Cryptography Reference
In-Depth Information
To check publicly whether the share of a player is acceptable or not, each player
chooses a random
R Î and computes
=
=
we PR
(,)
,
we UR
(,)
, and
1
1
2
=
=+ Î
hHeUd ePQ ww
(( ,
),(
,
),
,
)
. Next, player i computes
VR d G
1
ID
pub
ID
1
2
ID
1
i
i
and joins the tuple
(, ,,)
ww hV to its share. The other players can check that
12
()
i
h
=
ePV
(, )
ePReP
(,)(
,
Q
)
(6.21)
pub
ID
h
=
eU V
(,)
eU R eU d
(,)(,
)
(6.22)
ID
i
The security of the scheme is based on the assumption that the bilinear Diffie-
Hellman (BDH) problem is hard.
Sakai et al.'s key-sharing algorithm is noninteractive and can be viewed as a type of
“dual-identity-based encryption,” where the word “dual” indicates that the identities of
both the sender and the recipient are required as input into the encryption and decryp-
tion algorithm (Sakai et al. 2000).
Let a PKG have a master key s , and it issues private keys to users of the form
sP ,
y
*
ID Î is the identity of user y . Then users y and z have
a shared secret that only they can compute, as shown below:
=
where
PHID
1 (
)
and
{0,1}
y
y
y
=
esP P
(,
) (,
eP sP
)
(6.23)
y
z
y
z
6.5 Cross-Layer Approach to Key Management
As sensor networks pose unique challenges, traditional security techniques used in
traditional networks cannot be applied directly, for the following reasons. First, sen-
sor networks are limited in their energy, computation, and communication capabili-
ties. Second, unlike traditional networks, sensor nodes are often deployed in accessible
areas, presenting the added risk of physical attack. Finally, sensor networks interact
closely with their physical environments and with people, posing new security prob-
lems. Consequently, existing security mechanisms are inadequate, and new ideas are
needed. Owing to resource limitations on computation, storage, and bandwidth, the
following aspects should be carefully considered when designing a security scheme:
1. Power efficiency. The energy supply is scarce, and, hence, energy consumption is
a primary metric to be considered.
2. Node density and reliability. WSNs have to scale to much larger numbers
(thousands, hundreds of thousands) of entities than current ad-hoc networks,
requiring different, more scalable solutions. Sensor nodes are prone to failures.
Unfortunately, existing security designs can address only a small, fixed threshold
number of compromised nodes; the security protection completely breaks down
when the threshold is exceeded.
3. Adaptive security. With numerous combinations of sensing, computing, and
communication technology, WSNs are conceivable with very different network
densities, from very sparse to very dense deployments. They have to interact
Search WWH ::




Custom Search