Broadcast Secrecy via Key-Chain-Based Encryption in Single-Hop Wireless Sensor Networks

Broadcast is used in wireless sensor networks for operations such as software updates, network queries, and command dissemination. Applications such as battlefield control and natural resource management require not only authentication of broadcast messages, but also secrecy against eavesdroppers. In this paper we design, implement, and evaluate a novel scheme that meets the requirements of secrecy, authenticity, integrity, and freshness of broadcast messages in the context of a single-hop wireless sensor network. Our contributions are three-fold: first, we propose the use of time-varying keys (based on a key-chain) for broadcast encryption, emphasising advantages such as non-forgeability, protection against old-key compromise, and allowance for dynamic data. Second, we extend the basic key-chain mechanism to incorporate limited protection against key loss, allowing legitimate receivers to recover even if they have lost a small number of keys. Third, we prototype our scheme by incorporating it into Deluge, the network programming protocol distributed with TinyOS, and quantify its cost in terms of time, space, and power consumption on a TelosB mote platform. Our scheme represents a practical, efficient and scalable means of delivering broadcast data secretly to a large number of low-power sensor nodes.

[1]  David E. Culler,et al.  Securing the Deluge network programming system , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[2]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[3]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[4]  Peng Ning,et al.  Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[5]  Dieter Gollmann Cryptographic APIs , 1995, Cryptography: Policy and Algorithms.

[6]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[7]  M. Luk,et al.  MiniSec: A Secure Sensor Network Communication Architecture , 2007, 2007 6th International Symposium on Information Processing in Sensor Networks.

[8]  Deborah Estrin,et al.  Guest Editors' Introduction: Overview of Sensor Networks , 2004, Computer.

[9]  J. Deng,et al.  Secure code distribution in dynamically programmable wireless sensor networks , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[10]  Rajeev Gandhi,et al.  Sluice: Secure Dissemination of Code Updates in Sensor Networks , 2006, ICDCS.

[11]  Adrian Perrig,et al.  Seven cardinal properties of sensor network broadcast authentication , 2006, SASN '06.

[12]  Syed Taha Ali,et al.  Secure key loss recovery for network broadcast in single-hop wireless sensor networks , 2010, Ad Hoc Networks.

[13]  John Zic,et al.  A confidential and DoS-resistant multi-hop code dissemination protocol for wireless sensor networks , 2009, WiSec '09.

[14]  Yang Xiao,et al.  Security in Sensor Networks , 2006 .

[15]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[16]  David E. Culler,et al.  The dynamic behavior of a data dissemination protocol for network programming at scale , 2004, SenSys '04.

[17]  Martina Zitterbart,et al.  Security in Sensor Networks , 2010, it Inf. Technol..

[18]  Theo Ungerer,et al.  SecSens - Security Architecture for Wireless Sensor Networks , 2009, 2009 Third International Conference on Sensor Technologies and Applications.

[19]  Mani Srivastava,et al.  Overview of sensor networks , 2004 .

[20]  Xuemin Shen,et al.  Key Management Schemes for Wireless Sensor Networks , 2006 .

[21]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[22]  John Zic,et al.  Secure Multihop Network Programming with Multiple One-Way Key Chains , 2008, IEEE Transactions on Mobile Computing.

[23]  Mihir Bellare,et al.  OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[24]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .