1 / 27

Key Predistribution Approach in Wireless Sensor Networks Using LU Matrix

Key Predistribution Approach in Wireless Sensor Networks Using LU Matrix. Author: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol. 10, no. 8, pp.1399-1409 , Aug. 2010. (Impact Factor = 1.581) Presenter: Yung-Chih Lu Date: 2010/08/04. Outline. Introduction

brenden-duncan
Download Presentation

Key Predistribution Approach in Wireless Sensor Networks Using LU Matrix

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Key Predistribution Approach in Wireless Sensor Networks Using LU Matrix Author: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol. 10, no. 8, pp.1399-1409 , Aug. 2010. (Impact Factor = 1.581) Presenter: Yung-Chih Lu Date: 2010/08/04

  2. Outline • Introduction • Proposed Scheme • Performance & Security Evaluation • Conclusion

  3. Introduction(1/4) location finding system mobilizer Base station sensing unit processing unit transceiver Unit microprocessor digital/ analog converter sensor storage device powerunit Power generation Wireless Sensor Network Sensor Architecture

  4. Introduction(2/4) • LU Matrix Lower Triangular MatrixUpper Triangular Matrix

  5. Introduction(3/4) • The type of key agreement protocol • Trusted-server: The trusted server shares a key with every node and transmits session keys to the nodes on quest. • Public-key: Perform a public-key infrastructure. • Key predistribution: Keys are distributed to all sensor nodes prior to deployment.

  6. Introduction(4/4) • Constraints • Limited energy consumption • Low transmission range • Limited Memory overhead • Requirements • High network connectivity • Robust resilience against node capture • Low memory overhead

  7. Eschenauer-Gligor Scheme(1/5) L. Eschenauer and V. Gligor. “A Key-Management Scheme for Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002. • Key pre-distribution phase P :key pool size , k = key ring size Pr[ two key rings share at least a key] = 1 - Pr[ two nodes do not share any key] = 1 - (C(P, k) / C(P, k)) × (C(k, 0) × C(P-k, k) / C(P, k)) = Stirling’s approximation : = Example1: P=1000 , k=100 Pr = ≒ 1 - 3.8972×e-83/ 2.6517×e-78 ≒ 1 Example2: P=1000 , k=10 Pr = ≒ 1 - 2.2559×e-9 / 2.4955×e-9 ≒ 1 - 0.9039 = 0.0961

  8. Eschenauer-Gligor Scheme(2/5)

  9. Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Eschenauer-Gligor Scheme(3/5) L-Sensor : Low-end sensor H-Sensor : High-end sensor • Key pre-distribution phase Key pool Keys Key identities :L-Sensor H-sensor Key identity = key mod 232 H-Sensor : L-Sensors ID、 L-Sensors key identifiers and Kci L-Sensor : k keys、 key identifiers and Kci Kci = EKx(ci) Kx = K1⊕,…, ⊕Kk ci = H-Sensor ID

  10. Eki(α) Eki(α) Eschenauer-Gligor Scheme(4/5) • Shared-key discovery Step1:Each L-sensor Broadcasts a list of key identities. Step2:L-sensor runs a challenge-response protocol if L-sensor find the common key. :L-Sensor Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) H-sensor Key ring (k keys) Key ring (k keys) α = Dki[Eki(α)] Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys)

  11. α = Dkp[Ekp(α)] Ekp(α) Eschenauer-Gligor Scheme(5/5) • Path-key establishment :L-Sensor Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) H-sensor Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Key ring (k keys) Ekc(kp) Key ring (k keys) Key ring (k keys) Ekc(kp)

  12. Pairwise Key Predistribution Scheme(1/5) W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, and A. Khalili. “A pairwise key predistribution scheme for wireless sensor networks.” ACM Trans. Inf. Syst. Secur., vol. 8, no. 2, pp. 228–258, 2005. • Galois Field • q elements (q is a prime number) • Field is closed under additive and multiplicative operator • The sign is GF(q) • s is a primitive number Example: GF(7) 3 mod 7 = 3 3^2 mod 7=2 3^3 mod 7 =6 3^4 mod 7 =4 3^5 mod 7 =5 3^6 mod 7 = 1 The order of 3 is 6 3 is a primitive number • linear independent • Node k only store the seed sk • k=1,2,…,N

  13. . = mod 7 [ ] [ ] [ ] [ ] [ ] 2 0 4 4 0 6 0 3 3 4 1 1 3 2 2 4 2 0 4 4 0 6 1 1 3 2 2 4 [ ] [ ] [ ] 2 4 0 0 4 6 1 6 2 6 3 5 2 5 2 2 4 0 0 4 6 T = Pairwise Key Predistribution Scheme(2/5) • Blom’s scheme D : a symmetric matrix of size (λ+1)×(λ+1) G : a matrix of size (λ+1)×N 1X + 1Y = 0 …(1) 3X + 2Y = 0 …(2) 2X + 4Y = 0 …(3) (2) – 2.(1) X = 0 …(4) substitute (4) into (1) X = Y = 0 Example: N=2 , λ=2 , GF(7) D.G = A=(D.G)T = A.G = K12 = K21 = 3 . = mod 7 ﹛ λ-secure property guarantees that no coalition of up to λ nodes (not including i and j) have any information about Kij or Kji.

  14. Pairwise Key Predistribution Scheme(3/5) • Key pre-distribution phase Step1:Generating a G matrix Step2:Generating ω D matrices D1,…,Dω Step3:Caculating Ai = (Di.G)T i = 1,…,ω Step4:Selecting τ spaces per node 2≦τ<ω Example: ω=3 , τ=2 , each L-sensor store (λ+1)×τ elements H-sensor Step3: L1-Sensor L2-Sensor Step4 Step4: Seed sk k=1,…,N … Seed: s1 … Seed: s2

  15. Pairwise Key Predistribution Scheme(4/5) • Key agreement phase Step1:Each L-sensor Broadcasts a message message = L-sensor’s id + the indices of the spaces + seed Step2:Two L-sensors can establish a common secret key if they both hold a common key space. H-sensor message Seed: s2 Seed: s1

  16. Pairwise Key Predistribution Scheme(5/5) Pactual[ two nodes share at least a space] = 1 – Pactual[two nodes do not share any space]

  17. [ ] 0 0 1 0 4 0 1 0 0 Proposed Scheme(1/6) • Blundo Polynomial-based protocol • Setup server randomly generates a symmetric bivariate t-degree polynomial Example: f(x,y) = 4x2y2 + x3y1+ x1y3 It’s a symmetric bivariate 3-degree polynomial over a finite field Fq

  18. Proposed Scheme(2/6) • Blundo Polynomial-based protocol Step1: computes 1: Lu-Sensor ID 2: Lv-Sensor ID f(1,y) = 4y2 + y1 +y3 f(2,y) = 16y2 + 8y1 + 2y3 Step2:The Setup server loads the sensor node with coefficients Step3:Each sensor node broadcasts its own ID Step4:Receiver use ID to compute a shared secret key Kuv = f(u,v) = f(v,u) = Kvu K12 = f(1,2) = 26 = f(2,1) = K21 H-sensor Lu-Sensor y1 y2 y3 Lv-Sensor y1 y2 y3

  19. Proposed Scheme(3/6) • Polynomial predistribution phase Polynomial pool (Bivariate t-degree Polynomial + Unique ID) Assuming that u11=1, u22=2, u33=3

  20. Proposed Scheme(4/6) • Polynomial predistribution phase • Randomly distribute one row of L and one column of U to each sensor node r1 : 1st row , c1 : 1st column r2 : 2nd row , c2 : 2nd column

  21. Proposed Scheme(5/6) • Shared key establishment phase SB: node B’s ID To Match or Not To Match? MAC: message-authentication code CLR: is a confirmation

  22. Proposed Scheme(6/6) Step1:Generating a Polynomial Pool (ω Polynomials) P1,…,Pω Step2:Selecting τ polynomials per node 2≦τ<ω Example: ω=3 , τ=2 , each L-sensor store (t+1)×τ elements H-sensor Step1: L1-Sensor L2-Sensor Step2: …

  23. Performance & Security Evaluation(1/4)

  24. Performance & Security Evaluation(2/4) • network connectivity

  25. Performance & Security Evaluation(3/4) • resilience against node capture k=400

  26. Performance & Security Evaluation(4/4) • memory overhead Compare with Blundo scheme

  27. Conclusion • High network connectivity • memory space saving • certain threshold • node to node authentication

More Related