1 A Key Pre-Distribution Scheme Using Deployment Knowledge for Wireless Sensor Networks Zhen Yu & Yong Guan Department of Electrical and Computer Engineering Iowa State University Sep. 15, 2004
Jan 22, 2016
1
A Key Pre-Distribution Scheme Using Deployment Knowledge for Wireless Sensor Networks
Zhen Yu & Yong Guan
Department of Electrical and Computer EngineeringIowa State University
Sep. 15, 2004
2
Outline
1. Introduction
2. Related work
3. Our scheme
4. Evaluation and simulation
5. Conclusions
3
Bootstrapping Problem (1)
Need to encrypt communications between sensor nodes against eavesdropping and node capture.
Bootstrapping problem: How to set up secret keys among nodes
4
Bootstrapping Problem (2)
Limitations of wireless sensor networks:
• Limited power resource;
• Limited computation capacity;
• Limited memory size;
• Limited transmission range r.
General methods cannot be used:
• Public-key cryptography consumes more energy and needs longer time;
• No trusted third party for online key management;
• Storing N-1 pairwise keys is not suitable for large sensor networks;
Solution: key pre-distribution scheme.
5
Basic Scheme
1. Each node picks k secret keys from a large key pool of size m.
2. Two neighboring nodes can establish secure connection if sharing at least one common key.
Key Pool
m keys
k
k
k
m
k
km
p 1
6
Du’s Deployment Knowledge Scheme (1)
Group-based deployment model:
• Drop nodes from a helicopter hanging above some deployment point;
• Divide sensor field into equal-size square grids;
• Divide sensor nodes into groups equally;
• The center of each grid is a deployment point, the expected location of a group of nodes;
• Each group is deployed into a corresponding grid;
• The real location of nodes of each group i follows a normal distribution:
2
22
2
])()[(
22
1),(
iyix yx
i eyxf
7
Du’s Deployment Knowledge Scheme (2)
A B C
D E
Divide a global key pool into multiple key pools
Shared keys between neighboring key pools
Global Key Pool
Global Key Pool
1a 1-a
Key assignment for all the key pools
8
Preliminary: Blom’s Scheme
• D is symmetric
• Public matrix G
• Secret matrix A
A = (DG)T = GTD
• K is symmetric
K = AG = GTDG
• Each node i stores the i-th row of A and the i-th column of G;
• Node i and j exchange their columns of G in plaintext and derive Kij = Kji;
• So G is public, while A is kept secret
• A can be broken after rows compromised.)1(
9
Our Scheme: Overview
Observation: Most neighbors come from the same group or neighboring groups
• Hexagonal deployment
• One public matrix G.
• Multiple secret matrices As and Bs.
• Each node picks rows from A and B.
Assignment of A: Each group has a distinct A.
Assignment of B: Any two neighboring groups share some common B(s).
A: in-group communications.
B: inter-group communications.
Nodes from the same group or neighboring groups can always find common keys.
10
Our Scheme: Assignment of B (1)
• Cluster: 7 neighboring groups
• At most 2 basic groups / cluster
• At most 2 rows / node
• At most 13 affected groups
11
Our Scheme: Assignment of B (2)
• At most 3 basic groups / cluster
• At most 3 rows / node
• At most 16 affected groups
12
Our Scheme: Assignment of B (3)
• At most 1 basic groups / cluster
• At most 3 rows / node
• Max # of affected groups: large
13
Our Scheme: Assignment of B (4)
• Cluster: 9 neighboring groups
• At most 3 basic groups / cluster
• At most 3 rows / node
• At most 21 affected groups
14
Our Scheme: Performance Metrics
• Connectivity:
The probability that the deployed network is connected
• Resilience against node capture:
The fraction of links compromised over the total number of links given some number of nodes are compromised
• Memory requirement:
The number of keys stored
15
Our Scheme: Connectivity Analysis (1)
MN, the longest edge of a random Minimum Spanning Tree
If set , we have
where Pc is the probability that the network is connected when N approaches infinite.
16
Our Scheme: Connectivity Analysis (2)
When nodes are not uniformly distributed, use the lowest node density over sensor field.
Normal distribution over 4x4 hexagonal grids
Lowest node density area
17
Our Scheme: Connectivity Analysis (3)
Constrain neighbors coming from neighboring groups
• Normal distribution: 99.87% nodes reside within 3σ of deployment point;
• Let any two non-neighboring groups be farther away than 6σ;
• So we set ( ) for hexagonal (square) grids.
Deploy 104 nodes into 103x103 m2 field with Pc = 0.9999:
• Our scheme: r = 31.25 m;
• The basic scheme and Du’s scheme: r = 40 m.
32l 3l
18
Our Scheme: Security Metrics
Global security:• The fraction of links compromised given some nodes are compromised
over the entire sensor field.
Local security:• The fraction of links compromised given some nodes are compromised in
some local area.
Simulation:• For local security: suppose nodes are uniformly distributed in each grid
and the compromised nodes come from the same grid.
• Deploy 104 nodes into 103x103 m2 sensor field with Pc = 0.9999
19
Our Scheme: Local Security
• Larger memory size brings a larger ;
• Hexagonal deployment is better than square one due to less affected groups.
20
Our Scheme: Global Security
• Better performance in security than other schemes;
• A lower memory requirement to achieve Pc = 0.9999.
21
Conclusions
• A novel key pre-distribution scheme;
• Hexagonal deployment;
• Smaller transmission range with the same connectivity;
• Better performance in security;
• Lower memory requirement.
22
References
• L. Eschenauer, et al., ''A Key-Management Scheme for Distributed Sensor networks'', in ACM CCS, 2002.
• W. Du, et al., ''A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge'', in IEEE INFOCOM, 2004.
• R. Blom, ''An Optimal Class of Symmetric Key Generation Systems'', in Advances in Cryptology: Proceedings of EUROCRYPT 84, LNCS, vol. 209, pp.335-338, 1985.
• W. Du, et al., ''A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks'', in ACM CCS, 2003.
• M. D. Penrose, ''The Longest Edge of the Random Minimum Spanning Tree'', in The Annals of Applied Probability, Vol. 7, No. 2, pp. 340-361, 1997.