ABSTRACT
Distributed Sensor Networks (DSNs) are ad-hoc mobile networks that include sensor nodes with limited computation and communication capabilities. DSNs are dynamic in the sense that they allow addition and deletion of sensor nodes after deployment to grow the network or replace failing and unreliable nodes. DSNs may be deployed in hostile areas where communication is monitored and nodes are subject to capture and surreptitious use by an adversary. Hence DSNs require cryptographic protection of communications, sensor-capture detection, key revocation and sensor disabling. In this paper, we present a key-management scheme designed to satisfy both operational and security requirements of DSNs. The scheme includes selective distribution and revocation of keys to sensor nodes as well as node re-keying without substantial computation and communication capabilities. It relies on probabilistic key sharing among the nodes of a random graph and uses simple protocols for shared-key discovery and path-key establishment, and for key revocation, re-keying, and incremental addition of nodes. The security and network connectivity characteristics supported by the key-management scheme are discussed and simulation experiments presented.
- C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, "Perfectly Secure Key Distribution for Dynamic Conferences," in Advances in Cryptology --- CRYPTO '92, LNCS 740, Springer-Verlag, Berlin, August 1993, pp. 471--486.]] Google ScholarDigital Library
- C. Blundo, L. A. Frota Mattos and D. R. Stinson, "Tradeoffs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution," Advances in Cryptology -- CRYPTO '96, LNCS 1109, Springer Verlag, Berlin, August 1996, pp. 387--400.]] Google ScholarDigital Library
- D. W. Carman, P. S. Kruus and B. J. Matt,"Constraints and Approaches for Distributed Sensor Network Security," dated September 1, 2000. NAI Labs Technical Report #00-010, available at http://download.nai.com/products/media/nai/zip/nailabs-report-00-010-final.zip]]Google Scholar
- A. Fiat and M. Naor, "Broadcast Encryption," in Advances in Cryptology --- CRYPTO '93, LNCS 773, Springer-Verlag, Berlin, August 1993, pp. 480--491.]] Google ScholarDigital Library
- J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, K. Pister, "System architecture directions for network sensors," Proc. of ASPLOS-IX, Cambridge, Mass. 2000.]] Google ScholarDigital Library
- V.D. Gligor and P. Donescu, "Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes," Fast Software Encryption 2001, M.Matsui (ed), LNCS 2355, Springer Verlag, April 2001.]] Google ScholarDigital Library
- IBM, IBM 4758 General Information Manual, available at http://www.ibm.com/security/cryptocards/]]Google Scholar
- C.S. Jutla, "Encryption Modes with Almost Free Message Integrity," Advances in Cryptology - EUROCRYPT 2001, B. Pfitzmann (ed.), LNCS 2045, Springer Verlag, May 2001.]] Google ScholarDigital Library
- J. M. Kahn, R. H. Katz and K. S. J. Pister, "Mobile Networking for Smart Dust," ACM/IEEE Intl. Conf. on Mobile Computing and Networking (MobiCom 99), Seattle, WA, August 17-19, 1999, pp. 271--278.]] Google ScholarDigital Library
- Leo Marks, Between Silk and Cyanide - A Codemaker's War, 1941--1945, A Touchstone Book, Simon & Schuster, Inc., 2000.]]Google Scholar
- P. Rogaway, M. Bellare, J. Black, and T. Krovetz,"OCB: A Block-Cipher Mode of Operations for Efficient Authenticated Encryption," Proc. of the 8th ACM Conf. on Computer and Communication Security, Philadelphia, Penn., November 2001.]] Google ScholarDigital Library
- J. Spencer, The Strange Logic of Random Graphs, Algorithms and Combinatorics 22, Springer Verlag 2000, ISBN 3-540-41654-4.]]Google Scholar
- F. Stajano, Security for Ubiquitous Computing, John Wiley and Sons, New York, Feb. 12, 2002, ISBN: 0-470-84493-0, 267 pp.]]Google Scholar
- S.R. White and L. Comerford, "ABYSS: An Architecture for Software Protection," IEEE Transactions on Software Engineering, vol. 16, No. 6, June 1990, pp. 619--629.]] Google ScholarDigital Library
Index Terms
- A key-management scheme for distributed sensor networks
Recommendations
Establishing pairwise keys in distributed sensor networks
Pairwise key establishment is a fundamental security service in sensor networks; it enables sensor nodes to communicate securely with each other using cryptographic techniques. However, due to the resource constraints on sensor nodes, it is not feasible ...
Location-aware key management scheme for wireless sensor networks
SASN '04: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networksSensor networks are composed of a large number of low power sensor devices. For secure communication among sensors, secret keys must be established between them. Recently, several pairwise key schemes have been proposed for large distributed sensor ...
Establishing pairwise keys in distributed sensor networks
CCS '03: Proceedings of the 10th ACM conference on Computer and communications securityPairwise key establishment is a fundamental security service in sensor networks; it enables sensor nodes to communicate securely with each other using cryptographic techniques. However, due to the resource constraints on sensors, it is infeasible to use ...
Comments