an efficient key management scheme in hierarchical sensor networks,2005
DESCRIPTION
An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005. Author: Xiao Chen and Jawad Drissi. 1. Outline. Introduction Hierarchical sensor network model Key Management Scheme Communication by keys Analysis of the Effectiveness of the Scheme Conclusion. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/1.jpg)
An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005
Author: Xiao Chen and Jawad Drissi
![Page 2: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/2.jpg)
1. Outline Introduction Hierarchical sensor network model Key Management Scheme Communication by keys Analysis of the Effectiveness of the
Scheme Conclusion
![Page 3: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/3.jpg)
1.1 Sensor network limitation
Vulnerability of physical capture Limited memory resources Limited bandwidth and transmission power
![Page 4: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/4.jpg)
1.2 key management scheme design goals Resilience against sensor capture:防止某一 sensor被攻破,就使得節點全被攻破
Scale :
The key management scheme should still be working well with the increase of sensor numbers.
![Page 5: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/5.jpg)
1.3 Traditional key distribution scheme A single key for the whole network:
This scheme has the problem of compromising the whole network when any sensor is captured.
A pair-wise shared key between every pair of sensor:This scheme requires each sensor to storen-1 shared keys.
![Page 6: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/6.jpg)
2.Hierarchical sensor network model
A
C
D E
F
•A bubble represents a group.
•The dots within a bubble represent group members .
•Group member can communicate with each directly ,such as A and B.
•The high commander C can directly communicate with A or B.
•In order to let two sensors communicate securely , symmetric-key cryptography is used.
R
B
L1
L2
L3
L4
![Page 7: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/7.jpg)
3. Key Management Scheme 3.1Group key: Each group should have a group key so that all the
members in a group can use it to communicate with each other. The key should be known to their commander so that it can send a command to the group encrypted by this key.
A B
C EX. A want to communication with B, it will encrypt the message using group key KG{AB}
A→ {B} : {m} K G{AB}
![Page 8: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/8.jpg)
3.2 Down-level Group Key:
All sensors (except leaf) should store the down-level group key of the group it directly leads. It can use the key to give commands to the group.
C 的 down level group key KG{AB} = A 和 B 的 group key KG{AB}
A B
C
![Page 9: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/9.jpg)
3.3 Up-level Pair-wise Key:
Each member (except root) in a group should have a private pair-wise key with its direct commander.
A B
C
EX. B want to communicate with D, it will send the message to C using the up-level pair-wise key between B and C, and then C will relay the message to D using the up-level pair-wise key between C and D.
B → {C} : {m} KBC ; C → {D} : {m} KCD .
D
![Page 10: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/10.jpg)
3.4 Down-level Pair-wise Key:
Each sensor (except leaf) should have a down-level pair-wise key with each of the group members it directly leads.
A B
C
EX. C want to communicate with A, it will send the message using down-level pair-wise key between C and A. C → {A} : {m} KCA .
Down-level group key K CA = Up-level group key K AC
![Page 11: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/11.jpg)
EX.
A
C
D E
F
A → {C} : {m} KAC
using up-level pair-wise key
C → {D} : {m} KCD
using up-level pair wise key
D → {E} : {m} KG {DE}
using group key
E → {F} : {m} KEF
using down-level pair-wise key
![Page 12: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/12.jpg)
4. sensor addition, deletion and replacement 3.1 sensor addition (a single sensor or a sen
sor with a subtree ) Step1:It will contact its direct commander.Step2:Its commander will generate a downlevel pai
r-wise key to be shared with the new sensor.Step3:send the new sensor its downlevelgroup key encrypted by the downlevel pair-wise ke
y.
![Page 13: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/13.jpg)
Example: Sensor addition N will join the group of C.
D generate a down-level pair-wise key KDN to be sharedwith N (即為 N的 up-level pair-wise key KND)
再用 down-level pair-wise key把 down level group key加密後傳給 N(即為 N之 group key) D→ {N} : { KG {CN} }KDN
A
C
D E
FN
![Page 14: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/14.jpg)
4.2 Sensor deletionStep1:Its direct commander will generate a new gro
up key.
Step2:It will remove the down-level pair-wise key shared with this sensor from its memory.
Step3:If the leveling sensor has a subtree, it will take all its off-springs out of the network.
![Page 15: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/15.jpg)
Example : sensor deletion
C
D E
FN
N want to leave the network.
D will generate a new group key KG {CH} ,and send it to sensors C and H. D→ {C} : { K G (CH} } K DC
D→ {H} : { K G {CH} } K DH
And then D will remove the down-level pair-wise key K DN from its memory.
H
![Page 16: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/16.jpg)
4.3 Sensor replacementStep1:Its direct commander will generate a down-
level pair-wise key with the new sensor.
Step2:The commander changes the group key of
the group it leads and send the new group key to
all the group members.
Step3:If the new sensor is not a leaf, after deployment, it will send each of its subordinates a new down-level pair-wise key for future communication and change their group key.
![Page 17: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/17.jpg)
Example: Sensor replacement
C
D
N
H
I J
M
Sensor N needs to be replaced by a new sensor M. D generate a new down-level key KDM to shared with M. D changes the group key .K G {CHM}
D → {C} : {K G {CHM} }K DC
D → {H} : {K G {CHM} }K HC
D → {M}: {K G {CHM} }K MC
If M is not a leaf,M generate new down-level pair-wise keys KMI and KMJ
M generate a new group key K G{IJ}
R
![Page 18: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/18.jpg)
5. Analysis of the Effectiveness of the Scheme Suppose there are n sensors on the network, th
e depth of the tree is d, if the tree is a complete tree, the number of sensors in a group is approximately logdn.
![Page 19: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/19.jpg)
5.1 訊息傳送次數
沒有子樹 有子樹Addition 1 1
Deletion Logdn Logdn
Replacement Logdn 3logdn
![Page 20: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/20.jpg)
5.2 各點所存的 KEY個數
Root logdn+1
Leaf 2
Others logdn+3A B
C
Example: R
D
R 包含 :group key K G {CD}
downlevel key KRC ,K RD
A,B:Group key KG {AB} ,uplevel Pair-wise key KAC, KBC
C 包含 :group key K G {CD}
Downlevel group key KG {AB}
downlevel key KCA ,K CB
uplevel Pair-wise key KCR
![Page 21: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/21.jpg)
6. Conclusion
bring down the storage size bring down the number of message sent i
n updating to O(logdN)
![Page 22: An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005](https://reader035.vdocuments.net/reader035/viewer/2022062722/56813ab4550346895da2b679/html5/thumbnails/22.jpg)
7.Commends
若將替代之節點早已被攻破 ,commander如何識別跟預防 ?
一群點中如何去挑選 commander?由於 sensor的限制 ,群無法容納太多的成員