Defending against Sybil attacks in sensor networks

Sybil attack is a harmful threat to sensor networks, in which a malicious node illegally forges an unbounded number of identities to defeat redundancy mechanisms. Digital certificates are a way to prove identities. However, they are not viable in sensor networks. In this paper, we propose a light-weight identity certificate method to defeat Sybil attacks. Our proposed method uses one-way key chains and Merkle hash trees. The method thereby avoids the need for public key cryptography. In addition, the method provides a means for authentication of all data messages. A variant of this method is presented that has lower computational requirements under certain conditions. The security of each method is analyzed, and is as good or better than previously-proposed approaches, with fewer assumptions. The overhead (computation, storage, and messages) is also shown to be acceptable for use in sensor networks.

[1]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[2]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[3]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[4]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[5]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[6]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[7]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[8]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[9]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[10]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[11]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[12]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.