2013 | OriginalPaper | Buchkapitel
A Multiple-Key Management Scheme in Wireless Sensor Networks
verfasst von : Jung-Chun Liu, Yi-Li Huang, Fang-Yie Leu, Ilsun You, Feng-Ching Chiang, Chao-Tung Yang, William Cheng-Chung Chu
Erschienen in: Security Engineering and Intelligence Informatics
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In a wireless sensor network (WSN), in order to provide a secure communication environment for all the sensor nodes, we often securely authenticate network nodes and protect all the messages delivered among them. When a sensor node (or simply a node or a sensor) newly joins a WSN, it is required for the Key Distribution Server (KDS) to distribute those generated security keys to this node and all the existing nodes before they can securely communicate with each other. But due to the wireless nature, when a node broadcasts a message M, all its neighbors can receive M. To securely protect this message, a security mechanism is required. Therefore, in this paper we propose a
M
ultiple-key
Ma
nagement
S
cheme (MMaS for short), in which a sensor N receives two sets of keys from the KDS when the system starts up. The first set, named communication keys, is used by N to securely communicate with its neighbor sensors; the other, called the individual key, is employed to encrypt messages delivered between N and the KDS. When N would like to communicate with another node, e.g., M, they exchange their IDs with each other so as to correctly identify their common keys (CKs), which are used to individually generate a shared key (SK) on both sides for encrypting/decrypting messages transmitted between them. When N leaves the underlying network, the CKs currently related to N can be reused by a newly joining sensor, e.g., M. However, when M joins the network, if no such used ID is available, M will be given a new ID and CKs by the KDS. The KDS will encrypt the CKs, that will be used by an existing node H to communicate with M, with the individual key of H so that only H rather than M can correctly decrypt the CKs, with which to securely communicate with M. The security analysis shows that the proposed system is secure.