This document summarizes a key agreement scheme for wireless sensor networks that uses third party nodes to assist with pair-wise key establishment between sensor nodes. The proposed scheme has several advantages over existing approaches, including high local connectivity between sensor nodes, low memory usage, and resilience against node capture. It utilizes third party nodes, which are additional nodes deployed only to assist with key establishment and do not perform other network functions like sensing or routing. The scheme distributes secret shares to sensor nodes, allows nodes to discover local neighbors, and establishes secure channels in a way that improves performance metrics like connectivity, security, memory efficiency, and computational overhead compared to other key agreement methods.
A Trust Conscious Secure Route Data Communication in MANETS
The document proposes a mechanism for establishing trust-based secure routes for data communication between mobile nodes in a mobile ad hoc network (MANET). It aims to dynamically increase the trust level between nodes from low to high using proxy nodes. When nodes need to securely communicate, they will generate dynamic secret session keys either directly or through proxy nodes using message digest and Diffie-Hellman protocols. The mechanism is implemented on reactive routing protocols and finds routes through trusted intermediate nodes that share secret keys. This may result in non-optimal routes but guarantees security. It also describes how a new node can join and how trusted nodes can act as proxies to help other nodes establish shared keys.
Secure and Reliable Data Routing in Wireless Sensor Network
Wireless Sensor Networks (WSNs) are materializing as one of the dominant technologies of the future because of their large range of applications in military and civilian fields. Because of their operating behavior, they are often neglected and thus vulnerable to various types of attacks. For instance, an attacker could catch sensor nodes, getting all the information saved therein-sensor nodes are generally considered to not be temper-proof. Hence, an attacker may clone cached sensor nodes and use them in the network to conduct a variety of mischievous activities. As the decisions taken by a sensor network rely on the information gathered by the sensor nodes, if an adversary inhibits the necessary or confidential data from being forwarded to the BS/ target, this will cause the whole breakdown of the network or outcomes in the wrong judgment being made, possibly causing deliberate loss. There are many types of attacks such as compromised node, denial of service attack, black hole attack, etc. Hence there is a necessity to find all such attacks in WSN, and to safely route our sensitive information to the target. This paper represents the survey of some types of attacks and there detection techniques. Also the survey includes different techniques for secure and reliable data collection in Wireless Sensor Networks.
Random Key Pre-distribution Schemes using Multi-Path in Wireless Sensor Networks
This document summarizes a research paper that proposes a new key pre-distribution and multi-path routing scheme for wireless sensor networks. The paper begins with an introduction that describes the importance of security in wireless sensor networks and challenges with key management. It then reviews existing key pre-distribution and routing schemes. The document proposes a new hexagon-based multi-path routing algorithm combined with a key pre-distribution scheme. It describes the details of the algorithm and compares its performance to other schemes through simulations. The results show the proposed scheme achieves better security, efficiency and message delivery compared to previous works.
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
JPN1422 Defending Against Collaborative Attacks by Malicious Nodes in MANETs...
Get the latest IEEE ns2 projects in JP INFOTECH; we are having following category wise projects like Industrial Informatics, Vehicular Technology, Networking, WSN and Manet.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/ns2-projects/
An Efficient Security Way of Authentication and Pair wise Key Distribution wi...
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKS
Wireless Sensor Networks (WSNs) are subject to various kinds of attacks such as replaying of
messages, battery exhausting, and nodes compromising. While most of these attacks can be
dealt with through cryptographic security protocols provided by key management schemes,
there are always a few that manage to really cause problems. One such attack that is most
common and significant in WSNs is cloning attack. In clone attack, the intruder tries to capture
and compromise some nodes and inject them into several locations throughout the network in
order to conduct other types of attacks. Moreover, if this attack is not detected early, then these
replicated injected nodes will consume a large amount of the network resources. In this paper,
we analyze several key management schemes that can be used for checking integrity and
preventing cloning attacks. After analyzing the problems associated with these schemes, we
propose a model that allows us to distinguish between legitimate nodes and cloned nodes in
such sensor networks.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
LSR PROTOCOL BASED ON NODES POTENTIALITY IN TRUST AND RESIDUAL ENERGY FOR WSNSIJNSA Journal
In Wireless Sensor Networks (WSNs), all the nodes selected for packet routing must be trustworthy, and at the same time energetic too. Smooth conservation of nodes energies and the trust levels, are an important issues in WSN because they directly affects the life span and reliability of the nodes as well as the entire network. The energy utilization at every node must be very smooth and at the same time, packets should be forwarded via trusted nodes only. In this paper, we propose an Energy Efficient Link State Routing Protocol (EELSRP) using the potential nodes selected by applying the fuzzy logic on the trust and residual energy levels. This routing protocol finds the best route by balancing the nodesresidual energies and trust levels, and protects the WSN against routing attacks by eliminating the untrusted nodes before the creation of route.
IRJET- - Implementation of a Secured Approach using Dynamic Key Managemen...IRJET Journal
This document proposes a secure authentication approach for wireless sensor networks using dynamic key management and zero knowledge protocols. It begins with background on wireless sensor networks and security issues. It then describes related work on key predistribution and dynamic key management schemes. A proposed algorithm is described that uses a rekeying mechanism, zero knowledge authentication without directly transmitting secret keys, and dynamic keys that change for each authentication. Simulation results on networks of up to 25 nodes show the approach is efficient and can authenticate nodes while preventing attacks like cloning.
Significant Storage on Sensor Storage Space, Energy Consumption and Better Se...ijasuc
This document presents a routing-driven key establishment scheme for hybrid sensor networks that aims to significantly reduce storage space, energy consumption, and improve security. The scheme utilizes elliptic curve cryptography to efficiently establish shared keys only between sensor nodes that communicate with each other, based on the routing pattern. It is argued that previous key establishment schemes required storing keys for all neighbor pairs, regardless of actual communication, wasting resources. The proposed scheme clusters the network with high-end sensors as heads, and generates keys based on intra-cluster and inter-cluster routing to optimize key usage and management. Analysis shows the new scheme provides better security with reduced overhead compared to other approaches.
A Trust Conscious Secure Route Data Communication in MANETSCSCJournals
The document proposes a mechanism for establishing trust-based secure routes for data communication between mobile nodes in a mobile ad hoc network (MANET). It aims to dynamically increase the trust level between nodes from low to high using proxy nodes. When nodes need to securely communicate, they will generate dynamic secret session keys either directly or through proxy nodes using message digest and Diffie-Hellman protocols. The mechanism is implemented on reactive routing protocols and finds routes through trusted intermediate nodes that share secret keys. This may result in non-optimal routes but guarantees security. It also describes how a new node can join and how trusted nodes can act as proxies to help other nodes establish shared keys.
Secure and Reliable Data Routing in Wireless Sensor Networkdbpublications
Wireless Sensor Networks (WSNs) are materializing as one of the dominant technologies of the future because of their large range of applications in military and civilian fields. Because of their operating behavior, they are often neglected and thus vulnerable to various types of attacks. For instance, an attacker could catch sensor nodes, getting all the information saved therein-sensor nodes are generally considered to not be temper-proof. Hence, an attacker may clone cached sensor nodes and use them in the network to conduct a variety of mischievous activities. As the decisions taken by a sensor network rely on the information gathered by the sensor nodes, if an adversary inhibits the necessary or confidential data from being forwarded to the BS/ target, this will cause the whole breakdown of the network or outcomes in the wrong judgment being made, possibly causing deliberate loss. There are many types of attacks such as compromised node, denial of service attack, black hole attack, etc. Hence there is a necessity to find all such attacks in WSN, and to safely route our sensitive information to the target. This paper represents the survey of some types of attacks and there detection techniques. Also the survey includes different techniques for secure and reliable data collection in Wireless Sensor Networks.
Random Key Pre-distribution Schemes using Multi-Path in Wireless Sensor Networksijceronline
This document summarizes a research paper that proposes a new key pre-distribution and multi-path routing scheme for wireless sensor networks. The paper begins with an introduction that describes the importance of security in wireless sensor networks and challenges with key management. It then reviews existing key pre-distribution and routing schemes. The document proposes a new hexagon-based multi-path routing algorithm combined with a key pre-distribution scheme. It describes the details of the algorithm and compares its performance to other schemes through simulations. The results show the proposed scheme achieves better security, efficiency and message delivery compared to previous works.
Defending against collaborative attacks byranjith kumar
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
JPN1422 Defending Against Collaborative Attacks by Malicious Nodes in MANETs...chennaijp
Get the latest IEEE ns2 projects in JP INFOTECH; we are having following category wise projects like Industrial Informatics, Vehicular Technology, Networking, WSN and Manet.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/ns2-projects/
An Efficient Security Way of Authentication and Pair wise Key Distribution wi...IJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKScsandit
Wireless Sensor Networks (WSNs) are subject to various kinds of attacks such as replaying of
messages, battery exhausting, and nodes compromising. While most of these attacks can be
dealt with through cryptographic security protocols provided by key management schemes,
there are always a few that manage to really cause problems. One such attack that is most
common and significant in WSNs is cloning attack. In clone attack, the intruder tries to capture
and compromise some nodes and inject them into several locations throughout the network in
order to conduct other types of attacks. Moreover, if this attack is not detected early, then these
replicated injected nodes will consume a large amount of the network resources. In this paper,
we analyze several key management schemes that can be used for checking integrity and
preventing cloning attacks. After analyzing the problems associated with these schemes, we
propose a model that allows us to distinguish between legitimate nodes and cloned nodes in
such sensor networks.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
USING A DEEP UNDERSTANDING OF NETWORK ACTIVITIES FOR SECURITY EVENT MANAGEMENTIJNSA Journal
With the growing deployment of host-based and network-based intrusion detection systems in increasingly
large and complex communication networks, managing low-level alerts from these systems becomes
critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or
intrusion prevention systems (IPSs) are collected throughout a monitored network such that large series of
alerts (alert streams) need to be fused. An alert indicates an abnormal behavior, which could potentially be
a sign for an ongoing cyber attack. Unfortunately, in a real data communication network, administrators
cannot manage the large number of alerts occurring per second, in particular since most alerts are false
positives. Hence, an emerging track of security research has focused on alert correlation to better identify
true positive and false positive. To achieve this goal we introduce Mission Oriented Network Analysis
(MONA). This method builds on data correlation to derive network dependencies and manage security
events by linking incoming alerts to network dependencies.
Wormhole attack detection algorithms in wireless network coding systemsPvrtechnologies Nellore
This document proposes algorithms to detect wormhole attacks in wireless network coding systems. It first discusses how wormhole attacks can severely impact network coding protocols by disrupting routing and introducing unfair workload distributions. It then presents a centralized algorithm that uses a central node to detect wormholes by measuring changes in expected transmission counts. For distributed systems without a central node, it proposes DAWN, a distributed algorithm that examines the order nodes receive innovative packets and their expected transmission counts to detect wormholes. The algorithms aim to detect wormholes using only local information available from regular network coding protocols to keep overhead low. Extensive testing validated the effectiveness and efficiency of the proposed approaches.
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...IRJET Journal
This document presents a distributed algorithm called DAWN to detect wormhole attacks in wireless network coding systems. The algorithm has two phases: 1) a detection phase where each node uses the expected transmission count (ETX) metric to detect if any attackers exist, and 2) a reporting phase where detected attackers are reported to other nodes. ETX represents the number of transmissions needed for a packet to be received and can reveal the network topology. DAWN examines the order nodes receive packets and their ETX values to identify attackers. It signatures reports to prevent manipulation and distributes the workload of detection across all nodes. The algorithm successfully detects wormhole attacks with high rates while imposing low computation and communication overhead.
Secure data aggregation technique for wireless sensor networks in the presenc...LeMeniz Infotech
Secure data aggregation technique for wireless sensor networks in the presence of collusion attacks
Do Your Projects With Technology Experts
To Get this projects Call : 9566355386 / 99625 88976
Visit : www.lemenizinfotech.com / www.ieeemaster.com
Mail : projects@lemenizinfotech.com
Node clone detection using a stable overlay network IJECEIAES
Wireless sensor networks consist of number of sensor nodes widely distributed in particular region to communicate and sharing the environmental information and also these data‟s are stored in central location for further data prediction. Such nodes are susceptible to cloning attack where the adversary captures a node, replicates with the same identity as that of the captured node and deploys the clone back into the network, causing severe harm to the network. Hence to thwart such attacks, a distributed detection protocol is used with initiator-observer-inspector roles assigned randomly for the nodes to witness the clone and thereby broadcast the evidence through a balanced overlay network. Use of such balanced network provides high security level and reduces the communication cost when compared to other overlay networks with a reasonably less storage consumption.
The document proposes a new broadcasting algorithm called Y-Hamiltonian Layers Broadcast (Y-HLB) for wormhole-routed 3D mesh networks. It divides the 3D mesh into layers that are modeled as Hamiltonian paths. The Y-HLB algorithm routes messages along these Hamiltonian paths in an efficient manner to broadcast to all nodes. Previous related work on broadcasting algorithms for wormhole-routed 3D meshes are also discussed, including how they divide the network and route messages. Simulation results show Y-HLB performs better than these previous algorithms in terms of reducing broadcast latency.
ENHANCED THREE TIER SECURITY ARCHITECTURE FOR WSN AGAINST MOBILE SINK REPLI...ijwmn
Recent developments on Wireless Sensor Networks have made their application in a wide range
such as military sensing and tracking, health monitoring, traffic monitoring, video surveillance and so on.
Wireless sensor nodes are restricted to computational resources, and are always deployed in a harsh,
unattended or unfriendly environment. Therefore, network security becomes a tough task and it involves
the authorization of admittance to data in a network. The problem of authentication and pair wise key
establishment in sensor networks with mobile sink is still not solved in the mobile sink replication attacks.
In q-composite key pre distribution scheme, a large number of keys are compromised by capturing a
small fraction of sensor nodes by the attacker. The attacker can easily take a control of the entire network
by deploying a replicated mobile sinks. Those mobile sinks which are preloaded with compromised keys
are used authenticate and initiate data communication with sensor node. To determine the above problem
the system adduces the three-tier security framework for authentication and pair wise key establishment
between mobile sinks and sensor nodes. The previous system used the polynomial key pre distribution
scheme for the sensor networks which handles sink mobility and continuous data delivery to the
neighbouring nodes and sinks, but this scheme makes high computational cost and reduces the life time of
sensors. In order to overcome this problem a random pair wise key pre distribution scheme is suggested
and further it helps to improve the network resilience. In addition to this an Identity Based Encryption is
used to encrypt the data and Mutual authentication scheme is proposed for the identification and
isolation of replicated mobile sink from the network.
ENERGY EFFICIENT AGGREGATION WITH DIVERGENT SINK PLACEMENT FOR WIRELESS SENSO...ijasuc
In WSN the data aggregation is a means for condensing the energy requirement by reducing number of
transmission by combining the data and sending the final required result to the base station. The lifetime
of the WSN can be improved by employing the aggregation techniques. During the process of aggregation
the numbers of transmission are reduced by combining the similar data from the nearby areas. By using
the clustering technique and aggregating the correlated data greatly minimize the energy consumed in
collecting and disseminating the data. In this work, we evaluate the performance of a novel energy
efficient cluster based aggregation protocol (EECAP) for WSN. The main focus in this proposed work is
to study the performance of our proposed aggregation protocol with divergent sink placements such as
when sink is at the centre of the sensing field, corner of the sensing field or at a location selected
randomly in the sensor field. We present experimental results by calculating the lifetime of network in
terms of number of sensing rounds using various parameters such as – average remaining energy of
nodes, number of dead nodes after the specified number of sensing rounds. Finally the performance of
various aggregation algorithms such as LEACH, SEP and our proposed aggregation protocol (EECAP)
are compared with divergent sink placements. The simulation results demonstrates that EECAP exhibits
good performance in terms of lifetime and the energy consumption of the wireless sensor networks and
which can be as equally compared with existing clustering protocols.
An Email AutoResponder is an event triggered program that responds to an email recipient with a pre-defined message. Even a regular bounce can be considered an AutoResponder. AutoResponders are also often used by employees on vacation to send “Out of Office” replies.
A/B split testing, more commonly known as Hypothesis Testing, is a term used to describe a controlled experiment with two varying components. In the case of an email campaign, you could for example, sequentially alternate between 2 different Subjects. The objective is to identify which of the two subjects achieves better results
by comparing one subject against the other.
A Key Management Approach For Wireless Sensor NetworksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
A Key Management Approach For Wireless Sensor NetworksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
Wireless Sensor Network (WSN) is a promising field for research. As the use of this field increases, it is
required to give proper security to this field. So to ensure the security of communication of data or messages and to
control the use of data in WSN is of great importance. As sensor networks interact with responsive data and operate
in unfriendly unattended area, from the time of system design these security concerns should be addressed. The paper,
presents a modified Motesec security protocol which is a security mechanism for Wireless sensor network. In this
protocol a hash function based approach is used to detect replay attacks. For data access control key lock matching
method i.e. memory data access control policy is used to prevent unauthorized data access. Encoding and
reconstruction scheme is used to find out attacker. Flooding attack detection by comparing data rate. There is currently
massive research is present in the area of wireless sensor network security..Keywords: GPS,GCM,LBS Android.
Keywords: secure communication architecture, wireless Sensor network security.
DATA AGGREGATION AND PRIVACY FOR POLICE PATROLSijasuc
With a widespread growth in the potential applications of Wireless Sensor Networks, the need for reliable
security mechanisms for them has increased manifold. This paper proposes a scheme, Privacy for Police
Patrols (PPP), to provide secure data aggregation that relies on multilevel routing. Privacy factors have
been identified and implemented. Aggregates are prepared and the summary of information is gathered
and stored in a repository. The above defined approaches are integrated in police patrol applications and
preliminary results are obtained.
2.espk external agent authentication and session key establishment using publ...EditorJST
Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed and deployed in a un attend environment, these are vulnerable to numerous security threats. In this paper, describe the design and implementation of public-key-(PK)-based protocols that allow authentication and session key establishment between a sensor network and a third party. WSN have limitations on computational capacity, battery etc which provides scope for challenging problems. We fundamentally focused on the security issue of WSNs The proposed protocol is efficient and secure in compared to other public key based protocols in WSNs.
Energy Efficient Key Management Analysis using AVL Trees in Wireless Sensor N...inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
DESIGNING SECURE CLUSTERING PROTOCOL WITH THE APPROACH OF REDUCING ENERGY CON...IJCNCJournal
The document describes a proposed secure clustering protocol for wireless sensor networks that aims to reduce energy consumption while satisfying security needs. The protocol has four phases: 1) Preparation, where keys are distributed and dynamic clusters are formed based on signal strength. Nodes send identifiers to the base station. 2) Aggregator selection, where a node is selected in each cluster as the data aggregator. 3) Data aggregation, where non-aggregator nodes send data to the aggregator node. 4) Data gathering, where aggregator nodes send aggregated data to the base station. The goal is to distribute workload, reduce transmissions, and hide the identities of aggregator nodes to protect against attacks.
AggreLEACH: Enhance Privacy Preserving in Wireless Sensor Networkijsrd.com
Privacy preservation is an important issue in today's context of extreme penetration of internet and mobile technology. It is more important in the case of wireless sensor network where collected data often requires in network processing and collaborative computing. Security is always booming in wireless sensor network. Privacy preserving data aggregation emerged as an important concern in designing data aggregation algorithm. Encryption schemes that support operation over cipher text are of utmost for wireless sensor networks & especially in LEACH protocol. The salient limit of LEACH is energy. Due to this limitation, it seems important to design Confidentiality scheme for WSN so that sensing data can be transmitted to the receiver securely and efficiently and the energy consumed must be minimum hence we proposed AggreLEACH in which confidentiality scheme i.e. holomorphic encryption is added to LEACH protocol. In holomorphic encryption data can be aggregated without decryption and hence less energy consumption. The objective is to provide secure data transmission between sensor node and aggregator. Simulation result are obtain in terms of two metrics- total energy Consumed of node, life-time of node. It is observed that the performance of AggreLEACH compare to LEACH. We have performed theoretical analysis as well as simulation to check the performance in terms of accuracy, complexity and security.
Hierarchical Key Agreement Protocol for Wireless Sensor Networksidescitation
This document proposes a hierarchical key agreement protocol for wireless sensor networks that uses both symmetric and asymmetric cryptographic techniques. Specifically, it uses probabilistic key pre-distribution for sensor nodes within clusters to establish secure communication with low computational overhead. It uses identity-based asymmetric key distribution between cluster heads and the base station to achieve secure communication with low communication overhead. The goal is to balance security, resilience, and resource overhead of the key management protocol for the constrained sensor nodes. It provides mathematical background on bilinear pairings and elliptic curves needed to implement the identity-based cryptographic techniques.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Data Security and Data Dissemination of Distributed Data in Wireless Sensor N...IJERA Editor
The document discusses a data dissemination protocol called seDrip for wireless sensor networks. seDrip allows multiple authorized network users to simultaneously distribute data items directly to sensor nodes, without relying on a central sink node. It implements authentication using digital signatures to provide security and prevent unauthorized access. The protocol is analyzed and shown to satisfy security requirements like authenticity, integrity, and resistance to denial-of-service attacks. RSA encryption is used to encode data for confidentiality.
Issues and Challenges in Distributed Sensor Networks- A ReviewIOSR Journals
1) The document discusses various design issues and challenges in distributed sensor networks, including limited resources of sensor nodes, scalability, frequent topology changes, and data aggregation.
2) Data aggregation aims to reduce redundant data by having sensor nodes combine and summarize correlated sensor readings. This helps reduce transmission costs and bandwidth usage.
3) Time synchronization is also an important challenge as many sensor network applications require correlating sensor readings with physical times, but achieving precise synchronization is difficult given the networks' constraints.
This document discusses issues and challenges in distributed sensor networks. It begins with an introduction to distributed sensor networks and their applications. It then discusses several design challenges for sensor networks, including limited resources, scalability, frequent topology changes, and energy efficiency. It also discusses specific challenges like data aggregation, time synchronization, localization, node deployment, network dynamics, and fault tolerance. Finally, it discusses security issues and challenges in distributed sensor networks, including requirements like availability, authentication, confidentiality, integrity, and data freshness. It also discusses types of security attacks on sensor networks.
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGYcscpconf
Internet middleboxes such as VPNs, firewalls, and proxies can significantly change handling of traffic streams. They play an increasingly important role in various types of IP networks. If end hosts can detect them, these hosts can make beneficial, and in some cases, crucial improvements in security and performance But because middle boxes have widely varying behavior and effects on the traffic they handle, no single technique has been discovered that can detect all of them.
Devising a detection mechanism to detect any particular type of middle box interference involves many design decisions and has numerous dimensions. One approach to assist with the
complexity of this process is to provide a set of systematic guidelines. This paper is the first attempt to introduce a set of general guidelines (as well as the rationale behind them) to assist researchers with devising methodologies for end-hosts to detect middle boxes by the end-hosts. The guidelines presented here take some inspiration from the previous work of other
researchers using various and often ad hoc approaches. These guidelines, however, are mainly based on our own experience with research on the detection of middle boxes. To assist
researchers in using these guidelines, we also provide an example of how to bring them into play for detection of network compression.
How to detect middleboxes guidelines on a methodologycsandit
Internet middleboxes such as VPNs, firewalls, and proxies can significantly change handling of
traffic streams. They play an increasingly important role in various types of IP networks. If end
hosts can detect them, these hosts can make beneficial, and in some cases, crucial improvements
in security and performance But because middleboxes have widely varying behavior and effects
on the traffic they handle, no single technique has been discovered that can detect all of them.
Devising a detection mechanism to detect any particular type of middlebox interference involves
many design decisions and has numerous dimensions. One approach to assist with the
complexity of this process is to provide a set of systematic guidelines. This paper is the first
attempt to introduce a set of general guidelines (as well as the rationale behind them) to assist
researchers with devising methodologies for end-hosts to detect middleboxes by the end-hosts.
The guidelines presented here take some inspiration from the previous work of other
researchers using various and often ad hoc approaches. These guidelines, however, are mainly
based on our own experience with research on the detection of middleboxes. To assist
researchers in using these guidelines, we also provide an example of how to bring them into
play for detection of network compression
This document discusses security challenges in wireless sensor networks. It outlines key challenges like limited energy and communication capabilities as sensors are often deployed in accessible areas. It discusses approaches for secure key establishment, privacy concerns around surveillance, threats like denial of service attacks, and the need for secure routing, intrusion detection, and data aggregation given the resource constraints of sensor networks. Research is still needed to address security challenges posed by the unique aspects of sensor network environments and applications.
CONCEALED DATA AGGREGATION WITH DYNAMIC INTRUSION DETECTION SYSTEM TO REMOVE ...cscpconf
Data Aggregation is a vital aspect in WSNs (Wireless Sensor Networks) and this is because it
reduces the quantity of data to be transmitted over the complex network. In earlier studies
authors used homomorphic encryption properties for concealing statement during aggregation
such that encrypted data can be aggregated algebraically without decrypting them. These
schemes are not applicable for multi applications which lead to proposal of Concealed Data
Aggregation for Multi Applications (CDAMA). It is designed for multi applications, as it
provides secure counting ability. In wireless sensor networks SN are unarmed and are
susceptible to attacks. Considering the defence aspect of wireless environment we have used
DYDOG (Dynamic Intrusion Detection Protocol Model) and a customized key generation
procedure that uses Digital Signatures and also Two Fish Algorithms along with CDAMA for
augmentation of security and throughput. To prove our proposed scheme’s robustness and
effectiveness, we conducted the simulations, inclusive analysis and comparisons at the ending.
Concealed Data Aggregation with Dynamic Intrusion Detection System to Remove ...csandit
Data Aggregation is a vital aspect in WSNs (Wireless Sensor Networks) and this is because it
reduces the quantity of data to be transmitted over the complex network. In earlier studies
authors used homomorphic encryption properties for concealing statement during aggregation
such that encrypted data can be aggregated algebraically without decrypting them. These
schemes are not applicable for multi applications which lead to proposal of Concealed Data
Aggregation for Multi Applications (CDAMA). It is designed for multi applications, as it
provides secure counting ability. In wireless sensor networks SN are unarmed and are
susceptible to attacks. Considering the defence aspect of wireless environment we have used
DYDOG (Dynamic Intrusion Detection Protocol Model) and a customized key generation
procedure that uses Digital Signatures and also Two Fish Algorithms along with CDAMA for
augmentation of security and throughput. To prove our proposed scheme’s robustness and
effectiveness, we conducted the simulations, inclusive analysis and comparisons at the ending.
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Networkpijans
Sensor nodes, when deployed to form Wireless sensor network operating under control of central authority
i.e. Base station are capable of exhibiting interesting applications due to their ability to be deployed
ubiquitously in hostile & pervasive environments. But due to same reason security is becoming a major
concern for these networks. Wireless sensor networks are vulnerable against various types of external and
internal attacks being limited by computation resources, smaller memory capacity, limited battery life,
processing power & lack of tamper resistant packaging. This survey paper is an attempt to analyze threats
to Wireless sensor networks and to report various research efforts in studying variety of routing attacks
which target the network layer. Particularly devastating attack is Wormhole attack- a Denial of Service
attack, where attackers create a low-latency link between two points in the network. With focus on survey of
existing methods of detecting Wormhole attacks, researchers are in process to identify and demarcate the
key research challenges for detection of Wormhole attacks in network layer.
An Energy Efficient Data Secrecy Scheme For Wireless Body Sensor NetworksCSEIJJournal
Data secrecy is one of the key concerns for wireless body sensor networks (WBSNs). Usually, a data
secrecy scheme should accomplish two tasks: key establishment and encryption. WBSNs generally face
more serious limitations than general wireless networks in terms of energy supply. To address this, in this
paper, we propose an energy efficient data secrecy scheme for WBSNs. On one hand, the proposed key
establishment protocol integrates node IDs, seed value and nonce seamlessly for security, then
establishes a session key between two nodes based on one-way hash algorithm SHA-1. On the other hand,
a low-complexity threshold selective encryption technology is proposed. Also, we design a security
selection patter exchange method with low-complexity for the threshold selection encryption. Then, we
evaluate the energy consumption of the proposed scheme. Our scheme shows the great advantage over
the other existing schemes in terms of low energy consumption.
Similar to AN EFFICIENT KEY AGREEMENT SCHEME FOR WIRELESSSENSOR NETWORKS USING THIRD PARTIES (20)
The Rise of Supernetwork Data Intensive ComputingLarry Smarr
Invited Remote Lecture to SC21
The International Conference for High Performance Computing, Networking, Storage, and Analysis
St. Louis, Missouri
November 18, 2021
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Blockchain technology is transforming industries and reshaping the way we conduct business, manage data, and secure transactions. Whether you're new to blockchain or looking to deepen your knowledge, our guidebook, "Blockchain for Dummies", is your ultimate resource.
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Comparison Table of DiskWarrior Alternatives.pdfAndrey Yasko
To help you choose the best DiskWarrior alternative, we've compiled a comparison table summarizing the features, pros, cons, and pricing of six alternatives.
YOUR RELIABLE WEB DESIGN & DEVELOPMENT TEAM — FOR LASTING SUCCESS
WPRiders is a web development company specialized in WordPress and WooCommerce websites and plugins for customers around the world. The company is headquartered in Bucharest, Romania, but our team members are located all over the world. Our customers are primarily from the US and Western Europe, but we have clients from Australia, Canada and other areas as well.
Some facts about WPRiders and why we are one of the best firms around:
More than 700 five-star reviews! You can check them here.
1500 WordPress projects delivered.
We respond 80% faster than other firms! Data provided by Freshdesk.
We’ve been in business since 2015.
We are located in 7 countries and have 22 team members.
With so many projects delivered, our team knows what works and what doesn’t when it comes to WordPress and WooCommerce.
Our team members are:
- highly experienced developers (employees & contractors with 5 -10+ years of experience),
- great designers with an eye for UX/UI with 10+ years of experience
- project managers with development background who speak both tech and non-tech
- QA specialists
- Conversion Rate Optimisation - CRO experts
They are all working together to provide you with the best possible service. We are passionate about WordPress, and we love creating custom solutions that help our clients achieve their goals.
At WPRiders, we are committed to building long-term relationships with our clients. We believe in accountability, in doing the right thing, as well as in transparency and open communication. You can read more about WPRiders on the About us page.
How Social Media Hackers Help You to See Your Wife's Message.pdfHackersList
In the modern digital era, social media platforms have become integral to our daily lives. These platforms, including Facebook, Instagram, WhatsApp, and Snapchat, offer countless ways to connect, share, and communicate.
An invited talk given by Mark Billinghurst on Research Directions for Cross Reality Interfaces. This was given on July 2nd 2024 as part of the 2024 Summer School on Cross Reality in Hagenberg, Austria (July 1st - 7th)
Measuring the Impact of Network Latency at TwitterScyllaDB
Widya Salim and Victor Ma will outline the causal impact analysis, framework, and key learnings used to quantify the impact of reducing Twitter's network latency.
Details of description part II: Describing images in practice - Tech Forum 2024BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and transcript: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
Coordinate Systems in FME 101 - Webinar SlidesSafe Software
If you’ve ever had to analyze a map or GPS data, chances are you’ve encountered and even worked with coordinate systems. As historical data continually updates through GPS, understanding coordinate systems is increasingly crucial. However, not everyone knows why they exist or how to effectively use them for data-driven insights.
During this webinar, you’ll learn exactly what coordinate systems are and how you can use FME to maintain and transform your data’s coordinate systems in an easy-to-digest way, accurately representing the geographical space that it exists within. During this webinar, you will have the chance to:
- Enhance Your Understanding: Gain a clear overview of what coordinate systems are and their value
- Learn Practical Applications: Why we need datams and projections, plus units between coordinate systems
- Maximize with FME: Understand how FME handles coordinate systems, including a brief summary of the 3 main reprojectors
- Custom Coordinate Systems: Learn how to work with FME and coordinate systems beyond what is natively supported
- Look Ahead: Gain insights into where FME is headed with coordinate systems in the future
Don’t miss the opportunity to improve the value you receive from your coordinate system data, ultimately allowing you to streamline your data analysis and maximize your time. See you there!
AN EFFICIENT KEY AGREEMENT SCHEME FOR WIRELESSSENSOR NETWORKS USING THIRD PARTIES
1. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
DOI : 10.5121/ijasuc.2013.4401 1
AN EFFICIENT KEY AGREEMENT SCHEME FOR
WIRELESSSENSOR NETWORKS USING THIRD
PARTIES
Saleh Almowuena
School of Computing Science, Simon Fraser University, Canada
salmowue@sfu.ca
ABSTRACT
This paper contributes to the challenging field of security for wireless sensor networks by introducing a
keyagreement scheme in which sensor nodes create secure radio connections with their neighbours
depending on the aidof third parties. These third parties are responsible only for the pair-wise key
establishment among sensor nodes,so they do not observe the physical phenomenon nor route data packets
to other nodes. The proposed methodis explained here with respect to four important issues: how secret
shares are distributed, how local neighboursare discovered, how legitimate third parties are verified, and
how secure channels are established. Moreover, theperformance of the scheme is analyzed with regards to
five metrics: local connectivity, resistance to node capture,memory usage, communication overhead, and
computational burden.Our scheme not only secures the transmissionchannels of nodes but also guarantees
high local connectivity of the sensor network, low usage of memory resources,perfect network resilience
against node capture, and complete prevention against impersonation attacks. As it isdemonstrated in this
paper, using a number of third parties equals to 10% of the total number of sensor nodes inthe area of
interest, the proposed method can achieve at least 99.42% local connectivity with a very low usage
ofavailable storage resources (less than 385 bits on each sensor node).
KEYWORDS
Key Agreement, Wireless Sensor Network, Third Party, Trust Establishment, Secure Channel.
1. INTRODUCTION
Wireless sensor networks are employed in a wide range of applications including disaster relief
operations, forest-fire detection, battlefield surveillance, pollution measurement, and healthcare
applications. Because of the characteristics of these applications as well as the broadcast nature of
the radio transmissions, a wireless sensor network is more vulnerable to security threats than
traditional wireless networks. In order to protect the sensor network from outside attacks, it is
necessary to implement a cryptographic mechanism that can achieve three major security
objectives: confidentiality, integrity and authentication. Even though the topic of cryptography
has been well studied for traditional networks, many conventional cryptographic approaches
cannot easily be applied to sensor networks [1]. To illustrate, public key-based schemes and even
some symmetric key methods are complex with regards to computations, memory,
communication, and packet size requirements. On the other hand, sensor networks suffer from
severe constraints on their available resources as a result of the necessity to increase the lifetime
of the complete network, minimize the physical size of the sensor nodes, and reduce the cost of
sensor nodes [2]. Consequently, it is important to propose cryptographic solutions designed
specifically for wireless sensor networks.
2. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
2
A fundamental element in an effective cryptographic system is how sensor nodes are equipped
with the cryptographic keys needed to create secure radio connections with their local neighbours.
This paper contributes to the challenging field of key establishment by introducing a key
agreement scheme whose memory, processing, and communication requirements are low. This
method utilizes the concept of third parties to reduce the cryptographic burden of public-key
based schemes and the key management overhead of symmetric key approaches. Third parties are
simply additional nodes deployed in the field of interest to assist sensor nodes in the key
establishment phase. Hence, they do not perform any other operations such as sensing or packet
routing. Our key agreement scheme has many advantages over existing approaches. For instance,
a sensor node in this scheme needs to make just a few local contacts to establish a secureradio
connection with its neighbours with very high probability. In addition, the majority of sensor
nodes employs just a few simple hash operations and stores only a small number of secret keys in
their memory space. The proposed method also employs an authentication mechanism to prevent
impersonation attacks.
To the best of our knowledge, the idea of exploiting third parties in wireless sensor networks has
been discussed only in [3] where Dong and Liu used auxiliary sensors for pair-wise key
establishment. However, the approach in [3] suffers from two important disadvantages: it is not
scalable to redistribute additional nodes after the deployment stage, and it requires a massive
amount of memory in the assisting nodes. Even though Dong and Liu state that assisting nodes
can utilize all their memory to store the hash images of sensor nodes, this assumption may not be
sufficient for their method to be feasible for sensor networks. To illustrate, Telos mote needs its
entire 1 MB of flash memory to store the hash images for only 65536 sensor nodes, assuming the
hash function provides a 16 bytes long value. An upper limit for the number of nodes makes the
network non-scalable and so this scheme is impractical for large networks. To overcome this
limitation, we propose in this work a scalable and efficient key agreement method in which both
third parties and sensor nodes use a small number of memory units in the key establishment step.
The rest of the paper is organized as follows. Section 2 provides a brief survey of the current key
agreement techniques in the literature. Then we start our discussion in Section 3 by presenting the
trust assumptions considered in both analysis and evaluation. After that, the proposed key
establishment method is described with respect to three points: how secret shares are distributed,
how local neighbours are discovered, and how secure channels are created. In Section 4, we will
analyze the scheme's performance using five metrics: local connectivity, resilience against node
capture, memory usage, communication overhead, and computational overhead. Next, our method
is concisely compared with a number of current key agreement algorithms introduced specifically
for wireless sensor networks. To conclude this paper, section 5 provides some promising research
directions for the future.
2. RELATED WORK
A simple technique to enable sensor nodes establishing secure communication channels with their
neighbours is to preload a single shared key into the memory space of each node in the network.
Having the same secret key provides an efficient key agreement scheme with regards to both
power consumption and memory usage because sensor nodes utilize only a single unit of their
available storage resources and avoid performing any data interaction. However, this method
offers weak resilience against node capture since compromising any sensor node will reveal its
key material and then cause a major breach in the security of the entire network. To enhance the
resilience against node capture, a pair-wise key can be assigned to every pair of nodes in the
network. In this case, trusted base stations should randomly generate ( − 1)/2 secret keys and
then supply each sensor node with − 1 of these keys. A sensor network may have thousands to
millions of nodes in the field of interest, so it is not practical to implement such approach because
of the limitation in memory resources.
3. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
3
Under the assumption that base stations are considered trustworthy entities in wireless sensor
networks, it is easy to apply the concept of Key Distribution Centre (KDC) in which base stations
are responsible for assisting sensor nodes in the process of key establishment. To do so, each
sensor node in the network will share a unique symmetric key with a base station. Once
neighbours in its transmission range are identified, the sensor node forwards a request to the base
station indicating a list of sensor nodes with which it intends to initiate secure radio connections.
Responding to this request, the base station generates a set of pair-wise keys and then transmits
them back to the sender. The main drawback here is the possibility of a single point of failure as
well as the high number of packet transmissions.
Recently, researchers have focused on the idea of key pre-distribution in which a large pool of
symmetric keys is generated before deploying sensor nodes in the target terrain [4], [5], [6], [7].
Each sensor node is equipped with a ring of secret keys chosen randomly from a key-pool. Two
sensor nodes will be capable of creating a secure radio connection if both share a common key.
Usually, the key-rings in pre-distribution approaches are designed in such a way that nodes can
succeed with a pre-determined probability in finding shared keys with their local neighbours.
Regarding the performance of the methods in this category, it has been shown that the number of
symmetric keys in both the key-ring and the key-pool significantly affect the network
connectivity, the resilience against node capture, and the memory usage. For example, increasing
the number of secret keys in the general key-pool will enhance the security of the entire network,
but it may negatively impact the local connectivity of sensor nodes. To balance this trade-off
between security and connectivity, efforts have been made to optimize traditional public key-
based algorithms, such as elliptic curve cryptography, in order to make them suitable for wireless
sensor networks [8], [9], [10], [11].
Our method reduces the cryptographic burden of public-key based schemes and the key
management overhead of random key pre-distribution approaches. To achieve this objective, the
proposed scheme replaces high cost public-key operations at the sensor nodes with a few simple
hash operations, that is, nodes use one-way functions in which the input is data of arbitrary length
and the output is a unique value of a specific size. Furthermore, additional nodes called third
parties are deployed in the network. These assisting nodes do not perform sensing, routing or
packet forwarding; they are only responsible for pair-wise key establishment between sensor
nodes.
3. AN EFFICIENT KEY AGREEMENT SCHEME USING THIRD PARTIES
3.1. Trust Assumptions
Throughout this paper, several assumptions are considered in both analysis and discussion. In this
subsection, we will highlight the major assumptions, on the basis that other complementary
assumptions will be mentioned in their relevant context. First, both physical and data-link layers
are vulnerable to direct attacks. Hence, wireless channels are insecure and susceptible to packet
eavesdropping, data injection, message modification, and replay attacks. Second, sensor nodes are
not supported with tamper-resistant modules since such components are either simple but
insecure or robust but costly. As a consequence, an adversary can compromise a sensor node and
extract its key materials, observation data, and software. Third, base stations are trustworthy
devices, whereas sensor nodes are not guaranteed to behave reliably. Fourth, an attacker is
capable of employing any of the adversary models. As an example, he can deploy malicious
nodes with resources identical to those found on the sensor nodes or launch attacks taking
advantage of powerful laptops. Furthermore, an attacker can compromise a number of regular
nodes and manipulate them to start a collusion attack against the network. The last assumption is
that an adversary targets sensor nodes randomly without prior knowledge of the keys carried on
4. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
4
the nodes. Nevertheless, he may be aware of the security mechanisms implemented in the
wireless sensor network.
3.2. Proposed Algorithm
Like random key pre-distribution schemes, the method introduced here consists of three main
steps: distributing secret shares, discovering local neighbours, and establishing secure channels.
Assume third party nodes in addition to sensor nodes are deployed uniformly in the field of
interest. Prior to deployment of the sensor network, a trusted base station generates a random
encryption key as well as a random authentication key . Then the trusted base station will
store both keys as private information into the memory units of all third parties. Furthermore,
every sensor node in the network is equipped with unique encryption and authentication keys. To
do so, the trusted base station computes for each node two values:
= ( , ) = ( , ) (1)
and preloads these two keys into the node memory unit.
After scattering sensor nodes in the target region, the nodes perform a discovery process in order
to find their local neighbours as well as their closest third party. Finding local neighbours is a
simple operation since sensor nodes periodically broadcast HELLO packets or what is called
beaconing to advertise their existence in a neighbourhood. Therefore, nodes can easily depend on
these packets to identify adjacent nodes. To protect the network from HELLO flood attacks [1], a
pair of neighbouring nodes performs a two-way handshake to ensure that the other node is located
within its radio range. On the other hand, it is not sufficient to allow third parties to advertise their
existence in a neighbourhood relying on HELLO packets alone. The reason is that malicious
nodes can spoof the contents of a HELLO packet originating from a genuine third party and then
forward this packet to the sensor nodes in its transmission range. Innocently, these sensor nodes
can be deceived to assign this malicious node as their closest third party node, thereby disrupting
the functionality of the proposed method.
To verify the legitimacy of a third party in a sensor network, we utilize an authentication
mechanism called hash chain scheme. This scheme provides a simple and scalable solution
without consuming substantial storage resources in the sensor nodes. In this method, sensor nodes
need to store just a single key in their memory units. Also, they can easily accommodate new
legitimate third parties which are redistributed in the field of interest after the deployment phase.
To implement the hash chain mechanism, a trusted base station randomly generates a key and
then inputs this generated key in a sequence of hash functions as shown in Figure 1. Prior to
deployment, third parties are given the chain of keys L = {L , L , L , … , L , L }, while sensor
nodes are equipped with a single key L . Once the sensor nodes are spread in the target region,
third parties advertise their existence in a neighbourhood through broadcasting a customized
HELLO packet containing the key L . Upon receiving a HELLO packet, every sensor node in
the network checks the legitimacy of the third party as follows. Sensor nodes extract the key L
from the incoming HELLO packet and then input L to the predefined hash function. If the
value resulting from the hash function H(L ) matches the key L stored in node memory,
authentication is successful. In this case, each sensor node should update its stored key by
replacing L with L . Next time, the third party will unitize the key L in its customized
HELLO packets, and so on. It is important to note that the value of the parameter a should be
chosen carefully taking into account the strength of the security protocols needed in addition to
the expected lifetime of the sensor network. For instance, the parameter a used in long-term
battlefield surveillance should be greater than the value utilized in applications designed to obtain
statistics about the number of visitors in a short-term tourist attraction.
5. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
5
Figure 1. An example of a hash chain generated from a random key M
Once the discovery stage is completed, every sensor node i in the network sends a request to the
discovered third party in its transmission range stating its desire to establish secure channels with
neighbouring nodes {j , j , … , j }. To help the third party in verifying the identity of the packet
originator, node i encrypts its outgoing message with the authentication secret A :
( ) → : ( , { , , … , })
Responding to such a request, the third party starts the process of key generation by computing
the values S and A using (1). For each neighbour mentioned in the received request, the third
party determines an encryption key S and then calculates a temporary secret share for use in
generating a session key between both the sensor node i and its neighbour j as follows:
Secret(i, j ) = Hash S , ID ⊕ Hash S , ID (2)
The third party sends back to the sensor node i its temporary secret shares protected with the
authentication key A as shown below:
Third Party → Node(i): E i || j || Secret(i, j ) ∀ x ∈ [1, d]
Upon receiving these temporary secret shares, the sensor node i uses the identity of its
neighbouring node j in order to determine a session key between the two nodes given by:
Session = Secret(i, j ) ⊕ Hash S , ID (3)
Although sensor nodes i and j can rely on this session key to secure their radio connections, we
recommend that sensor node i generates a new random secret key K , and then constructs a
packet containing this random key. This packet should be encrypted with the session key obtained
in (3) and then forwarded to the neighbouring node j . Performing this additional step boosts the
network security and prevents any negative impact from the disclosure of session keys after a
third party is compromised. As soon as the neighbouring node j receives the encrypted packet, it
inputs the identity of node i into the predefined hash function in order to extract the session key
used to encrypt the received packet as follows:
= , (4)
Obviously, the session keys in (3) and (4) are identical. To prove this point, we can easily
substitute (2) into the right hand of (3) yielding (4).At this point, the neighbouring node j uses
the session key in (4) to decrypt the received packet and then obtain the secret key K , . Sensor
nodes i and j can then employ the secret key K , to secure their radio channel.
6. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
6
Since it is possible to encounter situations in which a sensor node i has no third parties in its local
neighbourhood, it is necessary to include an additional step in the key establishment phase to
avoid such scenarios. In this step, a neighbour of node i will help him in finding a third party
within a predefined number of hops and then communicate with this third party on behalf of node
i. Similar to what was explained earlier, sensor node i will send a request to a neighbour
indicating its desire to establish secure channels with nodes {j , j , … , j }. This request will be
encrypted with the authentication secret A in order to protect the contents of the packet and
confirm the identity of the originator. The neighbouring node will forward this request to a nearby
third party in its local transmission range. Upon receiving the anticipated responses from the third
party, the neighbouring node will forward these responses to node i. Once the temporary secret
shares are received, node i will continue the process of key establishment so that secure channels
are created with its adjacent nodes.
4. EVALUATION
4.1. Local Connectivity
The local connectivity of a sensor network is typically represented by the probability of two
neighbouring nodes being able to find a common secret key. Since sensor nodes in our proposed
method depend on the assistance of a third party to generate shared keys with their neighbours,
the definition of local connectivity should be different. In other words,the local connectivity of a
sensor network in the proposed method is the probability that one of two neighbouring nodes
discovers a third party in its neighbourhood.To compute p , it is necessary to: a) determine
the expected area of coverage for two adjacent nodes in the deployment region, and b) calculate
the probability that at least one third party is located within this area. In the following
subsections, we assume that sensor nodes in addition to third parties are distributed uniformly
over a field of interest whose size is equal to G.
Figure 2.A pair of neighbouring nodes in a wireless sensor network
Figure 2 shows a pair of neighbouring nodes in a wireless sensor network. According to Chan et
al. in [4], the expected area of coverage for the two neighbouring sensor nodes i and j isE(x) =
∫ Area (x) f(x) dxwhere Area (x) represents the area of both circles minus the
overlapped region AECF, R indicates the transmission radius of a sensor node, and f(x) is the
probability density function of the sensor node distribution in the field of interest. Because sensor
nodes and third parties are distributed uniformly in the deployment area, f(x) is calculated
asf(x) = P(distance < ) = = .RegardingArea (x), we must first compute
7. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
7
the overlapped region AECF which is given byArea (x) = 2 R cos − x R − .
Then subtracting the overlapped region from the area of both circles in Figure
2yieldsArea (x) = 2πR − 2 R cos + x R − . On this ground, the expected area
of coverage for sensor nodes i and j is given by:
E(x) = Area (x) f(x) dx = 1.413497π R
Since third parties are uniformly deployed in the wireless sensor network, the probability that a
third party node is located inside the region as follows:
p =
The expected region Area (x)
The size of the deployment area
=
E(x)
G
=
1.413497π R
G
Because it is possible that more than one third party is located in a particular area, the binomial
distribution can be used to derive the probability that z third parties are within the region .
This probability is given byp(z = z) =
t
z
p (1 − p) . As mentioned earlier, a pair of
neighbouring nodes can establish a secure radio connection when one of the two nodes has at
least one third party in its transmission range. Based on this, we can conclude that the local
connectivity of a sensor network in the proposed method is given by:
p = p(z ≥ 1) = 1 − p(0) = 1 −
t
0
p (1 − p) = 1 − (1 − p) (5)
To simplify (5), let d be the average number of neighbours within the radio coverage of a sensor
node. When n ≫ dand G ≫ πR , we can assume = . Then the local connectivity can be
rewritten as follows:
p = 1 − (1 − p) = 1 − 1 −
.
= 1 − 1 −
.
(6)
Figure 3 shows the local connectivity of a network when the number of sensor nodes is equal to
10000 with various densities, i.e., the average number of neighbours in a node’s transmission
range. Because the number of third party nodes plays an important role in determining the local
connectivity of a network, we plot the local connectivity with respect to the ratio of the number of
third parties to the number of sensor nodes. Clearly, increasing this ratio to more than 40percent
will result in perfect connectivity, but this is not feasible from both practical and economical
points of view. As a consequence, we consider lower ratios such as 10 percent which provides
reasonable connectivity. As shown in Figure 3, the proposed method with a 10 percent ratio gives
approximately 92.5 percent of local connectivity even in low dense networks like when d = 20.
Figure 3 also shows it is possible that a pair of neighbouring nodes may have no third party in
their transmission range. As a result, it will be necessary to depend on an intermediate node in
order to complete the key establishment process, as it was described previously. Since the
communication overhead is an important concern in wireless sensor networks, we should limit the
number of intermediate nodes between a sensor node and a third party to only one. In other
words, if two neighbours are trying to establish a pair-wise key to secure their radio channel, one
8. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
8
of the two nodes should discover a third party within two hops as shown in Figure 4. Note that a
two hop distance does not necessary mean a radius of 2R. This value is quite optimistic in non-
dense sensor networks as it would require the intermediate node to be located on the edge of a
neighbouring node boundary. To compute the local connectivity through an intermediate node in
a non-dense sensor network, a good approximation for the two hop range is a radius of 3R/2
rather than 2R.
Figure 3.The local connectivity of a network applying our method
Figure 4. The scope of discovery possible for two neighbouring nodes
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
8
of the two nodes should discover a third party within two hops as shown in Figure 4. Note that a
two hop distance does not necessary mean a radius of 2R. This value is quite optimistic in non-
dense sensor networks as it would require the intermediate node to be located on the edge of a
neighbouring node boundary. To compute the local connectivity through an intermediate node in
a non-dense sensor network, a good approximation for the two hop range is a radius of 3R/2
rather than 2R.
Figure 3.The local connectivity of a network applying our method
Figure 4. The scope of discovery possible for two neighbouring nodes
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
8
of the two nodes should discover a third party within two hops as shown in Figure 4. Note that a
two hop distance does not necessary mean a radius of 2R. This value is quite optimistic in non-
dense sensor networks as it would require the intermediate node to be located on the edge of a
neighbouring node boundary. To compute the local connectivity through an intermediate node in
a non-dense sensor network, a good approximation for the two hop range is a radius of 3R/2
rather than 2R.
Figure 3.The local connectivity of a network applying our method
Figure 4. The scope of discovery possible for two neighbouring nodes
9. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
9
Allowing sensor nodes to seek assistance from an intermediate node to discover a third party can
increase the local connectivity of a sensor network. To calculate p in this case, we simply
need to compute the expected area of ABCD in Figure 4 and then determine the probability that at
least one third party is located inside this region. In situations where sensor nodes are deployed in
a non-dense network,Area represents the area of both circles in Figure 4.a minus their
overlapped region AECF as follows:
Area (x) = 4.5πR − 4.5 R cos
x
3R
+ x
9
4
R −
x
4
Therefore, the expected area of coverage for two neighbouring nodes in a non-dense network and
the probability that a third party node is located inside ABCD areE(x) = 2.87947π R and
p = 2.87947π R /G, respectively. Similar to what was done earlier, the binomial distribution can
be used in order to determine the probability that at least one third party is located within the
region ABCD. Based on this, the local connectivity of the non-dense sensor network in Figure 4.a
is given by:
p = 1 − (1 − p) = 1 − 1 −
.
(7)
On the other hand, the region in the dense sensor network in Figure 4.b is as follows:
Area (x) = 8πR − 8 R cos
x
4R
+ x 4R −
x
4
Consequently, the expected area of coverage for sensor nodes i and j in Figure 4.b isE(x) =
4.84349π R making the local connectivity of the dense network to become:
p = 1 − (1 − p) = 1 − 1 −
.
(8)
In this subsection, three different scenarios were considered in the key establishment phase: a)
sensor nodes are not allowed to use any intermediate node, b) sensor nodes are deployed in non-
dense networks in which they can use a maximum of one intermediate node, and c) sensor nodes
are distributed in dense networks where they can utilize at most one intermediate node. When the
average number of neighbours within the transmission range of a sensor node is equal to = 20,
Figure 5 illustrates the improvement obtained using a maximum of one intermediate node in our
proposed method. For example, the network in scenario (a) needs 4.72 times the number of third
parties required in scenario (c) such that a fully connected network is achieved. Compared with
the non-dense networks in scenario (b), the network in scenario (a) still requires 2.59 times the
number of third parties needed in scenario (b) in order to have a complete local connectivity.
Changing from 20to 40, the performance will be enhanced since increasing the expected
number of neighbours within a transmission range boosts the probability that a pair of
neighbouring nodes can discover a third party. Figure 6 shows a comparison between the local
connectivity of the three scenarios when = 40.
4.2. Resilience against Node Capture
When an adversary captures a node in a wireless sensor network, he is able to extract the key
material, observation data, and software stored on that node. Under this circumstance, it is
important to employ key agreement schemes for which a compromised sensor node has a limited
10. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
10
impact on the security of the entire network. In other words, the secret keys of non-compromised
nodes should not be revealed when a sensor node is captured. Usually, a metric called resilience
against node capture is utilized in order to measure the resistance of a key agreement scheme to a
node being compromised. This metric is calculated as the ratio of the number of compromised
nodes to the percentage of insecure radio connections in the network. High resilience against node
capture indicates that a compromised sensor node has a low impact on the secrecy of transmission
channels belonging to other nodes.
Figure 5.The local connectivity for three scenarios when d = 20
Figure 6.The local connectivity for three scenarios when d = 40
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
10
impact on the security of the entire network. In other words, the secret keys of non-compromised
nodes should not be revealed when a sensor node is captured. Usually, a metric called resilience
against node capture is utilized in order to measure the resistance of a key agreement scheme to a
node being compromised. This metric is calculated as the ratio of the number of compromised
nodes to the percentage of insecure radio connections in the network. High resilience against node
capture indicates that a compromised sensor node has a low impact on the secrecy of transmission
channels belonging to other nodes.
Figure 5.The local connectivity for three scenarios when d = 20
Figure 6.The local connectivity for three scenarios when d = 40
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
10
impact on the security of the entire network. In other words, the secret keys of non-compromised
nodes should not be revealed when a sensor node is captured. Usually, a metric called resilience
against node capture is utilized in order to measure the resistance of a key agreement scheme to a
node being compromised. This metric is calculated as the ratio of the number of compromised
nodes to the percentage of insecure radio connections in the network. High resilience against node
capture indicates that a compromised sensor node has a low impact on the secrecy of transmission
channels belonging to other nodes.
Figure 5.The local connectivity for three scenarios when d = 20
Figure 6.The local connectivity for three scenarios when d = 40
11. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
11
Unlike the majority of random pre-distribution schemes, compromising a sensor node in our
proposed method does not have any effect on the secrecy of transmission channels belonging to
other nodes in the network. To clarify, sensor nodes in our scheme store only their private
information, which is independent from the private data in other nodes. Consequently, the
exclusive use of private keys in the network confines the negative impact of a compromised
sensor node to the node itself. On the other hand, compromising a single third party may lower, in
rare situations, the resistance of the proposed scheme to a node being compromised. To illustrate,
every pair of neighbouring nodes depends on their closest third party to establish a secure radio
connection. The third party generates a session key which is used by the pair of sensor nodes to
exchange a random secret key. Even though it would be easier for the two neighbouring nodes to
rely on the session key generated by their closest third party for communications, the proposed
scheme makes both nodes secure their transmission channel with a random secret key of their
own. This measure prevents the negative impact caused by the disclosure of session keys after a
third party is compromised. Therefore, the secrecy of non-compromised radio connection is
preserved. However, it is still possible in some situations that a third party becomes compromised
while pairs of sensor nodes are still exchanging their random secret keys. In this scenario, the
radio channels of these nodes may be compromised leading to a slight decrease in the network
resilience against node capture.
A reasonable solution to reduce the negative impact of a compromised third party would be
deleting the private information stored in the memory units of third parties as soon as the key
agreement process is completed. Normally, the key establishment phase is performed in the
beginning of a network lifetime, and it is often accomplished within a period of time . Wireless
sensor networks are typically static configurations in which nodes do not change their locations
after deployment. On this basis, a sensor node is expected to not seek any further assistance from
third parties after the period unless new nodes are redistributed in its neighbourhood. Under
these conditions, deleting the private information stored on third parties after and then putting
these third parties in sleep mode will reduce the risk of capturing a third party without affecting
the local connectivity of a sensor network. We can also assume that attackers require time larger
than in order to capture a third party. With this assumption, our proposed method provides
perfect resilience against node capture. When the network redeploys additional nodes in the field
of interest, third parties can be awakened to receive from the trusted base station an encrypted
packet containing their private information. Completing the key agreement process, these third
parties will delete their secret keys within the period and then go back to sleep mode.
4.3. Memory Usage
Memory usage is a metric defined as the amount of memory that a node requires in order to
establish secure transmission channels with its neighbours. A significant characteristic of the
proposed method is its small memory usage in sensor nodes as well as third parties. To illustrate,
every sensor node in the network starts the key agreement process by discovering its closest third
party. For this step, sensor nodes need to store just a single key in their memory space so that the
hash chain mechanisms can be performed. After discovering neighbouring third parties, nodes
should continue the key establishment phase so that their radio connections are secured. To
accomplish this, each sensor node is preloaded with unique encryption and authentication keys.
Hence, sensor nodes in the proposed scheme must store only three keys.
Similar to sensor nodes, a third party needs to store three secret keys: an encryption key to
assist a pair of neighbours in generating session keys, an authentication key to identify the
originators of packets sent to or from sensor nodes, and a random value to help sensor nodes in
verifying the legitimacy of a third party in their region. In addition to these three keys, a third
party should also be equipped with an exclusive pair-wise key used to initiate secure routes to
12. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
12
trusted base stations. As a consequence, third parties in the proposed method require four secret
keys in order to conduct the key agreement process. Assuming cryptographic keys are 128 bits in
length [12], the memory usage of sensor nodes and third parties are 384 and 512 bits,
respectively.
4.4. Communication and Computational Overhead
Another important metric to evaluate the performance of key agreement schemes for wireless
sensor networks is the complexity of communication and processing operations. In this regard,
our proposed method has many advantages over existing public key and random pre-distribution
techniques. For example, it replaces high cost public-key operations at the sensor nodes with
symmetric encryption and a few hash operations. Furthermore, a sensor node needs to conduct
just a few local contacts in order to establish pair-wise keys with its neighbours. In this
subsection, both communication and computational overhead of the proposed scheme is analyzed.
To secure the radio connections of a network, sensor nodes and third parties collaborate with each
other to generate an exclusive pair-wise key for each pair of neighbouring nodes. Due to this
cooperation, some of the computational operations required in the key establishment process can
be performed on sensor nodes, while other operations can be executed on third parties. Here, it is
assumed that a sensor node is responsible for generating /2 secret keys on average, where is
the expected number of nodes in a neighbourhood. The reason behinds choosing this value is that
a pair of neighbouring nodes can establish a secure radio channel if one of the two nodes obtains
assistance from a third party in its transmission range. Thus, a sensor node on average is involved
in generating half of its secret keys and receives the remaining half from its neighbours. Also, it is
not taken into consideration the communication overhead in discovering local neighbours. Since
this process is an essential step in all routing protocols, it would be reasonable to assume that
sensor nodes know the identities of neighbours prior to the beginning of the key agreement phase.
To secure its radio connections, a sensor node needs to encrypt and send packets, perform the
hash function ( + 1) times, receive and decrypt packets, and use the random number
generator /2 times. On the other hand, to help a node in generating session keys with its
neighbours, a third party receives and decrypts /2 packets, performs the hash function ( +
/2 + 3) times, encrypts /2 packets, and sends /2 packets back to the sensor node. To
indicate the computational and communication overhead for these operations, Table 1 shows the
amount of energy consumed by each operation when a sensor node is equipped with a 4MHz 8-
bit Atmel ATmega128L microcontroller and a 915MHz low-power radio transceiver [13], [14].
Table 1.The energy consumed by computational and communication operations.
Operation Energy Consumed
Encryption using AES-128 1.62 μJ/Byte
Decryption using AES-128 2.49 μJ/Byte
Hashing using SHA-1 5.90 μJ/Byte
Generating a cryptographic key 11.4 μJ/Byte
Receiving a packet 28.6 μJ/Byte
Transmitting a packet 59.2 μJ/Byte
4.5. Analysis and Discussion
Different from the proposed method, the key establishment schemes introduced in [4], [5], [6],
and [7] suffer from a poor trade-off between connectivity, security, and memory usage. For
example, it has been shown that the number of symmetric keys stored on a sensor node affects the
performance of the basic scheme in [6]. To illustrate, increasing the number of secret keys
13. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
13
enhances the local connectivity of the sensor network, but negatively impacts the resilience
against node capture and obviously increases the memory usage in sensor nodes. For instance, the
key agreement process in [6] consumes 320 Bytes of node memory and results in a low local
connectivity of 3.93% if every sensor node is equipped with 20 keys. In such a situation,
capturing 11.50% of the sensor nodes will compromise 90% of the secure radio links in the
network. When the number of symmetric keys stored on a sensor node is increased to 100 keys,
this process will consume 1600 Bytes of memory but enhance the local connectivity of the
network by a factor of around 12to 47.54%. However, the resilience against node capture in this
case is much lower allowing an adversary to compromise 100% of the secure radio connections
once 9.86% of the sensor nodes are captured.
According to Liu and Ning in [7], the performance of the multiple-space matrix pre-distribution
scheme [5] and the multiple-bivariate polynomial pre-distribution scheme [7] are equivalent.
Based on this ground, it is sufficient to focus the discussion here on the method in [5]. The local
connectivity of the multiple-space scheme as well as its resistance to node capture are
considerably influenced by two parameters: which denotes the number of private matrices in
the network and which represents the number of unique vectors chosen randomly for each node.
To decrease the local connectivity of a network but improve its resilience against node capture,
trusted base stations should increase the number of private matrices in the network and decrease
the number of unique vectors chosen for each sensor node. Similar to thebasic scheme, the
number of secret keys stored on a sensor node also plays a significant role in determining the
performance of the multiple-space method. This number influences the memory usage and the
resistance of the network to compromised nodes, but it does not affect the local connectivity. For
example, the key establishment in [5] ensures a high local connectivity of 99.6% and utilizes
1600 Bytes of storage resources if 10 private matrices are available and 5 unique vectors are
selected for each node. Yet, the security resilience in this situation is very low since capturing
0.80% of the sensor nodes will break the security of all radio connections in the network. On the
other hand, increasing the number of private matrices to 90 improves the network resistance to
compromised nodes by 13, yet its local connectivity is reduced approximately by a factor of 6
leading to a local connectivity of only 16.89%.
The random pair-wise key scheme [4] is designed to ensure perfect resilience against node
capture. To accomplish this objective, every cryptographic key in the sensor network is
exclusively used to secure a single transmission channel. Consequently, compromising a sensor
node reveals only its own key material without affecting the secrecy of the radio connections
belonging to other nodes. However, this method suffers from a great trade-off between memory
usage and local connectivity. To increase the local connectivity of a sensor network, nodes need
to consume most of their available storage resources.
Dong and Liu introduced a key establishment scheme [3] which is similar to our proposed method
from the perspective that both techniques employ the concept of third parties in wireless sensor
networks. Comparing the two schemes, we indicate that the local connectivity of both methods
should be identical given that third parties as well as sensor nodes are uniformly deployed in the
field of interest. However, they differ because the expressions used to determine the local
connectivity in [3] are only estimates. Regarding the memory usage, every sensor node using the
key agreement scheme in [3] needs to store a single secret key in its storage space. On the other
hand, third parties in [3] need a massive amount of memory for key establishment in the network.
Not equipping third parties with large memory units eventually makes the scheme in [3]
impractical for large networks. The Dong and Liu's scheme is quite resistance to node capture for
two reasons: only public information is stored on third parties and private keys are known only to
the corresponding sensor nodes. Still, capturing a third party may result in compromising the
radio connections of nodes whose session keys were generated by that third party. Once a third
14. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
14
party is captured, the adversary can obtain its random number generator and then retrieve the
session keys previously generated.
In short, our proposed method has important advantages compared with the schemes in [3], [4],
[5], [6], and [7]. For instance, the proposed scheme not only secures the transmission channels of
nodes but also guarantees high local connectivity of the sensor network, low usage of memory
resources, and perfect network resilience against node capture. Using a number of third parties
equal to 10% of the number of sensor nodes in the field of interest, the proposed scheme achieves
99.42% local connectivity when the expected number of nodes in a neighbourhood is equal to
40, as shown in Figure 3. In this case, sensor nodes need to store only 48 Bytes in their memory.
Moreover, capturing a sensor node does not compromise the radio connections of non-
compromised nodes, thus providing perfect resilience against node capture.
5. CONCLUSION
This paper focuses on the issue of key establishment for wireless sensor networks in which nodes
and third parties are uniformly deployed in the field of interest. To secure the radio channel of
two neighbouring nodes, one of the two communicates with a third party in its transmission
coverage area asking for a session key. Furthermore, this sensor node randomly generates an
exclusive secret key and constructs a packet containing this key. The packet is next encrypted by
the session key received from the third party and then forwarded to the neighbouring node. It was
demonstrated in this paper that our scheme does not only secure the radio connections of sensor
nodes but also provides high local connectivity for the network, low usage of memory resources,
and perfect network resilience against node capture. Using a number of third parties equal to five
percent of the total number of sensor nodes in the area of interest, our method achieves 93.28%
local connectivity if the number of sensor nodes in a neighbourhood is equal to 40 on average. In
this case, a sensor node needs to store only 384 bits in its memory. Also, capturing a sensor node
or a third party has no negative impact on the radio connections of other non-compromised nodes
if the private keys belonging to third parties are deleted within seconds from the beginning of
the key agreement phase.
Several possible future research directions can be derived from the work presented here. For
instance, we focused on proposing efficient and scalable key agreement scheme which allow a
pair of neighbouring nodes to share a unique pair-wise key. Nevertheless, we have not mentioned
explicitly any particular procedure to detect and revoke the identities of compromised sensor
nodes or third parties in the field of interest. Consequently, it is desirable to provide a simple
mechanism that helps in detecting misbehaving nodes and third parties. These captured entities
can then be isolated from the sensor network by denying them the ability to exchange messages
with authorized units. Clearly, the matter of discovering a compromised entity can be considered
an anomaly intrusion detection problem. Since conventional intrusion detection systems are
usually complex and consume a significant amount of node resources, it would be important to
introduce a simple detection and revocation model suitable for the characteristics of wireless
sensor networks.
ACKNOWLEDGEMENT
The author would like to thank ProfessorAaron Gulliver for his insights and valuable feedback
that contributed significantly to this work. Sincere appreciation is also expressed to King Saud
University in Riyadh, the Ministry of Higher Education in Saudi Arabia, and the Saudi Arabian
Cultural Bureau in Canada for their financial support.
15. International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.4, No.4, August 2013
15
REFERENCES
[1] C. Karlof and D. Wagner, (2003)“Secure routing in wireless sensor networks: attacks and
countermeasures”,Ad Hoc Networks, Vol. 1, No. 23, pp. 293–315.
[2] D. Puccinelli and M. Haenggi, (2005)“Wireless sensor networks: Applications and challenges of
ubiquitous sensing”,IEEE Circuits and Systems Magazine, Vol. 5, No. 3, pp. 19–29.
[3] Q. Dong and D. Liu, (2007)“Using auxiliary sensors for pairwise key establishment in WSN”,
inNETWORKING 07: Ad Hoc and SensorNetworks, Wireless Networks, and Next Generation
Internet, pp. 251–262, Berlin, Germany.
[4] H. Chan, A. Perrig, and D. Song, (2003)“Random key predistribution schemes for sensor networks”,
in IEEE Symposium on Research in Security and Privacy, pp. 197–213, Oakland, CA.
[5] W. Du, J. Deng, Y. Han, and P. Varshney, (2003)“A pairwise key pre-distribution scheme for
wireless sensor networks”, in the 10th ACM conference on Computer and Communications Security,
pp. 42–51, Washington, DC.
[6] L. Eschenauer and V. D. Gligor, (2002) “A key-management scheme for distributed sensor
networks”, in the 9th ACM conference on Computer and Communications Security, pp. 41–47,
Washington, DC.
[7] D. Liu and P. Ning, (2003)“Establishing pairwise keys in distributed sensor networks”, in the 10th
ACM conference on Computer and Communications Security, pp. 52–61, Washington, DC.
[8] E. Blaβ and M. Zitterbart, (2005) “Towards acceptable public-key encryption in sensor networks”, in
the ACM Second International Workshop on Ubiquitous Computing (ACM SIGMIS), pp. 1–6.
[9] G. Gaubatz, J. Kaps, and B. Sunar, (2004)“Public keys cryptography in sensor networks – revisited”,
in the 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS), pp. 2–18,
Heidelberg, Germany.
[10] Q. Huang, J. Cukier, H. Kobayashi, B. Liu, and J. Zhang, (2003)“Fast authenticated key establishment
protocols for self-organizing sensor networks”, in the 2nd ACM International Conference on Wireless
Sensor Networks and Applications, pp. 141–150, San Diego, CA.
[11] D. Malan, M. Welsh, and M. D. Smith, (2004)“A public-key infrastructure for key distribution in
tinyos based on elliptic curve cryptography”, inthe First Annual IEEE Conference on Sensor and Ad
Hoc Communications and Networks, pp. 71–80, Santa Clara, CA.
[12] D. Carman, P. Kruus, and B. Matt,“Constraints and approaches for distributed sensor network
security”, Technical Report 00010, NAILabs.
[13] A. Francillon and C. Castelluccia, (2007) “Tinyrng: A cryptographic random number generator for
wireless sensors network nodes”, in the5th International Symposium on Modeling and Optimization
in Mobile, Ad Hoc and Wireless Networks, pp. 1–7, Limassol, Cyprus.
[14] A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Chang, (2005)“Energy analysis for public-key
cryptography for wireless sensor networks”, in the 3rd IEEE International Conference on Pervasive
Computing and Communications, pp. 324–328, Italy.
Author
Saleh Almowuena received his B.Eng. in Computer Engineering from King Saud
University, Saudi Arabia in 2006, and his M.A.Sc. in Electrical and Computer
Engineering from the University of Victoria, Canada in 2010. Currently, he is a Ph.D.
student in the School of Computing Science at Simon Fraser University, Canada.
Saleh is working on improving the bandwidth usage and power consumption caused
by Video-on-Demand services over LTE networks. His research interests also include
the field of key management for Wireless Sensor Networks, the architecture of
evolved-Multimedia Broadcast Multicast Service in LTE systems, and the behaviour model of users during
multimedia streaming over mobile networks.