not have any shared XORed or single keys, they transfer keys from their secure neighbors in a couple of ways, and use them to match with their XORed keys. In this way, the probability of securing links, i.e. local connectivity, increases. The decision of which key is to be transferred from which node is given based on local information at the hand of the nodes. We aim to control the resilience of the network against node capture attacks by using XORed keys since an attacker has to know either both single key operands or the XORed key itself. Simulations show that our scheme is up to 50% more connected as compared to basic scheme. Also it has better resilience performance at the beginning of a node capture attack. When it starts to deteriorate, the difference between the resilience of our proposed scheme and basic scheme is not greater than 5%

Key Management Building Blocks for Wireless Sensor Networks

Cryptography is the means to ensure data confidentiality, integrity and authentication in wireless sensor networks (WSNs). To use cryptography effectively however, the cryptographic keys need to be managed properly. First of all, the necessary keys need to be distributed to the nodes before the nodes are deployed in the field, in such a way that any two or more nodes that need to communicate securely can establish a session key. Then, the session keys need to be refreshed from time to time to prevent birthday attacks. Finally, in case any of the nodes is found to be compromised, the key ring of the compromised node needs to be revoked and some or all of the compromised keys might need to be replaced. These processes, together with the policies and techniques needed to support them, are called key management. The facts that WSNs (1) are generally not tamper-resistant; (2) operate unattended; (3) communicate in an open medium; (4) have no fixed infrastructure and pre-configured topology; (5) have severe hardware and resource constraints, present unique challenges to key management. In this article, we explore techniques for meeting these challenges. What distinguishes our approach from a routine literature survey is that, instead of comparing various known schemes, we set out to identify the basic cryptographic principles, or building blocks that will allow practitioners to set up their own key management framework using these building blocks

RADIS: Remote Attestation of Distributed IoT Services

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trustworthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an interoperable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trustworthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table

Key propagation in wireless sensor networks

With reference to a network consisting of sensor nodes connected by wireless links, we approach the problem of the distribution of the cryptographic keys. We present a solution based on communication channels connecting sequences of adjacent nodes. All the nodes in a channel share the same key. This result is obtained by propagating the key connecting the first two nodes to all the other nodes in the channel. The key propagation mechanism is also used for key replacement, as is required, for instance, in group communication to support forms of forward and backward secrecy, when a node leaves a group or a new node is added to an existing group

Protected pointers in wireless sensor networks

With reference to a distributed architecture consisting of sensor nodes connected by wireless links in an arbitrary network topology, we consider a segment-oriented implementation of the single address space paradigm of memory reference. In our approach, applications consist of active entities called components, which are distributed in the network nodes. A component accesses a given segment by presenting a handle for this segment. A handle is a form of pointer protected cryptographically. Handles allow an effective implementation of communications between components, and key replacement. The number of messages generated by the execution of the communication primitives is independent of the network size. The key replacement mechanism is well suited to reliable application rekeying over an unreliable network

A Secure Key Management Scheme for Hierarchical WSN

Many applications require WSNs to exchange sensitive information with the applications having high reliability requirements and a high level of security to succeed. The WSN nodes are often placed in hostile or adverse environment and their security concerns become a challenging issue. WSNs nodes are resource constrained and hence incorporating traditional security methods involving large computation overheads are not feasible. Key management is a fundamental part for any secure communication in WSNs. The key management system should be substantially secure, robust and efficient for a secure communication protocol. Many key establishment techniques have come up to address the tradeoffs between limited memory and security but choosing an effective scheme is debatable. Here in this paper, a new key management scheme is put forward based on authentication and key sharing for WSN. Our protocol is suitable for managing keys in a hierarchical network consisting of clusters with the aim of ensuring the survivability of the network. Keywords: Authentication, Clusters, Key Management, Wireless Sensor Network