Improving key predistribution with deployment knowledge in static sensor networks

Pairwise key establishment is a fundamental security service for sensor networks. However, establishing pairwise keys in sensor networks is a challenging problem, particularly due to the resource constraints on sensor nodes and the threat of node compromises. This article proposes to use both predeployment and postdeployment knowledge to improve pairwise key predistribution in static sensor networks. By exploiting the predeployment knowledge, this article first develops two key predistribution schemes, a closest pairwise keys scheme and a closest polynomials scheme. The analysis shows that these schemes can achieve better performance if the expected location information is available and that the smaller the deployment error is, the better performance they can achieve. The article then investigates how to use postdeployment knowledge to improve pairwise key predistribution in static sensor networks. The idea is to load an excessive amount of predistributed keys on sensor nodes, prioritize these keys based on sensors' actual locations discovered after deployment, and discard low-priority keys to thwart node compromise attacks. This approach is then used to improve the random subset assignment scheme proposed recently to demonstrate its practicality and effectiveness. The analysis indicates that the postdeployment knowledge can also greatly improve the performance and security of key predistribution.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Ian F. Akyildiz,et al.  Wireless sensor networks , 2007 .

[3]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[4]  Matt Welsh,et al.  Simulating the power consumption of large-scale sensor network applications , 2004, SenSys '04.

[5]  Peng Ning,et al.  LAD: localization anomaly detection for wireless sensor networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[6]  B. R. Badrinath,et al.  Ad hoc positioning system (APS) , 2001, GLOBECOM'01. IEEE Global Telecommunications Conference (Cat. No.01CH37270).

[7]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[8]  Radha Poovendran,et al.  SeRLoc: secure range-independent localization for wireless sensor networks , 2004, WiSe '04.

[9]  Adrian Perrig,et al.  PIKE: peer intermediaries for key establishment in sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[10]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[11]  Adrian Perrig,et al.  TESLA Broadcast Authentication , 2003 .

[12]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[13]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[14]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[15]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[16]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[17]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[18]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[19]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[20]  Donggang Liu,et al.  Detecting Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[21]  Lingxuan Hu,et al.  Secure aggregation for wireless networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[22]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[23]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[24]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[25]  Peng Ning,et al.  LAD: Localization anomaly detection for wireless sensor networks , 2006, J. Parallel Distributed Comput..

[26]  Joseph Y. Halpern,et al.  Minimum-energy mobile wireless networks revisited , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[27]  David S. L. Wei Mobile Computing and Networking , 2022 .

[28]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[29]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[30]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[31]  Jean-Yves Le Boudec,et al.  Performance Analysis of the CONFIDANT Protocol: Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks , 2002 .

[32]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[33]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[34]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[35]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[36]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[37]  Donggang Liu,et al.  Attack-resistant location estimation in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[38]  Shivakant Mishra,et al.  Security support for in-network processing in Wireless Sensor Networks , 2003, SASN '03.

[39]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[40]  Peter Kruus,et al.  CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY , 2000 .

[41]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[42]  Duncan S. Wong,et al.  Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices , 2001, ASIACRYPT.

[43]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[44]  Donggang Liu,et al.  Group-based key pre-distribution in wireless sensor networks , 2005, WiSe '05.

[45]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[46]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[47]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[48]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[49]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[50]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[51]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[52]  Roberto Di Pietro,et al.  Random key-assignment for secure Wireless Sensor Networks , 2003, SASN '03.