Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN
Source: Lecture Notes in Computer Science (2010)Authors: Qi Dong and Donggang LiuPresenter: Hsing-Lei WangDate: 2010/09/03
Outline
Introduction Pair-Wise Key Establishment Analysis and Discussion Comparison Security Reinforcing Version Conclusions
2
Introduction The proposed scheme’s main idea:
Deploy assisting sensor nodes to help key establishment between two regular sensor nodes
Advantages: Very high probability of establishing a shared
key Majority of sensors only need to store a single
key High resilience to node compromise Implementation on TelosB Motes
3
Protocol Description(1/3)
Initialization Let = network size, = assisting sensor
nodes Base station generates Master Key for
node Assisting node will get preloaded with
For instance, 1MB flash memory can store the hash images for 128,000 nodes (1 hash image=8bytes)
n m
uK
i
u
uH K i
4
Protocol Description(2/3)
Pair-Wise Key Establishment
u v
2
1 1,
uH Ku v
2,
uH Ku v
2 2uH KR
1 1uH KR
1 1vH KR
2 2vH KR
, 1 2 ...u v lK R R R
Assisting node i = 1,2,…,m
Assisting node i = 1,2,…,m 5
Protocol Description(3/3)
Supplemental Key Establishment
u
t2
1
v
2,
uH Ku v
2 2uH KR 2 2vH KR
1 2 2{ , ,..., }ul H KR R R
, 1 2 ...u v lK R R R 6
2,
uH Ku v
Analysis and Discussion (1/3)
Probability of Establishing Keys:
7
Analysis and Discussion (2/3)
Resilience against Node Capture
8
Analysis and Discussion (3/3)
Overheads Storage:
regular sensor: a single master key assisting sensor: n hash values
Computation: a few symmetric key operations and hash
operations Communication:
only one-hop range communication are needed in most case
9
Comparison (1/2)
Security Performance Setting:Network size n=20,000 nodes
Neighbors d=50 nodes Each sensor store=200 keys
P=Probability ofdirect key betweentwo sensor
10
Comparison (2/2)
Security Performance Setting:Network size n=20,000 nodes
Neighbors d=50 nodes Each sensor store=200 keys
P=Probability ofdirect key betweentwo sensor
11
Security Reinforcing Version
Security issue: Once an assisting node is compromised, the
attacker will get all the hash values and discover all the random keys generated by the node
Method to fix: Set a sequence number =0 and
in initialization After setup a pair-wise key between u and
v,
uS u uH H K i
replace with and increase and by 1u u u vH H H S S
12
Conclusion
This paper developed a novel scheme to establish the pair-wise keys in WSN Using of assisting sensor
The analysis indicates the scheme has several significant advantages over existing scheme High probability to establishing shared keys Good resilience against node capture Lower overhead (storage, computation, etc.)
13