ABSTRACT
A prerequisite for secure communications between two sensor nodes is that these nodes exclusively share a pairwise key. Although numerous pairwise key establishment (PKE) schemes have been proposed in recent years, most of them have no guarantee for direct key establishment, no resilience to a large number of node compromises, no resilience to dynamic network topology, or high overhead. To address these limitations, we propose a novel random perturbation-based (RPB) scheme in this paper. The scheme guarantees that any two nodes can directly establish a pairwise key without exposing any secret to other nodes. Even after a large number of nodes have been compromised, the pairwise keys shared by non-compromised nodes remain highly secure. Moreover, the scheme adapts to changes in network topology and incurs low computation and communication overhead. To the best of our knowledge, the RPB scheme is the only one that provides all these salient features without relying on public key cryptography. Through prototype-based evaluation, we show that the RPB scheme is highly efficient and practical for current generation of sensor nodes. In particular, to support a sensor network with up to 216 nodes, establishing a pairwise key of 80 bits between any two 8-bit, 7.37-MHz MICA2 motes only requires about 0.13 second of CPU time, 0.33 KB RAM space, and 15 KB ROM space per node.
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, "Spins: security protocols for sensor netowrks," in Proceedings of ACM Mobile Computing and Networking (Mobicom'01), 2001, pp. 189--199. Google ScholarDigital Library
- S. Zhu, S. Setia, and S. Jajodia, "Leap: Efficient security mechanisms for large-scale distributed sensor networks," in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS '03), 2003, pp. 62--72. Google ScholarDigital Library
- F. Ye, H. Luo, J. Cheng, S. Lu, and L. Zhang, "A Two-Tier Data Dissemination Model for Large-scale Wireless Sensor Networks," ACM International Conference on Mobile Computing and Networking (MOBICOM'02), pp. 148--159, September 2002. Google ScholarDigital Library
- H. Chan, A. Perrig, and D. Song, "Random Key Predistribution Schemes for Sensor Networks," IEEE Symposium on Research in Security and Privacy, 2003. Google ScholarDigital Library
- L. Eschenauer and V. Gligor, "A Key-management Scheme for Distributed Sensor Networks," The 9th ACM Conference on Computer and Communications Security, pp. 41--47, November 2002. Google ScholarDigital Library
- W. Du, J. Deng, Y. Han, and P. Varshney, "A Pairwise Key Pre-distribution Schemes for Wireless Sensor Networks," The 10th ACM Conference on Computer and Communications Security, 2003. Google ScholarDigital Library
- D. Liu and P. Ning, "Establishing Pairwise Keys in Distributed Sensor Networks," The 10th ACM Conference on Computer and Communications Security, 2003. Google ScholarDigital Library
- C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, "Perfectly-Secure Key Distribution for Dynamic Conferences," Lecture Notes in Computer Science, vol. 740, pp. 471--486, 1993. Google ScholarDigital Library
- R. Anderson and M. Kuhn, "Low cost attacks on tamper resistant devices," in Proceedings of Security Protocols, LNCS 1361, 1998. Google ScholarDigital Library
- H. Handschuh, P. Pailer, and J. Stren, "Probing attacks on tamper resistant devices," in Proceedings of Cryptographic Hardware and Embedded Systems, CHES'99, 1999. Google ScholarDigital Library
- S. Skorobogatov, "Low temperature data remanence in static ram," in University of Cambridge, Computer Laboratory, Technical Report UCAM-CL-TR-536, June 2002.Google Scholar
- D. Samyde, S. Skorobogatov, R. Anderson, and J. Quisquater, "On a new way to read data from memory," in Proceedings of First International IEEE Security in Storage Workshop, December 2002. Google ScholarDigital Library
- "Cotsbots: The mobile mote-based robots," http://www-bsac.eecs.berkeley.edu/projects/cotsbots/.Google Scholar
- R. Pietro, L. Mancini, and A. Mei, "Random key assignment for secure wireless sensor networks," Proceeding of ACM Workshop on Security of Ad Hoc and Sensor Networks, 2003. Google ScholarDigital Library
- W. Du, J. Deng, Y. Han, and S. Chen, "A key management scheme for wireless sensor networks using deployment knowledge," IEEE INFOCOM'04, March 2004.Google Scholar
- D. Liu and P. Ning, "Location-based pairwise key establishment for static sensor networks," Proceeding of ACM Workshop on Security of Ad Hoc and Sensor Networks, 2003. Google ScholarDigital Library
- Haowen Chan and Adrian Perrig, "PIKE: Peer intermediaries for key establishment in sensor networks," in Proceedings of IEEE Infocom, Mar. 2005.Google Scholar
- Arno Wacker, Mirko Knoll, Timo Heiber, and Kurt Rothermel, "A new approach for establishing pairwise keys for securing wireless sensor networks," in Proc. of the 3rd ACM Conference on Embedded Networked Sensor Systems (SenSys), San Diego, CA, November 2005, pp. 27--38. Google ScholarDigital Library
- D. Malan, M. Welsh, and M. Smith, "A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography," First IEEE International Conference on Sensor and Ad Hoc Communications and Networks (SECON), October 2004.Google Scholar
- R. Watro, D. Kong, S. Cuti, C. Gardiner, C. Lynn, and P. Kruus, "Tinypk: Securing sensor networks with public key technology," ACM SASN'04, October 2004. Google ScholarDigital Library
- A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Shantz, "Energy analysis of public-key cryptography for wireless sensor networks," Third IEEE International Conference on Pervasive Computing and Communication (PerCom 2005), March 2005. Google ScholarDigital Library
- G. Gaubatz, J. Kaps, E. Ozturk and B. Sunar, "State of the art in ultra-low power public key cryptography for wireless sensor networks," PERCOMW '05: Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 146--150, 2005. Google ScholarDigital Library
- A. Shamir, "How to share a secret," Communications of the ACM, 1979. Google ScholarDigital Library
- W. Zhang and G. Cao, "Group rekeying for filtering false data in sensor networks: A predistribution and local collaboration-based approach," IEEE Infocom 2005, March 2005.Google Scholar
- "Crossbow technology inc," http://www.xbow.com 2004.Google Scholar
- R. Rivest, "The rc5 encryption algorithm," in Proceedings of the 1st International Workshop on Fast Software Encryption, 1994, pp. 86--96.Google Scholar
- C. Karlof, N. Sastry, U. Shankar, and D. Wagner, "Tinysec: Tinyos link layer security proposal, version 1.0," 2002.Google Scholar
- M. Bellare, R. Guerin, and P. Rogaway, "XOR MACs: New Methods for Message Authentication Using Finite Pseudo-random Functions.," Proc. of Crypto, 1995. Google ScholarDigital Library
- Jason Hill, Robert Szewczyk, Alec Woo, Seth Hollar, David E. Culler, and Kristofer S. J. Pister, "System architecture directions for networked sensors," in Architectural Support for Programming Languages and Operating Systems, 2000, pp. 93--104. Google ScholarDigital Library
- V. Shnayder, M. Hempstead, B. Chen, G. Allen, and M. Welsh, "Simulating the power consumption of large-scale sensor network applications," in Proc. of the 2nd ACM Conference on Embedded Networked Sensor Systems (SenSys), Baltimore, MD, November 2004, pp. 188--200. Google ScholarDigital Library
Index Terms
- A random perturbation-based scheme for pairwise key establishment in sensor networks
Recommendations
A constrained random perturbation vector-based pairwise key establishment scheme for wireless sensor networks
MobiHoc '08: Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computingThis paper presents a Constrained Random Perturbation Vector-based (CRPV) pairwise key establishment scheme and its variant, CRPV+ scheme, for wireless sensor networks (WSNs). Compared to all existing schemes which satisfy only some requirements in a so-...
End-to-end pairwise key establishment using node disjoint secure paths in wireless sensor networks
Resource aware random key predistribution schemes have been proposed to overcome the limitations of energy constrained Wireless Sensor Networks (WSNs). In most of these schemes, each sensor node is loaded with a key ring. Neighbouring nodes are ...
Group-based key predistribution for wireless sensor networks
Many key predistribution techniques have been developed recently to establish pairwise keys between sensor nodes in wireless sensor networks. To further improve these schemes, researchers have also proposed to take advantage of the sensors' expected ...
Comments