research article an efficient key management scheme based on ecc and avl...

8
Research Article An Efficient Key Management Scheme Based on ECC and AVL Tree for Large Scale Wireless Sensor Networks Zhongyuan Qin, 1 Xinshuai Zhang, 1 Kerong Feng, 1 Qunfang Zhang, 2 and Jie Huang 1 1 School of Information Science and Engineering, Southeast University, Nanjing 210096, China 2 Computer Department, Nanjing Institute of Artillery Corps, Nanjing 211132, China Correspondence should be addressed to Zhongyuan Qin; [email protected] Received 22 May 2015; Revised 17 August 2015; Accepted 20 August 2015 Academic Editor: Shusen Yang Copyright © 2015 Zhongyuan Qin et al. is is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. With the wide adoption of wireless sensor network (WSN), security problems emerge as a challenging issue because of the limited computational power and energy of the sensor nodes. Furthermore, the deployment of WSN in the hostile area with a large number of nodes also poses a threat. In this paper, we proposed a new efficient key management scheme based on Elliptic Curve Cryptography (ECC) and AVL tree for large scale WSNs. In our scheme the Elliptic Curve Paillier Encryption (ECPE) cryptography is adopted for communication and the AVL tree is used to store the neighbors’ ID and public key. e number of keys used in our scheme is smaller than the proposed schemes as we store these keys using AVL tree to shorten the search time. Regular key updates are also designed to further improve the security of the whole network. Our scheme has a good scalability where the node addition and deletion are supported. Experimental results and analysis show our scheme can significantly reduce the energy consumed by the node and reduce the memory and computational overhead. 1. Introduction Nowadays, wireless sensor networks (WSNs) have a critical application in military, medical, and industrial sectors. WSNs consist of a large number of tiny, cheap sensor nodes which are computational and energy-constrained. e security in WSNs is gaining importance as a large number of nodes may be exposed in hostile environments. If only one node is captured by the attacker, the whole network can be compro- mised. Because of the wireless connectivity, the absence of the physical protection, and the unattended deployment, the security in WSNs becomes a challenging research hotspot. Key management protocols are the core of the secure commu- nications [1–3]. e goal of the key management in WSNs is to establish secure links between neighbor sensors at network formation phase. Basically, there are two architectures available for WSNs. One is a distributed flat architecture and the other is a hierar- chical architecture. Considering the limitations of WSNs, the hierarchical network model has more operational advantages than the flat homogeneous model. One of the most famous hierarchical algorithms is Low-Energy Adaptive Clustering Hierarchy (LEACH) [4, 5], which was proposed by Chan- drakasan to balance the energy consuming among nodes by randomly rotating cluster head memberships among all nodes. In this paper, we propose an efficient key management scheme built on LEACH protocol. Furthermore, Elliptic Curve Paillier Encryption (ECPE) algorithm rather than general public key algorithms is adopted to achieve the key agreement with fewer keys and meet the needs of storage while catering to computing limited sensor nodes. We also use AVL tree (Georgy Adelson-Velsky and Evgenii Landis’ tree, named aſter the inventors) [6], which is a self-balancing binary search tree, to store the nodes’ ID and public keys which can greatly reduce the key search time and thus reduce the energy consumption. Combined with the energy-saving property of LEACH, our scheme can significantly reduce the energy consumed by the node and extend the network lifetime. Hindawi Publishing Corporation International Journal of Distributed Sensor Networks Volume 2015, Article ID 691498, 7 pages http://dx.doi.org/10.1155/2015/691498

Upload: others

Post on 02-Oct-2020

0 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

Research ArticleAn Efficient Key Management Scheme Based on ECC and AVLTree for Large Scale Wireless Sensor Networks

Zhongyuan Qin1 Xinshuai Zhang1 Kerong Feng1 Qunfang Zhang2 and Jie Huang1

1School of Information Science and Engineering Southeast University Nanjing 210096 China2Computer Department Nanjing Institute of Artillery Corps Nanjing 211132 China

Correspondence should be addressed to Zhongyuan Qin zyqinseueducn

Received 22 May 2015 Revised 17 August 2015 Accepted 20 August 2015

Academic Editor Shusen Yang

Copyright copy 2015 Zhongyuan Qin et alThis is an open access article distributed under theCreative CommonsAttribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

With the wide adoption of wireless sensor network (WSN) security problems emerge as a challenging issue because of the limitedcomputational power and energy of the sensor nodes Furthermore the deployment of WSN in the hostile area with a largenumber of nodes also poses a threat In this paper we proposed a new efficient key management scheme based on Elliptic CurveCryptography (ECC) andAVL tree for large scaleWSNs In our scheme the Elliptic Curve Paillier Encryption (ECPE) cryptographyis adopted for communication and the AVL tree is used to store the neighborsrsquo ID and public key The number of keys used in ourscheme is smaller than the proposed schemes as we store these keys using AVL tree to shorten the search time Regular key updatesare also designed to further improve the security of the whole network Our scheme has a good scalability where the node additionand deletion are supported Experimental results and analysis show our scheme can significantly reduce the energy consumed bythe node and reduce the memory and computational overhead

1 Introduction

Nowadays wireless sensor networks (WSNs) have a criticalapplication inmilitary medical and industrial sectorsWSNsconsist of a large number of tiny cheap sensor nodes whichare computational and energy-constrained The security inWSNs is gaining importance as a large number of nodesmay be exposed in hostile environments If only one node iscaptured by the attacker the whole network can be compro-mised

Because of the wireless connectivity the absence of thephysical protection and the unattended deployment thesecurity in WSNs becomes a challenging research hotspotKeymanagement protocols are the core of the secure commu-nications [1ndash3] The goal of the key management in WSNs isto establish secure links between neighbor sensors at networkformation phase

Basically there are two architectures available for WSNsOne is a distributed flat architecture and the other is a hierar-chical architecture Considering the limitations of WSNs thehierarchical networkmodel has more operational advantages

than the flat homogeneous model One of the most famoushierarchical algorithms is Low-Energy Adaptive ClusteringHierarchy (LEACH) [4 5] which was proposed by Chan-drakasan to balance the energy consuming among nodesby randomly rotating cluster head memberships among allnodes

In this paper we propose an efficient key managementscheme built on LEACH protocol Furthermore EllipticCurve Paillier Encryption (ECPE) algorithm rather thangeneral public key algorithms is adopted to achieve the keyagreement with fewer keys and meet the needs of storagewhile catering to computing limited sensor nodes We alsouse AVL tree (Georgy Adelson-Velsky and Evgenii Landisrsquotree named after the inventors) [6] which is a self-balancingbinary search tree to store the nodesrsquo ID and public keyswhich can greatly reduce the key search time and thus reducethe energy consumption Combined with the energy-savingproperty of LEACH our scheme can significantly reducethe energy consumed by the node and extend the networklifetime

Hindawi Publishing CorporationInternational Journal of Distributed Sensor NetworksVolume 2015 Article ID 691498 7 pageshttpdxdoiorg1011552015691498

2 International Journal of Distributed Sensor Networks

The contributions of this paper are as follows

(1) We are the first to use the AVL tree to store theneighborsrsquo ID and public keys thus less search timeand computing energy are consumed in large scaleWSN

(2) A combined scheme including LEACH and ECPE isproposed in which fewer keys are needed to be storedin the node Storage overhead is reduced for eachsensor node and the network lifetime is extended

(3) Quantitative memory and computation overheadwith a particular security analysis are provided Theobtained results show that our scheme can signifi-cantly reduce the energy consumed by the node andreduce the memory and computational overhead

As for the rest of this paper Section 2 introduces therelated works we give some preliminaries about ECPEalgorithm and AVL tree in Section 3 Section 4 describes theschemeweproposed in detail the performance analysis to theproposed scheme is elaborated in Section 5 finally this paperis concluded in Section 6

2 Related Works

Key management problems in WSNs have been extensivelystudied in the literature and various solutions have beenpresented In this work we mainly classify these schemesinto two categories symmetric schemes and asymmetricones In symmetric key schemes a preinstalled system-widesymmetric key or pairwise keys are usually stored on thedevices Symmetric key schemes are used in most of WSNsbecause they consume less computation time Asymmetrickey schemes adopt public key technology such as EllipticCurve Cryptography (ECC) to realize key distributionThough public key technology was thought to be too com-putationally expensive for WSNs recent studies [7 8] havesuccessfully implemented it in wireless sensor networks

Since there are lots of symmetric key managementschemes inWSNs we will not give them a review Useful sur-veys on symmetric keymanagement schemes can be found in[3 9 10]

The key management schemes based on public keycryptography (PKC) are convenient forWSNs comparedwiththose based on symmetric cryptographic algorithm Usuallythe PKC schemes are considered resource-rich so that theyare not suitable for WSN but recently many researchersput their eyes on the adoption of PKC in WSN Wandertet al made a comparison between RSA (the Rivest-Shamir-Adleman cryptosystem named after the inventors) and ECCin the nodes of WSNs and gave the conclusion that ECCbehaves better on storage computation and communicationoverhead [11] Ren et al come up with several effective PKCbased schemes upon the integration of several cryptographictechniques including the Bloom filter the partial message-recovery signature scheme and the Merkle hash tree [12]In terms of the elliptic curve discrete logarithm problemdifficulty they propose a key management scheme withoutsecure channel by adopting the key threshold theory but

they did not take into account security issues confrontedby each node when the share transfers in secret A keymanagement scheme without secure channel was proposedin [13] which is a combination of the discrete logarithmproblem on elliptic curve and the threshold key theory buthas left out the security issues that arise in the exchange of thesecret share between nodes In [14] the network was dividedinto three levels central authority (CA) server nodes (SN)and ordinary nodes (ON) SN generate session privatepublickeys for each node in the network which makes them themost vulnerable part in the whole network when capturedRajendiran et al proposed a key predistribution techniqueusing the ECC for WSNs They choose elliptic curve pointsas the key pool to achieve better connectivity But they stillcannot resist the node capture attack [15] Azarderakhsh etal proposed a keymanagement for heterogeneous sensor net-works using a hybrid technique of public key and symmetrickey cryptography while they assume that the CHs cannot becaptured and nodes know their own location [16] In [17]VEGK is proposed for key management in heterogeneouscluster basedWSNs using hybrid key management techniquebetween public key cryptography ECC and pairwise symmet-ric keys

Altogether state-of-the-art public key cryptographyschemes do not meet the strict limitation of resource-con-strained sensor nodes because a large computational over-head is introduced especially with large scale networkswhich is the common case for WSNs In this paper weproposed a novel efficient key management scheme based onECPE public key cryptography for WSNs We also use AVLtree to store the ID and public key in our scheme so as toshorten the search time Meanwhile we design regular keyupdates to further improve the security of the network andour scheme also provides perfect scalability to allow nodesaddition and removal

It must be stated that in [18] the AVL tree is also used tostore the ECC keys but they store the keys in a whole WSNIn their method each sensor node is associated with a leafand all keys located along the path from the leaf to the root ofthe AVL tree belong to that node If two nodes need a sharedkey they find the common ECC key which is at the highestlevel and closest to the leaves in the AVL tree However in ourscheme the AVL tree is used to store the neighborsrsquo publickeys in one node so as to reduce search time When thereare many neighbors in a large scale WSN there is no need togenerate the shared communication key in our scheme withthe AVL tree available

3 Preliminaries

31 LEACH LEACH was proposed by Heinzelman et al tobalance the energy consumption among nodes by randomlyrotating cluster head memberships among all nodes [19] andit can extend the network lifetime by 15 The operation ofLEACH is broken up into rounds Every round of LEACHhastwo phases one is the setup phase where nodes elect CH andthe other is the steady state phase where nodes communicatewith their CHs During the setup phase node 119899 chooses a

International Journal of Distributed Sensor Networks 3

random number between 0 and 1 If the number is less thanthe threshold 119879(119899) the node becomes a cluster head for thecurrent round The threshold is set as

119879 (119899) =

119875

1 minus 119875 lowast 119903 mod (1119875)if 119899 isin 119866

0 otherwise(1)

where 119875 is the desirable percentage to be CH 119903 is the currentround and 119866 is a set of nodes that have not been selected asCH in previous rounds

32 Elliptic Curve Paillier Encryption (ECPE) ECPE [20]was first proposed by Paillier in 2000 It is a probabilisticencryption scheme employing elliptic curves over rings basedon the use of twists of anomalous curves

It is known that curves 119864119901(119886 119887) over 119865119901 which have traceof Frobenius one (they are said to be anomalous) present theproperty that computing discrete logarithms on them is veryeasy [21] Okamato extended this property to 119901-subgroup of1198641199012(119886 119887) so that the projection onto 119865119901 gives the twist of ananomalous curve

The details of this cryptosystem are as follows

Initialization 119899 = 119901119902 is generated which is a product of twolarge primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod 3) Choose anelliptic curve 1198641198992(119886 119887) and a base point119866 isin 1198641198992 on this curve

Public Key Consider 119875119880 = (119899 1198641198992 119866)

Private Key 119904 = lcm(119901 + 2 119902 + 2) is the lowest commonmultiple of 119901 + 2 and 119902 + 2

Encryption Suppose the plaintext is 119872 isin 119885119899 pick random119903 lt 119899 and return the ciphertext 119862 = (119872 + 119899119903) sdot 119866

Decryption Compute119872 = Ψ119899(119904 sdot 119862)Ψ119899(119904 sdot 119866) mod 119899 whereΨ119899(119909 119910) = minus(119909119910) mod 1198992

33 The AVL Tree An AVL tree is a self-balancing binarysearch tree For each node of the tree the height difference ofits subtrees is at most 1 therefore it is also height-balanced119874(log 119899) time is needed for search insertion and deletionoperations in both the average and worst cases

Figure 1 shows an example of the AVL tree The values ofleft subtree are always smaller than the ones of the root nodewhile the values of the right subtree are always larger than theones of the root node In order to find a particular element inthe tree for example 28 we firstly compare the element withthe root node 54 We turn left because 28 is smaller than 54and then we find 28 larger than 17 so we turn right and find28

4 The Proposed Scheme

Our scheme is based on the networkmodel of LEACHwhichincludes a base station and a large number of sensor nodesThe base station is assumed to be trusted and capable ofcomputation and has storage ability Special cluster heads

54

17 89

4 28

16 33

9668

71 84

Figure 1 An example of the AVL tree

are not needed in our model which makes it more practicalfor WSNs We assume the node in our network is capableof running the ECPE algorithm The notations used in thispaper are listed in ldquoNotationsrdquo

Our scheme can be divided into two phases (1) networkformation phase where nodes elect CHs and generate thesession key with each other and (2) network steady statephase where nodes communicate with each other with thesession key Node addition node deletion and key updatingare also allowed during the second phase

The details of our scheme are as follows

41 Network Formation Phase

411 Key Predeployment Following the rules of ECPE firstlybase station chooses a large integer 119876 = 119901119902 as a product oftwo odd primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod3) Thenbase station chooses a safe elliptic curve 1198641198992 and a point 119866 onthis curve Afterwards base station calculates the parametersof ECPE for the nodes the public key 119876 = 119901119902 the privatekey 119878 = lcm(119901 + 2 119902 + 2) the identity of the node ID andan initial shared symmetric key ikey Finally the base stationstores these parameters that is 119876119894 119878119894 ID119894 and ikey into thenodes

412 Cluster Head Election During this phase all nodes areable to compete for the CHs for the current round using (1)The elected CHs send their own ID and public key to the basestation to get registered The base station makes an AVL treelist of all the CHsrsquo public keys and IDs and sends this list to thenodes encrypted by the ikey This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr BS

BS119864ikey(AVLCH)997888997888997888997888997888997888997888997888997888rarr All Nodes

(2)

413 Cluster Formation After the last step each node getsthe list of the CHsrsquo ID and the public key In order to form theclusters each CH broadcasts its own ID and public key to itsneighbors The neighboring nodes can verify their identifiersaccording to the list received from the base station Once

4 International Journal of Distributed Sensor Networks

ID1

ID2

ID3

ID4

ID5

middot middot middot

middot middot middot

Figure 2 The AVL tree formation process

a sensor node 119895 decides to join cluster 119894 it replies its ID andpublic key to CH119894 CH stores the nodesrsquo ID and public key ina form of AVL tree This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr Neighbor Nodes

Node119895119864119876119894(ID119895119876119895)

997888997888997888997888997888997888997888997888997888rarr CH119894

(3)

414 The AVL Tree Formation of Nodesrsquo Information Afterthe clusters are formed each node broadcasts its own IDand public key to its neighboring nodes The node gathers itsneighborsrsquo IDs and public keys and then stores them in AVLtree The creation of AVL tree is shown in Figure 2 the IDsof five nodes in this AVL tree are listed from small to largeID1 lt ID2 lt ID3 lt ID4 lt ID5 We put smaller nodes in leftsubtrees and larger nodes in right subtreesThen the rotationoperation of AVL tree is used to keep the balance so that theheight difference of the subtrees is 1 at most Consider

Node119895119864ikey(ID119895119876119895)997888997888997888997888997888997888997888997888997888rarr Nodeneighbor (4)

415 The Session Key Agreement between Nodes Supposenode 119860 wants to communicate with node 119861 then node 119860needs to generate a session key with node 119861 Firstly119860 queries119861rsquos public key in its AVL tree and then generates a randomnumber sKey as the session key 119860 then encrypts sKey andthe timestamp 1198791 with its own private key and reencryptsthe ciphertext plus 119860rsquos public key and ID using 119861rsquos publickey After 119861 decrypts the message 119861 verifies the legitimacyof 119860rsquos public key using its AVL tree If authentication passed119861 uses 119860rsquos public key to obtain the session key sKey and thetimestamp and checks the timestamp1198791 to prevent the replayattack 119861 then encrypts sKey and the timestamp 1198792 with itsown private key and reencrypts them together with 119861rsquos publickey and ID using 119860rsquos public key 119860 takes similar procedure toverify the identity of 119861 In this way mutual authentication isfinished and a session key is generated The above process isshown as follows

Node119860119864119876119861(119864119878119860(sKey119879

1)ID119860119876119860)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119861

Node119861119864119876119860(119864119878119861(sKey119879

2)ID119861119876119861)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119860

(5)

42 Network Steady State Phase

421 NewNodeAddition It is essential to add newnodes dueto the node energy depletion or captureThe new node has tobe registered at BS before being added to the network and BSwill store the current CH list to it After the deployment of thenew node it sends a ldquojoin-inrdquo request message including itsID and public key encrypted by its private key to the nearbyCH The CH will reencrypt the message with its own privatekey and then send it to BS BS verifies the identity of the newnode and replies with a confirming message to CHThen CHbroadcasts the new nodersquos ID and public key to the nodes inits cluster Now the new node can exchange public keys withits neighbor nodes and negotiate session keys with themThisabove process is shown as follows

BS119864119876new (AVLCH)997888997888997888997888997888997888997888997888997888997888rarr Nodenew

Nodenew119864119878new (IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888997888997888rarr CH119894

CH119894119864119878119894(119864119878new (IDnew119876new))

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr BS

BS119864119876119894(119884119873)

997888997888997888997888997888997888997888rarr CH119894

CH119894119864119876(IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888rarr ALL Nodes

(6)

422 Node Deletion If a sensor node does not send datafor a long time it will be considered as a dead node andwill be removed from the network CH broadcasts a messageincluding the nodersquos ID and public key to all nodes in thiscluster CH and the live node will update their AVL tree atthe same time

423 Key Update In LEACH algorithm reclustering isneeded after a certain period of time New CH will beelected according to formula (1) With the establishment ofthe new clusters the nodes will update the session key withits neighbors Therefore the energy consumption can bebalancedwhichwill extend the lifetime of thewhole networkMeanwhile security is also enhanced by the updated sessionkey

5 Performance Evaluation

51 Security Analysis Prior to the deployment of sensornodes in our scheme a shared key is preset to encryptthe information exchanged during the network formationphase therefore the adversary is unable to acquire the nodesrsquoidentityWhat ismore each nodemutually verifies the otherrsquosidentity by AVL tree when they try to agree on a session keyHence it is impossible for the adversary to launch identityrelated attacks for instance the Sybil attack The usage ofECPE cryptography makes our network more secure thaneither symmetric cryptography or the traditional public keycryptography like RSA Public key cryptography preventsplenty of frequent attacks on the network like selectiveforwarding Flooding and Sinkhole attack In addition

International Journal of Distributed Sensor Networks 5

Table 1 Comparison of memory overhead

Rajendiranet alrsquos

Azarderakhshet alrsquos

El-Din etalrsquos Ours

Storage neededfor CH (bit) 52480 144480 8000 16000

Storage neededfor sensornode (bit)

52480 16320 7040 5120

signature verification can be achieved by the private keyencryption A timestamp is also adopted in our scheme toavoid the replay attack

We use public key cryptography to generate a sessionkey which will be updated after a certain period of timebetween two nodes In our scheme different pairs of nodesshare different session keys Even if the adversary captures afew sensor nodes he cannot get the session key between othernodes and cannot recover the keys used before so that theforward secrecy of the network is ensured On the contraryin Rajendiran et alrsquos scheme if an adversary compromisesone more node every time he can obtain more informationabout the ECCkey poolWhen the number of captured nodesexceeds some threshold the adversary will be able to recoverthe entire ECC key pool and thus compromise the wholenetwork

52 Memory Overhead For the convenience of comparisononmemory overhead we follow the network size of Azarder-akhsh et alrsquos [16] 1000 nodes and 10 clusters every roundwhile each node has 31 neighbor nodes As stated previously asensor node in our scheme only needs to store the public keysof its cluster head and neighbors and the CH needs to storethe nodesrsquo public keys in its cluster In El-Din et alrsquos schemeCH only stores its neighborsrsquo keys which makes it hard forthe CH to manage the cluster However in Azarderakhsh etalrsquos scheme a node needs to store its neighborsrsquo public keysplus the public keys of all CHs In Rajendiran et alrsquos schemethey combined ECC with E-G scheme to distribute keys Theprobability of a sensor node sharing one key with its neighboris 1198751015840 = 1 minus (119901 minus 119903)[(119901 minus 2 times 119903) times 119901119903] where 119901 is thesize of key pool and 119903 is the size of key chain For Rajendiranet alrsquos scheme they need 119901 = 5000 and a chain of 120 keysto achieve a 95 connectivity while 328 keys are needed tohave 99999 connectivity Suppose the length of ECC keyis 160 bits Table 1 shows the superiority of our proposedscheme compared to those proposed by El-Din et al [22]Azarderakhsh et al [16] and Rajendiran et al [15]

53 Computational Overhead Our scheme uses along withEl-Din et alrsquos and Azarderakhsh et alrsquos schemes ECC basedalgorithm for encryption and decryption Since ECC basedencryption and decryption are the most energy consumingoperations in the schemes we make a comparison on thetimes of ECC based encryption and decryption to show thecomputational efficiency In order to facilitate the compari-son we assume a small cluster with one cluster head (CH)and 10 normal nodes We first compare the ECC operations

Table 2 Comparison of computational overhead (ECC operations)

Azarderakhshet al (times)

El-Din etal (times) Ours (times)

Cluster head 100 40 10Sensor node 3 5 5

in CH In Azarderakhsh et alrsquos scheme the session keyshared between two nodes is distributed by CH For the10 nodes cluster there are altogether 45 keys between eachtwo nodes then CH encrypts the session key with the twonode public keys respectively so it needs 90 ECC basedencryption operations plus the 10 session keys between itselfand the 10 nodes which means 100 ECC based encryptionoperations in total In El-Din et alrsquos scheme CH needs 4ECC based encryption and decryption operations with onenode which equals 400 ECC operations needed by CH for10 nodes However in our scheme only 1 ECC operation isneeded for one node and 10 for 10 nodes Then we comparethe ECC operations for one normal node during the periodit joins in the cluster and shares a session key with itsneighbor InAzarderakhsh et alrsquos scheme a node needs 3 ECCoperations while 5 are needed for the node in El-Din et alrsquosscheme In our scheme the nodes need to authenticate eachother through verifying signature so the node needs 5 ECCoperations too Comparisons of the number of ECC basedencryption and decryption operations executed by CH andnodes are shown inTable 2We can see from the table that ourscheme has superiority in overall computational overhead

54 Energy Consumption Given the large number of nodesWSNs usually take a long time and lot of energy to find thepublic key of a certain node In our scheme we use the AVLtree to store the data so that search time and the energy costcan also be significantly reduced For instance it needs (119899 +1)2 operations to search one node among 119899 nodes in directsearch namely the time complexity is119874(119899) It is only119874(log 119899)when using AVL tree while the schemes of Rajendiran etal Azarderakhsh et al and El-Din et al are direct searchFigure 3 shows the comparison of search time between thedirect search and the AVL tree We also implement ourproposed scheme inMicrosoft Visual C++ 60The operatingsystem is Windows 7 Ultimate The computer configurationis as follows CPU Intel Core i5 32 GHz memory 4GB harddisc 500GB We test our AVL tree method in 3 scenarios100 nodes 2000 nodes and 10000 nodes Ten searches areexecuted for every scenario and the average time cost is listedin Table 3 The result shows that with the increasing nodesnumber the AVL tree method demonstrates its superiorityin search time In other words the energy consumption ofsearching in our scheme is much less than in the schemesusing direct search method

6 Conclusion

In this paper an efficient key management scheme based onECPE and AVL tree for large scale wireless sensor networks is

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 2: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

2 International Journal of Distributed Sensor Networks

The contributions of this paper are as follows

(1) We are the first to use the AVL tree to store theneighborsrsquo ID and public keys thus less search timeand computing energy are consumed in large scaleWSN

(2) A combined scheme including LEACH and ECPE isproposed in which fewer keys are needed to be storedin the node Storage overhead is reduced for eachsensor node and the network lifetime is extended

(3) Quantitative memory and computation overheadwith a particular security analysis are provided Theobtained results show that our scheme can signifi-cantly reduce the energy consumed by the node andreduce the memory and computational overhead

As for the rest of this paper Section 2 introduces therelated works we give some preliminaries about ECPEalgorithm and AVL tree in Section 3 Section 4 describes theschemeweproposed in detail the performance analysis to theproposed scheme is elaborated in Section 5 finally this paperis concluded in Section 6

2 Related Works

Key management problems in WSNs have been extensivelystudied in the literature and various solutions have beenpresented In this work we mainly classify these schemesinto two categories symmetric schemes and asymmetricones In symmetric key schemes a preinstalled system-widesymmetric key or pairwise keys are usually stored on thedevices Symmetric key schemes are used in most of WSNsbecause they consume less computation time Asymmetrickey schemes adopt public key technology such as EllipticCurve Cryptography (ECC) to realize key distributionThough public key technology was thought to be too com-putationally expensive for WSNs recent studies [7 8] havesuccessfully implemented it in wireless sensor networks

Since there are lots of symmetric key managementschemes inWSNs we will not give them a review Useful sur-veys on symmetric keymanagement schemes can be found in[3 9 10]

The key management schemes based on public keycryptography (PKC) are convenient forWSNs comparedwiththose based on symmetric cryptographic algorithm Usuallythe PKC schemes are considered resource-rich so that theyare not suitable for WSN but recently many researchersput their eyes on the adoption of PKC in WSN Wandertet al made a comparison between RSA (the Rivest-Shamir-Adleman cryptosystem named after the inventors) and ECCin the nodes of WSNs and gave the conclusion that ECCbehaves better on storage computation and communicationoverhead [11] Ren et al come up with several effective PKCbased schemes upon the integration of several cryptographictechniques including the Bloom filter the partial message-recovery signature scheme and the Merkle hash tree [12]In terms of the elliptic curve discrete logarithm problemdifficulty they propose a key management scheme withoutsecure channel by adopting the key threshold theory but

they did not take into account security issues confrontedby each node when the share transfers in secret A keymanagement scheme without secure channel was proposedin [13] which is a combination of the discrete logarithmproblem on elliptic curve and the threshold key theory buthas left out the security issues that arise in the exchange of thesecret share between nodes In [14] the network was dividedinto three levels central authority (CA) server nodes (SN)and ordinary nodes (ON) SN generate session privatepublickeys for each node in the network which makes them themost vulnerable part in the whole network when capturedRajendiran et al proposed a key predistribution techniqueusing the ECC for WSNs They choose elliptic curve pointsas the key pool to achieve better connectivity But they stillcannot resist the node capture attack [15] Azarderakhsh etal proposed a keymanagement for heterogeneous sensor net-works using a hybrid technique of public key and symmetrickey cryptography while they assume that the CHs cannot becaptured and nodes know their own location [16] In [17]VEGK is proposed for key management in heterogeneouscluster basedWSNs using hybrid key management techniquebetween public key cryptography ECC and pairwise symmet-ric keys

Altogether state-of-the-art public key cryptographyschemes do not meet the strict limitation of resource-con-strained sensor nodes because a large computational over-head is introduced especially with large scale networkswhich is the common case for WSNs In this paper weproposed a novel efficient key management scheme based onECPE public key cryptography for WSNs We also use AVLtree to store the ID and public key in our scheme so as toshorten the search time Meanwhile we design regular keyupdates to further improve the security of the network andour scheme also provides perfect scalability to allow nodesaddition and removal

It must be stated that in [18] the AVL tree is also used tostore the ECC keys but they store the keys in a whole WSNIn their method each sensor node is associated with a leafand all keys located along the path from the leaf to the root ofthe AVL tree belong to that node If two nodes need a sharedkey they find the common ECC key which is at the highestlevel and closest to the leaves in the AVL tree However in ourscheme the AVL tree is used to store the neighborsrsquo publickeys in one node so as to reduce search time When thereare many neighbors in a large scale WSN there is no need togenerate the shared communication key in our scheme withthe AVL tree available

3 Preliminaries

31 LEACH LEACH was proposed by Heinzelman et al tobalance the energy consumption among nodes by randomlyrotating cluster head memberships among all nodes [19] andit can extend the network lifetime by 15 The operation ofLEACH is broken up into rounds Every round of LEACHhastwo phases one is the setup phase where nodes elect CH andthe other is the steady state phase where nodes communicatewith their CHs During the setup phase node 119899 chooses a

International Journal of Distributed Sensor Networks 3

random number between 0 and 1 If the number is less thanthe threshold 119879(119899) the node becomes a cluster head for thecurrent round The threshold is set as

119879 (119899) =

119875

1 minus 119875 lowast 119903 mod (1119875)if 119899 isin 119866

0 otherwise(1)

where 119875 is the desirable percentage to be CH 119903 is the currentround and 119866 is a set of nodes that have not been selected asCH in previous rounds

32 Elliptic Curve Paillier Encryption (ECPE) ECPE [20]was first proposed by Paillier in 2000 It is a probabilisticencryption scheme employing elliptic curves over rings basedon the use of twists of anomalous curves

It is known that curves 119864119901(119886 119887) over 119865119901 which have traceof Frobenius one (they are said to be anomalous) present theproperty that computing discrete logarithms on them is veryeasy [21] Okamato extended this property to 119901-subgroup of1198641199012(119886 119887) so that the projection onto 119865119901 gives the twist of ananomalous curve

The details of this cryptosystem are as follows

Initialization 119899 = 119901119902 is generated which is a product of twolarge primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod 3) Choose anelliptic curve 1198641198992(119886 119887) and a base point119866 isin 1198641198992 on this curve

Public Key Consider 119875119880 = (119899 1198641198992 119866)

Private Key 119904 = lcm(119901 + 2 119902 + 2) is the lowest commonmultiple of 119901 + 2 and 119902 + 2

Encryption Suppose the plaintext is 119872 isin 119885119899 pick random119903 lt 119899 and return the ciphertext 119862 = (119872 + 119899119903) sdot 119866

Decryption Compute119872 = Ψ119899(119904 sdot 119862)Ψ119899(119904 sdot 119866) mod 119899 whereΨ119899(119909 119910) = minus(119909119910) mod 1198992

33 The AVL Tree An AVL tree is a self-balancing binarysearch tree For each node of the tree the height difference ofits subtrees is at most 1 therefore it is also height-balanced119874(log 119899) time is needed for search insertion and deletionoperations in both the average and worst cases

Figure 1 shows an example of the AVL tree The values ofleft subtree are always smaller than the ones of the root nodewhile the values of the right subtree are always larger than theones of the root node In order to find a particular element inthe tree for example 28 we firstly compare the element withthe root node 54 We turn left because 28 is smaller than 54and then we find 28 larger than 17 so we turn right and find28

4 The Proposed Scheme

Our scheme is based on the networkmodel of LEACHwhichincludes a base station and a large number of sensor nodesThe base station is assumed to be trusted and capable ofcomputation and has storage ability Special cluster heads

54

17 89

4 28

16 33

9668

71 84

Figure 1 An example of the AVL tree

are not needed in our model which makes it more practicalfor WSNs We assume the node in our network is capableof running the ECPE algorithm The notations used in thispaper are listed in ldquoNotationsrdquo

Our scheme can be divided into two phases (1) networkformation phase where nodes elect CHs and generate thesession key with each other and (2) network steady statephase where nodes communicate with each other with thesession key Node addition node deletion and key updatingare also allowed during the second phase

The details of our scheme are as follows

41 Network Formation Phase

411 Key Predeployment Following the rules of ECPE firstlybase station chooses a large integer 119876 = 119901119902 as a product oftwo odd primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod3) Thenbase station chooses a safe elliptic curve 1198641198992 and a point 119866 onthis curve Afterwards base station calculates the parametersof ECPE for the nodes the public key 119876 = 119901119902 the privatekey 119878 = lcm(119901 + 2 119902 + 2) the identity of the node ID andan initial shared symmetric key ikey Finally the base stationstores these parameters that is 119876119894 119878119894 ID119894 and ikey into thenodes

412 Cluster Head Election During this phase all nodes areable to compete for the CHs for the current round using (1)The elected CHs send their own ID and public key to the basestation to get registered The base station makes an AVL treelist of all the CHsrsquo public keys and IDs and sends this list to thenodes encrypted by the ikey This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr BS

BS119864ikey(AVLCH)997888997888997888997888997888997888997888997888997888rarr All Nodes

(2)

413 Cluster Formation After the last step each node getsthe list of the CHsrsquo ID and the public key In order to form theclusters each CH broadcasts its own ID and public key to itsneighbors The neighboring nodes can verify their identifiersaccording to the list received from the base station Once

4 International Journal of Distributed Sensor Networks

ID1

ID2

ID3

ID4

ID5

middot middot middot

middot middot middot

Figure 2 The AVL tree formation process

a sensor node 119895 decides to join cluster 119894 it replies its ID andpublic key to CH119894 CH stores the nodesrsquo ID and public key ina form of AVL tree This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr Neighbor Nodes

Node119895119864119876119894(ID119895119876119895)

997888997888997888997888997888997888997888997888997888rarr CH119894

(3)

414 The AVL Tree Formation of Nodesrsquo Information Afterthe clusters are formed each node broadcasts its own IDand public key to its neighboring nodes The node gathers itsneighborsrsquo IDs and public keys and then stores them in AVLtree The creation of AVL tree is shown in Figure 2 the IDsof five nodes in this AVL tree are listed from small to largeID1 lt ID2 lt ID3 lt ID4 lt ID5 We put smaller nodes in leftsubtrees and larger nodes in right subtreesThen the rotationoperation of AVL tree is used to keep the balance so that theheight difference of the subtrees is 1 at most Consider

Node119895119864ikey(ID119895119876119895)997888997888997888997888997888997888997888997888997888rarr Nodeneighbor (4)

415 The Session Key Agreement between Nodes Supposenode 119860 wants to communicate with node 119861 then node 119860needs to generate a session key with node 119861 Firstly119860 queries119861rsquos public key in its AVL tree and then generates a randomnumber sKey as the session key 119860 then encrypts sKey andthe timestamp 1198791 with its own private key and reencryptsthe ciphertext plus 119860rsquos public key and ID using 119861rsquos publickey After 119861 decrypts the message 119861 verifies the legitimacyof 119860rsquos public key using its AVL tree If authentication passed119861 uses 119860rsquos public key to obtain the session key sKey and thetimestamp and checks the timestamp1198791 to prevent the replayattack 119861 then encrypts sKey and the timestamp 1198792 with itsown private key and reencrypts them together with 119861rsquos publickey and ID using 119860rsquos public key 119860 takes similar procedure toverify the identity of 119861 In this way mutual authentication isfinished and a session key is generated The above process isshown as follows

Node119860119864119876119861(119864119878119860(sKey119879

1)ID119860119876119860)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119861

Node119861119864119876119860(119864119878119861(sKey119879

2)ID119861119876119861)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119860

(5)

42 Network Steady State Phase

421 NewNodeAddition It is essential to add newnodes dueto the node energy depletion or captureThe new node has tobe registered at BS before being added to the network and BSwill store the current CH list to it After the deployment of thenew node it sends a ldquojoin-inrdquo request message including itsID and public key encrypted by its private key to the nearbyCH The CH will reencrypt the message with its own privatekey and then send it to BS BS verifies the identity of the newnode and replies with a confirming message to CHThen CHbroadcasts the new nodersquos ID and public key to the nodes inits cluster Now the new node can exchange public keys withits neighbor nodes and negotiate session keys with themThisabove process is shown as follows

BS119864119876new (AVLCH)997888997888997888997888997888997888997888997888997888997888rarr Nodenew

Nodenew119864119878new (IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888997888997888rarr CH119894

CH119894119864119878119894(119864119878new (IDnew119876new))

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr BS

BS119864119876119894(119884119873)

997888997888997888997888997888997888997888rarr CH119894

CH119894119864119876(IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888rarr ALL Nodes

(6)

422 Node Deletion If a sensor node does not send datafor a long time it will be considered as a dead node andwill be removed from the network CH broadcasts a messageincluding the nodersquos ID and public key to all nodes in thiscluster CH and the live node will update their AVL tree atthe same time

423 Key Update In LEACH algorithm reclustering isneeded after a certain period of time New CH will beelected according to formula (1) With the establishment ofthe new clusters the nodes will update the session key withits neighbors Therefore the energy consumption can bebalancedwhichwill extend the lifetime of thewhole networkMeanwhile security is also enhanced by the updated sessionkey

5 Performance Evaluation

51 Security Analysis Prior to the deployment of sensornodes in our scheme a shared key is preset to encryptthe information exchanged during the network formationphase therefore the adversary is unable to acquire the nodesrsquoidentityWhat ismore each nodemutually verifies the otherrsquosidentity by AVL tree when they try to agree on a session keyHence it is impossible for the adversary to launch identityrelated attacks for instance the Sybil attack The usage ofECPE cryptography makes our network more secure thaneither symmetric cryptography or the traditional public keycryptography like RSA Public key cryptography preventsplenty of frequent attacks on the network like selectiveforwarding Flooding and Sinkhole attack In addition

International Journal of Distributed Sensor Networks 5

Table 1 Comparison of memory overhead

Rajendiranet alrsquos

Azarderakhshet alrsquos

El-Din etalrsquos Ours

Storage neededfor CH (bit) 52480 144480 8000 16000

Storage neededfor sensornode (bit)

52480 16320 7040 5120

signature verification can be achieved by the private keyencryption A timestamp is also adopted in our scheme toavoid the replay attack

We use public key cryptography to generate a sessionkey which will be updated after a certain period of timebetween two nodes In our scheme different pairs of nodesshare different session keys Even if the adversary captures afew sensor nodes he cannot get the session key between othernodes and cannot recover the keys used before so that theforward secrecy of the network is ensured On the contraryin Rajendiran et alrsquos scheme if an adversary compromisesone more node every time he can obtain more informationabout the ECCkey poolWhen the number of captured nodesexceeds some threshold the adversary will be able to recoverthe entire ECC key pool and thus compromise the wholenetwork

52 Memory Overhead For the convenience of comparisononmemory overhead we follow the network size of Azarder-akhsh et alrsquos [16] 1000 nodes and 10 clusters every roundwhile each node has 31 neighbor nodes As stated previously asensor node in our scheme only needs to store the public keysof its cluster head and neighbors and the CH needs to storethe nodesrsquo public keys in its cluster In El-Din et alrsquos schemeCH only stores its neighborsrsquo keys which makes it hard forthe CH to manage the cluster However in Azarderakhsh etalrsquos scheme a node needs to store its neighborsrsquo public keysplus the public keys of all CHs In Rajendiran et alrsquos schemethey combined ECC with E-G scheme to distribute keys Theprobability of a sensor node sharing one key with its neighboris 1198751015840 = 1 minus (119901 minus 119903)[(119901 minus 2 times 119903) times 119901119903] where 119901 is thesize of key pool and 119903 is the size of key chain For Rajendiranet alrsquos scheme they need 119901 = 5000 and a chain of 120 keysto achieve a 95 connectivity while 328 keys are needed tohave 99999 connectivity Suppose the length of ECC keyis 160 bits Table 1 shows the superiority of our proposedscheme compared to those proposed by El-Din et al [22]Azarderakhsh et al [16] and Rajendiran et al [15]

53 Computational Overhead Our scheme uses along withEl-Din et alrsquos and Azarderakhsh et alrsquos schemes ECC basedalgorithm for encryption and decryption Since ECC basedencryption and decryption are the most energy consumingoperations in the schemes we make a comparison on thetimes of ECC based encryption and decryption to show thecomputational efficiency In order to facilitate the compari-son we assume a small cluster with one cluster head (CH)and 10 normal nodes We first compare the ECC operations

Table 2 Comparison of computational overhead (ECC operations)

Azarderakhshet al (times)

El-Din etal (times) Ours (times)

Cluster head 100 40 10Sensor node 3 5 5

in CH In Azarderakhsh et alrsquos scheme the session keyshared between two nodes is distributed by CH For the10 nodes cluster there are altogether 45 keys between eachtwo nodes then CH encrypts the session key with the twonode public keys respectively so it needs 90 ECC basedencryption operations plus the 10 session keys between itselfand the 10 nodes which means 100 ECC based encryptionoperations in total In El-Din et alrsquos scheme CH needs 4ECC based encryption and decryption operations with onenode which equals 400 ECC operations needed by CH for10 nodes However in our scheme only 1 ECC operation isneeded for one node and 10 for 10 nodes Then we comparethe ECC operations for one normal node during the periodit joins in the cluster and shares a session key with itsneighbor InAzarderakhsh et alrsquos scheme a node needs 3 ECCoperations while 5 are needed for the node in El-Din et alrsquosscheme In our scheme the nodes need to authenticate eachother through verifying signature so the node needs 5 ECCoperations too Comparisons of the number of ECC basedencryption and decryption operations executed by CH andnodes are shown inTable 2We can see from the table that ourscheme has superiority in overall computational overhead

54 Energy Consumption Given the large number of nodesWSNs usually take a long time and lot of energy to find thepublic key of a certain node In our scheme we use the AVLtree to store the data so that search time and the energy costcan also be significantly reduced For instance it needs (119899 +1)2 operations to search one node among 119899 nodes in directsearch namely the time complexity is119874(119899) It is only119874(log 119899)when using AVL tree while the schemes of Rajendiran etal Azarderakhsh et al and El-Din et al are direct searchFigure 3 shows the comparison of search time between thedirect search and the AVL tree We also implement ourproposed scheme inMicrosoft Visual C++ 60The operatingsystem is Windows 7 Ultimate The computer configurationis as follows CPU Intel Core i5 32 GHz memory 4GB harddisc 500GB We test our AVL tree method in 3 scenarios100 nodes 2000 nodes and 10000 nodes Ten searches areexecuted for every scenario and the average time cost is listedin Table 3 The result shows that with the increasing nodesnumber the AVL tree method demonstrates its superiorityin search time In other words the energy consumption ofsearching in our scheme is much less than in the schemesusing direct search method

6 Conclusion

In this paper an efficient key management scheme based onECPE and AVL tree for large scale wireless sensor networks is

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 3: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

International Journal of Distributed Sensor Networks 3

random number between 0 and 1 If the number is less thanthe threshold 119879(119899) the node becomes a cluster head for thecurrent round The threshold is set as

119879 (119899) =

119875

1 minus 119875 lowast 119903 mod (1119875)if 119899 isin 119866

0 otherwise(1)

where 119875 is the desirable percentage to be CH 119903 is the currentround and 119866 is a set of nodes that have not been selected asCH in previous rounds

32 Elliptic Curve Paillier Encryption (ECPE) ECPE [20]was first proposed by Paillier in 2000 It is a probabilisticencryption scheme employing elliptic curves over rings basedon the use of twists of anomalous curves

It is known that curves 119864119901(119886 119887) over 119865119901 which have traceof Frobenius one (they are said to be anomalous) present theproperty that computing discrete logarithms on them is veryeasy [21] Okamato extended this property to 119901-subgroup of1198641199012(119886 119887) so that the projection onto 119865119901 gives the twist of ananomalous curve

The details of this cryptosystem are as follows

Initialization 119899 = 119901119902 is generated which is a product of twolarge primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod 3) Choose anelliptic curve 1198641198992(119886 119887) and a base point119866 isin 1198641198992 on this curve

Public Key Consider 119875119880 = (119899 1198641198992 119866)

Private Key 119904 = lcm(119901 + 2 119902 + 2) is the lowest commonmultiple of 119901 + 2 and 119902 + 2

Encryption Suppose the plaintext is 119872 isin 119885119899 pick random119903 lt 119899 and return the ciphertext 119862 = (119872 + 119899119903) sdot 119866

Decryption Compute119872 = Ψ119899(119904 sdot 119862)Ψ119899(119904 sdot 119866) mod 119899 whereΨ119899(119909 119910) = minus(119909119910) mod 1198992

33 The AVL Tree An AVL tree is a self-balancing binarysearch tree For each node of the tree the height difference ofits subtrees is at most 1 therefore it is also height-balanced119874(log 119899) time is needed for search insertion and deletionoperations in both the average and worst cases

Figure 1 shows an example of the AVL tree The values ofleft subtree are always smaller than the ones of the root nodewhile the values of the right subtree are always larger than theones of the root node In order to find a particular element inthe tree for example 28 we firstly compare the element withthe root node 54 We turn left because 28 is smaller than 54and then we find 28 larger than 17 so we turn right and find28

4 The Proposed Scheme

Our scheme is based on the networkmodel of LEACHwhichincludes a base station and a large number of sensor nodesThe base station is assumed to be trusted and capable ofcomputation and has storage ability Special cluster heads

54

17 89

4 28

16 33

9668

71 84

Figure 1 An example of the AVL tree

are not needed in our model which makes it more practicalfor WSNs We assume the node in our network is capableof running the ECPE algorithm The notations used in thispaper are listed in ldquoNotationsrdquo

Our scheme can be divided into two phases (1) networkformation phase where nodes elect CHs and generate thesession key with each other and (2) network steady statephase where nodes communicate with each other with thesession key Node addition node deletion and key updatingare also allowed during the second phase

The details of our scheme are as follows

41 Network Formation Phase

411 Key Predeployment Following the rules of ECPE firstlybase station chooses a large integer 119876 = 119901119902 as a product oftwo odd primes 119901 and 119902 while 119901 equiv 119902 equiv 2 (mod3) Thenbase station chooses a safe elliptic curve 1198641198992 and a point 119866 onthis curve Afterwards base station calculates the parametersof ECPE for the nodes the public key 119876 = 119901119902 the privatekey 119878 = lcm(119901 + 2 119902 + 2) the identity of the node ID andan initial shared symmetric key ikey Finally the base stationstores these parameters that is 119876119894 119878119894 ID119894 and ikey into thenodes

412 Cluster Head Election During this phase all nodes areable to compete for the CHs for the current round using (1)The elected CHs send their own ID and public key to the basestation to get registered The base station makes an AVL treelist of all the CHsrsquo public keys and IDs and sends this list to thenodes encrypted by the ikey This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr BS

BS119864ikey(AVLCH)997888997888997888997888997888997888997888997888997888rarr All Nodes

(2)

413 Cluster Formation After the last step each node getsthe list of the CHsrsquo ID and the public key In order to form theclusters each CH broadcasts its own ID and public key to itsneighbors The neighboring nodes can verify their identifiersaccording to the list received from the base station Once

4 International Journal of Distributed Sensor Networks

ID1

ID2

ID3

ID4

ID5

middot middot middot

middot middot middot

Figure 2 The AVL tree formation process

a sensor node 119895 decides to join cluster 119894 it replies its ID andpublic key to CH119894 CH stores the nodesrsquo ID and public key ina form of AVL tree This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr Neighbor Nodes

Node119895119864119876119894(ID119895119876119895)

997888997888997888997888997888997888997888997888997888rarr CH119894

(3)

414 The AVL Tree Formation of Nodesrsquo Information Afterthe clusters are formed each node broadcasts its own IDand public key to its neighboring nodes The node gathers itsneighborsrsquo IDs and public keys and then stores them in AVLtree The creation of AVL tree is shown in Figure 2 the IDsof five nodes in this AVL tree are listed from small to largeID1 lt ID2 lt ID3 lt ID4 lt ID5 We put smaller nodes in leftsubtrees and larger nodes in right subtreesThen the rotationoperation of AVL tree is used to keep the balance so that theheight difference of the subtrees is 1 at most Consider

Node119895119864ikey(ID119895119876119895)997888997888997888997888997888997888997888997888997888rarr Nodeneighbor (4)

415 The Session Key Agreement between Nodes Supposenode 119860 wants to communicate with node 119861 then node 119860needs to generate a session key with node 119861 Firstly119860 queries119861rsquos public key in its AVL tree and then generates a randomnumber sKey as the session key 119860 then encrypts sKey andthe timestamp 1198791 with its own private key and reencryptsthe ciphertext plus 119860rsquos public key and ID using 119861rsquos publickey After 119861 decrypts the message 119861 verifies the legitimacyof 119860rsquos public key using its AVL tree If authentication passed119861 uses 119860rsquos public key to obtain the session key sKey and thetimestamp and checks the timestamp1198791 to prevent the replayattack 119861 then encrypts sKey and the timestamp 1198792 with itsown private key and reencrypts them together with 119861rsquos publickey and ID using 119860rsquos public key 119860 takes similar procedure toverify the identity of 119861 In this way mutual authentication isfinished and a session key is generated The above process isshown as follows

Node119860119864119876119861(119864119878119860(sKey119879

1)ID119860119876119860)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119861

Node119861119864119876119860(119864119878119861(sKey119879

2)ID119861119876119861)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119860

(5)

42 Network Steady State Phase

421 NewNodeAddition It is essential to add newnodes dueto the node energy depletion or captureThe new node has tobe registered at BS before being added to the network and BSwill store the current CH list to it After the deployment of thenew node it sends a ldquojoin-inrdquo request message including itsID and public key encrypted by its private key to the nearbyCH The CH will reencrypt the message with its own privatekey and then send it to BS BS verifies the identity of the newnode and replies with a confirming message to CHThen CHbroadcasts the new nodersquos ID and public key to the nodes inits cluster Now the new node can exchange public keys withits neighbor nodes and negotiate session keys with themThisabove process is shown as follows

BS119864119876new (AVLCH)997888997888997888997888997888997888997888997888997888997888rarr Nodenew

Nodenew119864119878new (IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888997888997888rarr CH119894

CH119894119864119878119894(119864119878new (IDnew119876new))

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr BS

BS119864119876119894(119884119873)

997888997888997888997888997888997888997888rarr CH119894

CH119894119864119876(IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888rarr ALL Nodes

(6)

422 Node Deletion If a sensor node does not send datafor a long time it will be considered as a dead node andwill be removed from the network CH broadcasts a messageincluding the nodersquos ID and public key to all nodes in thiscluster CH and the live node will update their AVL tree atthe same time

423 Key Update In LEACH algorithm reclustering isneeded after a certain period of time New CH will beelected according to formula (1) With the establishment ofthe new clusters the nodes will update the session key withits neighbors Therefore the energy consumption can bebalancedwhichwill extend the lifetime of thewhole networkMeanwhile security is also enhanced by the updated sessionkey

5 Performance Evaluation

51 Security Analysis Prior to the deployment of sensornodes in our scheme a shared key is preset to encryptthe information exchanged during the network formationphase therefore the adversary is unable to acquire the nodesrsquoidentityWhat ismore each nodemutually verifies the otherrsquosidentity by AVL tree when they try to agree on a session keyHence it is impossible for the adversary to launch identityrelated attacks for instance the Sybil attack The usage ofECPE cryptography makes our network more secure thaneither symmetric cryptography or the traditional public keycryptography like RSA Public key cryptography preventsplenty of frequent attacks on the network like selectiveforwarding Flooding and Sinkhole attack In addition

International Journal of Distributed Sensor Networks 5

Table 1 Comparison of memory overhead

Rajendiranet alrsquos

Azarderakhshet alrsquos

El-Din etalrsquos Ours

Storage neededfor CH (bit) 52480 144480 8000 16000

Storage neededfor sensornode (bit)

52480 16320 7040 5120

signature verification can be achieved by the private keyencryption A timestamp is also adopted in our scheme toavoid the replay attack

We use public key cryptography to generate a sessionkey which will be updated after a certain period of timebetween two nodes In our scheme different pairs of nodesshare different session keys Even if the adversary captures afew sensor nodes he cannot get the session key between othernodes and cannot recover the keys used before so that theforward secrecy of the network is ensured On the contraryin Rajendiran et alrsquos scheme if an adversary compromisesone more node every time he can obtain more informationabout the ECCkey poolWhen the number of captured nodesexceeds some threshold the adversary will be able to recoverthe entire ECC key pool and thus compromise the wholenetwork

52 Memory Overhead For the convenience of comparisononmemory overhead we follow the network size of Azarder-akhsh et alrsquos [16] 1000 nodes and 10 clusters every roundwhile each node has 31 neighbor nodes As stated previously asensor node in our scheme only needs to store the public keysof its cluster head and neighbors and the CH needs to storethe nodesrsquo public keys in its cluster In El-Din et alrsquos schemeCH only stores its neighborsrsquo keys which makes it hard forthe CH to manage the cluster However in Azarderakhsh etalrsquos scheme a node needs to store its neighborsrsquo public keysplus the public keys of all CHs In Rajendiran et alrsquos schemethey combined ECC with E-G scheme to distribute keys Theprobability of a sensor node sharing one key with its neighboris 1198751015840 = 1 minus (119901 minus 119903)[(119901 minus 2 times 119903) times 119901119903] where 119901 is thesize of key pool and 119903 is the size of key chain For Rajendiranet alrsquos scheme they need 119901 = 5000 and a chain of 120 keysto achieve a 95 connectivity while 328 keys are needed tohave 99999 connectivity Suppose the length of ECC keyis 160 bits Table 1 shows the superiority of our proposedscheme compared to those proposed by El-Din et al [22]Azarderakhsh et al [16] and Rajendiran et al [15]

53 Computational Overhead Our scheme uses along withEl-Din et alrsquos and Azarderakhsh et alrsquos schemes ECC basedalgorithm for encryption and decryption Since ECC basedencryption and decryption are the most energy consumingoperations in the schemes we make a comparison on thetimes of ECC based encryption and decryption to show thecomputational efficiency In order to facilitate the compari-son we assume a small cluster with one cluster head (CH)and 10 normal nodes We first compare the ECC operations

Table 2 Comparison of computational overhead (ECC operations)

Azarderakhshet al (times)

El-Din etal (times) Ours (times)

Cluster head 100 40 10Sensor node 3 5 5

in CH In Azarderakhsh et alrsquos scheme the session keyshared between two nodes is distributed by CH For the10 nodes cluster there are altogether 45 keys between eachtwo nodes then CH encrypts the session key with the twonode public keys respectively so it needs 90 ECC basedencryption operations plus the 10 session keys between itselfand the 10 nodes which means 100 ECC based encryptionoperations in total In El-Din et alrsquos scheme CH needs 4ECC based encryption and decryption operations with onenode which equals 400 ECC operations needed by CH for10 nodes However in our scheme only 1 ECC operation isneeded for one node and 10 for 10 nodes Then we comparethe ECC operations for one normal node during the periodit joins in the cluster and shares a session key with itsneighbor InAzarderakhsh et alrsquos scheme a node needs 3 ECCoperations while 5 are needed for the node in El-Din et alrsquosscheme In our scheme the nodes need to authenticate eachother through verifying signature so the node needs 5 ECCoperations too Comparisons of the number of ECC basedencryption and decryption operations executed by CH andnodes are shown inTable 2We can see from the table that ourscheme has superiority in overall computational overhead

54 Energy Consumption Given the large number of nodesWSNs usually take a long time and lot of energy to find thepublic key of a certain node In our scheme we use the AVLtree to store the data so that search time and the energy costcan also be significantly reduced For instance it needs (119899 +1)2 operations to search one node among 119899 nodes in directsearch namely the time complexity is119874(119899) It is only119874(log 119899)when using AVL tree while the schemes of Rajendiran etal Azarderakhsh et al and El-Din et al are direct searchFigure 3 shows the comparison of search time between thedirect search and the AVL tree We also implement ourproposed scheme inMicrosoft Visual C++ 60The operatingsystem is Windows 7 Ultimate The computer configurationis as follows CPU Intel Core i5 32 GHz memory 4GB harddisc 500GB We test our AVL tree method in 3 scenarios100 nodes 2000 nodes and 10000 nodes Ten searches areexecuted for every scenario and the average time cost is listedin Table 3 The result shows that with the increasing nodesnumber the AVL tree method demonstrates its superiorityin search time In other words the energy consumption ofsearching in our scheme is much less than in the schemesusing direct search method

6 Conclusion

In this paper an efficient key management scheme based onECPE and AVL tree for large scale wireless sensor networks is

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 4: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

4 International Journal of Distributed Sensor Networks

ID1

ID2

ID3

ID4

ID5

middot middot middot

middot middot middot

Figure 2 The AVL tree formation process

a sensor node 119895 decides to join cluster 119894 it replies its ID andpublic key to CH119894 CH stores the nodesrsquo ID and public key ina form of AVL tree This phase is shown as follows

CH119894ID119894119876119894

997888997888997888997888997888rarr Neighbor Nodes

Node119895119864119876119894(ID119895119876119895)

997888997888997888997888997888997888997888997888997888rarr CH119894

(3)

414 The AVL Tree Formation of Nodesrsquo Information Afterthe clusters are formed each node broadcasts its own IDand public key to its neighboring nodes The node gathers itsneighborsrsquo IDs and public keys and then stores them in AVLtree The creation of AVL tree is shown in Figure 2 the IDsof five nodes in this AVL tree are listed from small to largeID1 lt ID2 lt ID3 lt ID4 lt ID5 We put smaller nodes in leftsubtrees and larger nodes in right subtreesThen the rotationoperation of AVL tree is used to keep the balance so that theheight difference of the subtrees is 1 at most Consider

Node119895119864ikey(ID119895119876119895)997888997888997888997888997888997888997888997888997888rarr Nodeneighbor (4)

415 The Session Key Agreement between Nodes Supposenode 119860 wants to communicate with node 119861 then node 119860needs to generate a session key with node 119861 Firstly119860 queries119861rsquos public key in its AVL tree and then generates a randomnumber sKey as the session key 119860 then encrypts sKey andthe timestamp 1198791 with its own private key and reencryptsthe ciphertext plus 119860rsquos public key and ID using 119861rsquos publickey After 119861 decrypts the message 119861 verifies the legitimacyof 119860rsquos public key using its AVL tree If authentication passed119861 uses 119860rsquos public key to obtain the session key sKey and thetimestamp and checks the timestamp1198791 to prevent the replayattack 119861 then encrypts sKey and the timestamp 1198792 with itsown private key and reencrypts them together with 119861rsquos publickey and ID using 119860rsquos public key 119860 takes similar procedure toverify the identity of 119861 In this way mutual authentication isfinished and a session key is generated The above process isshown as follows

Node119860119864119876119861(119864119878119860(sKey119879

1)ID119860119876119860)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119861

Node119861119864119876119860(119864119878119861(sKey119879

2)ID119861119876119861)

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr Node119860

(5)

42 Network Steady State Phase

421 NewNodeAddition It is essential to add newnodes dueto the node energy depletion or captureThe new node has tobe registered at BS before being added to the network and BSwill store the current CH list to it After the deployment of thenew node it sends a ldquojoin-inrdquo request message including itsID and public key encrypted by its private key to the nearbyCH The CH will reencrypt the message with its own privatekey and then send it to BS BS verifies the identity of the newnode and replies with a confirming message to CHThen CHbroadcasts the new nodersquos ID and public key to the nodes inits cluster Now the new node can exchange public keys withits neighbor nodes and negotiate session keys with themThisabove process is shown as follows

BS119864119876new (AVLCH)997888997888997888997888997888997888997888997888997888997888rarr Nodenew

Nodenew119864119878new (IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888997888997888rarr CH119894

CH119894119864119878119894(119864119878new (IDnew119876new))

997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888997888rarr BS

BS119864119876119894(119884119873)

997888997888997888997888997888997888997888rarr CH119894

CH119894119864119876(IDnew119876new)

997888997888997888997888997888997888997888997888997888997888997888rarr ALL Nodes

(6)

422 Node Deletion If a sensor node does not send datafor a long time it will be considered as a dead node andwill be removed from the network CH broadcasts a messageincluding the nodersquos ID and public key to all nodes in thiscluster CH and the live node will update their AVL tree atthe same time

423 Key Update In LEACH algorithm reclustering isneeded after a certain period of time New CH will beelected according to formula (1) With the establishment ofthe new clusters the nodes will update the session key withits neighbors Therefore the energy consumption can bebalancedwhichwill extend the lifetime of thewhole networkMeanwhile security is also enhanced by the updated sessionkey

5 Performance Evaluation

51 Security Analysis Prior to the deployment of sensornodes in our scheme a shared key is preset to encryptthe information exchanged during the network formationphase therefore the adversary is unable to acquire the nodesrsquoidentityWhat ismore each nodemutually verifies the otherrsquosidentity by AVL tree when they try to agree on a session keyHence it is impossible for the adversary to launch identityrelated attacks for instance the Sybil attack The usage ofECPE cryptography makes our network more secure thaneither symmetric cryptography or the traditional public keycryptography like RSA Public key cryptography preventsplenty of frequent attacks on the network like selectiveforwarding Flooding and Sinkhole attack In addition

International Journal of Distributed Sensor Networks 5

Table 1 Comparison of memory overhead

Rajendiranet alrsquos

Azarderakhshet alrsquos

El-Din etalrsquos Ours

Storage neededfor CH (bit) 52480 144480 8000 16000

Storage neededfor sensornode (bit)

52480 16320 7040 5120

signature verification can be achieved by the private keyencryption A timestamp is also adopted in our scheme toavoid the replay attack

We use public key cryptography to generate a sessionkey which will be updated after a certain period of timebetween two nodes In our scheme different pairs of nodesshare different session keys Even if the adversary captures afew sensor nodes he cannot get the session key between othernodes and cannot recover the keys used before so that theforward secrecy of the network is ensured On the contraryin Rajendiran et alrsquos scheme if an adversary compromisesone more node every time he can obtain more informationabout the ECCkey poolWhen the number of captured nodesexceeds some threshold the adversary will be able to recoverthe entire ECC key pool and thus compromise the wholenetwork

52 Memory Overhead For the convenience of comparisononmemory overhead we follow the network size of Azarder-akhsh et alrsquos [16] 1000 nodes and 10 clusters every roundwhile each node has 31 neighbor nodes As stated previously asensor node in our scheme only needs to store the public keysof its cluster head and neighbors and the CH needs to storethe nodesrsquo public keys in its cluster In El-Din et alrsquos schemeCH only stores its neighborsrsquo keys which makes it hard forthe CH to manage the cluster However in Azarderakhsh etalrsquos scheme a node needs to store its neighborsrsquo public keysplus the public keys of all CHs In Rajendiran et alrsquos schemethey combined ECC with E-G scheme to distribute keys Theprobability of a sensor node sharing one key with its neighboris 1198751015840 = 1 minus (119901 minus 119903)[(119901 minus 2 times 119903) times 119901119903] where 119901 is thesize of key pool and 119903 is the size of key chain For Rajendiranet alrsquos scheme they need 119901 = 5000 and a chain of 120 keysto achieve a 95 connectivity while 328 keys are needed tohave 99999 connectivity Suppose the length of ECC keyis 160 bits Table 1 shows the superiority of our proposedscheme compared to those proposed by El-Din et al [22]Azarderakhsh et al [16] and Rajendiran et al [15]

53 Computational Overhead Our scheme uses along withEl-Din et alrsquos and Azarderakhsh et alrsquos schemes ECC basedalgorithm for encryption and decryption Since ECC basedencryption and decryption are the most energy consumingoperations in the schemes we make a comparison on thetimes of ECC based encryption and decryption to show thecomputational efficiency In order to facilitate the compari-son we assume a small cluster with one cluster head (CH)and 10 normal nodes We first compare the ECC operations

Table 2 Comparison of computational overhead (ECC operations)

Azarderakhshet al (times)

El-Din etal (times) Ours (times)

Cluster head 100 40 10Sensor node 3 5 5

in CH In Azarderakhsh et alrsquos scheme the session keyshared between two nodes is distributed by CH For the10 nodes cluster there are altogether 45 keys between eachtwo nodes then CH encrypts the session key with the twonode public keys respectively so it needs 90 ECC basedencryption operations plus the 10 session keys between itselfand the 10 nodes which means 100 ECC based encryptionoperations in total In El-Din et alrsquos scheme CH needs 4ECC based encryption and decryption operations with onenode which equals 400 ECC operations needed by CH for10 nodes However in our scheme only 1 ECC operation isneeded for one node and 10 for 10 nodes Then we comparethe ECC operations for one normal node during the periodit joins in the cluster and shares a session key with itsneighbor InAzarderakhsh et alrsquos scheme a node needs 3 ECCoperations while 5 are needed for the node in El-Din et alrsquosscheme In our scheme the nodes need to authenticate eachother through verifying signature so the node needs 5 ECCoperations too Comparisons of the number of ECC basedencryption and decryption operations executed by CH andnodes are shown inTable 2We can see from the table that ourscheme has superiority in overall computational overhead

54 Energy Consumption Given the large number of nodesWSNs usually take a long time and lot of energy to find thepublic key of a certain node In our scheme we use the AVLtree to store the data so that search time and the energy costcan also be significantly reduced For instance it needs (119899 +1)2 operations to search one node among 119899 nodes in directsearch namely the time complexity is119874(119899) It is only119874(log 119899)when using AVL tree while the schemes of Rajendiran etal Azarderakhsh et al and El-Din et al are direct searchFigure 3 shows the comparison of search time between thedirect search and the AVL tree We also implement ourproposed scheme inMicrosoft Visual C++ 60The operatingsystem is Windows 7 Ultimate The computer configurationis as follows CPU Intel Core i5 32 GHz memory 4GB harddisc 500GB We test our AVL tree method in 3 scenarios100 nodes 2000 nodes and 10000 nodes Ten searches areexecuted for every scenario and the average time cost is listedin Table 3 The result shows that with the increasing nodesnumber the AVL tree method demonstrates its superiorityin search time In other words the energy consumption ofsearching in our scheme is much less than in the schemesusing direct search method

6 Conclusion

In this paper an efficient key management scheme based onECPE and AVL tree for large scale wireless sensor networks is

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 5: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

International Journal of Distributed Sensor Networks 5

Table 1 Comparison of memory overhead

Rajendiranet alrsquos

Azarderakhshet alrsquos

El-Din etalrsquos Ours

Storage neededfor CH (bit) 52480 144480 8000 16000

Storage neededfor sensornode (bit)

52480 16320 7040 5120

signature verification can be achieved by the private keyencryption A timestamp is also adopted in our scheme toavoid the replay attack

We use public key cryptography to generate a sessionkey which will be updated after a certain period of timebetween two nodes In our scheme different pairs of nodesshare different session keys Even if the adversary captures afew sensor nodes he cannot get the session key between othernodes and cannot recover the keys used before so that theforward secrecy of the network is ensured On the contraryin Rajendiran et alrsquos scheme if an adversary compromisesone more node every time he can obtain more informationabout the ECCkey poolWhen the number of captured nodesexceeds some threshold the adversary will be able to recoverthe entire ECC key pool and thus compromise the wholenetwork

52 Memory Overhead For the convenience of comparisononmemory overhead we follow the network size of Azarder-akhsh et alrsquos [16] 1000 nodes and 10 clusters every roundwhile each node has 31 neighbor nodes As stated previously asensor node in our scheme only needs to store the public keysof its cluster head and neighbors and the CH needs to storethe nodesrsquo public keys in its cluster In El-Din et alrsquos schemeCH only stores its neighborsrsquo keys which makes it hard forthe CH to manage the cluster However in Azarderakhsh etalrsquos scheme a node needs to store its neighborsrsquo public keysplus the public keys of all CHs In Rajendiran et alrsquos schemethey combined ECC with E-G scheme to distribute keys Theprobability of a sensor node sharing one key with its neighboris 1198751015840 = 1 minus (119901 minus 119903)[(119901 minus 2 times 119903) times 119901119903] where 119901 is thesize of key pool and 119903 is the size of key chain For Rajendiranet alrsquos scheme they need 119901 = 5000 and a chain of 120 keysto achieve a 95 connectivity while 328 keys are needed tohave 99999 connectivity Suppose the length of ECC keyis 160 bits Table 1 shows the superiority of our proposedscheme compared to those proposed by El-Din et al [22]Azarderakhsh et al [16] and Rajendiran et al [15]

53 Computational Overhead Our scheme uses along withEl-Din et alrsquos and Azarderakhsh et alrsquos schemes ECC basedalgorithm for encryption and decryption Since ECC basedencryption and decryption are the most energy consumingoperations in the schemes we make a comparison on thetimes of ECC based encryption and decryption to show thecomputational efficiency In order to facilitate the compari-son we assume a small cluster with one cluster head (CH)and 10 normal nodes We first compare the ECC operations

Table 2 Comparison of computational overhead (ECC operations)

Azarderakhshet al (times)

El-Din etal (times) Ours (times)

Cluster head 100 40 10Sensor node 3 5 5

in CH In Azarderakhsh et alrsquos scheme the session keyshared between two nodes is distributed by CH For the10 nodes cluster there are altogether 45 keys between eachtwo nodes then CH encrypts the session key with the twonode public keys respectively so it needs 90 ECC basedencryption operations plus the 10 session keys between itselfand the 10 nodes which means 100 ECC based encryptionoperations in total In El-Din et alrsquos scheme CH needs 4ECC based encryption and decryption operations with onenode which equals 400 ECC operations needed by CH for10 nodes However in our scheme only 1 ECC operation isneeded for one node and 10 for 10 nodes Then we comparethe ECC operations for one normal node during the periodit joins in the cluster and shares a session key with itsneighbor InAzarderakhsh et alrsquos scheme a node needs 3 ECCoperations while 5 are needed for the node in El-Din et alrsquosscheme In our scheme the nodes need to authenticate eachother through verifying signature so the node needs 5 ECCoperations too Comparisons of the number of ECC basedencryption and decryption operations executed by CH andnodes are shown inTable 2We can see from the table that ourscheme has superiority in overall computational overhead

54 Energy Consumption Given the large number of nodesWSNs usually take a long time and lot of energy to find thepublic key of a certain node In our scheme we use the AVLtree to store the data so that search time and the energy costcan also be significantly reduced For instance it needs (119899 +1)2 operations to search one node among 119899 nodes in directsearch namely the time complexity is119874(119899) It is only119874(log 119899)when using AVL tree while the schemes of Rajendiran etal Azarderakhsh et al and El-Din et al are direct searchFigure 3 shows the comparison of search time between thedirect search and the AVL tree We also implement ourproposed scheme inMicrosoft Visual C++ 60The operatingsystem is Windows 7 Ultimate The computer configurationis as follows CPU Intel Core i5 32 GHz memory 4GB harddisc 500GB We test our AVL tree method in 3 scenarios100 nodes 2000 nodes and 10000 nodes Ten searches areexecuted for every scenario and the average time cost is listedin Table 3 The result shows that with the increasing nodesnumber the AVL tree method demonstrates its superiorityin search time In other words the energy consumption ofsearching in our scheme is much less than in the schemesusing direct search method

6 Conclusion

In this paper an efficient key management scheme based onECPE and AVL tree for large scale wireless sensor networks is

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 6: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

6 International Journal of Distributed Sensor Networks

Table 3 Comparison of average search time

Number of nodes Ours (120583s)

Rajendiran etalrsquos

Azarderakhsh etalrsquos and El-Din

et alrsquos (120583s)100 259 47982000 271 492910000 296 5240

400

350

300

250

200

150

100

50

0

Ordinary searchAVL

0 100 200 300 400 500 600 700 800 900

The number of nodes

Tota

l sea

rche

s

Figure 3 Search time comparison

proposedOur scheme follows the networkmodel of LEACHWe use ECPE to generate session keys between nodes sinceECPE can achieve the same security as normal public keycryptography but with shorter keys thus saving storage Inaddition our approach adopts AVL tree for storing publickeys which can significantly reduce the search time in largescale WSN Experimental results and theory analysis showthe memory and computational overhead are reduced andthe energy consumption is also cut down Furthermore ourscheme has a good scalability that supports the node additionand deletion key updates also support guaranteeing thesecurity of WSN

Notations

119899 Public key119906 Private key119901 119902 Large prime numbers1198641198992 A random elliptic curve119866 A point on 119864119864119896(sdot) Symmetric encryption with key 119896BS Base stationCH Cluster headNode Normal nodeIDCH Identity of cluster head CHID119894 ID119895 Identity of node 119894 and node 119895119899119894 119906119894 Public key and private key of node 119894AVL119894 The AVL tree stored by node 119894

sKey Shared secret key between two nodes119879 Timestamp

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgment

This work is supported by the National High TechnologyResearch andDevelopment Program of China (863 program)under Grant no 2013AA014001

References

[1] S H Erfani H H Javadi and A M Rahmani ldquoA dynamic keymanagement scheme for dynamic wireless sensor networksrdquoSecurity and Communication Networks vol 8 no 6 pp 1040ndash1049 2015

[2] S-H Seo J Won S Sultana and E Bertino ldquoEffective keymanagement in dynamicwireless sensor networksrdquo IEEETrans-actions on Information Forensics and Security vol 10 no 2 pp371ndash383 2015

[3] C-Y Chen and H-C Chao ldquoA survey of key distributionin wireless sensor networksrdquo Security and CommunicationNetworks vol 7 no 12 pp 2495ndash2508 2014

[4] S Cho L Han B Joo and S Han ldquoP-LEACH an efficientcluster-based technique to track mobile sinks in wireless sensornetworksrdquo International Journal of Distributed Sensor Networksvol 2014 Article ID 803656 10 pages 2014

[5] A Salim W Osamy and A M Khedr ldquoIBLEACH intra-balanced LEACH protocol for wireless sensor networksrdquoWire-less Networks vol 20 no 6 pp 1515ndash1525 2014

[6] AVL tree 2015 httpsenwikipediaorgwikiAVL tree[7] S K Sahoo and M N Sahoo ldquoAn elliptic-curve-based hierar-

chical cluster key management in wireless sensor networkrdquo inIntelligent Computing Networking and Informatics Proceedingsof the International Conference on Advanced Computing Net-working and Informatics India June 2013 vol 243 of Advancesin Intelligent Systems and Computing pp 397ndash408 SpringerNew Delhi India 2014

[8] D J Malan MWelsh andM D Smith ldquoImplementing public-key infrastructure for sensor networksrdquo ACM Transactions onSensor Networks vol 4 no 4 article 22 2008

[9] S Bala G Sharma and A K Verma ldquoA survey and taxonomyof symmetric key management schemes for wireless sensornetworksrdquo in International Information Technology Conference(CUBE rsquo12) pp 585ndash592 Maharashtra India September 2012

[10] A Selva Reegan and E Baburaj ldquoKey management schemes inwireless sensor networks a surveyrdquo in Proceedings of the IEEEInternational Conference on Circuit Power and Computing Tech-nologies (ICCPCT rsquo13) pp 813ndash820 IEEE Computer SocietyNagercoil India 2013

[11] A S Wandert N Gura H Eberle V Gupta and S C ShantzldquoEnergy analysis of public-key cryptography for wireless sensornetworksrdquo in Proceedings of the 3rd IEEE International Con-ference on Pervasive Computing and Communications (PerComrsquo05) pp 324ndash328 March 2005

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 7: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

International Journal of Distributed Sensor Networks 7

[12] K Ren S C Yu W J Lou and Y Zhang ldquoMulti-user broadcastauthentication in wireless sensor networksrdquo IEEE Transactionson Vehicular Technology vol 58 no 8 pp 4554ndash4564 2009

[13] H-X Li L-J Pang and Y-M Wang ldquoKey managementscheme without secure channel for ad hoc networksrdquo Journalon Communications vol 31 no 1 pp 112ndash117 2010

[14] H Dahshan and J Irvine ldquoAn elliptic curve distributed keymanagement for mobile ad hoc networksrdquo in Proceedings of the71st IEEE Vehicular Technology Conference (VTC rsquo10) pp 1ndash5IEEE Taipei Taiwan May 2010

[15] K Rajendiran R Sankararajan and R Palaniappan ldquoA securekey predistribution scheme for WSN using elliptic curve cryp-tographyrdquo ETRI Journal vol 33 no 5 pp 791ndash801 2011

[16] R Azarderakhsh A Reyhani-Masoleh and Z-E Abid ldquoAkey management scheme for cluster based wireless sensornetworksrdquo in Proceedings of the 5th International Conference onEmbedded and Ubiquitous Computing (EUC rsquo08) pp 222ndash227December 2008

[17] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 IEEE ComputerSociety San Diego Calif USA January 2013

[18] H Boumerzoug B A Bensaber and I Biskri ldquoA key man-agement method based on an AVL tree and ECC cryptogra-phy for wireless sensor networksrdquo in Proceedings of the 7thACM Symposium on QoS and Security for Wireless and MobileNetworks Co-Located with MSWiMrsquo11 (Q2SWinet rsquo11) pp 57ndash62 Association for Computing Machinery Miami Fla USAOctober-November 2011

[19] W R Heinzelman A Chandrakasan and H Balakrish-nan ldquoEnergy-efficient communication protocol for wirelessmicrosensor networksrdquo in Proceedings of the 33rd AnnualHawaii International Conference on System Siences vol 2January 2000

[20] P Paillier ldquoTrapdooring discrete logarithms on elliptic curvesover ringsrdquo in Advances in CryptologymdashASIACRYPT 2000 TOkamoto Ed vol 1976 of Lecture Notes in Computer Sciencepp 573ndash584 Springer Berlin Germany 2000

[21] N P Smart ldquoThe discrete logarithm problem on elliptic curvesof trace onerdquo Journal of Cryptology vol 12 no 3 pp 193ndash1961999

[22] A E El-Din R A Ramadan and M B Fayek ldquoVEGK virtualECC group key for wireless sensor networksrdquo in Proceedingsof the International Conference on Computing Networking andCommunications (ICNC rsquo13) pp 364ndash368 January 2013

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of

Page 8: Research Article An Efficient Key Management Scheme Based on ECC and AVL …downloads.hindawi.com/journals/ijdsn/2015/691498.pdf · 2015. 11. 24. · Research Article An Efficient

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Active and Passive Electronic Components

Control Scienceand Engineering

Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of

RotatingMachinery

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Shock and Vibration

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Civil EngineeringAdvances in

Acoustics and VibrationAdvances in

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Electrical and Computer Engineering

Journal of

Advances inOptoElectronics

Hindawi Publishing Corporation httpwwwhindawicom

Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Chemical EngineeringInternational Journal of Antennas and

Propagation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Navigation and Observation

International Journal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

DistributedSensor Networks

International Journal of