Jump to content
Invision Community
ANTIVIRUS & SPAM Antivirus Anti Spam Anti Spyware Free Virus Scanner Antivirus Comparison Antivirus for Android Antivirus for Mac Anti Spam for Android Anti Spyware for Android
Sign in to follow this  

Wireless Sensor Network Security

Recommended Posts

Wireless Sensor Network Security

Q-Composite Key Scheme

The basic scheme was extended by the q-composite key scheme . Instead of designing for a given probability p of sharing a single key, the parameters are altered such that any two nodes have a given probability p of sharing at least q different keys from the key pool. All q keys are used in the generation of the key, which encrypts communications between sensor nodes; hence to eavesdrop on the secured link, the adversary now has to compromise all q keys instead of just one. As q increases, it is exponentially harder for the attacker to break a link by taking possession of a given set. However, increasing the probability of overlap in this fashion naturally involves reducing the size of the key pool Q. Thus, the smaller key-pool size makes the scheme more vulnerable to an adversary that is capable of compromising larger numbers of sensor nodes.

The key predistribution phase of this model is similar to Phase I n, the basic random key predistribution scheme, with the only exception being the key-pool size Q. In the shared key discovery phase, each node must find nodes that share all common keys with each other. The discovery mechanism is similar to that of Phase II. Although a broadcast-based approach is susceptible to an eavesdropping attack, alternative methods that are slower but more secure are suggested where the nodes use the Merkle puzzle for key discovery. After the discovery phase, each node would be able to recognize its immediate neighboring nodes with which it would share at least q keys. Subsequently, each node could establish a link between nodes that share at least q keys by hashing the keys in some canonical order.

In this scheme, the key pool size |Q| has a critical role because with a larger Q, the probability of any two nodes sharing at least q keys would be much less. Consequently, after bootstrapping, the network may not be connected. On the contrary, if |Q| is small, the security of the network is compromised. Hence |Q| should be such that the probability of sharing at least q key should be greater than or equal to the probability of successfully achieving a key setup with any of its neighbors. The approach used to calculate the probability of any two nodes sharing exactly i keys p′(i) is similar to calculating p, as shown in Eq. (18.4), and is given as


For example, in Fig. 18.5, we find the value of |Q| for a given m and i. In this case, for m = 200 and i = 10, we achieve a maximum p′(i) for |Q| = 3900.


Figure 18.5. Key-pool set |Q| selection based on p′(i) for m = 200 and i = 10.

In general, random key predistribution presents a desirable trade-off between the insecurity of using a single network-wide key and the impractical high memory overhead of using unique pairwise keys. Its main advantage is that it provides much lower memory overhead than the full pairwise keys scheme while being more resilient to node compromise than the single-network-wide key scheme. Furthermore, it is fully distributed and does not require a trusted base station. Main disadvantages to this approach are the probabilistic nature of the scheme, which makes it difficult to provide the guarantee of the initial graph of secure links being connected under nonuniform conditions or sparse deployments. Furthermore, because keys can be shared among a large number of nodes, this class of schemes does not provide high resilience against node compromise and subsequent exposure of node keys.

The random pairwise key scheme is a hybrid of the random key predistribution scheme and the full pairwise key scheme. In the analysis of random key predistribution, it was deduced that as long as any two nodes can form a secure link with at least a probability p, the entire network will be connected with secure links with high probability. Based on this observation, Chan et al. noted that it is not necessary to perform full pairwise key distribution to achieve a network in which any two nodes can find a secure pathway to each other. Instead of preloading unique pairwise keys in each node, the random pairwise key scheme preloads unique pairwise keys from each node. The m keys of a key ring are a small, random subset of the possible unique keys that this node could share with the other nnodes in the network. Using the same reasoning as the random key predistribution scheme, as long as these m keys provide some sufficient probability p of enabling any two neighboring nodes to establish a secure link, the resultant graph of initial secure links will have a high probability of being connected. The remaining links are then established using this initial graph exactly as in the random key predistribution scheme.

Chan et al. presents a preliminary initial distributed node revocation scheme that makes use of the fact that possessing unique pairwise keys allows nodes to perform node-to-node identity authentication. Each of the m nodes that shares a unique pairwise key with the target node (the node's participants) carries a preloaded vote it can use to signify a message that the target is compromised. These m votes form a Merkle hash tree with leaves [20]. To vote against the target node, a node performs a network-wide broadcast of its vote (its leaf in the Merkle hash tree) along with the log minternal hash values, which will allow the other participants of the target to verify that this leaf value is part of the Merkle hash tree. Once at least t participants of a given target have voted, and the votes have been verified by the other m participants using the Merkle hash tree, all m nodes will erase any pairwise keys shared with the target, thus revoking it from the network.

The random pairwise key scheme inherits both strengths and weaknesses from the full pairwise keys scheme and the random key distribution scheme. Under the random pairwise keys scheme, nodes captured do not reveal information to the rest of the network, and central revocation can be accomplished by just unicasting to each of the nodes that share keys with the revoked node. It also involves a much lower memory overhead than the full pairwise keys scheme. Unfortunately, like the random key predistribution schemes, it is probabilistic and cannot be guaranteed to work in nonuniform or sparse deployments.

Share this post

Link to post
Share on other sites
MALWARE & PROVIDER Anti Malware Hosting Shared Hosting Windows Hosting VOIP Phone Register Domain Website Builder Dedicated Server Fiber Optics Provider

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Create New...