Cryptography Reference
In-Depth Information
The nodes that decide to be ordinary nodes pick a cluster head with whom they would
want to associate, based on the largest received signal strength of the adv messages.
Subsequently, the ordinary nodes communicate with the cluster heads by sending a
join request ( join ) message. Then, the cluster heads broadcast an allocation message to
their cluster members for communication during the steady-state phase, which includes
a time slot schedule ( sched ) by TDMA control yet to be concatenated with the digital
signature.
During the set-up phase of a new round, the sink node broadcasts its ID and the
denotation of the start time of the current round T s , and a nonce N to all sensor nodes
(Figure 7.5) Then, the sensor nodes decide whether to become a cluster head for the
current round, based on the threshold T ( n ) [Eq. (7.1)].
Subsequently, the respective cluster heads broadcast their identities, T s , advertise-
ment message ( adv ), signature j , and c j .
On completion of the set-up phase, the network system goes into the steady-state
phase, in which the sensed data is transmitted back from the sensor nodes to its sink
(Figure 7.6).
The ordinary sensor node j transmits the data m along with its ID j , t i , m, j , and
c j to its cluster head. Then, each cluster head sensor node collects messages from all of
the members in its cluster and aggregates and fuses the data. In the last step, the clus-
ter heads send the aggregated data F along with T s , i , and c i . The steady-state phase
consists of multiple reporting cycles of data transmissions from ordinary nodes to the
cluster heads, and is more time consuming.
7.4.1.6 Security Analysis
In this model, using an ID-based digital signature provides two advantages: First,
it eliminates the use of certificate and auxiliary authentication information. Also,
because only the compromised node IDs have to be stored, it requires very little storage
space for node revocation, since the length of a user ID is only 2 bytes. However, the
disadvantages of this ID-based digital signature are also obvious because of the high-
computation cost for bilinear transformation in pairing. Focusing on the resilience to
certain attacks in cluster-based WSNs, such as sinkhole attacks, hello flood attacks,
and selective-forwarding attacks, the routing protocol works well. All three kinds of
attacks are pointed to cluster heads acting as intermediary nodes, because the leaf nodes
are not practical targets for attack in a cluster-based structure. Because attackers do not
have valid digital signatures to concatenate with broadcast messages for authentication,
attackers cannot pretend to be the sink or cluster heads to trigger attacks. Therefore,
during both the set-up phase and the steady-state phase, the proposed secure rout-
ing is resilient and robust to sinkhole and selective-forwarding attacks. Together with
a round rotating mechanism and a digital-signature scheme, the routing protocol is
resilient to hello flood attacks to cluster heads because the cluster heads being attacked
are capable of ignoring all the communication packets with bogus node IDs or bogus
digital signatures.
Search WWH ::




Custom Search