Abstract
Wireless sensor networks (WSN) are susceptible to node capture and many network levels attacks. In order to provide protection against such threats, WSNs require lightweight and scalable key management schemes because the nodes are resource-constrained and high in number. Also, the effect of node compromise should be minimized and node capture should not hamper the normal working of a network. In this paper, we present an exclusion basis system-based key management scheme called MUQAMI+ for large-scale clustered sensor networks. We have distributed the responsibility of key management to multiple nodes within clusters, avoiding single points of failure and getting rid of costly inter-cluster communication. Our scheme is scalable and highly efficient in terms of re-keying and compromised node revocation.
Similar content being viewed by others
Notes
In the conference version, we named this protocol MUQAMI. Since it is much improved in this journal version, we have named it MUQAMI+.
References
Younis O, Fahmy S (2004) Heed: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks. IEEE Trans Mob Comput 3(4):366–379. doi:10.1109/TMC.2004.41
Youssef A, Agrawala A, Younis M (2005) Accurate anchor-free localization in wireless sensor networks. In: First IEEE workshop information assurance in wireless sensor networks (WSNIA ’05)
Akyildiz I, Su W, Sankarasubramaniam Y, Cayirci E (2002) Wireless sensor networks: a survey. Comput Networks 38(4):393–422
Amin S, Siddiqui M, Hong C (2008) Detecting jamming attacks in ubiquitous sensor networks. In: IEEE sensors applications symposium 2008, pp 40–45
Çamtepe SA, Yener B (2007) Combinatorial design of key distribution mechanisms for wireless sensor networks. IEEE/ACM Trans Netw 15(2):346–358. doi:10.1109/TNET.2007.892879
Chan H, Perrig A, Song D (2003) Random key predistribution schemes for sensor networks. In: SP ’03: proceedings of the 2003 IEEE symposium on security and privacy. IEEE Computer Society, Washington, DC, p 197
Dierks T, Allen C (1999) The TLS protocol version 1.0
Dini G, Savino IM (2006) An efficient key revocation protocol for wireless sensor networks. In: WOWMOM ’06: proceedings of the 2006 international symposium on on world of wireless, mobile and multimedia networks. IEEE Computer Society, Washington, DC, pp 450–452. doi:10.1109/WOWMOM.2006.23
Du W, Deng J, Han YS, Varshney PK (2003) A pairwise key pre-distribution scheme for wireless sensor networks. In: CCS ’03: proceedings of the 10th ACM conference on computer and communications security. ACM, New York, pp 42–51. doi:10.1145/948109.948118
Eltoweissy M, Heydari MH, Morales L, Sudborough IH (2004) Combinatorial optimization of group key management. J Netw Syst Manage 12(1):33–50. doi:10.1023/B:JONS.0000015697.38671.ec
Eltoweissy M, Moharrum M, Mukkamala R (2006) Dynamic key management in sensor networks. IEEE Commun Mag 44(4):122–130. doi:10.1109/MCOM.2006.1632659
Eschenauer L, Gligor VD (2002) A key-management scheme for distributed sensor networks. In: CCS ’02: proceedings of the 9th ACM conference on computer and communications security. ACM, New York, pp 41–47. doi:10.1145/586110.586117
Ghumman K (2006) Location-aware combinatorial key management scheme for clustered sensor networks. IEEE Trans Parallel Distrib Syst 17(8):865–882. doi:10.1109/TPDS.2006.106 (Senior Member-Mohamed F. Younis and Senior Member-Mohamed Eltoweissy)
Gupta G, Younis M (2003) Load-balanced clustering of wireless sensor networks. In: International conference on communications (ICC ’03), pp 1848–1852
Intanagonwiwat C, Govindan R, Estrin D (2000) Directed diffusion: a scalable and robust communication paradigm for sensor networks. In: ACM mobile computing and networking (Mobicom’00), pp 56–67
Karlof C, Li Y, Polastre J (2003) Arrive: an architecture for robust routing in volatile environments. Tech. Rep. CSD-03-1233, University of California at Berkeley
Karlof C, Sastry N, Wagner D (2004) TinySec: a link layer security architecture for wireless sensor networks. In: SenSys ’04: proceedings of the 2nd international conference on embedded networked sensor systems. ACM, New York, pp 162–175. doi:10.1145/1031495.1031515
Kohl J, Neuman C (1993) The Kerberos network authentication service (v5)
Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772. doi:10.1145/358790.358797
Langendoen K, Reijers N (2003) Distributed localization in wireless sensor networks: a quantitative comparison. Comput Networks 43(4):499–518
Li G, He J, Fu Y (2006) A hexagon-based key predistribution scheme in sensor networks. In: ICPPW ’06: proceedings of the 2006 international conference workshops on parallel processing. IEEE Computer Society, Washington, DC, pp 175–180. doi:10.1109/ICPPW.2006.9
Madden S, Szewczyk R, Franklin MJ, Culler D (2002) Supporting aggregate queries over ad-hoc wireless sensor networks. In: WMCSA ’02: proceedings of the fourth IEEE workshop on mobile computing systems and applications. IEEE Computer Society, Washington, DC, p 49
Menezes AJ, Vanstone SA, Oorschot PCV (1996) Handbook of applied cryptography. CRC, Boca Raton
Paek KJ, Kim J, Hwang CS, Song US (2007) An energy-efficient key management protocol for large-scale wireless sensor networks. In: MUE ’07: proceedings of the 2007 international conference on multimedia and ubiquitous engineering. IEEE Computer Society, Washington, DC, pp 201–206. doi:10.1109/MUE.2007.74
Seetharam D, Rhee S (2004) An efficient pseudo random number generator for low-power sensor networks. In: LCN ’04: proceedings of the 29th annual IEEE international conference on local computer networks. IEEE Computer Society, Washington, DC, pp 560–562. doi:10.1109/LCN.2004.18
Shaikh R, Lee S, Khan M, Song Y (2006) LSec: lightweight security protocol for distributed wireless sensor networks. In: 11th IFIP international conference on personal wireless communications PWC’06. LNCS, vol 4217, Spain, pp 367–377
Tilak S, Abu-Ghazaleh N, Heinzelman W (2002) A taxonomy of wireless microsensor network models. ACM Mobile Comput Commun 6(2):1–8
Venugopalan R, Ganesan P, Peddabachagari P, Dean A, Mueller F, Sichitiu M (2003) Encryption overhead in embedded systems and sensor network nodes: modeling and analysis. In: CASES ’03: proceedings of the 2003 international conference on compilers, architecture and synthesis for embedded systems. ACM, New York, pp 188–197. doi:10.1145/951710.951737
Xing G, Lu C, Zhang Y, Huang Q, Pless R (2005) Minimum power configuration in wireless sensor networks. In: MobiHoc ’05: proceedings of the 6th ACM international symposium on mobile ad hoc networking and computing. ACM, New York, pp 390–401. doi:10.1145/1062689.1062738
Xu W, Ma K, Trappe W, Zhang Y (2006) Jamming sensor networks: attack and defense strategies. IEEE Netw 20(3):41–47. doi:10.1109/MNET.2006.1637931
Zhu S, Setia S, Jajodia S (2006) LEAP+: efficient security mechanisms for large-scale distributed sensor networks. ACM Trans Sen Netw 2(4):500–528. doi:10.1145/1218556.1218559
Acknowledgements
This research was supported by the MKE (Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Advancement) (IITA-2009-(C1090-0902-0002)). This work also, was supported by the Korea Science & Engineering Foundation (KOSEF) grant funded by the Korea government (MEST) (No. 2008-1342), and was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2009-0076798). This work is supported by the IT R&D program of MKE/KEIT, [10032105, Development of Realistic Multiverse Game Engine Technology].
Author information
Authors and Affiliations
Corresponding author
Appendices
Appendices
1.1 Appendix A. Storage overhead
The average storage requirements of a CH node in LEAP+ are fairly straightforward. Apart from the pairwise key shared with each node in the cluster, it has to store two more keys, i.e., its cluster key and the communication key. So, if there are r nodes in a cluster, storage requirements of a CH node in LEAP+ turn out to be:
In LEAP+, the SN nodes only establish pair-wise keys with only their b neighbors. However, they have to store two keys, i.e., the cluster key and the communication key. So, the storage requirement of SN node in LEAP+ becomes:
Now, we will discuss the storage requirement of a CH node in SHELL. In SHELL, each node has to store a key chain of length l for the key it shares with the CN. Also, it has to store pair-wise keys with h neighboring CH nodes, with whom it shares the EBS matrix. Also, it has to store pair-wise keys with the r nodes, i.e., the average number of nodes in a cluster. Finally, it has to store the k + m administrative keys and the communication key. So, the storage requirement of a CH node in SHELL can be written as
Apart from the key chain of length l for the key shared with the CN and the k administrative keys, SN nodes have to store three other keys, i.e., one pair-wise key shared with a neighboring CH node, one shared with its own CH node, and one communication key. So, the average storage requirements of a SN node in SHELL can be written as:
1.2 Appendix B. Communication and computation overhead
In this section, we will discuss the communication and computation overhead of LEAP+ and SHELL and explain the formulas listed in Tables 4 to 7. In the initial deployment phase, every CH node receives one message each from h neighboring CH nodes to establish the communication path. Also, for each node in its cluster, the CH node receives one message from one of the neighboring CH nodes in order to establish pair-wise keys. Finally, for the distribution of the communication key, every CH node receives the communication keys k + m times, i.e., encrypted separately in each administrative key. So, the average message exchanges between CH nodes during the initial deployment phase of SHELL comes out to be:
where \(Avg\_Msg\_Count\_Init_{CH \to CH}^{\mathit{SHELL}}\) is the average message exchanges between CH nodes during initial deployment phase of SHELL.
In the initial deployment phase of LEAP+, every SN node sends two unicast messages to the CH node. One message establishes a pair-wise key with the CH node and the other one transfers the cluster key to the CH node. Apart from that, it also has to forward d messages to the CH node, where d is the average number of nodes that establish their pair-wise keys with the CH node through each node. So, the average number of messages transmitted from a SN to its CH in the initial deployment phase turns out to be:
where \(Avg\_Msg\_Count\_Init_{SN \to CH}^{LEAP+}\) is the average number of messages transmitted from a SN to its CH in the initial deployment phase of LEAP+. Also, it is important here to mention the average number of message exchanges between SN nodes in LEAP+. There are b neighbors of each node and each node has to send two messages to each of its neighbors. One message is for the pair-wise key establishment and the other message is for the communication of its cluster key. Apart from that, three messages are exchanged for every node that establishes a pair-wise key with the CH node through this node, i.e., three messages are exchanged for d nodes from each node on average. In one message, the d nodes send a message to the CH node through this node to establish a pair-wise key with the CH node. In the other two messages, cluster keys are exchanged between the CH and the d nodes, i.e., CH and the d nodes send their cluster keys to each other through this node. So, the average number of message exchanges between SN nodes in LEAP+ for the initial deployment phase comes out to be:
where \(Avg\_Msg\_Count\_Init_{SN \to SN}^{LEAP+}\) is the average number of messages exchanged between SN nodes in the initial deployment phase of LEAP+. It is not difficult to understand the rest of the expressions in Table 4.
For key refreshment in SHELL, every CH sends a message to h neighboring CH nodes. In turn, it receives k + m messages from them to broadcast in the cluster. So, the average number of messages exchanged between the CH nodes in the key refreshment phase can be written as:
where \(Avg\_Msg\_Count\_Rekey_{CH \to CH}^{SHELL}\) is the average message exchanges between CH nodes during the key refreshment phase of SHELL. Also, the keys between the neighboring CH nodes and the keys between CH nodes and the CN will also be refreshed. So, in order to refresh those keys, the CN will send h + 1 messages to all the CH nodes, i.e., to g CH nodes. h messages contain new keys for communication with the neighboring CH nodes and one message contains a key for communication with the command node. So, the total number of messages transferred from CN to the CH nodes in key refreshment phase of SHELL comes out to be:
where \(Msg\_Count\_Rekey_{CN \to CH}^{\mathit{SHELL}}\) is the total number of messages transferred from CN to the CH nodes in key refreshment phase of SHELL.
In order to refresh its cluster key, each node will send one message to the CH node. Also, it will forward one message each from d nodes, so the average number of messages transmitted from a SN to its CH in the key refreshment phase turns out to be:
where \(Avg\_Msg\_Count\_Rekey_{SN \to CH}^{LEAP+}\) is the average number of messages transmitted from a SN to its CH in the key refreshment phase of LEAP+. In the same way, when a SN node refreshes its cluster key in LEAP+, it send one message each to its b neighbors. Also, the CH node exchange cluster keys with d nodes through every node on average. On a particular SN node, one message is received from each of the d nodes and forwarded to the CH node and one message from the CH node is forwarded to them. So, the average number of message exchanges between SN nodes in LEAP+ for the key refreshment phase comes out to be:
where \(Avg\_Msg\_Count\_Rekey_{SN \to SN}^{LEAP+}\) is the average number of messages exchanged between SN nodes in the key refreshment phase of LEAP+. The rest of the expressions in Table 5 are trivial and easily understandable. Expressions in Table 6 are similar to the ones in Table 4 except that h + 1 messages are sent from the CN to the CH nodes in case a CH node is compromised. One message is sent to the new CH node and h messages are sent to its neighboring CH nodes, so that keys can be established between the new CH node and its neighboring CH nodes. Explanations for the rest of the expressions in Table 6 are similar to the ones in Table 4.
In case a SN node is compromised, k compromised keys are refreshed using m remaining keys that the compromised SN node does not know. So, the number of broadcast messages in the cluster by the CH node is m. However, the CH has to send k messages to the neighboring CH nodes, which manage the k compromised keys. k messages will be returned to the CH node with the new key values encrypted in the old ones. Then, those k keys will be aggregated and sent to the h neighboring CH nodes, so that they can encrypt the aggregated message using them using all keys that they manage other than the k compromised keys. In turn, the CH will receive m messages, which it will broadcast in its cluster. So, the average number of messages exchanged between the CH nodes in case of SN node revocation in SHELL can be written as:
where \(Avg\_Msg\_Count\_Revoc\_SN_{CH \to CH}^{SHELL}\) is the average message exchanges between CH nodes when a SN node is compromised in SHELL. In LEAP+, if a SN node is compromised, only its neighbors perform the SN →CH and SN →SN communication. So, in order to calculate the average message count, we divide the expressions for the count of both such messages by b/r. The rest of the expressions in Table 7 do not require much elaboration.
Rights and permissions
About this article
Cite this article
Syed, M.KuR.R., Lee, H., Lee, S. et al. MUQAMI+: a scalable and locally distributed key management scheme for clustered sensor networks. Ann. Telecommun. 65, 101–116 (2010). https://doi.org/10.1007/s12243-009-0123-0
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-009-0123-0