A Two-Layer Key Establishment Scheme for Wireless Sensor Networks
Yun Zhou2007, IEEE Transactions on Mobile Computing
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
In a large scale sensor network, it is infeasible to assign a unique Transport Layer Key (TLK) for each pair of nodes to provide the end-to-end security due to the huge memory cost per node. Thus, conventional key establishment schemes follow a key predistribution approach to establish a Link Layer Key (LLK) infrastructure between neighboring nodes and rely on multihop paths to provide the end-to-end security. Their drawbacks include vulnerability to the node compromise attack, large memory cost, and energy inefficiency in the key establishment between neighboring nodes. In this paper, we propose a novel key establishment scheme, called LAKE, for sensor networks. LAKE uses a t-degree trivariate symmetric polynomial to facilitate the establishment of both TLKs and LLKs between sensor nodes in a two-dimensional space, where each node can calculate direct TLKs and LLKs with some logically neighboring nodes and rely on those nodes to negotiate indirect TLKs and LLKs with other nodes. Any two end nodes can negotiate a TLK on demand directly or with the help of only one intermediate node, which can be determined in advance. As for the LLK establishment, LAKE is more secure under the node compromise attack with much less memory cost than conventional solutions. Due to the location-based deployment, LAKE is also energy efficient in that each node has direct LLKs with most neighbors without spending too much energy on the establishment of indirect LLKs with neighbors through multihop routing.
Related papers
LLK: a link-layer key establishment scheme for wireless sensor networks
2005
The establishment of link-layer keys between neighboring nodes is a fundamental issue in securing sensor network communications. Most of existing solutions are key predistribution schemes which rely on sensor nodes to broadcast hundreds of or even thousands of pre-loaded key IDs to find pairwise keys between neighboring nodes. The shortcomings include poor resilience against node compromise, low network connectivity, large communication overhead, etc. This paper presents a novel location-based link-layer key establishment scheme, in which a hexagonal-grid-based deployment model and a polynomial-based key establishment model are combined for the first time to establish a link-layer key between two neighboring nodes. Compared with conventional proposals, our scheme features much lower communication overhead and memory requirements while still maintaining high network connectivity and network resilience against node compromise.
Multilayer key establishment for large-scale sensor networks
International Journal of Security and Networks, 2008
Research on key establishment for Distributed Sensor Networks (DSNs) focuses on lightweight protocols that are feasible for the sensor nodes, which by default have restricted capabilities. Although the most efficient protocols for key establishment are based on symmetric key encryption, these protocols are unable to provide adequate security against attacks, such as node impersonation and fake generation attacks. For this reason, several hybrid key establishment protocols have been developed, making limited use of public key cryptography, and more particularly of Elliptic Curve Cryptography. However, although these protocols seem to be efficient for sensor nodes, they reduce performance, especially in large-scale networks. In this paper, we propose a multi-layer key establishment protocol for DSNs, which combines hybrid and symmetric key establishment techniques. The performance analysis shows a reasonable decrease in performance, due to the optimized use of expensive public-key cryptographic operations.
An improved key distribution mechanism for large-scale hierarchical wireless sensor networks
Ad Hoc Networks, 2007
Wireless sensor networks are often deployed in hostile environments and operated on an unattended mode. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Due to their expensive energy consumption and hardware requirements, asymmetric key based cryptographies are not suitable for resource-constrained wireless sensors. Several symmetric-key pre-distribution protocols have been investigated recently to establish secure links between sensor nodes, but most of them are not scalable due to their linearly increased communication and key storage overheads. Furthermore, existing protocols cannot provide sufficient security when the number of compromised nodes exceeds a critical value. To address these limitations, we propose an improved key distribution mechanism for large-scale wireless sensor networks. Based on a hierarchical network model and bivariate polynomial-key generation mechanism, our scheme guarantees that two communicating parties can establish a unique pairwise key between them. Compared with existing protocols, our scheme can provide sufficient security no matter how many sensors are compromised. Fixed key storage overhead, full network connectivity, and low communication overhead can also be achieved by the proposed scheme.
Tools A new key establishment Scheme for wireless sensor networks
Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth. In order to balance the security and efficiency,we propose a new scheme by employing LU Composition techniques for mutual authenticated pairwise key establishment and integrating LU Matrix with Elliptic Curve Diffie-Hellman for anonymous pathkey establishment. At the meantime, it is able to achieve efficient group key agreement and management. Analysis shows that the new scheme has better performance and provides authenticity and anonymity for sensor to establish multiple kinds of keys, compared with previous related works.
A high performance and intrinsically secure key establishment protocol for wireless sensor networks
Computer Networks, 2011
Key establishment among neighboring sensors is the most challenging issue for security services such as authentication and confidentiality in wireless sensor networks (WSNs).
A Location-Adaptive Key Establishment Scheme for Large-Scale Distributed Wireless Sensor Networks
Journal of Computers, 2009
The establishment of pairwise keys between communicating neighbor nodes in sensor networks is a challenging problem due to the unsuitability of public-key cryptographic techniques for the resource-constrained platforms of sensor networks and also due to vulnerability of physical captures of sensor nodes by an adversary/enemy. In this paper, we propose a new location-adaptive key establishment scheme which is considered as an improved alternative to the path key establishment phase of bootstrapping protocol in a sensor network. Our proposed scheme offers significantly better network connectivity compared to that for the path key establishment. Moreover, our scheme has better trade-off between communication overhead, computational overhead, network connectivity and resilience against node capture attack than the path key establishment.
A key distribution protocol for Wireless Sensor Networks
37th Annual IEEE Conference on Local Computer Networks, 2012
This paper presents the design, implementation and evaluation of an automated method for distributing symmetric cryptographic keys in a Wireless Sensor Network (WSN). Unlike previous methods for key distribution in WSNs, we do not rely on sensitive knowledge to be stored in program memory prior to network deployment. Additionally, the protocol proposed uses dominant security primitives to ensure strong security and interoperability with existing networks (such as the Internet), while operating independent of the network layer protocol. Through both hardware experimentation and simulation, we show that this protocol can provide strong confidentiality, integrity and authenticity protection to the symmetric keys as they are distributed throughout a network, while maintaining the ability to scale to large-size networks and remain energy efficient.
A New Scheme for Establishing Pairwise Keys for Wireless Sensor Networks
Lecture Notes in Computer Science, 2006
This paper addresses the problem of secure path key establishment in wireless sensor networks that uses the random key predistribution technique. Inspired by the recent proxy-based scheme in [1] and [2], we introduce a friend -based scheme for establishing pairwise keys securely. We show that the chances of finding friends in a neighbourhood are considerably more than that of finding proxies, leading to lower communication overhead. Further, we prove that the friendbased scheme performs better than the proxy-based scheme in terms of resilience against node capture.
Key Forwarding: A Location-Adaptive Key-Establishment Scheme for Wireless Sensor Networks
Lecture Notes in Computer Science, 2005
In this paper we propose an improved alternative for the path key establishment phase of bootstrapping in a sensor network. Our scheme lets the network adapt to the deployment configuration by secure transmission of predistributed keys. This results in better connectivity than what path key establishment can yield. The communication overhead for our scheme is comparable with that for path key establishment. Moreover, the assurance of good connectivity allows one to start with bigger key pools, thereby improving resilience against node capture.
A Review of Pairwise Key Establishment Techniques for Wireless Sensor Networks
2015
To achieve security in wireless sensor networks, it is important to be able to encrypt and authenticate messages sent among sensor nodes. Keys for encryption and authentication purposes must be agreed upon by communicating nodes. Due to resource constraints, achieving such key agreement in wireless sensor networks is non-trivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and public-key based schemes, are not suit-able for wireless sensor networks. Pre-distribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. To solve the key predistribution problem, two elegant key pre-distribution approaches have been proposed recently [11, 7].
Fast and Scalable Key Establishment In Sensor Networks
Sensor Network Operations
A secure key management scheme for sensor networks
… of the 10th Americas Conference on …, 2004
Key technological advances in wireless communications, Micro Electro Mechanical Systems (MEMS), and digital circuitry have energized the research community to focus on the challenges of wireless sensor networks. In this paper, we propose a new pre-distribution key management scheme that meets the operational and security requirements of wireless sensor networks and provide authentication and key distribution in one set of protocols. Our scheme allows selective key revocation and node re-keying and posits improved network resiliency over existing key pre-distribution schemes. The scheme is based on probability key sharing among sensor nodes of a random graph and incorporates a threshold property. Uncompromised nodes in a sensor network are secure provided that an adversary compromises less than a threshold-number of nodes. We describe the details of our algorithm and briefly compare it with other proposed schemes.
KEY ESTABLISHMENT PROTOCOLS FOR WIRELESS SENSOR Networks
Wireless Sensor Networks (WSNs) are ad-hoc mobile networks that include sensor nodes with limited computation and communication capabilities; therefore the use of vastly resource consuming security mechanisms is not possible. Secure and efficient key management in WSNs has been a challenging task for the researchers due to the properties of WSNs like dynamic topologies, use of wireless media, no fixed infrastructure, low-energy constraint devices, limited storage and computation resources. In this paper we present two efficient key establishment protocols: a key transport protocol which is based on mixed-radix conversion and a key agreement protocol which is based on elliptic curve cryptography (ECC). Establishing pairwise keys for each pair of neighboring sensors is the first concern in securing communication in sensor networks; therefore both protocols provide perfect connectivity property through the mixed-radix conversion. They require a constant number of rounds. All messages have the same constant size. The computation and communication overhead of both protocols are evaluated.
A Pair-wise Key Establishment for Wireless Sensor Networks
2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2009
Random key pre-distribution scheme is a flexible key management scheme for wireless sensor networks. Recently, numerous related studies have been proposed. However, most of them have weaknesses. First of all, sensors require large storage to store keys in order to maintain high connectivity. Secondly, impact caused by compromised sensors cannot be completely eliminated. In this paper, a novel pair-wise key establishment scheme based on the combination is proposed. Impact of key exposure from compromised sensors can be ignored since the pair-wise key for each pair of sensors is unique. Most significantly, we achieve the merit of fully connectivity without increasing storage requirement of sensors.
Classification of symmetric key management schemes for wireless sensor networks
WSN is the collection of thousands of tiny sensor nodes, which have the capability of sensing, computing and transmitting the information in the network. Due to the low circuit design, it has some resource constraints but efficient to carry the information through wireless communication. But the exchange of information in a secure manner is critical in WSN. There are many techniques developed in recent years for the security purposes, one of the area is the key management. Key management is the challenging issue in sensor networks. In this paper we present the key management techniques for wireless sensor networks and classification has been presented based on the encryption techniques.
A Location-awareKey Predistribution Scheme for Distributed Wireless Sensor Networks
Key establishment plays a central role in authentication and encryption in wireless sensor networks, especially when they are mainly deployed in hostile environments. Because of the strict constraints in power, processing and storage, designing an efficient key establishment protocol is not a trivial task. Also, it is infeasible to apply public key techniques onto large-scale wireless sensor networks. Most of proposed solutions are based on symmetric key techniques and mainly focused on key predistribution mechanism. In this paper, we present a new key predistribution scheme using bivariate polynomial combining with expected deployment knowledge. We show that our approach takes advantage in terms of resilience against node compromised over prior schemes with the same resource requirements.
Efficient and Secure Key Distribution Protocol for Wireless Sensor Networks
Sensors, 2018
Modern wireless sensor networks have adopted the IEEE 802.15.4 standard. This standard defines the first two layers, the physical and medium access control layers; determines the radio wave used for communication; and defines the 128-bit advanced encryption standard (AES-128) for encrypting and validating the transmitted data. However, the standard does not specify how to manage, store, or distribute the encryption keys. Many solutions have been proposed to address this problem, but the majority are impractical in resource-constrained devices such as wireless sensor nodes or cause degradation of other metrics. Therefore, we propose an efficient and secure key distribution protocol that is simple, practical, and feasible to implement on resource-constrained wireless sensor nodes. We conduct simulations and hardware implementations to analyze our work and compare it to existing solutions based on different metrics such as energy consumption, storage overhead, key connectivity, replay ...
Secure and Reliable New Key Establishment Wireless Sensor Networks
While symmetric-key schemes are efficient in processing time for sensor networks, they generally require complicated key management, which may introduce large memory and communication overhead. On the contrary, public key based schemes have simple and clean key management, but cost more computational time. First, authenticity must be guaranteed even when only the sender of the data is trusted. Second, the scheme needs to scale to potentially millions of Receivers. For this security reason, many message authentication schemes have been developed based on either Symmetric-key cryptosystems or public-key cryptosystems. Some limitation behind this technique is scalability problem and resilience to node compromise attacks. This paper builds the user access control on commercial off-the-shelf sensor devices as a case study to show that the public-key scheme can be more advantageous in terms of the memory usage, message complexity, and security resilience. Meanwhile, our work also provides insights in integrating and designing public-key based security protocols for sensor networks.
MPKMS: A Matrix-based Pairwise Key Management Scheme for Wireless Sensor Networks
Proceeding of the Electrical Engineering Computer Science and Informatics
Due to the sensitivity of the Wireless Sensor Networks (WSN) applications and resource constraints, authentication and key management emerge as a challenging issue for WSN. In general, various approaches have been developed for the key management in WSN. This paper has come up with a new robust key pre-distribution scheme using random polynomial functions and matrix. This new proposed scheme significantly increases the storage efficiency and provides resilience to network against node capture by using random prime numbers, polynomial functions and matrix properties. The effectiveness of the scheme is demonstrated through a security analysis and comparison with the existing schemes.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.