Security of Random Key Pre-distribution Schemes With Limited Tamper Resistance

Key pre-distribution (KPD) schemes, are inherently trade-offs between security and complexity, and are perhaps well suited for securing large-scale deployments of resource constrained nodes without persistent access to a trusted authority (TA). However, the need to offset their inherent security limitations, calls for some degree of tamper-resistance of nodes. Obviously, if absolute tamper-resistance is guaranteed, KPD schemes are rendered secure. In practice, however, tamperresistance will have some limitations which will be exploited by attackers. In this paper, we analyze the security of deployments of random key pre-distribution schemes based on some assumptions on the “extent of tamper-resistance.” We argue that a “limited extent of tamper resistance” when used in conjunction with a mechanism for “periodic key updates,” drastically improves the security of (especially random) KPD schemes.

[1]  Douglas R. Stinson,et al.  Some New Results on Key Distribution Patterns and Broadcast Encryption , 1998, Des. Codes Cryptogr..

[2]  Helena Handschuh,et al.  Fast Primitives for Internal Data Scrambling in Tamper Resistant Hardware , 2001, CHES.

[3]  Manel Guerrero Zapata Secure ad hoc on-demand distance vector routing , 2002, MOCO.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Li Gong,et al.  A matrix key-distribution scheme , 2005, Journal of Cryptology.

[6]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[7]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[8]  Silvio Micali,et al.  Secret-Key Agreement without Public-Key Cryptography , 1993, CRYPTO.

[9]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[10]  Roberto Di Pietro,et al.  Random key-assignment for secure Wireless Sensor Networks , 2003, SASN '03.

[11]  Mahalingam Ramkumar,et al.  Pre-loaded key based multicast and broadcast authentication in mobile ad-hoc networks , 2003, GLOBECOM '03. IEEE Global Telecommunications Conference (IEEE Cat. No.03CH37489).

[12]  Paz Morillo,et al.  Linear Broadcast Encryption Schemes , 2003, Discret. Appl. Math..

[13]  P. Erdös,et al.  Families of finite sets in which no set is covered by the union ofr others , 1985 .

[14]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[15]  Chris J. Mitchell,et al.  Key storage in secure networks , 1988, Discret. Appl. Math..

[16]  Zoltán Füredi,et al.  Families of Finite Sets in Which No Set Is Covered by the Union of Two Others , 1982, J. Comb. Theory, Ser. A.

[17]  Martin E. Dyer,et al.  On key storage in secure networks , 1995, Journal of Cryptology.

[18]  Shouhuai Xu,et al.  Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[19]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[20]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[21]  Smitha Surapaneni Secret Key Agreement without Public-Key Cryptography , 2003 .

[22]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .