Image Processing Reference
In-Depth Information
of sensor nodes would be expensive in large networks. his leads to the requirement that
sensor networks' key management should support for “automatic” configuration after
installation.
•
Resource restrictions:
As mentioned before, nodes of a sensor network only possess of
limited memory and computing resources, as well as very limited bandwidth and trans-
mission power. his puts tight constraints on the design of key management procedures.
•
In-network processing:
Over-relianceonabasestationassourceoftrustmayresultin
inefficient communication patterns (cf. data aggregation in Section .). Also, it turns
base stations into attractive targets (which they are in any case!). Therefore, centralistic
approaches like the key management protocol of SNEP should be avoided.
•
Need for later addition of sensor nodes:
Compromise, energy exhaustion, or limited mate-
rial/calibration lifetime may make it necessary to add new sensors to an existing network.
However, legitimate nodes that have been added to a sensor network should be able to
establish secure relationships with existing nodes. Erasure of master keys after initial
installation (cf. the
Localized Encryption and Authentication Protocol
(LEAP) approach
described below) does not allow this.
In the following, we will describe two new alternatives to traditional key management approaches
that have been proposed for sensor networks: the neighborhood-based initial key exchange protocol
LEAP
, and the approach of “probabilistic key distribution” together with its numerous variations.
The LEAP [ZSJ] enables “automatic” and efficient establishment of security relationships in an
initialization phase after installation of the nodes. It supports key establishment for various trust
relationships between:
•
Base station and sensor with so-called individual keys
•
Sensors that are direct neighbors with “pairwise-shared keys”
•
Sensors that form a cluster with “cluster keys”
•
All sensors of a network with a “group key”
To establish individual keys prior to deployment, every sensor node
u
is preloaded with an individual
key
K
u
known only to the node and the base station. he base station
s
generates these keys from a
master key
K
s
and the node identity
u
according to the equation
K
u
K
s
. Generating all
node keys from one master key is supposed to save memory at the base station, as the individual keys
need not be stored at the base station but can be generated on-the-fly when they are needed.
In scenarios in which pairwise-shared keys cannot be preloaded into sensor nodes because of
installation by random scattering but neighboring relationships remain static after installation, LEAP
provides for a simple key establishment procedure for neighboring nodes. For this, it is assumed that
thereisaminimumtimeinterval
T
Tmin,
during which a node can resist against attacks. After being
scattered in the field, sensor nodes establish neighboring relations during this time interval based on
an initial group key
K
I
that has been pre-configured into all sensor nodes before deployment. First,
every node
u
computes its master key
K
u
∶=
f
(
,
u
)
. Then, every node discovers its neighbors by
sending a message with his identity
u
and a random number
r
u
and collecting the answers:
=
f
(
K
I
,
u
)
u
→∗∶
u
∣
r
u
v
→
u
∶
v
∣
MAC
(
K
v
,
r
u
∣
v
)
As
u
can also compute
K
v
, it can directly check this MAC and both nodes compute the common-
shared secret
K
u
,
v
. After expiration of the timer
T
Tmin,
, all nodes erase the initial group
key
K
I
and all computed master keys so that only the pairwise-shared keys are kept. his scheme can
be extended with all nodes forwarding also the identities of their neighbors, enabling a node also to
compute pairwise-shared keys with nodes that are one hop away.
∶=
f
(
K
v
,
u
)
