Roberto Di Pietro, Luigi V. Mancini and

waralligatorMobile - Wireless

Nov 21, 2013 (3 years and 8 months ago)


Roberto Di Pietro, Luigi V. Mancini and
Alessandro Mei

Limited memory

Limited computational power

Limited energy

Passive attacks

Cipher text attacks

Active attacks

Take control of a sensor node

Unfriendly environment

Nodes only trust themselves

Secure pairwise communication

Memory efficient

Energy efficient

Tolerate the collusion of a set of corrupted

Have one master key

Can’t tolerate nodes being taken over

Each node stores a seperate key for every
other node

Requires too much space

Expensive to add more nodes later


Use less memory, but have only a probabilistic
tolerance to nodes being taken over

One way hash function

Symmetric encryption

Keyed hashed function

random number generator

A key deployment scheme

A key discovery procedure

A security adaptive channel establishment

Method used in
A key

scheme for distributed sensor networks

A pool of P random keys is generated

Each sensors takes k random keys from the

Challenge is encrypted using each key and
then broadcasted

Needs to perform k^2 decryptions on receiver
side and k encryptions on the sender side

At least k messages have to be sent

Also used in
A key management scheme for
distributed sensor networks

Instead of challenge response, submit the

Less secure, as a smart attacker can easily
find the nodes that have the key it wants

Method used in
Establishing pair
wise keys for

secure communication in ad hoc networks: A

probabilistic approach:

A pool of P random keys is generated

k indexes into the pool are created pseudo
randomly with a publicly known seed
dependent on the node id.

Less secure than challenge
response, but can
be improved

Find out which keys are shared and xor them

An attacker needs to know all shared keys

Nearby sensors

Weaker against geographically attacks


Larger communication overhead

Individual properties

More trusted nodes can give higher security

They give an upper bound on the probability
that the channel between two nodes is
corrupted, given w corrupted nodes

Sensor failure resistent

Can add more sensors if required

No information leakage

Sensors in the C set only transmits hash values of
their keys


If an upper bound of w is known, C can be chosen to
secure communication with a desired probability.

Load balance

a sends c+1 message, sensors in C send 1, tot=2c+1

Only done once during setup

Sensor doesn’t respond

After timeout, node a can pick another node

Sensor sends correct key

Lowers security

Sends false key

Can pick another C set

Notify trusted base

Aware that network is under attack

If node a has the keys that node a should
have, according to the pseudo
number generator, it’s probable that a is a.

M = {}

for all keys k in P

z = RND(id||k)


put k into M

|M| must be less than memory size

but larger
than the security constraints

Discard ID if conditions not satisfied