180 likes | 393 Views
Key Pre-distribution Approach in Wireless Sensor Networks Using LU Matrix. Authors: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol.10, no.8, pp.1399-1409, 2010. Presenter: Yung- Chih Lu ( 呂勇志 ) Date: 2010/11/05. Outline. Introduction Polynomial-based scheme
E N D
Key Pre-distribution Approach in Wireless Sensor Networks Using LU Matrix Authors: Hangyang Dai and HongbingXu Source: IEEE Sensor Journal, vol.10, no.8, pp.1399-1409, 2010. Presenter: Yung-Chih Lu (呂勇志) Date: 2010/11/05
Outline • Introduction • Polynomial-based scheme • Proposed Scheme • Performance Evaluation • Conclusion • Comment
Introduction (1/3) • Goal • Key agreement • Against attack • node capture attack • Saving resource • storage overhead • Extra service • node to node authentication
Introduction (2/3) :Base station :Low-end Sensor :High-end Sensor Wireless Sensor Network
Introduction (3/3) L. Eschenauer and V. Gligor. “A Key-Management Scheme for Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002. • The Aspect of Key Predistribution • Keys are distributed to all sensor nodes prior to deployment. • Random key predistribution • Polynomial-based scheme • Deterministic key predistribution • Combinatorial design Ex: Sensor A Key pool ={1,2,3,4} {2,4} drawing Sensor B {1,4}
[] 5 0 0 0 0 0 0 1 0 0 4 0 0 1 0 0 Polynomial-based scheme (1/2) C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, M. Yung. "Perfectly-secure Key Distribution for Dynamic Conferences." Lecture Notes in Computer Science,471–486 , 1993. • Theorem • Setup server randomly generates a symmetric bivariate t-degree polynomial Ex: f(x,y) = 4x2y2 + x3y1+ x1y3 + 5 It’s a symmetric bivariate 3-degree polynomial
Polynomial-based scheme (2/2) • Key Agreement step1: computes 1: Cluster Head ID 2: Lv-sensor ID f(1,y) = 4y2 + y1 + y3 + 5 f(2,y) = 16y2 + 8y1 + 2y3 + 5 step2: The Setup server loads the sensor node with coefficients step3: Each sensor node broadcasts its own ID step4: Receiver use ID to compute a shared secret key Kuv = f(u,v) = f(v,u) = Kvu K12 = f(1,2) = 31 = f(2,1) = K21 :Cluster head y0 y1 y2 y3 s4 s3 s4 :Lv-sensor y0 y1 y2 y3 L-sensor: Low-end sensor s: Step
Proposed Scheme (1/5) • LU Decomposition • K12=K21 L: Lower Triangular Matrix U: Upper Triangular Matrix K: Symmetric Matrix
Proposed Scheme (2/5) • LU Decomposition Assuming that u11=1, u22=2, u33=3 9 K: Symmetric Matrix
Proposed Scheme (3/5) • Polynomial pre-distribution phase Ex: Polynomial pool = {1,2,3,4, 5,6,7,8,9,10} drawing Sa Sb 1: Asymmetric bivariate polynomial S: Sensor
[] 5 0 0 0 0 0 0 1 0 0 4 0 0 1 0 0 Proposed Scheme (4/5) • Shared key establishment phase step1: Each sensor node broadcasts its L array step2: Sensors use L array to compute a shared secret Polynomial K21 = Lr2×Uc1 = 1 = Lr1×Uc2 = K12 1: f(x,y) = 4x2y2 + x3y1+ x1y3 + 5 s2 Lr2 Uc1 s1 s2 Lr1 Uc2 1: Shared secret polynomial S: Sensor
Proposed Scheme (5/5) • Shared key establishment phase Sa Sb Lr K21 = Lr2×Uc1 EK21[ Sb_ID ] Lr1×Uc2 = K12 DK12[EK12[ Sb_ID ]] = Sb_ID EK12[ CLR] MAC(K12, Sb_ID || CLR) EK21[ Sb_ID ] DK21 [EK21[ CLR]] = CLR Verify MAC(K12, Sb_ID || CLR) ?= MAC(K21, Sb_ID || CLR) EK12[ CLR] MAC(K12,SB || CLR) K: Shared secret polynomial CLR: Confirmation message S: Sensor
Performance Evaluation L. Eschenauer and V. Gligor. “A Key-Management Scheme for Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002. • Network Connectivity S. A. Camtepe and B. Yener, “Combinatorial design of key Distribution mechanisms for wireless sensor network,” in Proc. Comput. Secur.-ESORICSpp. 293–308 , 2004. S:The key pool size
Performance Evaluation • Resilience Against Node Capture K=400 k: the storage per node τ:the number of polynomials in each node t': the degree of the polynomial in the Blundo scheme N: the number of nodes in the network t: the degree of a polynomial in our scheme ω :the polynomial pool size
Performance Evaluation • Resilience Against Node Capture K=400 k: the storage per node τ:the number of polynomials in each node N: the number of nodes in the network t: the degree of a polynomial in our scheme ω :the polynomial pool size S:the key pool size q:a prime power
Performance Evaluation • Memory Overhead N: the number of nodes in the network t: the degree of a polynomial in our scheme h: nonzero-element parts 2z: number of zeros
Conclusion • High network connectivity • Strong resilience against node capture • Node to node mutual authentication • Optimize the memory overhead
[ ] 95 56 Comment K12=K21= LU= Polynomial pool = {1,2,3,4, 5,6,7,8,9,10} drawing Polynomial pool = {1,2,3,4, 5,6,7,8,9,10} drawing =LU