1 / 25

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks. Wenliang (Kevin) Du , Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department of EECS Syracuse University. Overview. Wireless Sensor Networks (WSN). Key management problem in WSN. Existing solutions.

hailey
Download Presentation

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department of EECS Syracuse University

  2. Overview • Wireless Sensor Networks (WSN). • Key management problem in WSN. • Existing solutions. • Our solution. • Security and performance analysis. • Conclusion and future work.

  3. Sensors Deploy Wireless Sensor Networks

  4. Sensors Deploy Securing WSN Secure Channels

  5. Problem Description • How can each pair of neighboring nodes find a secret key? • Pairwise: secret keys are unique for each pair. • Can be used for authentication.

  6. Approaches • Trusted-Server Schemes • Finding trusted servers is difficult. • Public-Key Schemes • Expensive and infeasible for sensors. • Key Pre-distribution Schemes

  7. Key Pre-distribution • Goal: Loading Keys into sensor nodes prior to deployment, s.t. any two nodes can find a secret key between them after deployment • Challenges • Security: nodes can be compromised • Scalability: new nodes might be added later • Memory/Energy efficiency • Authentication: pairwise keys

  8. Naïve Solutions • Master-Key Approach • Memory efficient, but low security. • Needs Tamper-Resistant Hardware. • Pair-wise Key Approach • N-1 keys for each node (e.g. N=10,000). • Security is perfect. • Need a lot of memory and cannot add new nodes.

  9. Eschenauer-Gligor Scheme A m keys (random) B m C m Key Pool S m D E m • E.g., when |S| = 10,000, m=75, the local connectivity p = 0.50 • This scheme is further improved by Chan, Perrig, and Song (IEEE S&P 2003).

  10. Our Goal • Pairwise key pre-distribution scheme. • Use Blom Scheme. • Further improvement on performance and resilience. • Use random key pre-distribution scheme.

  11. Blom Scheme • Public matrix G • Private matrix D (symmetric). D +1 +1 G N +1 Let A = (D G)T A G = (D G)T G = GT DT G = GT D G = (A G)T

  12. Node i carries: Node j carries: Blom Scheme A = (D G)T G (D G)T G j i Kij i = N X Kji j N +1 N

  13. G Matrix To achieve -secure: Any +1 columns of G must be linearly independent. Vandermonde matrix has such a property. G =

  14. Properties of Blom Scheme • Blom’s Scheme • Network size is N • Any pair of nodes can directly find a secret key • Tolerate compromise up to  nodes • Need to store +2 keys • Our next goal: increase  without increasing the storage usage.

  15.  spaces  spaces  spaces Two nodes can find a pairwise Key if they carry a common Key space! Multiple Space Scheme Key-Space Pool (D1, G) (D2, G) (D, G)

  16. How to select and? • If the memory usage is m, the security threshold (probablistic) m is • To improve the security, we need to increase /2. • However, such an increase affects the connectivity.

  17. Measure Local Connectivity plocal= the probability that two neighboring nodes can find a common key.

  18. Plocal for different  and 

  19. Security Analysis • Network Resilience: • When x nodes are compromised, how many other secure links are affected?

  20. Resilience (p = 0.33, m=200) Blom

  21. Resilience (p = 0.50, m =200) Blom

  22. Other Analysis • Communication overhead • Computation overhead

  23. Improvement:Using Two-hop Neighbors = 7  = 2 = 31  = 2

  24. Conclusion • We have proposed a pairwise key pre-distribution scheme for WSN. • We analyzed security, computational overhead, communication overhead. • Our scheme substantially improves the network resilience.

  25. Independent Discoveries • The similar scheme is independently discovered by two other groups: • Liu and Ning from NC State (next talk). • Katz and his group from University of Maryland.

More Related