When setting up a sensor network, one of the first requirements is to establish cryptographic keys for later use. However, the traditional key establishment techniques cannot be directly applied due to the inherent properties of sensor networks. Recently, a promising methodology, random key pre-distribution schemes based on symmetric cryptography, has been proposed. In this paper, the authors studied the problem of replication attack on random key pre-distribution schemes. Using a combination of modeling, analysis, and experiments, the relationship among the replicated hostile nodes, the sensor networks, and the resiliency of various random key pre-distribution schemes were analyzed, characterized, and discussed against replication attack. Example findings include: (1) the sensor networks with random key pre-distribution schemes, even with one replicated sensor, start to become almost 100% insecure when the adversary captures and stores the key information equivalent to those carried by one good sensor node; and (2) among the proposed schemes, the q-composite scheme with larger q is most resilient against replication attack while the basic scheme is least resilient and the Blom-based scheme lies in between the above two schemes when the replicated node has less memory to store key information than the original node. Interestingly, it is the other way round when the replicated node has more memory to store key information than the original node. Moreover, as a transition, the resilience against replication attack is the same for all the random schemes when the replicated and original nodes have the same memory to store key information. This study does not only provide practical insights into the design of more secure and efficient key establishment schemes allowing simple key establishment for large-scale sensor networks but can also be used to accurately predict the payoff that an adversary can gain after injecting a certain number of nodes into the sensor networks.
[1]
Roger M. Needham,et al.
Using encryption for authentication in large networks of computers
,
1978,
CACM.
[2]
Donggang Liu,et al.
Establishing pairwise keys in distributed sensor networks
,
2005,
ACM Trans. Inf. Syst. Secur..
[3]
Donggang Liu,et al.
Establishing pairwise keys in distributed sensor networks
,
2005,
TSEC.
[4]
Markus G. Kuhn,et al.
Tamper resistance: a cautionary note
,
1996
.
[5]
David E. Culler,et al.
SPINS: Security Protocols for Sensor Networks
,
2001,
MobiCom '01.
[6]
John T. Kohl,et al.
The Kerberos Network Authentication Service (V5
,
2004
.
[7]
Dawn Xiaodong Song,et al.
Random key predistribution schemes for sensor networks
,
2003,
2003 Symposium on Security and Privacy, 2003..
[8]
Yunghsiang Sam Han,et al.
A pairwise key predistribution scheme for wireless sensor networks
,
2005,
TSEC.
[9]
David A. Wagner,et al.
Security in wireless sensor networks
,
2004,
SASN '04.
[10]
Markus G. Kuhn,et al.
Low Cost Attacks on Tamper Resistant Devices
,
1997,
Security Protocols Workshop.
[11]
Rolf Blom,et al.
An Optimal Class of Symmetric Key Generation Systems
,
1985,
EUROCRYPT.
[12]
Yunghsiang Sam Han,et al.
A pairwise key pre-distribution scheme for wireless sensor networks
,
2003,
CCS '03.
[13]
David E. Culler,et al.
SPINS: security protocols for sensor networks
,
2001,
MobiCom '01.
[14]
M. Kuhn,et al.
The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors
,
2022
.
[15]
Virgil D. Gligor,et al.
A key-management scheme for distributed sensor networks
,
2002,
CCS '02.