220 likes | 310 Views
Smartening the Environment using Wireless Sensor Networks in a Developing Country. On the Key Revocation Schemes in Wireless Sensor Networks. Dieynaba Mall 1 , Karim Konaté 1 , and Al- Sakib Khan Pathan 2 1 Université Cheikh Anta Diop de Dakar (UCAD), Dakar, Senegal
E N D
Smartening the Environment using Wireless Sensor Networks in a Developing Country On the Key Revocation Schemes in Wireless Sensor Networks Dieynaba Mall1, Karim Konaté1, and Al-Sakib Khan Pathan2 1Université Cheikh Anta Diop de Dakar (UCAD), Dakar, Senegal 2International Islamic University Malaysia (IIUM), Kuala Lumpur, Malaysia Presented By Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia
Outline of This Presentation • Background and Objective • Key Revocation Schemes • Comparative Analysis • Outcome • Future Directions of Research
Background • Among all security issues, key management is the most attractive mechanism to ensure security of applications and network services in wireless sensor networks. • Key management includes two important aspects: • Key distribution, which constitutes the task of distributing secret keys to nodes in the network. • Key revocation, which refers to the task of securely withdrawing the key information related to any compromised network node. • Exhaustion of node may not translate to key revocation.
Background: Other Revocations? “Revocation” in Wireless Sensor Network could be: • Link or path revocation. • Group membership revocation. • Group ID revocation. • Role revocation. • Node revocation. • or other. Our focus is on: • Key revocation. WHY?
Why Emphasis on Key Revocation? • Generally a WSN is designed for deployment in open, often an unmonitored environment, thus exposing nodes to physical attacks. • Any key management solution in WSNs must then be provided with the ability to revoke the cryptographic keys of captured nodes. • Otherwise, the entire network’s operation could be compromised by adversaries. • This issue has not been addressed much, dedicated works are too few, and/or often it comes as a small part of some works without getting proper attention.
Key Revocation Schemes • Mainly two types: • Centralized • Distributed • Centralized Revocation Schemes: A single designated authority is responsible for conducting revocation decisions. • Distributed or Decentralized Revocation Schemes: No centralized authority. The revocation decisions are made instead by the neighbors of a compromised node.
Centralized Revocation Schemes EG Scheme [1]: (First Centralized Scheme) • A mobile controller node with large communication range (for example the BS) performs the revocation process. • Before conducting revocation, this controller generates a signature key , encrypts it using a pairwise key ( which is preloaded in each node) and unicasts it to each uncompromised sensor node. • In this way, to revoke a compromised node, it will broadcast a message signed by containing all the key identifiers possessed by a compromised node. After receiving and verifying this message, the corresponding key is removed from the nodes’ key rings.
EG Scheme … BS Compromised node
Centralized Revocation Schemes … KeyRev Scheme [2]: (Key Updating Strategy) • KeyRev uses key updating techniques to obsolesce the keys owned by the compromised nodes and removes them from the network. • Their scheme does not depend on a specific key distribution scheme but to describe their proposal, the authors assume that the basic random key distribution scheme [1] is used.
Centralized Revocation Schemes … DLS Scheme [3]: (Managing Session and Interval) • To reinforce the security of the KeyRev scheme [2], [3] uses the idea of dynamic sessions to reduce the lifetime of compromised nodes in the network. • Manages the interval time of session keys with two aspects: the revocation time and the active time. • After generation and distribution of a session key in the revocation time, the authors turn into managing the active time which is longer than the revocation time. They partition it into session level to get possibility to adjust it dynamically and thwart any next attack.
Distributed Revocation Schemes CPS Scheme [4]: (Voting Mechanism) • Assumption: Keys are random-pairwisely distributed in the network. Therefore, each node shares a unique pairwise key with m other distinct participants randomly selected in order to facilitate node-to-node authentication. • Each of these m participants is assigned a random voting key. • To perform a vote against a target node, a participant has to propagate its message across the network to all voting members. At least t participants’ verified votes mark the target node as “revoked”.
Distributed Revocation Schemes … CGPM Scheme [5]: (Improved Voting Mechanism) • Improvement on CPS Scheme [4]. • In addition to voting, new ideas such as revocation sessions, performing voting and revocation decision only by processing hop-limited local broadcast and propagating a single short message to the entire network to finalize the revocation outcome. • Furthermore, they introduce the first distributed revocation protocol that provides rigorous proofs of desired properties namely: completeness, soundness, bounded time revocation completion, unitary revocation and revocation attack resistance.
Distributed Revocation Schemes … CYLL Scheme [6]: (Improved CGPM Scheme) • To further improve the CGPM scheme [5] in terms of • lower storage space requirement, • reduced communication overhead and • lower computational cost, [6] presents a new distributed revocation scheme based on Blom’st-secure property. • Each node in every voting session is required to store t elements of one row in a vote matrix and t elements of one column in the public matrix.
Distributed Revocation Schemes … CCL Scheme [7]: (OWHC, Certificate, PKC based) • Based on the features of the one-way hash chain, the certificate revocation list and the public-key cryptography. • When a node detects that another network has been compromised, it first broadcasts to all its neighbors a compromised revocation vote (CRV) • When the number of received revocation votes against the target node exceeds the threshold defined, the neighbor node revokes the key shared with the compromised node in its key ring and cuts off its link with the target node.
Security Analysis Centralized Schemes • Single point of failure, BS is the only controller • Impersonation of BS • DoS attack against broadcast based mechanisms • Update based mechanisms need to find optimal interval
Security Analysis (Contd.) Distributed Schemes • Adversaries as active participants • Selective revocation of non-compromised node • Collusion attack • Replay attack due to lack of the concept of session maintenance • Requires node to node authentication – often complex • Sybil attack – multiple identities of the same attacker
More about Distributed Schemes • Five distinctive properties should be ensured for proper operation and efficiency: • Completeness • Soundness • Bounded time revocation completion • Unitary revocation • Revocation attack resistance
Table III - Comparison and Evaluation of Distributed Schemes
References [1] L. Eschenauer and V. D. Gligor, “A Key-Management Scheme for Distributed Sensor Networks,” in: Proceedings of ACM Conference On Computer and Communication Security, pp. 41-47, 2002. [2] Y. Wang, B. Ramamurthy, and X. Zou, “KeyRev: An Efficient Key Revocation Scheme for Wireless Sensor Networks,” in: Proceedings of International Conference on In Communications, pp. 1260-1265, 2007. [3] C.H. Park, Y.Y. Zhang, I.T. Kim, and M.S. Park, “DLS: Dynamic Level Session Key Revocation Protocol for Wireless Sensor Networks,” in Information Science and Applications (ICISA), 2010 International Conference on, pages 1-8, 2010. [4] H. Chan, A. Perrig and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” in: Proceedings of IEEE Symposium on Security and Privacy, pp. 197-213, 2003. [5] H. Chan, V.D. Gligor, A. Perrig and G. Muralidharan, “On the Distribution and Revocation of Cryptographic Keys in Sensor Networks,” IEEE Transactions on Dependable and Secure Computing 2(3) 233-247, 2005. [6] C.-H. Chao, C.-F. Yang, P.-T. Lin, and J.-S. Li, “Novel Distributed Key Revocation Scheme for Wireless Sensor Networks,” J. Journal of Security and Networks, DOI: 10.1002/sec.707, January 2013. [7] P.J. Chuang, S.H. Chang, C.S. Lin, “A Node Revocation Scheme Using Public-Key Cryptography in Wireless Sensor Networks,” J. Inf. Sci. Eng. 26 (5): 1859-1873, 2010
Questions and Answers Any query should be directed to spathan@ieee.org, sakib@iium.edu.my ??? AL-SAKIB KHAN PATHAN http://staff.iium.edu.my/sakib/