Attacking cryptographic schemes based on "perturbation polynomials"

We show attacks on several cryptographic schemes that have recently been proposed for achieving various security goals in sensor networks. Roughly speaking, these schemes all use "perturbation polynomials" to add "noise" to polynomialbased systems that offer information-theoretic security, in an attempt to increase the resilience threshold while maintaining efficiency. We show that the heuristic security arguments given for these modified schemes do not hold, and that they can be completely broken once we allow even a slight extension of the parameters beyond those achieved by the underlying information-theoretic schemes. Our attacks apply to the key predistribution scheme of Zhang et al. (MobiHoc 2007), the access-control schemes of Subramanian et al. (PerCom 2007), and the authentication schemes of Zhang et al. (INFOCOM 2008). Our results cast doubt on the viability of using "perturbation polynomials" for designing secure cryptographic schemes.

[1]  Ronitt Rubinfeld,et al.  Reconstructing algebraic functions from mixed data , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[2]  Wensheng Zhang,et al.  Securing Distributed Data Storage and Retrieval in Sensor Networks , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[3]  Guiling Wang,et al.  Lightweight and Compromise-Resilient Message Authentication in Sensor Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[4]  Sencun Zhu,et al.  A random perturbation-based scheme for pairwise key establishment in sensor networks , 2007, MobiHoc '07.

[5]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[6]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..