an improved key pre-distribution with deployment knowledge for wireless sensor networks

8/7/2019 An Improved Key Pre-Distribution with deployment knowledge for wireless sensor networks

1/5

Kalasalingam University Page 1

An Improved Key Pre-Distribution Scheme with Deployment

Knowledge for Wireless Sensor Networks

Presented By

SIDDHARTHRAJU.K S.G.HYMLIN ROSE, M.EII

ndM.Tech, DCN Lecturer/ECE

[email protected]

Department of Electronics and Communication,

KALASALINGAM UNIVERSITY,

Krishnankoil626 190.

ABSTRACT

Smart environments represent the next evolutionary

development step in building, utilities, industrial, home,

shipboard, and transportation systems automation. Like any

sentient organism, the smart environment relies first and

foremost on sensory data from the real world.

Another unique feature of sensor networks is thecooperative effort of sensor nodes. Sensor nodes are fitted

with an onboard processor. Instead of sending the raw data to

the nodes responsible for the fusion, they use their processing

abilities to locally carry out simple computations and

transmit only the required and partially processed data.

The challenges in the hierarchy of: detecting the relevant

quantities, monitoring and collecting the data, assessing and

evaluating the information, formulating meaningful user

displays, and performing decision-making and alarm functions are enormous. The information needed by smart

environments is provided by Distributed Wireless Sensor

Networks, which are responsible for sensing as well as for

the first stages of the processing hierarchy.Recent advances in electronic and computer technologies

have paved the way for the proliferation of wireless sensor

networks (WSN). Sensor networks usually consist of a large

number of ultra-small autonomous devices. In typical

application scenarios, sensor nodes are spread randomly over

the deployment region under scrutiny and collect sensor data.

Sensor networks are being deployed for a wide variety of

applications, including military sensing and tracking,

environment monitoring, patient monitoring and tracking,

smart environments, etc.

When sensor networks are deployed in a hostile

environment, security becomes extremely important, as they

are prone to different types of malicious attacks. In thispaper, we address a scheme called Blooms Scheme; it makes

use of asymmetric matrices in place of symmetric matrices in

order to establish secret keys between node pairs thereby

increasing the connectivity. In this proposed scheme, the

network resilience against node capture is substantially

improved.Terms

Connectivity is defined as the probability that any two

neighboring nodes share one key.

Resilience is defined as the fraction of the secure links

that are compromised after a certain number of nodes are

captured by the adversaries.

I.INTRODUCTION

Sensor networks are the key to gathering the informationneeded by smart environments, whether in buildings, utilities,

industrial, home, shipboard, transportation systems automation,

or elsewhere. Recent terrorist and guerilla warfare

countermeasures require distributed networks of sensors that

can be deployed using, e.g. aircraft, and have self-organizing

capabilities. In such applications, running wires or cabling is

usually impractical. A sensor network is required that is fast

and easy to install and maintain.

Figure-1 Wireless Sensor Networks

The Figure-1 shows the complexity of wireless sensor

networks, which generally consist of a data acquisition

network and a data distribution network, monitored and

controlled by a management center. The plethora of available

technologies makes even the selection of components
mailto:[email protected]:[email protected]:[email protected]


2/5


difficult, let alone the design of a consistent, reliable, robust

overall system.

The study of wireless sensor networks is challenging in

that it requires an enormous breadth of knowledge from an

enormous variety of disciplines. In this chapter we outline

communication networks, wireless sensor networks and

smart sensors, physical transduction principles, commerciallyavailable wireless sensor systems, self-organization, signal

processing and decision-making, and finally some concepts

for home automation.

II.SECURITY IN WIRELESS SENSOR NETWORKS

Sensor nodes in most applications are scattered in the

physical environments. Sensor nodes collaborate to deliver

requested information. Such scenario assumes trust

relationships among sensor nodes to deliver correct data and

avoid eavesdropping of secure data.

Sensor nodes are susceptible to various types of attacks [3].

These include known attacks on traditional Networks in

addition to new attacks introduced against sensor networks.

ATTACKS DESCRIPTION

Spoofed, altered,

or replayed routing

information

Create routing loop, attract or repel network traffic,

extend or shorten source routes, generate false error

messages etc.

Selective

forwarding

Either in-path or beneath path by deliberate

jamming, allows to control which information is

forwarded. A Malicious node act like a black hole

and refuses to forward every packet it receives.

Sinkhole attacks Attracting traffic to a specific node, e.g. to prepare

selective forwarding

Sybil attacks

A single node presents multiple identities, allows to

reduce the effectiveness of fault tolerant schemes

such as distributed storage and multipath etc.

Wormhole attacks

Tunneling of messages over alternative low-latency

links to confuse the routing protocol, creating

sinkholes etc.

Hello floods

An attacker sends or replays a routing protocols

hello packets with more energy

Table 1 List of attacks prevailing in sensor networks

All these attacks are aiming at one or more of the

following,

Stop network services, Feed bad data or prevent the movement of true data,

thus leading to bad decision or computation.

Gain access to forbidden information and/or restrictedservices by unauthorized entity.

They pose security and privacy challenges when deployed

in a hostile environment. For example, an adversary can easily

gain access to mission critical or private information by

monitoring communications among sensor nodes. Therefore, it

is important to encrypt communications between sensor nodes.

The challenge is how to bootstrap secure communications

among sensor nodes, i.e., how to set up secret key among them.

III.BACKGROUND

The fundamental problem in wireless sensor network

security is to initialize secure communication between sensor

nodes by setting up secret keys between communicating nodes.

In general this is called key establishment [4]. There are three

types of key establishment techniques:

Trusted-server scheme, Self-enforcing scheme, and Key pre-distribution scheme.Key distribution is an important issue in WSN design. It is

a newly developing field due to the recent improvements in

wireless communications. Wireless sensor networks is a

network of small, battery-powered, memory-constraint devices

named sensor nodes, which have the capability of

communication over a restricted area. Due to memory and

power constraints, they need to be well arranged to build a fully

functional network.

The goal of this scheme is to allow sensor nodes to find a

common key with each of their neighbors after deployment.

This scheme consists of three phases:

Key pre-distribution, Shared-key discovery and Path-key establishment.Many key pre-distribution schemes have been

development to address this problem. Eschenauer and Gligor

[1] proposed the basic probabilistic key pre-distribution, in

which each sensor node picks a random subset of keys from a

large key pool before deployment of the network. By doing

this, two sensor nodes can have a certain probability to share at

least one key. Based on Eschenauer and Gligors scheme, Chan

et.al. [1] Proposed a q-composite random key pre-distributionscheme, requiring at least q (q>1) shared keys instead of just

one common key to establish a secure connection. The number

of required shared keys makes it exponentially harder for the

attacker to compromise a link key with a given subset of

already compromised keys.

Jianmin Zhang, Li, and Liu et.al,[1] proposed a scheme,

that offer best resilience against sensor nodes captured and the

probability of links between any sensor nodes are compromised

is zero after pairwise keys establishment.


3/5


4/5


Figure 3 Key Generations and Key Sharing

In the key generation phase 3x3 symmetric matrices are

used for the key generation. Then a random matrix is used to

produce the corresponding key rings that are to be embedded in

the internal memory of the sensors before their deployment.

In this figure 3, the sensor A and B share their secret keys

to negotiate their common key, for establishing a secure link.

Thus sensors A and B communicate with each other using their

common key.

II.RANDOM DEPLOYMENT OF SENSOR NODES

After the nodes are deployed [5], a key-setup phase is

performed. During this phase, each pair of neighboring nodes

attempts to find a common key that they share. If such a key

exists, the key is used to secure the communication linkbetween these two nodes. After key-setup is complete, a graph

(called key graph) of secure links is formed. Nodes can then set

up path keys with their neighbors with whom they do not share

keys.

If the key graph is connected, a path can always be found

from a source node to any of its neighbors. The source node can

then generate a path key and send it securely via the path to the

target node.

In this figure 4 around some fifty sensors are randomly

deployed in a hostile environment and their establishment of

secure links with their neighbor nodes is simulated using

Matlab.

In the random deployment process, in this figure 4, aroundfifty sensor nodes are deployed and their transmission range

was analyzed. This fig. the nodes out of range are left

unconnected and that is crystal clear from the figure 4.

Figure 4 Random Deployments of Sensors Nodes

III.CONNECTIVITY

Connectivity is defined as the probability of two

neighboring nodes being able to find a common key.

Resilience is defined as the fraction of the secure link that

are compromised after a certain number of nodes are captured

by the adversaries.

Lower the resilience, the more difficulty the attackers

make use of the security materials stored in the capture nodes

to attack the other parts of the network

Probability Calculation:

Let Sc be the size of key space in each group, represents

the number of key spaces. m is the memory usage and there

are shared key spaces

To calculate Pr (two nodes do not share any key space)

The first node selects i key spaces from the shared

key spaces, it then selects the (-i) key spaces from the non-

shared key spaces.

To avoid sharing any key space with the first node, the

second node selects key spaces from the remaining (Sc-i)

key spaces from its key space pool.

Pr=1-

S=1 Pr(two nodes do not share any key)

Is the probability that two nodes share at least one key when

their keypools have |Sc| keys in common.

Scm

i

m

Sc

m

iSc

im

Sc

i

Sc

,min(

0 2

)1(


5/5


Figure 5 Key Space Size Vs Probability of shared key

When the number of key spaces used between the sensor

nodes increase then the probability of sharing a common keyincrease considerably, increasing the connectivity. In figure 5,

when the number of key spaces used by the nodes (taw= x)

increase to the total key spaces available in the network, then

the probability of computing a common key will increase, thus

for taw=2, taw=4, taw=5 the probability of sharing a key

increases linearly.

Further the connectivity will degrade with increasing main

key space size w.r.t the key space employed in each sensors. So

the ratio of key pace stored in each node to the total key space

size should be kept small, inorder to have better connectivity.

VI.CONCLUSION

Inthis Improved Key Pre-Distribution Scheme, so

far we have discussed the various existing key pre-distribution

schemes, their unique model of key distributions and their short

comes compared to other schemes. We also discussed various

security threats in these sensor nodes and the steps to handle

those effectively. This project deals with symmetric key pre-

Distribution with a common matrix used by both the nodes

during session establishment. The parameters included in these

calculations have been discussed in detail.

The simulation result shows the Key generation phase,

Random sensor deployment in hostile environment and their

reach ability and finally the connectivity graph. The

connectivity analysis is vital in this project and is analyzed

using three different set of key spaces (stored in the memory ofthe sensors) from the total key space is employed for the

analysis and the probability is seen increasing with increased

key spaces in the nodes.

In this project the schemes DDHV and Bloom scheme is

used to analyze the connectivity and key generation

respectively. We used a symmetric matrix for the generation of

keys among the sensors. We also deployed the sensors

randomly in the predetermined range and determined their

range of operation, key sharing ability.

In this work we Pre-Distributed the keys with deployment

knowledge, so that the possibilities of compromising with a

common key between the nodes increases, thus establishing a

secure communication link.

VII.FUTURE WORK

In future, we will further study the asymmetric key pre-

distribution schemes and other security related parameters to

increase the security of the wireless sensor nodes by improving

the resilience and by managing the keys defined.

REFERENCES

[1] Jianmin Zhang, Jian Li, Xiande Liu, A Strong KeyPre-distribution Scheme for Wireless Sensor

Networks, in Wireless Communications and Trusted

Computing, International Conference on Networks

Security, 2009.

[2] Al-Sakib Khan Pathan, Hyung-Woo Lee, Choong seonhong, Security in Wireless Sensor Networks: Issues

and Challenges, ICACT, Feb 2006.

[3] D.J. Cook and S.K. Das, John Wiley, F. L. LEWISWireless Sensor Networks, in Technologies,

Protocols, and Applications, New York, 2004.

[4] D.R.Stinson,On some methods for UnconditionallySecure Key Distribution and Broadcast Encryption,

Computer Science and Engineering, USA, Nov 21,

1996.

[5] Mostafa I. Abd-El-Barr, Maryam M. Al-Otaibi,Mohamed A. Youssef, Wireless Sensor Networks-

part II: Routing Protocols and Security Issues

Saskatoon, May 2005.

[6] Shaila K, S H Manjula, Aruna R, Anupama, K RVenugopal, L M Patnaik, Resilience Key

Predistribution Scheme using Asymmetric Matrices

for Wireless Sensor Networks in International

Advance Computing Conference Patiala, 2009 IEEE

INDIA, March 2009.

[7] Wenliang Du, Jing Deng, Yunghsiang S. Han, PramodK. Varshney, Key Management in Wireless Sensor

Networks Extended Abstract, Syracuse University,

USA.

[8] W. Du, J. Deng, Y. S. Han, S. Chen and P. K.Varshney, A key management scheme for wireless

sensor networks using deployment knowledge, in

Proc. IEEE INFOCOM, 2004.

an improved key pre-distribution with deployment knowledge for wireless sensor networks

Documents