1 views

Uploaded by sathish14singh

- Wireless Sensor Networking in Matlab: Step-by-Step
- Measurement of NPK, Temperature, Moisture, Humidity using WSN
- Reconfigurable Smart Sensor Interface for Industrial WSN in IoT Environment
- Pid 4569223
- The Proposal Of Hybrid Intrusion Detection For Defence Of Sync Flood Attack In Wireless Sensor Network
- TOSSIM Intelligent Home
- Optimal Design of a Boost-type DC-DC Converter for PV Power-Supplied Wireless Sensor Networks
- 3Vol49No2.pdf
- Ieee 2014-2015 Dotnet Projects Completed Final List
- Distributed Algorithms for Maximizing the Lifetime of WSNs with Heterogeneity for Adjustable Sensing Ranges
- A Study on Energy Model Prototyping in Various Simulators of WSN
- IRJET-Energy Efficiency and Security based Multihop Heterogeneous Trusted Third Party Protocol in WSN
- IJETTCS-2012-10-10-041.pdf
- VPN
- IRJET-ANOVA-based Clustering Approach For Similarity Aggregation In Underwater Wireless Sensor Networks Using An Enhanced K-means Algorithm
- Information Content-Based Sensor Selection and Transmission Power Adjustment for Collaborative Target Tracking
- BeanDevice TOR
- Multihead Node Selection Technique for Improving Lifetime and Energy Efficiency of WSN
- sensors-15-24735.pdf
- wsn (1)

You are on page 1of 4

Networks

Hu Tong-sen, Chen Deng, Tian Xian-zhong

College of Information Engineering,

Zhejiang University of technology, Hangzhou 310032, China

hts@zjut.edu.cn, dengchn@126.com, txz@zjut.edu.cn

Abstract

Key establishment is a fundamental security issue in

wireless sensor networks (WSN). It is the basis to

establish the secure communication using cryptographic

technologies between sensor nodes. Due to the current

resource constraints on sensors, it is infeasible to use

traditional key management techniques such as public key

cryptography or key distribution center based protocols.

So the key predistribution schemes are paid most attention

in key management of WSN. To establish pairwise keys

securely and meanwhile prevent a number of

compromised colluding nodes from breaking the pairwise

key shared by any two innocent nodes, we propose an

enhanced polynomial-based key establishment scheme

(EPKES) for WSN. In EPKMS, we introduce an auxiliary

set to improve the security level compared to previous

schemes. The results of performance evaluations show

that our proposed scheme has a good key connectivity,

scalability, direct key establishment, resilience to nodes

capture and storage consumption.

1. Introduction

Wireless sensor networks consist of a number of tiny

sensor nodes, which are powered by batteries, equipped

with sensing, data processing and short-range radio

communications components

[1, 2]

. Recent advancements

in micro electromechanical systems and wireless

communications technologies have led to the development

and application of WSN. WSN are expected to play key

roles in many applications, such as managing energy

plants, battlefields and medical monitoring

[3]

. WSN are

usually connected to the outside world through a

computationally powerful center called the sink that is

also responsible for data collection and data fusion.

When sensor networks are deployed in a hostile

environment, security is of great importance, as there are

varieties of malicious attacks. For example, an adversary

can easily listen to the network traffic, impersonate sensor

nodes, or intentionally provide misleading information to

the sensors. Thus, node-to-node communication should be

encrypted and authenticated to provide security. The core

problem is how to establish secret keys between

communicating nodes? Generally, the current solutions

for this problem can be summarized as:1)the arbitrated

keying protocols, 2) self-enforcing protocols and 3)

pre-distribution keying protocols. The first solution relies

on some trusted center, which is vulnerable to single point

failure. The second one uses the asymmetric encryption

cryptography, which is limited by the current computation

abilities and energy resources of WSN. So we mainly

consider applying the third one, in which keys or key

materials are loaded into nodes before deployment.

The main contributions of this paper are summarized as

follows: 1) we introduce an auxiliary set for the nodes ID

set to generate piarwise keys and make it more difficult to

break the symmetric polynomials. 2) Any two sensors can

definitely establish a pairwise key when needed, even

with some nodes compromised. 3) We provide an

evaluation of the proposed scheme.

The paper is organized as follows. In Section 2, some

security requirements and evaluation metrics are

introduced. In Section 3, some predistribution key

management schemes are examined and discussed. We

present our scheme in Section 4. In Section 5, we give the

evaluation of our scheme. And we conclude in Section 6.

2. Security requirements and evaluation

metrics

Due to the constraints of WSN nodes, such as limited

power, low transmission range, limited storage and

working memory, pairwise key establishment (PKE) in

WSN is challenging. A PKE scheme must meet the

following requirements:

1) Key connectivity: the probability that two nodes in

communication range share at least one key. A good PKE

scheme should guarantee that any two nodes can establish

a pairwise key whenever needed.

2008 International Workshop on Education Technology and Training & 2008 International Workshop on Geoscience and Remote Sensing

978-0-7695-3563-0/08 $25.00 2008 IEEE

DOI 10.1109/ETTandGRS.2008.373

809

2008 International Workshop on Education Technology and Training & 2008 International Workshop on Geoscience and Remote Sensing

978-0-7695-3563-0/08 $25.00 2008 IEEE

DOI 10.1109/ETTandGRS.2008.373

809

2) Direct key establishment: a PKE scheme should

allow two nodes that can communicate with each other to

establish a pairwise key without exposing secrets to or

obtaining secrets from any third parties (e.g., a central

on-line server). The involvement of third parties is highly

undesirable because third parties may have been

compromised.

3) Resilience to sensor nodes capture: whenever a WSN

node is captured, the information it carries may be

retrieved by the adversary. The fraction of total keys

information exposed to adversary can be considered as the

resilience.

4) Scalability: it is the possibility that new nodes might

be added later. A good PKE scheme should have a good

scalability.

5) Storage consumption: it is measured by the amount

of keying information stored in each node. A good PKE

scheme should have a less storage consumption.

3. Related work

Key establishment is a fundamental security issue in

WSN. It is the basis to establish the secure communication

using cryptographic technologies between sensor nodes.

As mentioned in Section 1, due to the current resource

constraints on sensors, it is infeasible to use traditional

key management techniques, such as public key

cryptography or key distribution center based protocols.

Consequently, the key predistribution schemes are paid

most attention in key management of WSN. Current key

predistribution schemes can be classified into three types:

1) random key predistribution schemes

[4, 5]

, 2)

polynomial-based key predistribution schemes

[6, 7, 8]

, 3)

Matrix-based key predistribution schemes

[9, 10]

and 4)

deterministic key predistribution schemes

[11]

.

Now, we mainly introduce the basic polynomial-based

key predistributin scheme

[8]

proposed by Blundo et al.,

which is the basis of our EPKES. To predistribute

pairwise keys, the offline authority first randomly

generates a bivariate, t-degree, symmetric polynomial

over a finite field Fq, where q is

a large prime number, and . Before

deploying each sensor node into the network, the authority

assigns a unique ID (e.g., u) to each node. Then, the

authority computes and preloads a univariate polynomial

share of for the node. In particular, for the node

with ID u, the preloaded share ,

where . For any two nodes u and v,

node u can compute the key shared with node v, i.e., f(u,

v), by evaluating f(u, y) at y = v. Node v can compute f(v, u)

in the similar way. Since f(x, y) is symmetric, f(u, v) = f(v,

u). Then, node u and v can agree on the same key for

communication. So to establish a pairewise key both

nodes need to evaluate the polynomial with the ID of the

other node.

j

t

j i

i

ij

y x a y x f

0 ,

) , (

) , ( ) , ( x y f y x f

) , ( y x f

j

t

j

j u

y b y u f

0

,

) , (

t

i

i

j i j u

u a B

0

, ,

It is proved in paper [8] that Blundos scheme is

unconditionally secure and t-collusion resistant; that is to

say, a coalition of no more than t compromised nodes

cannot know anything about the key shared by any two

non-compromised nodes. However, if (t + 1) or more

nodes are compromised, the adversary can find out the

pairwise key shared by any two non-compromised nodes.

Suppose nodes u

0

, u

1

, , u

t

are compromised. The

adversary can construct (t + 1) systems of linear equations,

and each system includes (t + 1) linear equations. By

solving these linear equations, the adversary can find out

all the coefficients of symmetric polynomial f(x, y).

Though, the security level of Blundos scheme can be

improved by increasing t, it is not scalable since the

computational complexity and the storage overhead

increase rapidly as t increases. To improve the security

level, Liu and Ning

[6]

proposed a scheme that combine

Blundos scheme with the key pool idea

[4, 5]

.

4. An enhanced polynomial-based key

establishment scheme

To securely establish pairwise keys and meanwhile

prevent a number of compromised colluding nodes from

breaking the pairwise key shared by any two innocent

nodes, we propose an enhanced polynomial-based key

establishment scheme (EPKES). This scheme relies on

polynomials to generate pairwise keys, and the

polynomials are defined over a finite field denoted as Fq.

The details of EPKES are as follows.

4.1. System model and assumptions

We consider WSN are composed of a large number of

resources constraint sensor nodes, such as the Berkeley

MICA motes

[12]

. These nodes have limited power supply,

storage space, and computational capability. The sensor

network is administrated by an offline authority, which is

responsible for node initialization and deployment. Before

deploying a node, the authority assigns the node a unique

identity (ID) from a set of legitimate IDs. The following

are some assumptions:

1) Each node has a unique ID.

2) All nodes have been authenticated when deployed.

3) The system is fully distributed.

4) All nodes have the same WSN module, such as

Berkeley MICA.

5) All sensor nodes keep unmoving after deployment.

810 810

4.2. Notations

The following is a list of notations used in presenting

the EPKES:

z N: the size of the network, i.e., the total number of

sensor nodes.

z S: a set of legitimate IDs for sensor nodes. In this

paper, we let S {1, , N}.

z T: a auxiliary set for S. T {N+1, , 2N}.

z A(i): a sub-set of T for node i, A(i) ={i

k

|i

k

T,

k=1, , n}, n is the size of A(i).

z f(x, y): a symmetric polynomial, in which the degree

of x and y are both t.

z P(i): the polynomial share set stored in node i, and

P(i)={f(s, y)|sA(i)}.

z K: the final session key between two communicating

nodes.

z Ks: share key segment computed by the polynomial,

for sT, Ks=f(s, y).

z Ki, j: pairwise key between node i and j.

z q: a large prime number in finite field Fq.

4.3. Description of EPKES

EPKES contains two phases: 1) system initialization

and polynomial predistribution phase, and 2) pairwise key

establishment phase.The scheme is described as follows:

4.3.1 System initialization and polynomial predistribu-

tion. In the initialization stage of the EPKES, the

authority:

1) Constructs a set ( S ) of legitimate node IDs and an

auxiliary set ( T ) for S.

2) Randomly generates a bivariate t-degree polynomial

f(x, y) over a field Fq, where , and

for any x and y, f(x, y) = f(y, x).

j

t

j i

i

ij

y x a y x f

0 ,

) , (

3) Pick a unique ID from S and A(i) from T for each

node.

4) Before a node (with ID iS) is deployed, the

authority preload P(i) which is a n univariate polynomial

shares of the equation to the node.

4.3.2. Pairwise key establishment. Figure 1 is a small

part of WSN topology. We now demonstrate how any two

nodes (say b and c) can establish a pairwise key. When

node b wants to communicate securely with node c, the

key establishment process bases on the shares of n

polynomials. We describe this process in the following

steps:

Step 1: b sends a message contained A(b) to node c.

Step 2: after c received the message from b, c sends a

reply message contained A(c) to node b; then c computes

f(c

1

, b

1

), f(c

2

, b

2

), , f(c

n

, b

n

).

Step 3: when b received the reply message from c, node b

computes f(b

1

, c

1

), f(b

2,

c

2

), , f(b

n

, c

n

).

Step 4: then node b computes the final session key with c,

for b, K=K

b, c

=f(b

1

, c

1

)f(b

2

, c

2

) f(b

n

, c

n

); node c

computes K

c, b

= f(c

1

, b

1

)f(c

2

, b

2

) f(c

n

, b

n

). Then

we can easily find that the session key K=K

b, c

= K

c, b

.(is

Exclusive OR.)

Step 5: for node b, destroy f(b

1

, c

1

), f(b

2,

c

2

), , f(b

n

, c

n

)

and store K

b, c

; for node c, destroy f(c

1

, b

1

), f(c

2

, b

2

), ,

f(c

n

, b

n

) and store K

c, b

.

Figure 1. A part of WSN topology

5. Performance evaluation

In this section, we evaluate the proposed EPKES by the

metircs given in section 2.

5.1. Key connectivity

From the description of EPKES, we can easily see that

our scheme can guarantee any two neighbor nodes

establish a pairwise key when needed. Compared to the

random schemes, such as E-G scheme

[4]

, which is

probabilistic based and cant guarantee any two neighbor

nodes establish a session key, EPKES has a full key

connectivity.

5.2. Direct key establishment

EPKES can not only guarantee any two neighbor nodes

estabish a pairwise key, but aslo guarantee multi-hop

nodes estabsih a session key directly when needed.

Because each node only send set A(i) to other nodes

instead of session key, it doesnt expose secrets to any

third parties.

5.3. Resilience to sensor nodes capture

Because the adversary cannot obtain the original shares

of polynomial f(x, y), it has prohibitively high complexity

to break f(x, y) even if it has compromised a large number

of sensor nodes in EPKES. As we know, increasing the

size of WSN increases the probability of compromising

more than t nodes, but instead of using a single share

t-degree polynomial, n-share of polynomials is used in our

scheme to enhance the security. To break our scheme, the

811 811

adversary should first break K=K

1

K

2

K

n

, then

break the t-degree polynomial, but K

1

, K

2

, , K

n

are

destroyed after K is generated and the cost to get K

1

,

K

2

, , K

n

is O (m

n

) (assume K is m bits). For this reason,

compared to the existing key predistribution schemes

[4, 5,

6]

, EPKES is substantially more resilient against nodes

capture.

5.4. Scalability

New nodes can be easily added in EPKES, since each

node is preloaded with a bivariate t-degree polynomial

and an auxiliary set, rather than the real key itself before

WSN deployment. So it is very easily for new nodes to

establish session keys with the existing nodes when

needed. The detailed key establishment process is the

same as the section 4.3.2.

5.5. Storage consumption

Our scheme finally destroys the segment share key K

1

,

K

2

, , K

n

, and it only stores the session key with

communicating nodes, so the storage consumption is the

same as Blundos scheme

[8]

. Compared to the random

schemes

[4, 5]

, EPKES need less storage. Figure 2 shows

the storage consmption per node of EPKES and E-G

scheme

[4]

. Because nodes only establish keys when

needed in EPKES, but nodes preload a key ring in E-G

scheme, we can see that EPKESs storage consumption is

generally less than E-G scheme.

0

!00

?00

300

+00

00

b00

00

!000 ?000 3000 +000 000 b000

WSN size:N

N

u

m

b

e

r

o

f

k

e

y

s

llllS l0 :hm

Figure 2. Storage consumption comparison

6. Conclusion

We have presented a new pairwise key establishment

scheme named EPKES for WSN. Our scheme improves

the security level of WSN. Moreover, our scheme is

scalable and flexible. New nodes can be very easily added,

and session keys can be directly established with the

existing nodes when needed. The results of performance

evaluations also show that the proposed EPKES has a

good key connectivity, resilience to nodes capture and

storage consumption.

Acknowledgement

This paper was supported by Zhejiang Natural Science

Foundation No. Y107553.

References

[1] Chong C.Y., Kumar S.P., Sensor Networks Evolution,

Opportunities and Challenges, Proceedings of the IEEE,

2003, Vol. 91, No. 8, pp. 1247-1256.

[2] Akyildiz IF, SuWL, Sankarasubramaniam Y, Cayirci E, A

survey on sensor networks, IEEE Communications

Magazine, 2002, Vol. 40, No. 8, pp. 102-114.

[3] T. Arampatzis, J. Lygeros, S. Manesis, A survey of

applications of wireless sensors and wireless sensor

networks, Proc. IEEE Int. Symp. Intelligent Control, vol. 1,

Limassol, Cyprus: IEEE, June 2005, pp. 719-724.

[4] L.Eschenauer, V.D. Gligor. A key management scheme

for distributed sensor networks", Proc. of the 9th ACM

Conference on Computer and Communication Security,

Washington, DC, USA, 2002.

[5] H.Chan, A.Perrig, D.Song, Random Key Predistribution

Schemes for Sensor Networks", Proc. of the 2003 IEEE

Symposium on Security and Privacy, 2003, pp. 197-213.

[6] Liu D, Ning P, Establishing pairwise keys in distributed

sensor networks, Proceedings of 10th ACM Conference on

Computer and Communications Security, Washington DC:

ACM Press, 2003, pp. 41-47.

[7] Liu D, Ning P, Improving key pre-distribution with

deployment knowledge in static sensor netowrks, ACM

Transactions on Sensor Networks, 2005, Vol. 1, No. 2,

pp.204-239.

[8] Blundo C, Santix A D, Herzberg A, Perfectly- secure key

distribution for dynamic conferences, Proceedings of the

12th Annual International Cryptology Conference on

Advances in Cryptolog, Berlin: Spring-Verlag, 1992, pp.

471- 486.

[9] Du W, Deng J, Han Y S, Varshney P, Katz J, Khalili A, A

pairwise key pre-distribution scheme for wireless sensor

networks, ACM Transactions on Information and System

Security (TISSEC), 2005, Vol. 8, No. 2, pp. 228-258.

[10] Huang D, Mehta M, Medhi D, Harn L, Location-aware

key management scheme for wireless sensor networks,

Proceedings of ACM Workshop on Security of Ad Hoc and

Sensor Networks (SASN04), Washington DC, USA: ACM

Press, 2004, pp. 29-42.

[11] Lee J, Stinson D R, Deterministic key predistribution

schemes for distributed sensor networks, Proceedings of

ACM Symposium on Applied Computing 2004, Lecture

Notes in Computer Science 3357 (2005), Waterloo, Canada:

Springer, 2004, pp. 294-307.

[12] http://www.xbow.com/Products/Product_pdf_files/Wireless

_pdf/MICA.pdf

812 812

- Wireless Sensor Networking in Matlab: Step-by-StepUploaded byPragyan Sen
- Measurement of NPK, Temperature, Moisture, Humidity using WSNUploaded byAnonymous 7VPPkWS8O
- Reconfigurable Smart Sensor Interface for Industrial WSN in IoT EnvironmentUploaded byjalosu6700
- Pid 4569223Uploaded byRiki Siregar RUli
- The Proposal Of Hybrid Intrusion Detection For Defence Of Sync Flood Attack In Wireless Sensor NetworkUploaded byijcses
- TOSSIM Intelligent HomeUploaded byFatimah Batool
- Optimal Design of a Boost-type DC-DC Converter for PV Power-Supplied Wireless Sensor NetworksUploaded byIoannis Mandourarakis
- 3Vol49No2.pdfUploaded byPravin Dabhi
- Ieee 2014-2015 Dotnet Projects Completed Final ListUploaded byIEEEJAVAPROJECTS
- A Study on Energy Model Prototyping in Various Simulators of WSNUploaded byInternational Organization of Scientific Research (IOSR)
- IRJET-Energy Efficiency and Security based Multihop Heterogeneous Trusted Third Party Protocol in WSNUploaded byIRJET Journal
- IJETTCS-2012-10-10-041.pdfUploaded byAnonymous vQrJlEN
- Distributed Algorithms for Maximizing the Lifetime of WSNs with Heterogeneity for Adjustable Sensing RangesUploaded bySEP-Publisher
- VPNUploaded bykiransawant11
- IRJET-ANOVA-based Clustering Approach For Similarity Aggregation In Underwater Wireless Sensor Networks Using An Enhanced K-means AlgorithmUploaded byIRJET Journal
- Information Content-Based Sensor Selection and Transmission Power Adjustment for Collaborative Target TrackingUploaded bypadmavathi_ganji
- BeanDevice TORUploaded byBeanAir
- Multihead Node Selection Technique for Improving Lifetime and Energy Efficiency of WSNUploaded byEditor IJRITCC
- sensors-15-24735.pdfUploaded byMekki Ichkern
- wsn (1)Uploaded byAnand Pandey
- New Microsoft Office Word Document (2)Uploaded byVenkatesh Gupta
- abobor64673aUploaded bygabriel
- rrl1Uploaded byMerlyCalva
- 2014-15 Java TitlesUploaded bydhab_aks
- A CROSS-LAYER APPROACH FOR MINIMIZING INTERFERENCE AND LATENCY OF MEDIUM ACCESS IN WIRELESS SENSOR NETWORKSUploaded byAIRCC - IJCNC
- 125874Uploaded byFattihi Ekhmal
- Speed 07Uploaded bydocpot2008
- Underwater July2016Uploaded byLibra Man
- Ella's Research ProposalUploaded byMapa Estrella

- free space opticsUploaded bythachayani
- Satellite Communication - 1Uploaded bysathish14singh
- SC-Ppt Jntuworld.com JWFILESUploaded byBala Krishna
- Statellite Communication NotesUploaded bysathish14singh
- 05521389Uploaded bysathish14singh
- ADC_John G.P8Uploaded bysathish14singh
- ADC_John G.P5Uploaded bysathish14singh
- ADC_John G.P1Uploaded bysathish14singh
- ADC_John G.P0Uploaded bysathish14singh
- 05712620Uploaded bysathish14singh
- 05665172Uploaded bysathish14singh
- 05663897Uploaded bysathish14singh
- 05614961Uploaded bysathish14singh
- 05594071Uploaded bysathish14singh
- 05585806Uploaded bysathish14singh
- 05555531Uploaded bysathish14singh
- 05551348Uploaded bysathish14singh
- 05506754Uploaded bysathish14singh
- 05494192Uploaded bysathish14singh
- 05451156Uploaded bysathish14singh
- 05437270Uploaded bysathish14singh
- 05355821Uploaded bysathish14singh
- 04801770Uploaded bysathish14singh
- 04773713Uploaded bysathish14singh
- 04678394Uploaded bysathish14singh
- 01609870Uploaded bysathish14singh
- 01595554Uploaded bysathish14singh
- 01519680Uploaded bysathish14singh
- 00861191Uploaded bysathish14singh

- Palm Oil BiofuelUploaded byLai Mei Ee
- CredoUploaded byJames & Jytte Bowers
- Live Device Guide for ClyphXUploaded byjaime vargas
- Price XirrusUploaded bytioino
- Diffusion Kinetics in SolidsUploaded bySANJIT KUMAR PARIDA
- Vergel y CastellanosUploaded byHarry Jurado Quitian
- 72990788 the Lord is My ShepherdUploaded byDhanish Truman
- Excellence AwardUploaded bysanusi69
- Discoloration in Lube OilUploaded bydabir123
- BiliaryUploaded byOkkar Pyisoe
- A Calculated Study of Wet Steam Flow in the Combined ExhaustUploaded bymehmacar
- Fiber Bragg Grating based temperature and strain sensor simulation for biomedical applicationsUploaded bywilrilo
- Breastfeeding Today June 2012 IssueUploaded bySunny Side
- Quickscan i Qm2400Uploaded byDaniel Morales
- Warp KnittingUploaded byGülden Altıncı
- Esthetic-localized-soft-tissue-ridge-augmentation-in-a-fixed-partial-denture-a-case-report.pdfUploaded byAmar Bhochhibhoya
- The Role of Interaction between Paenibacillus polymyxa Bacteria and Pyrolusite-Hematite System through BioflotationUploaded byIRJET Journal
- Monitoring and Analysis of Vertical and Horizontal Deformations of a Large Structure Using Conventional Geodetic TechniquesUploaded byETEJE SYLVESTSTER OKIEMUTE
- CBlift Ascent Bracket Kit R1 1109Uploaded byErik Lara
- PC2000-8_CEN00130-04Uploaded byBqdcc6
- Chemistry Explosives How to Make SemtexUploaded byjim100ab
- Integrals of Functions of a Real VariableUploaded bySolomon Antoniou
- Tips Reading Chest X-rayUploaded byIrwan Iskandar Jusoh
- Detecting Lube Problems Shock Pulse-1Uploaded byAlex Callisaya
- 238 Guillain Barre SyndromeUploaded byDr. Anish Golchha
- DCPR_English2034Uploaded byDDN ARCHITECTS
- ch02_Q&A_HW1.pdfUploaded byBayron Eduardo Centeno
- StygianUploaded byTrisha Salvatierra
- LP 7 StM Ch 7 Int Strat 15Nov17Uploaded byZain Hasan
- Sia MangUploaded bytunggthang