A scalable key pre-A scalable key pre-distribution mechanism distribution mechanism for large-scale wireless for large-scale wireless sensor networkssensor networks

Author: A. N. Shen, S. Guo, H. Y. Chien and M. Y. GuoSource: Concurrency and Computation-Practice & Experience, vol. 21, no. 10, pp.1373-1387, 2009. (Impact Factor = 1.004)Presenter: Yung-Chih Lu (呂勇志 )Date: 2010/09/17

1

OutlineOutlineIntroductionImproved Key Distribution

MechanismProposed SchemePerformance EvaluationSecurity AnalysisConclusionComment

2

Introduction Introduction (1/4)(1/4)

Large-scale WSN

WSN: Wireless Sensor Network3

Introduction Introduction (2/4)(2/4)

Goal◦Key agreement◦Against attack

node capture attack

◦Saving resource communication cost computation cost storage overhead

4

Blundo Polynomial-based protocolSetup server randomly generates a symmetric

bivariate t-degree polynomial　　　　　　　　　　　　　

Example: f(x,y) = 4x2y2 + x3y1 + x1y3 + 5

It’s a symmetric bivariate 3-degree polynomial

Introduction Introduction (3/4)(3/4)C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, M. Yung. "Perfectly-secure Key Distribution for DynamicConferences." Lecture Notes in Computer Science,471–486 , 1993.

[ ] 5 　０　０　００　０　０　１０　０　４　００　１　０　０

5

Blundo Polynomial-based protocol

Introduction Introduction (4/4)(4/4)

L-sensor: Low-end sensor s: Step

:Lv-sensor

5 1 4 1y0 y1 y2 y3 :Cluster head

step1: computes 1: Cluster Head ID 2: Lv-sensor ID f(1,y) = 4y2 + y1 + y3 + 5

f(2,y) = 16y2 + 8y1 + 2y3 + 5

step2: The Setup server loads the sensor node with coefficients

step3: Each sensor node broadcasts its own ID

step4: Receiver use ID to compute a shared secret keyKuv = f(u,v) = f(v,u) = Kvu

K12 = f(1,2) = 31 = f(2,1) = K21

5 8 16

2y0 y1 y2 y3

6

s3

s4

s4

Improved Key Distribution Improved Key Distribution Mechanism Mechanism (1/3)(1/3)

Key pre-distribution phase◦Cluster head

◦Sensor node

CHa id and CHb id

Y. Cheng and D. P. Agrawal, "improved key distribution mechanism for large-scale hierarchical wireless sensor networks." Journal of Ad Hoc Networks, vol.5, no.1, pp.35–48, 2007.

BS: base station f(x,y): t-degree bivariate symmetric polynomialCHi: Cluster head i CH: Set of cluster heads in a networkSi: Sensor node i KA-B: Symmetric key between A and B 7

Improved Key Distribution Improved Key Distribution Mechanism Mechanism (2/3)(2/3)

Inter-cluster pairwise key establishment◦step1: CHa and CHb exchange their

node id each other◦step2:

8

f(x,y): t-degree bivariate symmetric polynomialCHi: Cluster head i CH: Set of cluster heads in a networkKA-B: Symmetric key between A and Bs: step

8

:CHa

:CHb

s1

s2

s2

Improved Key Distribution Improved Key Distribution Mechanism Mechanism (3/3)(3/3)Intra-cluster pairwise key establishment

step1: Si sends its id, CHa id and CHb id to its CHj.

step2: CHj sends Si to CHa and CHb.

step3: CHu sends back to CHj.

, t=1,2 u=a,b

step4: CHj decrypts to get kt.

step5:

CHa:

:CHj

:CHb

:Si

CHj: Cluster head j Si: Sensor node I s: step 9

s1

s2

s2s3

s3

s4,s5

Proposed Scheme Proposed Scheme (1/3)(1/3)

Key pre-assignment phase◦Cluster head

◦Sensor node

BS: base station KA,B: Symmetric key between A and BCHi: Cluster head i with Id SNi: Sensor node i with Id f(x,y): t-degree bivariate symmetric polynomial

iCHId iSNId10

Proposed Scheme Proposed Scheme (2/3)(2/3)

Inter-cluster pair-wise key establishment phase

Step1:

Step3:

Step4:

Step2:

11

:CHa

:CHb

s1,s2

s3,s4

s3,s4

Proposed Scheme Proposed Scheme (3/3)(3/3)

Intra-cluster pair-wise key establishment phase

Step1:

Step3:

Step4:

Step2:

12

Performance Evaluation (1/2)

Storage cost and Computational cost

13

n: the number of low-end sensor node t: the degree of polynomialm: the number of cluster head SKPD: our scheme

Performance Evaluation (2/2)

Communication cost

14

LEKM: Low-Energy Key Management SKPD: our scheme IKDM: Improved Key Distribution Mechanism

Security Analysis (1/2)

Initialization of the network

15

LEKM: Low-Energy Key Management SKPD: our scheme IKDM: Improved Key Distribution Mechanism

Security Analysis (2/2)

After deployment of the network

16

LEKM: Low-Energy Key Management SKPD: our scheme IKDM: Improved Key Distribution Mechanism

ConclusionBest network resilience against

node capture attackCommunication overhead

scheme is zerolowest energy consumptionReduces the key storage

overheadSuitable for large-scale WSNs

17

Commentelasticity of demand is a lack of

this scheme.other attacks

18