KEY MANAGEMENT IN WIRELESS SENSOR NETWORKS

Abstract

Wireless sensor networks(WSNs) consist of a large number of low power nodes, with limited processing, communication, and storage resources. Large scale wireless sensor networks (WSNs) are highly vulnerable to attacks because they consist of numerous resource constrained devices communicating via wireless links.The standard security requirements in WSNs include confiden- tiality, authentication and availability. These security requirements can be provided by encryption and authentication services which in turn demands a comprehensive key management scheme. The goal of key management is to pre-distribute cryptographic keys or keying materials among the nodes prior to the deployment, revoke keys if nodes leave the network, assign new keys to the nodes joining the network and periodically refreshing the keys. However, providing key manage- ment in WSNs is difficult due to the unknown network topology prior to deployment, intermittent connectivity and resource limitations of the sensor network environment. Key management schemes consider hierarchical HSN consisting of a small number of high-end sensors (H-node) and a large number of low-end sensors (L-node). A key generation process is incorporated, where instead of generating a large pool of random keys, a key pool is represented by a small number of generation keys, in order to address storage overhead problem in the con- straint sensor nodes. For a given generation key and a publicly known seed value, a keyed-hash function generates a key chain; these key chains collectively make a key pool. In the scheme proposed, after discovering the shared pairwise keys with neighbors, all H-node and L-node de- stroy their initial key rings and generate new key rings by applying one-way hash function on node’s ID and initial key ring. As a consequence, new nodes can still be added in the network beyond the initial deployment even after the deletion of initial key rings from nodes memory. In addition, a self-healing group key distribution scheme is developed for secure multicast commu-nications in HSN environment. This scheme presents a strategy for securely distributing rekeying messages and specifies techniques for joining and leaving a group. Access control in multicast system is usually achieved by encrypting the content using an encryption key, known as the group key (session key) that is only known by the group controller and all legitimate group members. In proposed scheme, all rekeying messages, except for unicast of an individual key, are transmitted without any encryption using one-way hash function and XOR operation. Further, nodes are capa- ble of recovering lost session keys on their own, without requesting additional transmission from the group controller. Also the time-limited node revocation is achieved without any intervention from the GC. This research reports the implementation and the performance of the proposed schemes on Cross- bow’s MicaZ motes running TinyOS and evaluates the computation and storage costs of two keyed-hash algorithms for key chain generation, HMAC-SHA1 and HMAC-MD5. The results show that proposed scheme can significantly reduce the storage requirements as compared to other random key pre-distribution schemes. The performance analysis of the collusion resistant mechanism shows that even if a large number of nodes are compromised, an adversary can only exploit a small number of keys nearby the compromised nodes, while other keys in the network remain safe. Also, the resiliency against node capture is better than previous key pre-distribution schemes. The security analysis of secure group key distribution scheme shows that the proposed scheme is computationally secure and meets the security requirements for forward and backward secrecy.