An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005

An Efficient Key Management Scheme in Hierarchical Sensor Networks,2005

Author: Xiao Chen and Jawad Drissi

1. Outline Introduction Hierarchical sensor network model Key Management Scheme Communication by keys Analysis of the Effectiveness of the

Scheme Conclusion

1.1 Sensor network limitation

Vulnerability of physical capture Limited memory resources Limited bandwidth and transmission power

1.2 key management scheme design goals Resilience against sensor capture:防止某一 sensor被攻破，就使得節點全被攻破

Scale :

The key management scheme should still be working well with the increase of sensor numbers.

1.3 Traditional key distribution scheme A single key for the whole network:

This scheme has the problem of compromising the whole network when any sensor is captured.

A pair-wise shared key between every pair of sensor:This scheme requires each sensor to storen-1 shared keys.

2.Hierarchical sensor network model

A

C

D E

F

•A bubble represents a group.

•The dots within a bubble represent group members .

•Group member can communicate with each directly ,such as A and B.

•The high commander C can directly communicate with A or B.

•In order to let two sensors communicate securely , symmetric-key cryptography is used.

R

B

L1

L2

L3

L4

3. Key Management Scheme 3.1Group key: Each group should have a group key so that all the

members in a group can use it to communicate with each other. The key should be known to their commander so that it can send a command to the group encrypted by this key.

A B

C EX. Ａ want to communication with B, it will encrypt the message using group key KG{AB}

A→ {B} : {m} K G{AB}

3.2 Down-level Group Key:

All sensors (except leaf) should store the down-level group key of the group it directly leads. It can use the key to give commands to the group.

C 的 down level group key KG{AB} = A 和 B 的 group key KG{AB}

A B

C

3.3 Up-level Pair-wise Key:

Each member (except root) in a group should have a private pair-wise key with its direct commander.

A B

C

EX. B want to communicate with D, it will send the message to C using the up-level pair-wise key between B and C, and then C will relay the message to D using the up-level pair-wise key between C and D.

B → {C} : {m} KBC ; C → {D} : {m} KCD .

D

3.4 Down-level Pair-wise Key:

Each sensor (except leaf) should have a down-level pair-wise key with each of the group members it directly leads.

A B

C

EX. C want to communicate with A, it will send the message using down-level pair-wise key between C and A. C → {A} : {m} KCA .

Down-level group key K CA = Up-level group key K AC

EX.

A

C

D E

F

A → {C} : {m} KAC

using up-level pair-wise key

C → {D} : {m} KCD

using up-level pair wise key

D → {E} : {m} KG {DE}

using group key

E → {F} : {m} KEF

using down-level pair-wise key

4. sensor addition， deletion and replacement 3.1 sensor addition (a single sensor or a sen

sor with a subtree ) Step1:It will contact its direct commander.Step2:Its commander will generate a downlevel pai

r-wise key to be shared with the new sensor.Step3:send the new sensor its downlevelgroup key encrypted by the downlevel pair-wise ke

y.

Example: Sensor addition N will join the group of C.

D generate a down-level pair-wise key KDN to be sharedwith N (即為 N的 up-level pair-wise key KND)

再用 down-level pair-wise key把 down level group key加密後傳給 N(即為 N之 group key) D→ {N} : { KG {CN} }KDN

A

C

D E

FN

4.2 Sensor deletionStep1:Its direct commander will generate a new gro

up key.

Step2:It will remove the down-level pair-wise key shared with this sensor from its memory.

Step3:If the leveling sensor has a subtree, it will take all its off-springs out of the network.

Example : sensor deletion

C

D E

FN

N want to leave the network.

D will generate a new group key KG {CH} ,and send it to sensors C and H. D→ {C} : { K G (CH} } K DC

D→ {H} : { K G {CH} } K DH

And then D will remove the down-level pair-wise key K DN from its memory.

H

4.3 Sensor replacementStep1:Its direct commander will generate a down-

level pair-wise key with the new sensor.

Step2:The commander changes the group key of

the group it leads and send the new group key to

all the group members.

Step3:If the new sensor is not a leaf, after deployment, it will send each of its subordinates a new down-level pair-wise key for future communication and change their group key.

Example: Sensor replacement

C

D

N

H

I J

M

Sensor N needs to be replaced by a new sensor M. D generate a new down-level key KDM to shared with M. D changes the group key .K G {CHM}

D → {C} : {K G {CHM} }K DC

D → {H} : {K G {CHM} }K HC

D → {M}: {K G {CHM} }K MC

If M is not a leaf,M generate new down-level pair-wise keys KMI and KMJ

M generate a new group key K G{IJ}

R

5. Analysis of the Effectiveness of the Scheme Suppose there are n sensors on the network, th

e depth of the tree is d, if the tree is a complete tree, the number of sensors in a group is approximately logdn.

5.1 訊息傳送次數

沒有子樹 有子樹Addition 1 1

Deletion Logdn Logdn

Replacement Logdn 3logdn

5.2 各點所存的 KEY個數

Root logdn+1

Leaf 2

Others logdn+3A B

C

Example: R

D

R 包含 :group key K G {CD}

downlevel key KRC ,K RD

A,B:Group key KG {AB} ,uplevel Pair-wise key KAC, KBC

C 包含 :group key K G {CD}

Downlevel group key KG {AB}

downlevel key KCA ,K CB

uplevel Pair-wise key KCR

6. Conclusion

bring down the storage size bring down the number of message sent i

n updating to O(logdN)

7.Commends

若將替代之節點早已被攻破 ,commander如何識別跟預防 ?

一群點中如何去挑選 commander?由於 sensor的限制 ,群無法容納太多的成員