Ashok Kumar Das

DOI: https://doi.org/10.48550/arXiv.1108.1302

2011-08-05

Cryptography and Security

Abstract:Establishment of pairwise keys between sensor nodes in a sensor network is a difficult problem due to resource limitations of sensor nodes as well as vulnerability to physical captures of sensor nodes by the enemy. Public-key cryptosystems are not much suited for most resource-constrained sensor networks. Recently, elliptic curve cryptographic techniques show that public key cryptosystem is also feasible for resource-constrained sensor networks. However, most researchers accept that the symmetric key cryptosystems are viable options for resource-constrained sensor networks. In this paper, we first develop a basic principle to address the key pre-distribution problem in mobile sensor networks. Then, using this developed basic principle, we propose a scheme which takes the advantage of the post-deployment knowledge. Our scheme is a modified version of the key prioritization technique proposed by Liu and Ning. Our improved scheme provides reasonable network connectivity and security. Moreover, the proposed scheme works for any deployment topology.

Saif ur Rehman,Cui Gang,Dalaijargal Purevsuren

DOI: https://doi.org/10.1109/icsess.2015.7339018

2015-01-01

Abstract:Probabilistic key pre-distribution techniques for ad-hoc wireless sensor networks cannot guarantee link establishment and are prone to redundancy and key reuse. There is also a tradeoff between storage requirements, scalability and key reuse, which limits secure scalability. Master key and Computation based key establishment techniques are vulnerable to clone attacks in case of compromised nodes. In this paper, the strengths of these approaches are combined to create a hybrid technique that ensures secure link establishment with higher resilience against compromised nodes and significantly reduce redundancy and encryption key reuse.

Yuan Cheng,Yanan Liu,Zheng Zhang,Yanxiu Li

DOI: https://doi.org/10.3390/s23146460

IF: 3.9

2023-07-18

Sensors

Abstract:Wireless sensor networks are usually applied in hostile areas where nodes can easily be monitored and captured by an adversary. Designing a key distribution scheme with high security and reliability, low hardware requirements, and moderate communication load is crucial for wireless sensor networks. To address the above objectives, we propose a new key distribution scheme based on an ECC asymmetric encryption algorithm. The two-way authentication mechanism in the proposed scheme not only prevents illegal nodes from accessing the network, but also prevents fake base stations from communicating with the nodes. The complete key distribution and key update methods ensure the security of session keys in both static and dynamic environments. The new key distribution scheme provides a significant performance improvement compared to the classical key distribution schemes for wireless sensor networks without sacrificing reliability. Simulation results show that the proposed new scheme reduces the communication load and key storage capacity, has significant advantages in terms of secure connectivity and attack resistance, and is fully applicable to wireless sensor networks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Dahai Xu,Jeffrey Dwoskin,Jianwei Huang,Tian Lan,Ruby Lee,Mung Chiang

DOI: https://doi.org/10.1007/978-3-642-14849-1_23

2011-01-01

Abstract:Secure communications in wireless ad hoc networks require setting up end-to-end secret keys for communicating node pairs. It is widely believed that although being more complex, a probabilistic key predistribution scheme is much more resilient against node capture than a deterministic one in lightweight wireless ad hoc networks. Supported by the surprisingly large successful attack probabilities (SAPs) computed in this chapter, we show that the probabilistic approaches have only limited performance advantages over deterministic ones. We first consider a static network scenario as originally considered in the seminal paper by Eschenauer and Gligor [9], where any node capture happens after the establishment of all pair-wise links. In this scenario, we show that the deterministic approach can achieve a performance as good as the probabilistic one. In a mobile network scenario, however, the probabilistic key management as described in [9] can lead to a SAP of one order of magnitude larger than the one in a static network due to node fabrication attacks.The above analysis motivates us to propose two low-cost secure-architecture-based techniques to improve the security against such attacks. Our new architectures, specifically targeted at the sensor-node platform, protect long-term keys using a root of trust embedded in the hardware System-on-a-Chip (SoC). This prevents an adversary from extracting these protected long-term keys from a captured node to fabricate new nodes. The extensive simulation results show that the proposed architecture can significantly decrease the SAP and increase the security level of key management for mobile ad hoc networks.Finally, we develop an analytical framework for the on-demand key establishment approach. We propose a novel security metric, the REM resilience vector, to quantify the resilience of any key establishment schemes against Revealing, Erasure, and Modification (REM) attacks. Our analysis shows that previous key establishment schemes are vulnerable under REM attacks. Relying on the new security metric, we prove a universal bound on achievable REM resilience vectors for any on-demand key establishment scheme. This bound that characterizes the optimal security performance analytically is shown to be tight, as we propose a REM-resilient key establishment scheme which achieves any vector within this bound. In addition, we develop a class of low-complexity key establishment schemes which achieve nearly optimal REM attack resilience.

Pranav Agrawal,Joy Kuri

DOI: https://doi.org/10.48550/arXiv.0907.5438

2009-08-29

Abstract:Many basic key distribution schemes specifically tuned to wireless sensor networks have been proposed in the literature. Recently, several researchers have proposed schemes in which they have used group-based deployment models and assumed predeployment knowledge of the expected locations of nodes. They have shown that these schemes achieve better performance than the basic schemes, in terms of connectivity, resilience against node capture and storage requirements. But in many situations expected locations of nodes are not available. In this paper we propose a solution which uses the basic scheme, but does not use group-based deployment model and predeployment knowledge of the locations of nodes, and yet performs better than schemes which make the aforementioned assumptions. In our scheme, groups are formed after deployment of sensor nodes, on the basis of their physical locations, and the nodes sample keys from disjoint key pools. Compromise of a node affects secure links with other nodes that are part of its group only. Because of this reason, our scheme performs better than the basic schemes and the schemes using predeployment knowledge, in terms of connectivity, storage requirement, and security. Moreover, the post-deployment key generation process completes sooner than in schemes like LEAP+.

Cryptography and Security

Qing Yang,QiaoLiang Li,Xiaoming Wang,Naixue Xiong,Yi Pan

DOI: https://doi.org/10.1007/978-3-540-88582-5_45

2008-01-01

Abstract:The establishment of shared keys between communicating neighbor nodes in wireless sensor networks is a challenge due to resource-constrained sensor networks. Several key pre-distribution schemes have been proposed in literatures to establish pairwise keys between sensor nodes. However, many of them are either too complicated to fit for wireless sensor networks or insecure for some common aggressions. In this paper, we propose a random key management scheme based on random key pre-distribution for wireless sensor networks. To achieve better performance and security, the proposed scheme employs two different phases to establish enhanced pairwise keys between neighboring nodes. Compared with other existing random key pre-distribution schemes, our scheme has better resilience against node capture and also performs better in terms of network connectivity and scalability with appropriate memory, computation and communication overheads.

Kui Ren,Kai Zeng,Wenjing Lou

DOI: https://doi.org/10.1109/milcom.2005.1605657

2005-01-01

Abstract:In a wireless sensor network, pre-distribution of secret keys is possibly the most practical approach to protect network communications. To meet the stringent resource constraints of the sensor nodes, such as limited storage capability, low computation capability, and limited battery life, key pre-distribution schemes should be highly efficient, namely requiring as little storage space as possible, and at the same time, maintain a strong security strength, i.e., high resilience against node capture. In this paper, a new approach for random key pre-distribution is proposed to achieve both efficiency and security goals. The novelty of this approach lies in that, instead of using a key pool consisting of random keys, a random key generation technique is carefully designed such that a large number of random keys can be represented by a small number of key-generation keys. Then, instead of storing a big number of random keys, each sensor node stores a small number of key-generation keys while computes the shared secret key during the bootstrapping phase on-the-fly using efficient hash operations. The proposed scheme outperforms the previous random key pre-distribution schemes by significantly reducing the storage requirement while holding the same security strength as shown by the detailed analysis

sun qian

DOI: https://doi.org/10.1016/j.phpro.2012.03.368

2012-01-01

Abstract:To establish the two key in wireless sensor network is a basic security services, forming the basis other security services, such as authentication and encrypted. However, due to the sensor network resource constraints on to establish the two key not wireless sensor networks trivial tasks. The existing key, pre-alpha-ever scheme compromise node number and a minor part however influence key will increase quickly. As a result, a small compromise the number of node may affect the most adversaries. This paper proposes an improved key management wireless sensor network plan, take advantage of one-way hash function to alleviate the influence of compromise the sensor high sensor nodes. At the same time, this method does not affect the connection between neighboring sensor node. The analysis shows that compared with the existing plan which has good network resilience against node capture attack. (C) 2012 Published by Elsevier B.V. Selection and/or peer-review under responsibility of Garry Lee

Jaydip Sen

2023-07-03

Abstract:Wireless sensor networks (WSNs) are made up of a large number of tiny sensors, which can sense, analyze, and communicate information about the outside world. These networks play a significant role in a broad range of fields, from crucial military surveillance applications to monitoring building security. Key management in WSNs is a critical task. While the security and integrity of messages communicated through these networks and the authenticity of the nodes are dependent on the robustness of the key management schemes, designing an efficient key generation, distribution, and revocation scheme is quite challenging. While resource-constrained sensor nodes should not be exposed to computationally demanding asymmetric key algorithms, the use of symmetric key-based systems leaves the entire network vulnerable to several attacks. This chapter provides a comprehensive survey of several well-known cryptographic mechanisms and key management schemes for WSNs.

Cryptography and Security

Hung-Min Sun,Cheng-Ta Yang,Yue-Hsun Lin,Mu-En Wu

DOI: https://doi.org/10.1109/iih-msp.2009.221

2009-01-01

Abstract:Random key pre-distribution scheme is a flexible key management scheme for wireless sensor networks. Recently, numerous related studies have been proposed. However, most of them have weaknesses. First of all, sensors require large storage to store keys in order to maintain high connectivity. Secondly, impact caused by compromised sensors cannot be completely eliminated. In this paper, a novel pair-wise key establishment scheme based on the combination is proposed. Impact of key exposure from compromised sensors can be ignored since the pair-wise key for each pair of sensors is unique. Most significantly, we achieve the merit of fully connectivity without increasing storage requirement of sensors.

Sharmila,Pramod Kumar,Shashi Bhushan,Manoj Kumar,Mamoun Alazab

DOI: https://doi.org/10.1007/s11277-023-10410-7

IF: 2.017

2023-04-12

Wireless Personal Communications

Abstract:Wireless Sensor Networks (WSNs) play a crucial role in developing the Internet of Things (IoT) by collecting data from hostile environments like military and civil domains with limited resources. IoT devices need edge devices to perform real-time processing without compromising the security with the help of key management and authentication schemes. The above applications are prone to eavesdropper due to cryptographic algorithms' weaknesses for providing security in WSNs. The security protocols for WSNs are different from the traditional networks because of the limited resource of sensor nodes. Existing key management schemes require large key sizes to provide high-security levels, increasing the computational and communication cost for key establishment. This paper proposes a Hybrid Key Management Scheme for WSNs linking edge devices which use Elliptic Curve Cryptography (ECC) and a hash function to generate key pre-distribution keys. The Key establishment is carried out by merely broadcasting the node identity. The main reason for incorporating a hybrid approach in the key pre-distribution method is to achieve mutual authentication between the sensor nodes during the establishment phase. The proposed method reduces computational complexity with greater security and the proposed scheme can be competently applied into resource constraint sensor nodes.

telecommunications

Lina Zhu,Zuochang Zhang,Jianhua Li,Renjie Zhou

DOI: https://doi.org/10.14257/ijsia.2016.10.5.21

2016-01-01

International Journal of Security and Its Applications

Abstract:Key management is the basis of many security mechanisms and services in wireless sensor networks (WSN). Random key predistribution scheme is widely considered as the most practical for WSN. However, this scheme faces the challenge that it cannot achieve the ideal security connectivity and strong resilience against node capture simultaneously. To address this limitation, an improved random key predistribution scheme using deployment knowledge is proposed in this paper. Firstly, sensor nodes are divided into different groups according to their location expected. And the key pool is grouped into key pool subsets accordingly. To realize the communication between adjacent groups, the corresponding key pool subsets have a certain degree of overlapping. For all keys, there is no limitation on key reuse. Neighboring nodes sharing q common keys will establish secure link with high probability. Moreover, our scheme inherits the advantage of qcomposite random key predistribution scheme that it can maintain security even if some nodes are captured. Theoretical analysis and simulation experiments show that the improved scheme performs well on network connectivity and resilience.

An-Ni Shen,Song Guo,Hung Yu Chien,Minyi Guo

DOI: https://doi.org/10.1002/cpe.1429

2009-01-01

Concurrency and Computation Practice and Experience

Abstract:Many applications of wireless sensor network (WSN) require secure data communications, especially in a hostile environment. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Traditional asymmetric key cryptosystems are infeasible in WSNs due to the extremely low capacity and constrained resources at each senor node. Recently proposed protocols are either vulnerable to the large-scale node capture attacks or lack of performance scalability in terms of storage, communication and computation costs. To address these limitations, we study the key pre-distribution schemes in this paper and propose a new one with all of the following properties which are particularly beneficial to the large-scale resource-constrained WSNs: (1) it completely defends against the node capture attacks, (2) it provides full connectivity of the network, and (3) it reduces the storage and communication overhead significantly compared with the other proposals. Copyright © 2009 John Wiley & Sons, Ltd.

Kui Ren,Kai Zeng,Wenjing Lou

DOI: https://doi.org/10.1002/wcm.397

2006-01-01

Abstract:In a wireless sensor network (WSN), pre-distribution of secret keys is possibly the most practical approach to protect network communications. To meet the stringent resource constraints of the sensor nodes, key pre-distribution schemes should be highly efficient, require as little storage space as possible, and at the same time, maintain a strong security strength, that is, high resilience against node capture. In this paper, a new approach for random key predistribution is proposed to achieve both efficiency and security goals. The novelty of this approach lies in that, instead of using a key pool consisting of random keys, a key generation technique is carefully designed such that a large number of random keys can be represented by a small number of key-generation keys. Then, instead of storing a big number of random keys, each sensor node stores a small number of key-generation keys while computing the shared secret keys during the bootstrapping phase on the fly using the computationally efficient hash function. The proposed scheme outperforms the previous random key pre-distribution schemes in that it reduces the storage requirement significantly while holding the comparable security strength, as shown by our thorough analysis and simulation. Copyright (c) 2006 John Wiley & Sons, Ltd.

Bi-di YING,Hui-fang CHEN,Wen-dao ZHAO,Pei-liang QIU

DOI: https://doi.org/10.3969/j.issn.1004-1699.2007.07.032

2007-01-01

Abstract:Key establishment and management in wireless sensor networks are one of the important targets of security technology researches because traditional key cryptosystems are unsuitable for resource constrained sensor nodes. A novel scheme named Low-power Key Pre-distribution Scheme (LKP) was proposed. This scheme generated a combination of inherited key chain, stored the head key of the key chain and the first key of overlay of keys into each node, searched for better network connectivity between nodes according to the overlap of keys, and then analyzed the security of the LKP scheme. At last the performances of the LKP scheme such as energy consumption and capture probability were simulated. The results show that LKP scheme is better than q-composite random key pre-distribution scheme and multi-path key reinforcement scheme on security and energy.

Ashok Kumar Das

DOI: https://doi.org/10.48550/arXiv.1103.4496

2011-03-23

Abstract:Due to resource constraints of the sensor nodes, traditional public key cryptographic techniques are not feasible in most sensor network architectures. Several symmetric key distribution mechanisms are proposed for establishing pairwise keys between sensor nodes in sensor networks, but most of them are not scalable and also are not much suited for mobile sensor networks because they incur much communication as well as computational overheads. Moreover, these schemes are either vulnerable to a small number of compromised sensor nodes or involve expensive protocols for establishing keys. In this paper, we introduce a new scheme for establishing keys between sensor nodes with the help of additional high-end sensor nodes, called the auxiliary nodes. Our scheme provides unconditional security against sensor node captures and high network connectivity. In addition, our scheme requires minimal storage requirement for storing keys mainly due to only a single key before deployment in each node in the sensor network, supports efficiently addition of new nodes after initial deployment and also works for any deployment topology.

Cryptography and Security

Kui Ren,Kai Zeng,Wenjing Lou

DOI: https://doi.org/10.1002/wcm.397

2006-01-01

Abstract:In a wireless sensor network (WSN), pre-distribution of secret keys is possibly the most practical approach to protect network communications. To meet the stringent resource constraints of the sensor nodes, key pre-distribution schemes should be highly efficient, require as little storage space as possible, and at the same time, maintain a strong security strength, that is, high resilience against node capture. In this paper, a new approach for random key pre-distribution is proposed to achieve both efficiency and security goals. The novelty of this approach lies in that, instead of using a key pool consisting of random keys, a key generation technique is carefully designed such that a large number of random keys can be represented by a small number of key-generation keys. Then, instead of storing a big number of random keys, each sensor node stores a small number of key-generation keys while computing the shared secret keys during the bootstrapping phase on the fly using the computationally efficient hash function. The proposed scheme outperforms the previous random key pre-distribution schemes in that it reduces the storage requirement significantly while holding the comparable security strength, as shown by our thorough analysis and simulation. Copyright © 2006 John Wiley & Sons, Ltd.

Wei-dong Qiu,Yao-wei Zhou,Bo Zhu,Yan-fei Zheng,Zheng Gong

DOI: https://doi.org/10.1007/s11771-013-1612-x

2013-01-01

Journal of Central South University

Abstract:The key exposure problem is a practical threat for many security applications. In wireless sensor networks （WSNs）, keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption （KIE）, we propose a group key management scheme （KIE-GKMS）, which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.

Zhang Kewang,Zahng Qiong

DOI: https://doi.org/10.1109/hpcc/smartcity/dss.2018.00171

2018-01-01

Abstract:Wireless Sensor Networks (WSNs) are used in many applications in military, ecological, and health-related areas. These applications often include the monitoring of sensitive information such as enemy movement on the battlefield or the location of personnel in a building. Thus, secure data transmission is a critical issue for WSN. However, the extremely constrained nature of sensors and the potentially dynamic behavior of WSNs hinder the use of key management mechanisms commonly applied in modern wired and wireless networks. Network-wide keys schemes require only one key for any communication pairs, but such schemes' resilience is fairly low. In this paper, we propose a scheme to provide dynamic keys from environmental data sensed by the sensors. Based on the observations that sensors cannot produce 100% accurate data because of noise from sensor electronic circuit, and wireless channel is error prone, dynamic keys created by sensor data can provide high resilience. Simulation results show that the proposed scheme requires the same memory and communication resource as network-wide keys schemes, but provides the same resilience as full pairwise schemes.

Bidi Ying,Huifang Chen,Wendao Zhao,Peiliang Qiu

DOI: https://doi.org/10.1109/ICICIC.2006.449

2006-01-01

Abstract:Due to limited resources and the threats to the security, a challenging problem is how to implement secure pairwise communications among any pair of sensors in a wireless sensor network. An energy-based key management (EKM) scheme was proposed in this paper. This scheme stored identifier, residual energy and the pairwise keys into each node in the key pre-distribution phase, searched for better secure links according to the identifier and residual energy, and then took multiplied times hash functions to implement the security for EKM scheme the view of the multi-hop communication. Both analytical evaluations and extensive simulations of EKM scheme were provided. The results indicate that EKM scheme has lower energy consumption and longer the lifetime of the network, and reduces the probability of nodes capture