Random key material distribution in wireless sensor networks

Random key material distribution

Submitted by:Varsha Anandani

13MIT0062

Introduction Security issues in wireless sensor networks Threats Random key material distribution Conclusion

Agenda

Wireless Information Networking Group (WING)

Wireless Sensor Networks A wireless sensor network (WSN) is composed of a

large number of low-cost sensor nodes randomly deployed to sense/monitor the field of interest, collect and process information, and make intelligent decision (actuation)

Sensor nodes Limited in energy, computation, and storage Sense/monitor their local environment Perform limited data processing Communicate over short distances Actuate/control (decision making)

Wireless Information Networking Group (WING)

Wireless Sensor Networks

sink

Design Challenges

Resource constraints pose many secure design challenges Security schemes for wired networks may NOT be

feasible for wireless networks Computationally intensive scheme will not work well Power hungry operations should be avoided (due to

either computation or communications) Trust model should be re-evaluated Non-conventional attacks should be investigated

and appropriate strategy should be designed

Security Issues

Authentication Key agreement Mitigating specific serious attacks Secure location discovery Broadcast authentication Secure data aggregation Secure clock synchronization Secure routing and MAC protocols Intrusion detection

Node Duplication Attack The attacker put clones of a captured node at

random or strategic locations in the network

sink

A

Random Walk Attack The attacker uses secret information of a

captured node to roam in the network

sink

A

Wormhole Attack Attackers tunnel packets received at one

location to another distant network location Allowing the attacker to

Disrupt routing, selectively drop packets, …

secret Wormhole link

A B

Key Agreement

Two neighboring nodes establish a shared secret key known only to themselves

The shared key is a prerequisite for Message encryption/decryption Message authentication

A Bencrypt/ authenticate

Key Generation and Establishment

Key Generation:

Given (ID, K), it is infeasible to derive s, as the Discrete Logarithm Problem is computationally hard in G1.

Key establishment: node A (IDA,KA) and node B (IDB,KB)

1 1( )

IDK sH ID G

Public key: Private key:

, 1

1 1

1 1

1

1

,

( , ( ))

( ( ), ( ))

( ( ), ( ))( ( ), )

( , ( ))

A B A B

A B

A B

A B

B A

B A

k f K H ID

f sH ID H ID

f H ID sH ID ff H ID K

f K H ID fk

is bilinear

is symmetric

A shared key is established without exchanging any information!!!

Random-key material distribution

Large pool of symmetric keys is chosen

Random subset of the pool is distributed to each sensor node

To communicate, two nodes search their pools for a common key If they find one, they use it to establish a session key Not every pair of nodes shares a common key, but if the

key-establishment probability is sufficiently high, nodes can securely communicate with sufficiently many nodes to obtain a connected network

No need to include a central trusted base station

Advantage

Attackers who compromised sufficiently many nodes could also reconstruct the complete key pool and break the scheme

Limitation