an adaptive key selection scheme in wireless sensor networks
DESCRIPTION
An Adaptive Key Selection Scheme in Wireless Sensor NetworksTRANSCRIPT
-
An Adaptive Key Selection Scheme in Wireless Sensor Networks
Guorui Li College of Computer Science
and Technology Beijing University of
Technology Beijing 100022, China
Jingsha He School of Software
Engineering Beijing University of
Technology Beijing 100022, China
Yingfang Fu College of Computer Science
and Technology Beijing University of
Technology Beijing 100022, China
Abstract
Sensor networks are widely used in a variety of
commercial and military applications due to their self-organization characteristics and distributed nature. As a fundamental requirement for providing security functionality in sensor networks, key management plays a central role in authentication and encryption. In this paper, we analyze the Adaptive Key Selection (AKS) scheme and the corresponding Adaptive Key Selection algorithm for multiple deployment in sensor networks in terms of security, connectivity and overhead. We show through simulation that the AKS scheme can greatly improve the connectivity and security of the existing multiple deployment scheme in wireless sensor networks. 1. Introduction
With the development of wireless technologies and micro-electro-mechanical systems, it has now become feasible to deploy a large number of low-cost, high-performance and low-power sensor nodes in a wireless sensor network. These nodes are autonomous devices with integrated sensing, processing, and communication capabilities. In such a network, security becomes an important issue to guarantee confidentiality, integrity and availability of transported data. As the basic requirement for providing security functionality, key management plays a central role in data encryption and in authentication. However, due to energy and resource constraints in sensor nodes, many ordinary security mechanisms are deemed impractical, and sometimes infeasible in sensor networks.
There are currently three types of key management schemes that are commonly used in sensor networks:
trusted server scheme, self-enforcing scheme, and key predistribution scheme. The first type of key management scheme, i.e., the trusted server scheme, relies on a trusted server for key distribution and management, e.g., the Kerberos. This type of scheme is not very suitable for sensor networks because there is usually a lack of a trusted infrastructure in the application environments in which sensor networks are used. The second type of key management scheme, i.e., the self-enforcing scheme, on the other hand, relies on asymmetric cryptography, e.g., key distribution and management using public key certificates. However, limited computation and energy resources in sensor nodes usually make it undesirable to use public key algorithms, such as RSA, for the sake of energy conservation. The third type of key management scheme, i.e., the key predistribution scheme, is such a scheme in which cryptographic keys are predistributed among all sensor nodes prior to deployment [1]. There have already been several key predistribution schemes in existence, such as the basic probabilistic key predistribution scheme [2], the q-composite key predistribution scheme [3], the random pairwise key scheme [3], the random subset assignment scheme [4], the grid-based key predistribution scheme [4], the closest pairwise key predistribution scheme [5] and the closest polynomials predistribution scheme [5], etc.
As time goes by, some sensor nodes may be destroyed, compromised or out of energy. Since these nodes no longer work properly, the whole sensor network becomes disconnected. The consequence is that the collected data cannot be transmitted to the sink node. Therefore, we should deploy new sensor nodes in the network to substitute those out-of-work nodes in order to establish a new connected sensor network.
One of the simplest schemes is to deploy new sensor nodes loaded with predistributed keys selected from the
2007 IFIP International Conference on Network and Parallel Computing - Workshops
Unrecognized Copyright InformationDOI 10.1109/NPC.2007.132
359
2007 IFIP International Conference on Network and Parallel Computing - Workshops
0-7695-2943-7/07 $25.00 2007 IEEEDOI 10.1109/NPC.2007.132
357
2007 IFIP International Conference on Network and Parallel Computing - Workshops
0-7695-2943-7/07 $25.00 2007 IEEEDOI 10.1109/NPC.2007.132
357
-
same key pool as that for the previously deployed sensor nodes in the sensor network. We call this scheme the basic multiple deployment scheme. The benefit of this scheme is that the newly deployed sensor nodes share the same group of predistributed keys selected from the same key pool with those for the previously deployed sensor nodes and they can establish secure links very easily. But the shortcoming is equally obvious. The sensor nodes that have already been compromised will have some influence on the newly deployed sensor nodes. Consequently, all the newly deployed sensor nodes may not be safe from the very beginning of their deployment when the percentage of the compromised sensor nodes exceeds a certain number.
Arjan Durresi et al. proposed the Secure Continuity for Sensor Networks (SCON) scheme [6]. In this multiple deployment scheme, the sensor nodes that belong to different deployment sets are loaded with predistributed keys selected from different key pools. And the bridge nodes with large memory and high computation power are deployed at the same time to help establish secure links between the sensor nodes in the new deployment set and the previous deployment set. However, the probability of establishing a secure link between any two sensor nodes that belong to any two different deployment sets is very low because the bridge node is only loaded with predistributed keys that are randomly selected from the key pool of the new deployment set and that of the previous one. Therefore, we have to seek help from the actors which possess arbitrary moving capacity and move them to the lower connectivity area to help establish secure links.
In this paper, we propose an Adaptive Key Selection (AKS) scheme for multiple deployment in sensor networks. This scheme can be applied to the hierarchical wireless sensor networks in multiple deployments of sensor nodes. We use three types of network elements in this scheme: the base station, the cluster head node and the ordinary sensor node. We assume that the base station keeps all the predistributed keys stored in every sensor node and the cluster head node has strong computation, memory and communication power and can communicate with the base station using asymmetric key encryption. The cluster head node runs the adaptive key selection algorithm to select the optimal key set and assists in establishing secure links between any two sensor nodes that belong to two different deployment sets. Simulation shows that our scheme can greatly improve the connectivity between any two sensor nodes belonging to two different deployment sets. The flexibility of the AKS scheme ensures that AKS can be combined with any key predistribution scheme described in [1-5].
The rest of the paper is organized as follows. In the next section, we describe the AKS scheme. In Section 3, we analyze the connectivity and security aspects of this scheme. In Section 4, we identify some related work in sensor network security. Finally, in Section 5, we conclude this paper and discuss some future work. 2. The Adaptive Key Selection Scheme
All sensor nodes in the network are classified into three different types: the base station, the cluster head nodes and the ordinary sensor nodes as described before. Furthermore, the cluster head nodes and the sensor nodes in the AKS scheme work in different modes. 2.1. Working Mode for the Cluster Head Nodes
The strong computation, memory and communication power of the cluster head node enables these nodes to use an asymmetry encryption algorithm to secure communication between the cluster head nodes and the base station. Each cluster head node operates in the following steps:
1) The cluster head node broadcasts a query message in order to acquire the ID information of its neighboring sensor nodes.
2) After receiving the query message, a sensor node transmits its ID information to the cluster head node.
3) The cluster head node signs the sensor nodes ID information with its private key Kpri and transmits the message to the base station. Since only the cluster head node holds the private key and can sign the message accordingly, the base station can verify the received message with the corresponding public key of the cluster head node and reject any fabricated message.
4) The base station encrypts the predistributed key for the queried sensor nodes using the public key Kpub of the cluster head and transmits the message to the cluster head node. Since only the cluster head node holds the private key and can thus decrypt the message, we can assure the security of the predistributed key information of the queried sensor nodes.
5) The cluster head node decrypts the received message with its private key and gets the predistributed keys of its neighboring sensor nodes.
6) The cluster head node runs the Adaptive Key Selection algorithm to be presented below to select the optimal key set. 2.2. The Adaptive Key Selection Algorithm
The Adaptive Key Selection algorithm works as follows:
360358358
-
Figure 1. The Adaptive Key Selection Scheme for
multiple deployment in sensor networks
1) For all the sensor nodes, 1S ,, mS , that belong to the same deployment set, we build a mn matrix M to describe their key predistribution status where n is the number of different keys for the m nodes and m is the number of sensor nodes. We set 1=ijM if sensor node iS holds the jth key, otherwise we set 0=ijM .
2) We sum the matrix M by column and the resulting 1n vector V represents the number of each predistributed key in the deployment set.
3) We select the maximum element in vector V and the corresponding row number maxi is the number of the optimal key selected in this round. If there are more than one such maximum element, we just select the first such element.
4) We set all the elements of column j to 0 if 1
max=jiM to exclude the nodes which hold the selected
optimal key. 5) Repeat the above steps 2) ~ 4) until all the
elements in M become 0. After the algorithm completes, we have the queue
for optimal key selection for the deployment set. All the keys in this queue are critical keys and they make up the minimum spanning set of all the predistributed keys for the deployment set. We regard the predistributed keys in each sensor node as a subset iS . Then the minimum spanning set Span includes at least one element in each subset and will also maintain the minimal numbers. That is { }ni SSS ,,1 L , Spane for iSe .The closer the position of a key to the front of the queue, the higher the number of sensor nodes is that share this key, and this key should therefore be selected with a higher priority.
For example, if we assume that the predistributed keys held by the four sensor nodes S1, S2, S3, S4 are:
21kk , 32kk , 43kk , 54kk , then we can build the key predistribution status matrix M and the key sum vector
5
44
33
22
1
4321
kkk
kkkk
kSSSS
10001100011000110001
12221V
10001100010000000000
12100V
00000000000000000000
00000V
Figure 2. An example of the Adaptive Key
Selection algorithm V as shown in Figure 2. Running AKS algorithm, we can get the optimal key selection queue which is 42kk .
When the cluster head node gets all the optimal key selection queues of its neighboring deployment sets, it allocates its memory space according to the number of optimal key selection queues for each set. 2.3. Working Mode for the Ordinary Sensor
Nodes
As for an ordinary sensor node, its working mode will include three phases: (1) the key predistribution phase, (2) the direct key establishment phase and (3) the path key establishment phase. Two sensor nodes belonging to two different deployment sets can establish a secure path key with the help of the cluster head node. The cluster head node can certainly help two sensor nodes in the same deployment set establish a secure path key because the cluster head node stores all the critical keys for this deployment set. If the cluster head node stores all the critical keys of its neighboring deployment sets, we can ensure that the length of any path key is within 2 hops.
The flexible feature described above makes it easily to integrate our AKS scheme with any existing key predistribution schemes in wireless sensor networks. Therefore, we can implement our scheme very easily without modifying the existing key predistribution scheme used for the sensor nodes. 3. Analysis 3.1. Security Analysis
Let m be the number of keys in each sensor node,
361359359
-
iS be the key pool for the ith deployment set and iS be the number of keys in pool iS . Assume that c is the number of compromised nodes in every deployment phase. So the probability of a key not being compromised after the first deployment phase is ( )cSm 11 and that of a key not being compromised after the second deployment phase is ( ) ( )cc SSmSm 211 11 . Consequently, after n deployment phases, the probability of a key being compromised is:
= =
=
n
i
ci
kkSmP
1 1
11 U . When it comes to the basic multiple deployment scheme, 12 SSSS ni = L . So:
( )ncSmP 111 = . Figure 3 shows the relationship between the
percentage of compromised links and multiple deployment phases in the basic multiple deployment scheme as well as in the Adaptive Key Selection scheme. We can see that the percentage of compromised links in the AKS scheme is much lower than that in the basic multiple deployment scheme. Figure 4 shows the relationship between the percentage of compromised links and the number of compromised nodes in both schemes at different deployment phases. We can see that the AKS scheme at the third round of deployment is even more secure than the basic deployment scheme at the second round of deployment. Note that the number of compromised nodes in the AKS scheme at the third round of deployment is 50% more than that in the basic deployment scheme at the second round of deployment. 3.2. Connectivity Analysis
In the SCON scheme, the number of keys that are randomly selected from the new deployment set and predistributed into the bridge node is the same as that from the previous deployment set. Therefore, the probability of establishing a link between two sensor nodes that respectively belong to two sequential deployment sets is:
2
1
nk
Ckn
kC ,
where n is the size of key predistribution pool and k is the number of keys predistributed to each sensor node. And the bridge node is predistributed with 2k number of keys.
In the AKS scheme, the probabil i ty of establishing a link between two senor nodes that respectively belong to two sequential deployment sets
Figure 3. Relationship between the percentage of compromised links and multiple deployment phases
Figure 4. Relationship between the percentage of compromised links and the number of compromised
nodes is higher than that in the SCON scheme, for the keys stored in the cluster head node are selected from the optimal key selection queues of its neighboring deployment sets. In our simulation, we assume that there are 200 sensor nodes in each deployment set and the size of the key predistribution pool is 1000. We predistribute into each sensor node { }100,,0| L=kk keys selected randomly from the key pool. The connectivity between any two sensor nodes that belong to two sequential deployment sets in the SCON scheme as well as that in the AKS scheme are shown in Figure 5. We can thus conclude that the connectivity property of the AKS scheme is much better than that of the SCON scheme.
362360360
-
Figure 5. The connectivity between sensor nodes
that belong to two different deployment sets in the SCON and the AKS schemes, respectively
3.3. Overhead Analysis
The AKS scheme would incur communication and computational overhead to the cluster head nodes while having little impact on the ordinary sensor nodes. The communication overhead mainly results from key request and reply messages between the cluster head nodes and the base station node, and the computational overhead mainly results from encryption and decryption computation in the cluster head nodes for requesting and receiving keys from the base station node as well as from optimal key selection in the AKS algorithm. 4. Related Work
Nowadays, there are many studies in the area of security in wireless sensor networks. These studies are mostly focused on key management, authentication, and vulnerability analysis. In addition to studies on key predistribution schemes [1-5], intrusion detection system (IDS) is also considered as an important topic for the detection of compromised sensor nodes to ensure the security of the whole network [7,8]. Furthermore, Wood and Stankovic identified a number of DoS attacks in sensor networks [9] and Deng et al. described a path-based DoS attack and proposed a solution using one-way hash chains to protect end-to-end communication against this type of DoS attack [10]. 5. Conclusion and Future Work
In this paper, we presented the Adaptive Key
Selection scheme and the Adaptive Key Selection algorithm for multiple deployment in wireless sensor networks. We also showed that the AKS scheme can improve the connectivity of sensor nodes and the security of the existing multiple deployment scheme in sensor networks. In the future, we will focus on developing a method for protecting the cluster head and for detecting compromised sensor nodes to further improve the security of the whole networks. References [1] W.L. Du, J. Deng, Y.S. Han, S. Chen and P.K. Varshney,
A key management scheme for wireless sensor networks using deployment knowledge, in Proc. of IEEE INFOCOM 2004, Hong Kong, China, Mar. 7-11, 2004, pp. 586-597.
[2] L. Eschenauer and V.D. Gligor, A key management scheme for distributed sensor networks, in Proc. of 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, Nov. 18-22, 2002, pp. 41-47.
[3] H. Chan, A. Perrig and D. Song, Random key predistribution schemes for sensor networks, in Proc. of IEEE Symposium on Research in Security and Privacy, Berkeley, CA, USA, May 11-14, 2003, pp. 197-213.
[4] D. Liu and P. Ning, Establishing pairwise keys in distributed sensor networks, in Proc. of 10th ACM Conference on Computer and Communications Security, Washington, DC, USA, Oct. 27-31, 2003, pp. 52-61.
[5] D. Liu and P. Ning, Location-based pairwise key establishments for static sensor networks, in Proc. of 2003 ACM Workshop on Security in Ad Hoc and Sensor Networks, Fairfax, VA, USA, Oct. 31, 2003, pp. 72-82.
[6] A. Durresi, V. Bulusu, V. Paruchuri and L. Barolli, Secure and continuous management of heterogeneous ad hoc networks, in Proc. of 20th International Conference on Advanced Information Networking and Applications, Los Alamitos, CA, USA, Apr 18-20, 2006.
[7] A. Silva, M. Martins, B. Rocha, A. Loureiro, L. Ruiz and H. Wong, Decentralized intrusion detection in wireless sensor networks, in Proc. of 1st ACM International Workshop on Quality of Service & Security in Wireless and Mobile Networks, Montreal, QB, Canada, Oct. 13, 2005, pp. 16-23.
[8] R. Roman, J. Zhou and J. Lopez, Applying intrusion detection systems to wireless sensor networks, in Proc. of 3rd IEEE Consumer Communications and Networking Conference, Las Vegas, NV, USA, Jan. 8-10, 2006, pp. 640-644.
[9] D. Wood and J.A. Stankovic, Denial of service in sensor networks, IEEE Computer, Vol. 35, No. 10, Oct. 2002, pp. 54-62.
[10] J. Deng, R. Han and S. Mishra, Defending against path-based DoS attacks in wireless sensor networks, in Proc. of 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, Alexandria, VA, USA, Nov. 07, 2005, pp. 89-96.
363361361