Image Processing Reference
In-Depth Information
that the probability with which two neighboring nodes share a common key space is high enough.
To choose appropriate values for these parameters, the relationships between probability of key com-
promise, memory consumption in sensor nodes, desired key-connectivity, and transmission range
of sensor nodes have to be carefully taken into account.
In Ref. [HK], Hwang and Kim analyze these relationships for the three probabilistic key distri-
bution schemes by Eschenauer and Gligor [EG], Chang et al. [CPS], and Du et al. [DDHVa]
with the help of “random graph theory” orginally published by Erdös and Rényi in Ref. [ER].
Based on their analysis, they propose to adjust the transmission range of sensor nodes during key
establishment by temporarily increasing transmission power. Although using a different technical
means of implementation (increasing transmission power), this idea points in a similar direction
like the one of Du et al. to establish keys between two-hop neighbors and leveraging the gain in
“(two-hop) node-connectivity” to reduce the probability of compromised key spaces by increasing
ω [DDHVa].
Another construction that also avoids compromise of keys as long as no more than λ shares of
key distribution data are compromised was proposed by Blundo et al. in Ref. [BDSH
+
] and is
generally referred to as “polynomial based key predistribution.” The main idea is to distribute par-
tially evaluated bivariate polynomials of degree λ to nodes. The coefficients of the polynomials are
chosen from
GF
(
q
)
for a sufficiently large
q
andthepolynomialsareconstructedtobesymmetric,
that is
P
(
x
,
y
)=
P
(
y
,
x
)
. Each node
i
receives a polynomial share
f
i
(
y
)=
P
(
i
,
y
)
. Nodes
i
and
j
can establish a pairwise key
K
i
,
j
by evaluating
f
at point
i
,respectively.
Liu and Ning have combined this scheme together with the basic idea of Eschenauer and Gligor
in Ref. [LN].
Key management for wireless sensor networks has been a quite active area of research during the
last couple of years and many variations of the schemes discussed in this chapter as well as some
further ideas have been proposed and analyzed. Good survey articles are Refs. [CY,HWM
+
].
The article
Security for the Mythical Air-dropped Sensor Network
by Gamage et al. [GBCT] adds
a critical perspective to the discussion. Based on an experimental evaluation of the average radio
reception range of low-cost sensor nodes placed at two different antenna heights, m above ground
(to simulate manual installation) and sensor on the ground (to simulate random deployment by
airplanes, which is an often referenced motivation, especially for most work on probabilistic key
management), the authors critically discuss the assumptions made in many research papers and
draw conclusions questioning the practical relevance of the proposed approaches. The tests were
carried out in three different environments to simulate a forest (area with trees and bushes), a desert
(open space with minimum above ground structure), and an urban alleyway (long wide corridor
with moving people and several static objects). The most interesting observations from the experi-
ments were that in open space the average radio reception range dropped sharply from m (at m
above ground) to m (at ground level), and that altitude had relatively small influence in the corri-
dor tests (- m). Considering the best case for air dropping of , sensor nodes on to a grid
of
(
i
,
y
)
at point
j
,or
f
(
j
,
y
)
sensor nodes on a desert, e.g., the resulting sensor network would cover a maximum of
, m
×
. km
(with , sensor nodes, the covered area would still be less than km
).
From these considerations, the authors draw the conclusion that for effective and reliable coverage in
applications such as battlefield monitoring, a sensor network needs to have a very high node density,
requiring a high amount of sensor nodes and thus making the nodes very vulnerable to detection
and capture by attackers. Based on this argumentation, the authors of Ref. [GBCT] question the
appropriateness of the assumptions underlying many publications and promote the use of simpler
schemes, e.g., as proposed in the previously described SPINS approach [PST
+
].
One further open issue regarding key management in sensor networks stems from the fact that in
many of the proposed approaches, keys of compromised nodes are supposed to be revoked. However,
how to detect compromised nodes still is a problem that has not yet been solved to a sufficient degree,
even though some first approaches have been proposed [SMR
+
,RZL].
∼
