self-healing group-wise key distribution schemes with time-limited node revocation for wireless...
TRANSCRIPT
Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks
Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin
CMSC 681 Fall 2007Advanced Computer Networks
Isaac Mativo
Sensor Node Typical sensor node contains
Power unit Sensing unit Processing unit Storage unit Wireless transceiver
Wireless Sensor Node may be able to monitor several parameters by combining several kinds of sensor nodes
Wireless Sensor network
Architecture of a wireless sensor network
Data processing and management center
Internet/satellite
Base Station
Sensor field
Motivation Important to prevent unauthorized nodes to
access some information Traffic encryption key (TEK) is used to encrypt
data at source and decrypt at destination TEK refreshed continuously by the group key
manager (GKM) This process may degrade performance and
scalability Authors propose two schemes which ensures
secrecy, certain collusion freedom, and group confidentiality.
Algorithm based on the dual direction hush chain (DDHC) and hash binary tree (HBT)
Important Issues Key management
in WSN Resilience against
node capture Resilience against
node replication Node revocation
or participation Scalability – as
network grows
Group-wise key distribution schemes Group
confidentiality Forward secrecy Backward secrecy Collusion freedom
DDHC DDHC is composed of two one-way hash
chains Forward hash chain Backward hash chain
Limited Time Node Revocation y = Hash(x): Should be easy to compute
y given x, but computationally infeasible to compute x such that y = Hash(x)
Hash Binary Tree
How the Schemes Work DDHC
Group key manager (GKM) selects a secret seed to generate the one-way hash chain
The rekeying message is broadcast within the sensor network from time to time
Each legitimate node within the group is able to compute the traffic encryption key (TEK) to encrypt and decrypt the multicast messages
Time-limited node revocation scheme: TEK = f(Nf, Nb, RK)
Each node has a small storage buffer that enables it to perform self-healing recovery of a rekeying message.
Lost RK can be recovered using the one-way hash function and the last received RK
HBT Also based on hash functions To improve security, the HBT is
adopted to generate all pre-assigned seeds.
GKM assigns the seeds, which include the sub-root nodes that are then used to compute the leaf nodes
Each TEK is linked to a leaf node, and all leaf nodes are derived using a hash algorithm on these seeds.
Time-limited node revocation mechanism: TEK = f(S(D, t), RK)
Lost RK can be recovered using the one-way hash function and the last received RK
Conclusion
Scheme provides: Low storage overhead Low Communication overhead
(broadcast and unicast) Low to medium implementation
complexity Implicit authentication Tolerance for lost rekeying messages Forward and backward secrecy
Questions?
The End