Energy conserving security mechanisms for wireless sensor networks

Abstract

Since wireless sensor networks are emerging as innovative technologies for realizing a variety of functions through a number of compact sensor nodes, security must be justified and ensured prior to their deployment. An adversary may compromise sensor nodes, forcing them to generate undesired data, and propagation of these data packets through the network results in wasteful energy consumption. We develop a security mechanism to detect energy-consuming useless packets, assuming that a sensor node is able to generate multiple message authentication codes (MAC) using preshared secrets. The forwarding nodes along the path verify the validity of the packet by checking the authenticity of the attached MACs. This mechanism performs well when a malicious node does not have all the cryptographic keys. However, packets, generated by the malicious node having all the keys, would be considered as legitimate, and thus, the forwarding nodes become unable to detect and discard them. To deal with this problem, we devise another mechanism in which each forwarding node is capable of checking such suspicious nodes. We have quantified the security strength through analysis and simulations to show that the proposed mechanisms make the entire network energy conserving.

Appendix

Theorem 1

In the multiple complementary tree-based key distribution with t trees, where there is no correlation between nodes’ locations in different trees and t ≪ N, the probability of security compromise, p _compromise , is \(\left(\frac{2}{(d + 1)}\right)^t\) .

Proof

Consider the single complementary tree-based key distribution in Fig. 1. Let l be the intruder that can observe the communication between sensor j and k. We want to identify the probability that l is aware of the secret(s) used by j and k. Now, consider different cases based on the shared secrets that j and k use during communication. Since no secrets are associated with the root, first consider the case where j and k use the secret(s) at level 2. Such a situation occurs if k is not a descendant of the level-2 ancestor of j. Thus, the probability of this case is \(\frac{(d - 1)}{d}\). Additionally, the probability that l is aware of all the secrets is d/2; l knows all the secrets used by j and k if and only if l is a descendant of the level-2 ancestor of j or l is a descendant of the level-2 ancestor of k. Next, we consider the probability that j and k use the secret at level 3 in the tree. Such a situation arises if k is a descendent of the level-2 ancestor of j and k is not a descendent of the level-3 ancestor of j. Thus, the probability of this case is \(\frac{1}{d} \times \frac{(d - 1)}{2}\). Moreover, l is aware of the shared secret(s) between j and k if and only if l is a descendant of the level-3 ancestor of j or l is a descendant of the level-3 ancestor of k. Thus, the probability of this case is \(\frac{2}{d} \times \frac{1}{d}\). Continuing this way, the probability, p _compromise, that l is aware of the secret(s) used by j and k in a single complementary tree is

$$\begin{array}{lll} p_{\rm compromise} &=& \frac{(d - 1)}{d} \frac{2}{d}\left(\sum\limits_{j=0}^h(1/d)^{2j}\right)\\ &&< \frac{(d - 1)}{d} \frac{2}{d}\left(\sum\limits_{j=0}^\infty(1/d)^{2j}\right)\\ &=& \frac{(d - 1)}{d} \frac{2}{d} \frac{1}{(1-1/d^2)}\\ &=& \frac{2}{d + 1}. \end{array}$$

With t complementary trees, \(p_{\rm compromise} = \left(\frac{2}{(d + 1)}\right)^t\).□