Cryptography Reference
In-Depth Information
The main advantage of multispace schemes is that node compromise under these
schemes reveals much less information to the adversary than occur with the random
key-predistribution schemes. However, they retain the disadvantage of being proba-
bilistic in nature (no guarantee of success in nonuniform or sparse deployments), and,
furthermore, they experience the threshold-based sudden security failure mode that is a
characteristic of the -secure schemes. Other schemes have combined -secure schemes
with constructions other than random key-space selection. Liu and Ning (2003), in
particular, describe a deterministic grid-based construction in which key spaces are
used to perform intermediary-based key establishment between nodes.
6.3.8 Deterministic Key-Predistribution Schemes
One drawback of the random key-distribution approach is that it does not guarantee
success. Lee and Stinson (2005), as well as Camtepe and Yener (2007), propose using
combinatorial design techniques to allocate keys to nodes in such a way as to always
ensure key sharing between any two nodes. The amount of memory required per node
is typically some fractional power of the overall supported network size (e.g., O(√n)).
The main drawback of these schemes is that the same keys are shared between many
nodes, leading to weaker resistance to node compromise. Chan et al. (2003) have pro-
posed a deterministic scheme using peer nodes as intermediaries in key establishment
with similar memory overheads; compared with the combinatorial design approach,
this scheme trades off increased communication cost for greater resistance against
node compromise.
6.3.9 Public Key Algorithms
Although these algorithms are based on asymmetric key cryptography and are more
resource intensive than symmetric key algorithms, they offer better security services,
which are much needed and highly advantageous in WSN. As a result, there is motiva-
tion to pursue research in developing secure and efficient key-distribution mechanisms
suitable in a resource-constraint environment such as WSN. Most of the implementa-
tions use RSA or elliptic curve cryptography (ECC).
For example, TinyPK uses the Diffie-Hellman key-exchange technique for key
agreement between nodes and is based on the legacy RSA cryptosystem. The main
motive of this protocol is to facilitate secure communication between external users
and the sensor networks. The external user's identity is established by a certificate
authority (CA), where his public key is signed by the CA's private key.
Considering the state of the art in large-number factorization, key-size values are
usually set to 1024 bits in RSA as lower values are considerably vulnerable to security
attacks. In addition, the public key exponent e is set to 3 and all the resource-intensive
operations are carried out on external servers. In this model, resource-abundant devices
bear the burden of RSA private key operations, and, hence, the sensor nodes maintain
higher energy levels during operations.
Search WWH ::




Custom Search