Applications of combinatorial designs in Key pre-distribution in sensor networks

Key pre-distribution is an important area of research in Distributed Sensor Networks (DSN). Some improved techniques over the existing schemes (employing combinatorial designs) have been proposed in this thesis and detailed mathematical analysis of the schemes has been presented. At first, combinatorial design followed by randomized merging strategy is applied to key pre-distribution in sensor nodes. Our main target is to get more than one pair of common keys between any pair of nodes to provide a robust network in terms of security under adversarial conditions where some nodes may get compromised. A transversal design is used to construct a (v, b, r, k) configuration and then randomly selected blocks are merged to form the sensor nodes. We have given detailed mathematical analysis of the number of nodes, number of keys per node and the probability that a link gets affected if certain number of nodes are compromised with supporting experimental data. The technique is tunable to user requirements and it also compares favourably with state of the art design strategies. An important feature of our design is the presence of a higher number of common keys between any two nodes. Further we study the situation where properly chosen blocks are merged to form sensor nodes such that there is no intra-node common key. We present a basic heuristic for this approach and show that it provides slight improvement in terms of certain parameters than our basic random merging strategy. Our idea presents a departure from the usual combinatorial design in the sense that the designs are readily obtained according to user requirements. Our merging strategy results into schemes that are not directly available from combinatorial designs. Next we studied the largest cliques of a DSN based on transversal designs and the probabilistic extension of it (through merging). It is important to analyse the largest subset of nodes in a DSN where each node is connected to every other node in that subset (i.e., the largest clique). This parameter (largest clique size) is important in terms of resiliency and capability towards efficient distributed computing in a DSN. We concentrate on the schemes where the key pre-distribution strategies are based on transversal design and study the largest clique sizes. We show that merging of blocks to construct a node provides larger clique sizes than considering a block itself as a node in a transversal design. We consider the DSNs where the key pre-distribution mechanism evolves from combinatorial design. Such schemes provide the advantage of very low complexity key exchange facility (only inverse calculation in finite fields). Next, we have proposed a general framework using combinatorial designs which will enable the participating devices to communicate securely among themselves with little memory and power overhead. The scheme caters for different kinds of user requirements and allows the designer to choose different combinatorial designs for different parts or levels of the network. This general framework will find application in all wireless radio technologies, typically WPANs (Wireless Personal Area Networks) and WLANs (Wireless Local Area Networks). This is a hitherto unexplored technique in wireless technologies. Our proposal is perfectly general and fits into networks of any size. Suppose there are several levels depending on the user requirements. The root of the hierarchy tree is assumed to be a central server, S. At the next level, x special nodes S1, S2, · · · , Sx are placed. The leaf level comprises of the sub-networks NW1, NW2, · · · , NWx. One has the freedom to choose different combinatorial designs for different parts of the network. Again, that depends on the specific requirements of the user. For example, if the sub networks are required to form a totally connected network graph, one can choose projective planes. If the sub-networks are very large in size and total connectivity is not a requirement (i.e., if single/multi-hop connectivity is permissible), transversal designs might be a reasonable choice. Then we study the implementation of a distributed sensor network on a two dimensional grid, where the communication is considered to be secured under the assumption that the position of all the sensor nodes are fixed and the nodes are placed at the grid intersection points. The combinatorial structure used for this purpose is the well known transversal design. In this scenario, the number of keys in each node, the size of the area to be monitored, the sensing/RF (Radio Frequency) radius and the robustness of the network are inter-related and one can consider several design choices based on specific requirements. We present the key pre-distribution strategy and the connectivity analysis of the network. Next we discuss a novel technique for increasing the number of common keys between the nodes of a sensor network deterministically with the help of combinatorial designs. A general protocol is described for the key agreement. Elegant methods are described to achieve the key agreement by calculating the common key(s) between two nodes when the underlying combinatorial structures are generated from Difference Sets. The extension of this scheme is also presented when the Kronecker Product Design is used. Finally we pose some open problems and conclude the thesis.

[1]  Douglas R. Stinson,et al.  Combinatorial designs: constructions and analysis , 2003, SIGA.

[2]  Gregory J. Pottie,et al.  Protocols for self-organization of a wireless sensor network , 2000, IEEE Wirel. Commun..

[3]  Jennifer D. Key,et al.  Designs and their codes , 1992, Cambridge tracts in mathematics.

[4]  Chien-Chung Shen,et al.  Sensor information networking architecture and applications , 2001, IEEE Wirel. Commun..

[5]  Anne-Marie Kermarrec,et al.  Reliable probabilistic communication in large-scale information dissemination systems , 2000 .

[6]  Béla Bollobás,et al.  Random Graphs , 1985 .

[7]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[8]  Cunsheng Ding,et al.  A family of skew Hadamard difference sets , 2006, J. Comb. Theory, Ser. A.

[9]  B. R. Badrinath,et al.  ReInForM: reliable information forwarding using multiple paths in sensor networks , 2003, 28th Annual IEEE International Conference on Local Computer Networks, 2003. LCN '03. Proceedings..

[10]  Elaine Shi,et al.  Designing secure sensor networks , 2004, IEEE Wireless Communications.

[11]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[12]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[13]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[14]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[15]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[16]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[17]  Joseph Y. Halpern,et al.  Minimum-energy mobile wireless networks revisited , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[18]  Nathan Ickes,et al.  Physical layer driven protocol and algorithm design for energy-efficient wireless sensor networks , 2001, MobiCom '01.

[19]  Wade Trappe,et al.  An authentication framework for hierarchical ad hoc sensor networks , 2003, WiSe '03.

[20]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[21]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[22]  Yee Wei Law,et al.  A Formally Verified Decentralized Key Management Architecture for Wireless Sensor Networks , 2003, PWC.

[23]  Nicolas Sendrier,et al.  Finding the permutation between equivalent linear codes: The support splitting algorithm , 2000, IEEE Trans. Inf. Theory.

[24]  J. Elson,et al.  Fine-grained network time synchronization using reference broadcasts , 2002, OSDI '02.

[25]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[26]  Ingrid Verbauwhede,et al.  Scalable Session Key Construction Protocol for Wireless Sensor Networks , 2002 .

[27]  Avishai Wool,et al.  Cracking the Bluetooth PIN , 2005, MobiSys '05.

[28]  Anne-Marie Kermarrec,et al.  SCAMP: Peer-to-Peer Lightweight Membership Service for Large-Scale Group Communication , 2001, Networked Group Communication.

[29]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[30]  Yu-Chee Tseng,et al.  The Coverage Problem in a Wireless Sensor Network , 2003, WSNA '03.

[31]  Peter W. M. John 12. Partially Balanced Incomplete Block Designs , 1998 .

[32]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[33]  Jessica Staddon,et al.  Efficient tracing of failed nodes in sensor networks , 2002, WSNA '02.

[34]  A. Street,et al.  Combinatorics of experimental design , 1987 .

[35]  David E. Culler,et al.  A transmission control scheme for media access in sensor networks , 2001, MobiCom '01.

[36]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[37]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[38]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[39]  Brad Karp,et al.  GPSR : Greedy Perimeter Stateless Routing for Wireless , 2000, MobiCom 2000.

[40]  Miodrag Potkonjak,et al.  On communication security in wireless ad-hoc sensor networks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[41]  Deep Medhi,et al.  Location-aware key management scheme for wireless sensor networks , 2004, SASN '04.

[42]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[43]  Srdjan Capkun,et al.  Secure positioning of wireless devices with application to sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[44]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[45]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[46]  C. Colbourn,et al.  The CRC handbook of combinatorial designs , edited by Charles J. Colbourn and Jeffrey H. Dinitz. Pp. 784. $89.95. 1996. ISBN 0-8493-8948-8 (CRC). , 1997, The Mathematical Gazette.

[47]  Kouichi Sakurai,et al.  Group key distribution scheme for reducing required rekey message size , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[48]  Dawn Song,et al.  SIA: Secure information aggregation in sensor networks , 2007, J. Comput. Secur..

[49]  Bruno Dutertre,et al.  Lightweight Key Management in Wireless Sensor Networks by Leveraging Initial Trust , 2004 .

[50]  Shivakant Mishra,et al.  A Performance Evaluation of Intrusion-Tolerant Routing in Wireless Sensor Networks , 2003, IPSN.

[51]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .

[52]  C. Lam The Search for a Finite Projective Plane of Order 10 , 2005 .

[53]  P. Ning,et al.  Multi-Level μ TESLA : A Broadcast Authentication System for Distributed Sensor Networks ∗ , 2003 .

[54]  Douglas R. Stinson,et al.  Deterministic Key Predistribution Schemes for Distributed Sensor Networks , 2004, Selected Areas in Cryptography.

[55]  Bülent Yener,et al.  Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks , 2004, ESORICS.

[56]  Guoliang Xing,et al.  Integrated coverage and connectivity configuration in wireless sensor networks , 2003, SenSys '03.

[57]  M. N. Vartak On an Application of Kronecker Product of Matrices to Statistical Designs , 1955 .

[58]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[59]  Cunsheng Ding,et al.  Almost difference sets and their sequences with optimal autocorrelation , 2001, IEEE Trans. Inf. Theory.

[60]  R. Meester,et al.  Continuum percolation: References , 1996 .

[61]  Roberto Di Pietro,et al.  Random key-assignment for secure Wireless Sensor Networks , 2003, SASN '03.

[62]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[63]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[64]  Subhamoy Maitra,et al.  A Hybrid Design of Key Pre-distribution Scheme for Wireless Sensor Networks , 2005, ICISS.

[65]  Piyush Gupta,et al.  Critical Power for Asymptotic Connectivity in Wireless Networks , 1999 .

[66]  J. Seaman Introduction to the theory of coverage processes , 1990 .

[67]  József Balogh,et al.  On k−coverage in a mostly sleeping sensor network , 2008, Wirel. Networks.

[68]  Subhamoy Maitra,et al.  A key pre-distribution scheme for wireless sensor networks: merging blocks in combinatorial design , 2005, International Journal of Information Security.

[69]  Panganamala Ramana Kumar,et al.  RHEINISCH-WESTFÄLISCHE TECHNISCHE HOCHSCHULE AACHEN , 2001 .

[70]  Anantha Chandrakasan,et al.  Dynamic Power Management in Wireless Sensor Networks , 2001, IEEE Des. Test Comput..

[71]  Gregory J. Pottie,et al.  Wireless integrated network sensors , 2000, Commun. ACM.

[72]  S. Foldes,et al.  ON INSTANTANEOUS CODES , 2004 .

[73]  Subhamoy Maitra,et al.  Clique Size in Sensor Networks with Key Pre-Distribution Based on Transversal Design* , 2005, Int. J. Distributed Sens. Networks.

[74]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[75]  R. C. Bose,et al.  On the construction of group divisible incomplete block designs , 1953 .

[76]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[77]  Wendi B. Heinzelman,et al.  Adaptive protocols for information dissemination in wireless sensor networks , 1999, MobiCom.

[78]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[79]  Shivakant Mishra,et al.  Enhancing Base Station Security in Wireless Sensor Networks , 2003 .

[80]  Mike Chen,et al.  Security and Deployment Issues in a Sensor Network , 2000 .

[81]  L. B. Milstein,et al.  Theory of Spread-Spectrum Communications - A Tutorial , 1982, IEEE Transactions on Communications.

[82]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[83]  Teresa H. Meng,et al.  Minimum energy mobile wireless networks , 1998, ICC '98. 1998 IEEE International Conference on Communications. Conference Record. Affiliated with SUPERCOMM'98 (Cat. No.98CH36220).

[84]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[85]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[86]  Jennifer Seberry,et al.  Combinatorial Structures for Design of Wireless Sensor Networks , 2006, ACNS.

[87]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[88]  Arthur L. Liestman,et al.  A survey of gossiping and broadcasting in communication networks , 1988, Networks.

[89]  Douglas R. Stinson,et al.  A combinatorial approach to key predistribution for distributed sensor networks , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[90]  David Tse,et al.  Mobility increases the capacity of ad-hoc wireless networks , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[91]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[92]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1998, Inf. Comput..

[93]  Zhiyuan Ren,et al.  Sentry-Based Power Management in Wireless Sensor Networks , 2003, IPSN.

[94]  Deborah Estrin,et al.  Next Century Challenges: Mobile Networking for Smart Dust , 1999, MobiCom 1999.