Toward an energy efficient PKC-based key management system for wireless sensor networks

Document Type: ORIGINAL RESEARCH PAPER

Authors

Abstract

Due to wireless nature and hostile environment, providing of security is a critical and vital task in wireless sensor networks (WSNs). It is known that key management is an integral part of a secure network. Unfortunately, in most of the previous methods, security is compromised in favor of reducing energy consumption. Consequently, they lack perfect resilience and are not fit for applications with high security demands. In this paper, a novel method is proposed to improve the security of key management system based on broadcast messages from the base station. Another problem with WSNs is the cryptographic materials (such as private keys) stored in dead nodes. Adversaries may exploit these nodes to mount more effective attacks. Any secure key management system should also address this problem. It is argued that in the proposed method keying materials of dead nodes lose their validity, and therefore are of no use for an adversary. Finally, it is shown through simulation that the proposed method is almost three times more energy-efficient than conventional certificate-based key management systems.

Keywords


[1] I. Akyildiz, W. Su, Y Sankarasubramaniam, and E. Cayirci, "A Survey on Sensor Networks", IEEE Commun. Mag., vol. 40, no. 8, pp. 102-116, Aug. 2002.

[2] A.D. Wood and J.A. Stankovic, "Denial of service in sensor networks," IEEE Computer, vol. 35, no. 10, pp. 5462, Oct. 2002.

[3] Y. M. Huang, M. Y. Hsieh, H. C. Chao, S. H. Hung, and J. H. Park, "Pervasive, Secure Access to a Hierarchical Sensor-Based Healthcare Monitoring Architecture in Wireless Heterogeneous Networks," IEEE Journal on Selected Areas in Communications, vol. 27, no. 4, pp. 400-411, May 2009.

[4] L. Buttyan, D. Gessner, A. Hessler, and P. Langendoerfer, "Application of wireless sensor networks in critical infrastructure protection: challenges and design options [Security and Privacy in Emerging Wireless Networks]," IEEE Wireless Communications, vol. 17, no. 5, pp. 44-49, Oct. 2010.

[5] G. Wener-Allen, K. Lorincz, M. Ruiz, O. Marcillo, J. Johnson, J. Lees, and M. Welsh, "Deploying a wireless sensor network on an active volcano, "IEEE Internet Computing, vol. 10, no. 2, pp. 18-25, March-April 2006.

[6] I.F Akyildiz, E.P. Stuntebeck, "Wireless underground sensor networks: Research challenges," Ad Hoc Networks, vol. 4, no. 6, pp. 669-686, Nov. 2006.

[7] J. Yick, B. Mukherjee, and D. Ghosal, "Analysis of a Prediction-based Mobility Adaptive Tracking Algorithm," in: Proc. 2nd International Conference on Broadband Networks (BroadNet 2005), pp. 753-760, 2005.

[8] G. Simon, M. Maroti, A. Ledeczi, G. Balogh, B. Kusy, A. Nadas, G. Pap, J. Sallai, and K. Frampton, "Sensor network-based countersniper system," in Proc. 2nd International Conference on Embedded Networked Sensor Systems (Sensys), 2004, pp. 1-12.

[9] Eschenauer L, Gligor BD, "A key-management scheme for distributed sensor networks," in: Proc. of the 9th ACM conference on computer and communication security, Washington, DC, USA, pp. 41-47, 2002.

[10] Liu D, Ning P, "Establishing pairwise keys in distributed sensor networks," in: Proceedings of 10th ACM conference on computer and communications security (CCS03), Washington, DC, pp. 41-47, 2003.

[11] Du W, Deng J, Han YS, Varshney P, Katz J, Khalili A, "A pairwise key pre-distribution scheme for wireless sensor networks," ACM Transactions on Information and System Security (TISSEC), vol. 8, no. 2, pp. 228-258, 2005.

[12] Y. Xiao, V. K. Rayi, B. Sun, X. Du, F. Hu and M. Galloway, "A survey of key management schemes in wireless sensor networks," Computer Communications, vol. 30, no. 11-12, pp. 2314-2341, Sept. 2007.

[13] J. Zhang and V. Varadharajan, "Wireless sensor network key management survey and taxonomy," Journal of Network and Computer Applications, vol. 33, no. 2, pp. 63-75, Mar. 2010.

[14] O. Delgado-Mohatar, A. Fuster-Sabater, J. Sierra, "A light-weight authentication scheme for sensor networks," Ad Hoc Networks, vol. 9, no. 5, pp. 727-735, July 2011.

[15] M. Conti, R. Di Pietro , L. V. Mancini, and A. Mei, "Distributed Detection of Clone Attacks in Wireless Sensor Networks," IEEE Trans. Dependable and Secure Computing, vo. 8, no. 5, pp. 685-698, Sept.- Oct. 2011.

[16] C. Alcaraz, J. Lopez, R. Roman, H. H. Chen, "Selecting key management schemes for WSN applications," Computers & Security, vol. 31, no. 8, pp. 956-966, 2012.

[17] N. Gura, A. Patel, A. Wander, H. Eberle, and S. Shantz, "Comparing elliptic curve cryptography and rsa on 8-bit cpus," in Proc. 6th International Workshop on cryptographic hardware and embedded systems (CHES 2004), pp. 119-132, 2004.

[18] W. Du, R. Wang, and P. Ning, "An Efficient Scheme for Authenticating Public Keys in Sensor Networks," in Proc. 6th ACM international symposium on Mobile ad hoc networking and computing (MobiHoc'05), May 2005, pp.58-67.

[19] A. S. Wander, N. Gura, H. Eberle, V. Gupta, and S. C. Shantz, "Energy Analysis of Public-Key Cryptography on Small Wireless Devices," in Proc. 3rd IEEE international conference on pervasive computing and communications (PerCom 2005), 2005, pp. 324-328.

[20] A. S. Wander, N. Gura, H. Eberle, V. Gupta, and S. C. Shantz, "Energy Analysis of Public-Key Cryptography on Small Wireless Devices," in Proc. 3rd IEEE international conference on pervasive computing and communications (PerCom 2005), 2005, pp. 324-328.

[21] R. Watro, D. Kong, S. Cuti, C. Gardiner, C. Lynn, and P. Kruus, "TinyPK: securing sensor networks with public key technology," in Proc. 2nd ACM workshop on Security of ad hoc and sensor networks (SASN '04), 2004, pp. 58-64.

[22] M.L. Das, "Two-Factor User Authentication in Wireless Sensor Networks," IEEE Trans. on Wireless Communications, vol. 8, no. 3, pp. 1086-1090, March 2009.

[23] K. Ren, W. Lou and K. Zeng, and P. J. Moran, "On Broadcast Authentication in Wireless Sensor Networks," IEEE Trans. on Wireless Communications, vol. 6, no. 11, pp. 4136-4144, Nov. 2007.

[24] F. Hess, "Efficient identity based signature schemes based on pairings," in Proc. 9th Annual International Workshop on Selected Areas in Cryptography (SAC02), 2003, pp. 310324.

[25] X. Cao, W. Kou, L. Dang, and B. Zhao, "IMBAS: identity-based multi-user broadcast authentication in wireless sensor networks," Computer communications, vol. 31, no. 14, pp. 659667, March 2008.

[26] K. Shim, Y. Lee, and C. Park, "EIBAS: An efficient identity based broadcast authentication scheme in wireless sensor networks," Ad Hoc Networks, vol. 11, no. 1, pp. 182189, Jan. 2013.

[27] Standard specification of public key cryptography Amendment 1: additional techniques, IEEE P1363a, 2004.

[28] C. H. Lim, "Secure Code Dissemination and Remote Image Management Using Short-Lived Signatures in WSNs," IEEE Communications Letters, vol. 15, no. 4, pp. 362-364, April 2011.

[29] K. Ren, S. Yu, W. Lou, and Y. Zhang, "Multi- user broadcast authentication in wireless sensor networks," IEEE Trans. on Vehicular Technology, vol. 58, no. 8, pp. 4554-4564, Oct. 2009.

[30] Y. Liu, J. Li, and M. Guizani, "PKC Based Broadcast Authentication using Signature Amortization for WSNs," IEEE Trans. on Wireless Communications, vol. 11, no. 6, pp. 2106-2115, June 2012.

[31] H. Ghasemzadeh, M.R. ARef, and A. Payandeh, "A novel and low energy PKC-based key agreement protocol for WSNs," International conference on information security and cryptology (ISCISC 13), 2013, pp. 1-6.

[32] A. Perrig, R. Canetti, D. Song, and J. D. Tygar, "Efficient authentication and signing of multicast streams over lossy channels," in Proc. IEEE Symposium on Security and Privacy (S&P 2000), 2000, pp. 56-73.

[33] D. Liu, P. Ning, "Multilevel µTESLA: Broadcast authentication for distributed sensor networks," ACM Transactions on Embedded Computing Systems, vol. 3, no. 4, pp. 800-836, Nov. 2004.

[34] J. Drissi, Q. Gu, "Localized broadcast authentication in large sensor networks," In International conference on Networking and Services, 2006. ICNS'06, pp. 25-25.

[35] W. H. Chen, Y. J. Chen, "A C-µTesla Protocol for Sensor Networks," Journal of Informatics & Electronics, vol. 2, no. 2, pp. 29-32, Nov. 2008.

[36] W. H. Chen, Y. J. Chen, "A bootstrapping scheme for inter-sensor authentication within sensor networks," IEEE Communications Letters, vol. 9, no. 10, pp. 945-947, 2005.

[37] J. W. Kim, Y. H. Kim, H. Lee, D. H. Lee, "A practical inter-sensor broadcast authentication scheme," in Proc. 4th international conference on Universal access in human computer interaction, 2007, pp. 399-405.

[38] D. Liu, P. Ning, S. Zhu, S. Jajodia, "Practical broadcast authentication in sensor networks," The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2005, pp. 118-129.

[39] B. Bloom, "Space/time tradeoffs in hash coding with allowable errors," Communication of ACM, vol. 13, no. 7, pp. 422426, July 1970.

[40] M. Mitzenmacher, "Compressed Bloom Filters," IEEE/ACM Transactions on Networks, vol. 10, no. 5, pp. 604-612, Oct. 2002.

[41] R. Merkle, "Protocols for public key cryptosystems," in Proc. IEEE Symposium Research Security Privacy, 1980, p. 122.

[42] W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, and A. Khalili, "A pairwise key pre-distribution scheme for wireless sensor networks," ACM Transactions on Information and System Security, vol. 8, no. 2, pp. 228259, May 2005.

[43] A. Wood, J. A. Stankovic, and S. H. Son, "JAM: A mapping service for jammed regions in sensor networks," in Proc. 24th IEEE Real-Time Systems Symposium (RTSS 2003), 2003, pp. 286-297.

[44] Y. C. Hu, A. Perrig, and D.B Johnson, "Packet leashes: A defense against wormhole attacks in wireless ad hoc networks," in Proc. 22nd Annual joint conference of the IEEE computer and com- munication (Infocom 2003), 2003, pp. 1976-1986.

[45] J. M. McCune, E. Shi, A. Perrig and M. K.Reiter, "Detection of Denial-of-Message Attacks on Sensor Network Broadcasts," in Proc. IEEE Symposium on Security and Privacy, 2005, pp. 64-78.

[46] N. R. Potlapally, S. Ravi, A. Raghunathan and N. K. Jha, "Analyzing the Energy Consumption of Security Protocols," in Proc. 2003 international symposium on Low power electronics and design (ISLPED '03), 2003, pp. 30-35.