Adaptive Random Key Distribution Schemes for Wireless Sensor Networks

workablejeansMobile - Wireless

Nov 21, 2013 (4 years and 1 month ago)

67 views

Adaptive Random Key Distribution Schemes


for Wireless Sensor Networks

Shih
-
I Huang

Dept. of Comp. Sci. & Info. Eng.

National Chiao Tung University

WADIS’03

2

Outline


Introduction


Motivation


Related Work


Proposed Schemes


Analysis


Conclusion

3

Introduction


Wireless Sensor Networks (WSNs)


It consists of a set of small devices with sensing and
wireless communication capabilities


Those small devices are named
sensor nodes
, and are
deployed within a special area to monitor a physical
phenomenon.


Ex: Anthrax


Multifunctional


Depends on what sensors are attached


Features


Widely deployed. (100~1M↑)


Low communication bandwidth


Limited memory space and computation power

4

Motivation


A large WSN consists of thousands of nodes


Need shared communication keys to ensure secure peer
-
to
-
peer wireless communication


Limited memory storage (512 bytes ~ 4K)


To deliver data without being compromised, WSN
services rely on secure communication and key
distribution

5

Conventional Scheme

(Random Pair
-
wise)

A
E
D
G
B
C
F
K
1

K
2

K
3

K
4

K
5

K
6

K
7

K
2
K
3

K
4

K
5

K
6

K
7

K
1
K
3

K
4

K
5

K
6

K
7

K
1
K
2

K
4

K
5

K
6

K
7

K
1
K
2

K
3

K
5

K
6

K
7

K
1
K
2

K
3

K
4

K
6

K
7

K
1
K
2

K
3

K
4

K
5

K
7

K
1
K
2

K
3

K
4

K
5

K
6

* Requires a large storage space for
keys in a large WSN

6

Motivation


The existing key distribution solutions require a large
memory space in a large WSN


We propose two symmetric key distribution schemes
to minimize storage requirement


Adaptive Random Pre
-
distributed scheme

(
ARP
)


Unique Assigned One
-
way Hash Function scheme

(
UAO
)


7

Related Work

Platform

Cryptography

Feature

Disadvantage

Zhou and Haas

MANETs

Asymmetric

Use threshold scheme to
distribute CA’s
functionalities

Asymmetric cryptography is not
energy efficient for WSNs

Luo et al

Asymmetric

Hubaux et al

Asymmetric

Use a PGP
-
like scheme

Asokan and
Ginzboorg

Asymmetric

Use a multi
-
party key
exchange protocol

Yi and Kravets

Asymmetric

Use the threshold scheme

Carman et al

WSNs

Asymmetric

Based on group key and
ID
-
based cryptography

Asymmetric cryptography is not
energy efficient for WSNs

SPINS

Symmetric

Use a base station to
perform key exchange for
sensor nodes.

It must have base station involved.

Liu and Ning

Symmetric

Undercoffer et al

Symmetric

Eschenauer and Gligor

Symmetric

Based on Random Graph
theory

The memory storage requirement is
high in a huge WSN.

Chan et al

Symmetric

8

Random Graph Theory


A Random Graph
G(n, p)

is a graph of
n

nodes, and the
probability that a link exists between any two nodes is
p.


Given a desired probability
P
c

for the graph connectivity


ex:
P
c
=0.99999

to get a connected graph.


Then we can get a threshold of
p

to form a connected graph.




……. (1)


The expected degree of a node




….…(2)

n
P
n
p
c
))
ln(
ln(
)
ln(



n
P
n
n
n
p
d
c
)))
ln(
ln(
)
)(ln(
1
(
)
1
(
*






* The scheme only needs to select
d

keys to keep a
network connected under probability
p

9

Random Key Based Schemes


Basic Scheme


L. Eschenauer, V. D. Gligor, “A Key
-
Management Scheme for Distributed
Sensor Networks,”
9th ACM Conference on Computer and Communication
Security
, pp.41
-
47, November 2002. (CCS’02)


Each node randomly picks
r

keys from a unordered key pool
S
.


Use the common shared key to establish a secure link.


Relies on probabilistic key sharing among the nodes of a random graph.


1
K
1
K
2
K
2
K
Secure link

Sensor nodes

1
K
1
K
2
K
2
K
Communication keys

A

B

C

D

A

B

C

D

A

B

C

D

* Map Random Graph Theory to key selecting problem


10

Adaptive Random Pre
-
distributed Scheme
(ARP Scheme)


The features of ARP scheme


A Random Key based key distribution scheme for WSNs.


To minimize the memory requirement.


ARP scheme consists of


Two
-
Dimension Key Pool


Key Selecting Algorithm

11

Two
-
Dimension Key Pool


Use
t

one
-
way function
F
1
, F
2
,…,F
t

and t seed keys
K
1,0
, K
2,0
,…,K
t,0

to
generate
t

one
-
way key chains.


For a key chain
KC
i
, it consists of
K
i,0
, K
i,1
,…K
i,s
-
1
.


Where
K
i,j

=
F
i
(K
i,j
-
1
)
, and the length of
KC
i

is
s
.


The key pool size
= s * t
.

(a) The unordered key pool
(b) The Two-Dimension key pool
s
t
12

s
t
s
t
KC
2
Key Selecting


Each node randomly choose a one
-
way key chain, and
memorized its one
-
way function
F
i

and its seed key
K
i,0
.


Randomly select
d
-
t

key chains
KC
t1
, KC
t2
,…,KC
t(d
-
t)
, from
the rest of key chains.


For each key chain
KC
tj

selected, randomly pick a key
K
tj,sj

from
KC
tj

and memorized
K
tj,sj
.


13

Unique Assigned One
-
way Hash Function
Scheme (UAO Scheme)


The features of UAO scheme


Provide node
-
to
-
node authentication.


Great resistance to node capture.


The maximum supported network size is greater than the
existing schemes.


The UAO scheme consists of


Key Decision Algorithm


Node
-
to
-
Node Authentication Protocol

14

Key Decision Algorithm


Suppose each sensor node
SN
i

has
a unique identity
ID
i
.


First, we assign a unique one
-
way
hash function
F
i

to each sensor
node
SN
i
.


Second,
SN
i

randomly selects
d

other sensor nodes.


Third, each selected node use
following formula to generate the
unique key for
SN
i
.




Finally,
SN
i

memorizes those
unique keys and the generating
identities.

SN
i

)
(
i
v
j
ID
F
K
j

SN
1

SN
2

SN
3

SN
4

SN
5

SN
6

SN
7

ID
i

F
i

K
2
ID
2

K
5
ID
5

K
7
ID
7

K
2
=
F
2
(
ID
i
)

K
5
=
F
5
(
ID
i
)

K
7
=
F
7
(
ID
i
)

15

Node
-
to
-
node Authentication Protocol

1.
SN
i

broadcasts its identity



2.
SN
j

verifies its key ring, if
ID
i

is combined with any key then


3.
SN
i

calculates the
K
s

=
F
i
(
ID
j
), and decrypts the message, then
sends the ACK and challenge message.


4.
SN
j

receives the challenge and sends the response

}
{
:
i
j
i
ID
SN
SN

]}
Message
Request
[
||
{
:
s
K
j
i
j
E
ID
SN
SN

]}
Message

Challenge

and
ACK
[
{
:
s
K
j
i
E
SN
SN

]}
Challenge

for the

Response
[
{
:
s
K
i
j
E
SN
SN

1

2

3

4

SN
j

SN
i

16

Analysis of ARP Scheme


We analyze the ARP scheme in following aspect:


Probability of connectivity.


Analyze the link probability of using Two
-
Dimension Key Pool.


The link probability is equal to


1


Pr
[
any two nodes do not share any key
]


17

Probability of Connectivity (1/2)


To calculate the probability that any two nodes
A

and
B

do not share any
common key:


A’s

one
-
way key chain does not match with
B’s

one
-
way key chain.


A’s

one
-
way key chain does not match with any
B’s

selected keys.


The probability of above two parts is equal to



A’s

selected keys do not match with
B’s

one
-
way key chain.


The probability is equal to



A’s

selected keys do not match with any
B’s

selected keys.


The probability is equal to




The link probability is equal to




……(3)



t
s
d
t
)
1
(












































'
0


1
1
)
(
1
1
'
)
1
'
(
1
'
r
i
i
y
i
p
h
r
h
h
r
h
p









































'
0


1
1
)
(
1
1
'
)
1
'
(
1
'
r
i
i
y
i
p
h
r
h
h
r
h
p
1
1
)
(
1
2

























d
s
d
t
s
d
t
s
d
t


































s
d
t
i
s
d
s
d
t
i
s
d
i
p
2
)
(
2
)
(











s
d
i
i
t
i
p
0
1
1
)
(











































s
d
r
i
i
s
i
p
t
s
d
t
t
s
d
t
p
0
1
1
)
(
1
1
)
(
)
1
(
1
'
18

Probability of Connectivity (2/2)

n
P
n
p
c
))
ln(
ln(
)
ln(



Key pool size = 100,000

* ARP needs fewer keys to achieve the same connectivity probability


19


The link probability
p’

can be evaluate by


1


Pr.
[
two nodes do not have any key derived from the other’s one
-
way function
]


p’

is equal to



Substitute
p’

by a function of
d
:



Substitute
d

by a function of
n
:



Evaluate the root of the above equation:

Analysis of UAO Scheme

2
)
1
1
(
1
'




n
d
p
2
)
1
1
(
1
'




n
r
n
d
2
)
1
1
(
1
'
)))
ln(
ln(
)
)(ln(
1
(








n
r
n
n
P
n
n
c
)
'
)))
ln(
ln(
)
)(ln(
1
(
1
1
)(
1
(
n
n
P
n
n
n
r
c








r
: Key ring size

20

Evaluation of UAO Scheme

Key size = 128 bits

Pc=0.99999

21

Conclusion


Key distribution is a critical and fundamental issue for the security service
in WSNs.


The pre
-
distributed and symmetric cryptosystem based scheme is well
suitable for the resource constrained sensor networks.


We propose two schemes based on one
-
way function and Random Graph
theory to provide memory efficient key distribution for WSNs.


ARP scheme


Provide efficient trade
-
off between memory space and security strength.


UAO scheme


Provide node
-
to
-
node authentication.


Great resistant to node capture.


If there is enough memory space, we suggest using UAO scheme as the key
distribution scheme for WSNs.


Otherwise, we suggest using ARP scheme.


To achieve an efficient trade
-
off between memory space and security strength.