Establishing pairwise keys in distributed sensor networks

Pairwise key establishment is a fundamental security service in sensor networks; it enables sensor nodes to communicate securely with each other using cryptographic techniques. However, due to the resource constraints on sensor nodes, it is not feasible to use traditional key management techniques such as public key cryptography and key distribution center (KDC). A number of key predistribution techniques have been proposed for pairwise key establishment in sensor networks recently. To facilitate the study of novel pairwise key predistribution techniques, this paper develops a general framework for establishing pairwise keys between sensor nodes using bivariate polynomials. This paper then proposes two efficient instantiations of the general framework: a random subset assignment key predistribution scheme, and a hypercube-based key predistribution scheme. The analysis shows that both schemes have a number of nice properties, including high probability, or guarantee to establish pairwise keys, tolerance of node captures, and low storage, communication, and computation overhead. To further reduce the computation at sensor nodes, this paper presents an optimization technique for polynomial evaluation, which is used to compute pairwise keys. This paper also reports the implementation and the performance of the proposed schemes on MICA2 motes running TinyOS, an operating system for networked sensors. The results indicate that the proposed techniques can be applied efficiently in resource-constrained sensor networks.

[1]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[2]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[3]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[4]  Duncan S. Wong,et al.  Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices , 2001, ASIACRYPT.

[5]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[6]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[7]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[8]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[9]  Shivakant Mishra,et al.  Security support for in-network processing in Wireless Sensor Networks , 2003, SASN '03.

[10]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[11]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[12]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[13]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[14]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[15]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[16]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[17]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[18]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[19]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[20]  Roberto Di Pietro,et al.  Random key-assignment for secure Wireless Sensor Networks , 2003, SASN '03.

[21]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[22]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[23]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[24]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[25]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[26]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[27]  Ian F. Akyildiz,et al.  Wireless sensor networks , 2007 .

[28]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[29]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[30]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[31]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[32]  Lingxuan Hu,et al.  Secure aggregation for wireless networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..