Cryptography Reference
In-Depth Information
makes key management fairly complex. Key distribution provides communication
secrecy (confidentiality) and authentication among sensor nodes, and key revocation
refers to the task of removing compromised keys from the network. Key distribution
can be further divided into symmetric and asymmetric key-distribution protocols.
In recent years, considerable work has been done in proposing new symmetric
key-distribution protocols in WSN, but less effort has been invested in the area of
asymmetric key-distribution algorithms in WSN, which have low computational and
storage requirements. Of late, significant work has been done to show the applica-
bility of implementing binary-field algorithms on sensor nodes (Aranha et al. 2010).
Consequently, such implementations have resulted in considerable reductions in com-
putational time and memory access.
6.2 Background
Key-distribution techniques need to meet several requirements, including the following:
support for in-network processing, capacity to self-organize and minimally incorporate
authentication, confidentiality, integrity, flexibility, and scalability. Key-establishment
techniques should not be judged solely on their ability to provide secrecy for trans-
mitted messages. They should provide resistance against malicious node replication,
revoke compromised nodes, and provide resilience by ensuring that secret information
about other nodes is not revealed if one of the sensors in the network is compromised.
Perrig et al. (2002) proposed a link-layer security architecture that includes two link-
layer protocols, namely, Secure Network Encryption Protocol (SNEP) and
TESLA.
SNEP supports two-party authentication and data freshness, along with confidential-
ity. Although it is the second part of SPINS (Security Protocols for Network Sensors),
TESLA supports authenticated broadcast for sensor networks. A multilevel key-chain
scheme for
TESLA was proposed by Liu and Ning (2003). The first probabilistic key-
predistribution scheme for pairwise key establishment was proposed by Eschenauer and
Gligor (2002) discussed in Section 6.3.4.1. This approach is further extended by Chan
et al. (2003) who proposed the
q
-composite keys scheme (Section 6.3.5). This scheme
introduces the multipath key-reinforcement scheme by establishing link keys through
multipaths and provides security against a node-capture attack. Furthermore, this
model introduces a random pairwise key scheme that facilitates node-to-node authen-
tication between communicating entities (Section 6.3.6). Du et al. (2003) showed that
using the prior node-deployment knowledge and a smart key-ring setup would lead to
a higher link probability between any two nodes.
6.3 Key-Distribution Schemes
The past decade has seen a considerable amount of research on tackling the prob-
lem of key distribution in WSN. In short, the problem refers to the task of preload-
ing the sensor nodes with the necessary cryptographic information without any prior
knowledge of the deployment topology, and with the intention that the nodes are able
Search WWH ::
Custom Search