Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

An efficient self-healing key distribution scheme

Self-healing key distribution schemes enable a group user to recover session keys from two broadcast messages he received before and after those sessions, even if the broadcast messages for the middle sessions are lost due to network failure. These schemes are quite suitable in supporting secure communication over unreliable networks such as sensor networks and ad hoc networks. An efficient self-healing key distribution scheme is proposed in this paper. The scheme bases on the concept of access polynomial and self-healing key distribution model constructed by Hong et al. The new scheme reduces communication and computation overheads greatly yet still keeps the constant storageoverhead

Efficient threshold self-healing key distribution with sponsorization for infrastructureless wireless networks

Self-healing key distribution schemes are particularly useful when there is no network infrastructure or such infrastructure has been destroyed. A self-healing mechanism can allow group users to recover lost session keys and is therefore quite suitable for establishing group keys over an unreliable network, especially for infrastructureless wireless networks, where broadcast messages loss may occur frequently. An efficient threshold self-healing key distribution scheme with favorable properties is proposed in this paper. The distance between two broadcasts used to recover the lost one is alterable according to network conditions. This alterable property can be used to shorten the length of the broadcast messages. The second property is that any more than threshold-value users can sponsor a new user to join the group for the subsequent sessions without any interaction with the group manager. Furthermore, the storage overhead of the self-healing key distribution at each group user is a polynomial over a finite field, which will not increase with the number of sessions. In addition, if a smaller group of users up to a threshold-value were revoked, the personal keys for non-revoked users can be reused

Secure web services using two-way authentication and three-party key establishment for service delivery

With the advance of web technologies, a large quantity of transactions have been processed through web services. Service Provider needs encryption via public communication channel in order that web services can be delivered to Service Requester. Such encryptions can be realized using secure session keys. Traditional approaches which can enable such transactions are based on peer-to-peer architecture or hierarchical group architecture. The former method resides on two-party communications while the latter resides on hierarchical group communications. In this paper, we will use three-party key establishment to enable secure communications for Service Requester and Service Provider. The proposed protocol supports Service Requester, Service Broker, and Service Provider with a shared secret key established among them. Compared with peer-to-peer architecture and hierarchical group architecture, our method aims at reducing communication and computation overheads

A combinational approach for trust establishment in cognitive radio networks

Cognitive Radio is considered as a promising and demanding technology to examine whether a particular radio spectrum band is currently in use or not and to switch into the temporarily unoccupied spectrum band in order to improve the usage of the radio electromagnetic spectrum without creating interference to the transmissions of other users. Because of the dynamic properties of CRNs, the issue of supporting secure communication in CRNs becomes more critical than that of other conventional wireless networks. In this paper, we propose a combination of certificate-based trust with a behavior-based trust which will benefit both by representing the trust as certificates in the the predeployment trust relation and by providing a continuous behaviour-based evalution of trust

A self-healing key distribution scheme based on vector space secret sharing and one way hash chains

An efficient self-healing key distribution scheme with revocation capability is proposed for secure group communication in wireless networks. The scheme bases on vector space secret sharing and one way hash function techniques. Vector space secret sharing helps to realize general monotone decreasing structures for the family of subsets of users that can be revoked instead of a threshold one. One way hash chains contribute to reduce communication overhead. Furthermore, the most prominent characteristic of our scheme is resisting collusion between the new joined users and the revoked users, which is fatal weakness of hash function based self-healing key distribution schemes

A Key Management Protocol for Multiphase Hierarchical Wireless Sensor Networks

The security of Wireless Sensor Networks (WSNs) has a direct reliance on secure and efficient key management. This leaves key management as a fundamental research topic in the field of WSNs security. Among the proposed key management schemes for WSNs security, LEAP (Localized Encryption and Authentication Protocol) has been regarded as an efficient protocol over the last years. LEAP supports the establishment of four types of keys. The security of these keys is under the assumption that the initial deployment phase is secure and the initial key is erased from sensor nodes after the initialization phase. However, the initial key is used again for node addition after the initialization phase whereas the new node can be compromised before erasing the key. A time-based key management scheme rethought the security of LEAP. We show the deficiency of the time-based key management scheme and proposed a key management scheme for multi-phase WSNs in this paper. The proposed scheme disperses the damage resulting from the disclosure of the initial key. We show it has better resilience and higher key connectivity probability through the analysis

Trust-Based Authentication for Secure Communication in Cognitive Radio Networks

Over the past few years, Cognitive Radio (CR) has been considered as a demanding concept for improving the utilization of limited radio spectrum resources for future wireless communications and mobile computing. Since a member of Cognitive Radio Networks may join or leave the network at any time, the issue of supporting secure communication in CRNs becomes more critical than for the other conventional wireless networks. This work thus proposes a secure trust-based authentication approach for CRNs. A CR node’s trust value is determined from its previous trust behavior in the network and depending on this trust value, it is decided whether or not this CR node will obtain access to the Primary User’s free spectrum. The security analysis is performed to guarantee that the proposed approach achieves security proof