Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks

Recent advances in wireless sensor networks (WSNs) are fueling the interest in their application in a wide variety of sensitive settings such as battlefield surveillance, border control, and infrastructure protection. Data confidentiality and authenticity are critical in these settings. However, the wireless connectivity, the absence of physical protection, the close interaction between WSNs and their physical environment, and the unattended deployment of WSNs make them highly vulnerable to node capture as well as a wide range of network-level attacks. Moreover, the constrained energy, memory, and computational capabilities of the employed sensor nodes limit the adoption of security solutions designed for wire-line and wireless networks. In this paper, we focus on the management of encryption keys in large-scale clustered WSNs. We propose a novel distributed key management scheme based on exclusion basis systems (EBS); a combinatorial formulation of the group key management problem. Our scheme is termed SHELL because it is scalable, hierarchical, efficient, location-aware, and light-weight. Unlike most existing key management schemes for WSNs, SHELL supports rekeying and, thus, enhances network security and survivability against node capture. SHELL distributes key management functionality among multiple nodes and minimizes the memory and energy consumption through trading off the number of keys and rekeying messages. In addition, SHELL employs a novel key assignment scheme that reduces the potential of collusion among compromised sensor nodes by factoring the geographic location of nodes in key assignment. Simulation results demonstrate that SHELL significantly boosts the network resilience to attacks while conservatively consuming nodes' resources

[1]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[2]  Reinhard Diestel,et al.  Graph Theory , 1997 .

[3]  Mohamed F. Younis,et al.  Load-balanced clustering of wireless sensor networks , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[4]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[5]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[6]  Koen Langendoen,et al.  Distributed localization in wireless sensor networks: a quantitative compariso , 2003, Comput. Networks.

[7]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[8]  Mohamed F. Younis,et al.  Energy-aware management for cluster-based sensor networks , 2003, Comput. Networks.

[9]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[10]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[11]  Danny Dolev,et al.  Optimized Group Rekey for Group Communications Systems , 1999 .

[12]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[13]  Nael B. Abu-Ghazaleh,et al.  A taxonomy of wireless micro-sensor network models , 2002, MOCO.

[14]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[15]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[16]  Ken Kennedy,et al.  RETROSPECTIVE: Coloring Heuristics for Register Allocation , 2022 .

[17]  Mohamed F. Younis,et al.  Accurate anchor-free node localization in wireless sensor networks , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[18]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[19]  Mohamed Eltoweissy,et al.  TKGS: verifiable threshold-based key generation scheme in open wireless ad hoc networks , 2004, Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969).

[20]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[21]  Ossama Younis,et al.  HEED: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks , 2004, IEEE Transactions on Mobile Computing.

[22]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[23]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[24]  Robin Kravets,et al.  MOCA : MObile Certificate Authority for Wireless Ad Hoc Networks , 2004 .

[25]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[26]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[27]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[28]  Mohamed F. Younis,et al.  A low-energy key management protocol for wireless sensor networks , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[29]  Bruno Dutertre,et al.  Lightweight Key Management in Wireless Sensor Networks by Leveraging Initial Trust , 2004 .

[30]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[31]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[32]  Mohamed Eltoweissy,et al.  Combinatorial Optimization of Group Key Management , 2003, Journal of Network and Systems Management.

[33]  Haiyun Luo,et al.  Security in mobile ad hoc networks: challenges and solutions , 2004, IEEE Wireless Communications.

[34]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[35]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[36]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[37]  Liviu Iftode,et al.  Locality driven key management architecture for mobile ad-hoc networks , 2004, 2004 IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE Cat. No.04EX975).

[38]  Patrick Lambrix,et al.  A hybrid key tree scheme for multicast to balance security and efficiency requirements , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[39]  M. Horton MICA: The Commercialization of Microsensor Motes , 2002 .

[40]  Bob Briscoe MARKS: Multicast Key Management using Arbitrarily Revealed Key Sequences , 1999 .

[41]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[42]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[43]  Kang G. Shin,et al.  LiSP: A lightweight security protocol for wireless sensor networks , 2004, TECS.

[44]  Colin Boyd,et al.  On Key Agreement and Conference Key Agreement , 1997, ACISP.