190 likes | 331 Views
Adaptive key pre-distribution model for distributed sensor networks. Author: C.-S. Laih, M.-K. Sun, C.-C. Chang and Y.-S. Han Source: IET Communications, vol. 3, no. 5, pp.723-732, 2009. (Impact Factor = 0.751) Presenter: Yung-Chih Lu Date: 2010/08/20. Outline. Introduction
E N D
Adaptive key pre-distribution model for distributed sensor networks Author: C.-S. Laih, M.-K. Sun, C.-C. Chang and Y.-S. Han Source: IET Communications, vol. 3, no. 5, pp.723-732, 2009. (Impact Factor = 0.751) Presenter: Yung-Chih Lu Date: 2010/08/20
Outline • Introduction • Proposed Scheme • Performance Evaluation • Security Analysis • Conclusion
Introduction(1/3) location finding system mobilizer Base station sensing unit processing unit transceiver Unit microprocessor digital/ analog converter sensor storage device powerunit Power generation Distributed Sensor Network Sensor Architecture
Introduction(2/3) • key agreement protocol • Key pre-distribution: Keys are distributed to all sensor nodes prior to deployment.
Introduction(3/3) • Constraints • Limited energy consumption • Low transmission range • Limited Memory overhead • Requirements • High network connectivity • Robust resilience against node capture • Low communication overhead
Key ring (k keys) Eschenauer-Gligor Scheme(1/3) L. Eschenauer and V. Gligor. “A Key-Management Scheme for Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002. • Key pre-distribution phase Key pool Keys Key identifier :L-Sensor H-sensor Key identifier = key mod 232 Kci = EKx(ci) Kx = K1⊕,…, ⊕Kk ci = H-Sensor ID H-Sensor : L-Sensors ID、 L-Sensors key identifiers and Kci L-Sensor : k keys、 key identifiers and Kci L-Sensor : Low-end sensor H-Sensor : High-end sensor
Eki(α) Eki(α) Eschenauer-Gligor Scheme(2/3) • Shared-key discovery Step1: Each L-sensor Broadcasts a list of key identities. Step2: L-sensor runs a challenge-response protocol if L-sensor find the common key. :L-Sensor Key ring (k keys) H-sensor α = Dki[Eki(α)]
α = Dkp[Ekp(α)] Ekp(α) Eschenauer-Gligor Scheme(3/3) • Path-key establishment :L-Sensor Key ring (k keys) H-sensor Ekc(kp) Ekc(kp)
Proposed Scheme(1/5) • Shamir’s threshold scheme PT:prime number PT ≧ a0 t : degree of polynomial a0 : group key Example: t=3 ; a0=1234 ; n = 6 g(x) = 94x2+166x+1234 (1,1494);(2,1942);(3,2578); (4,3402);(5,4414);(6,5614) g(x) = 94x2+166x+1234 g(0) = 1234
Proposed Scheme(2/5) Sub-key pool |S| :the number of keys in key pool v :the number of sub-key pools GK: group key |d| = |S| / v sk = sub-key ID = sub-key identifier skij = gi(IDij) i=1,2,…,v j=1,2,…,|d| S1 g1(x) GK1 g2(x) GK2 gv(x) GKv S2 Key pool …………………. Sv
Proposed Scheme(3/5) • Key pre-distribution phase Sub-key pool S1 sensor S2 Key ring (τ keys and key ID) ……………… Sv
Eski(α) Eski(α) Proposed Scheme(4/5) • Shared-key discovery phase Step1: Each L-sensor Broadcasts a list of key ID. Step2: L-sensor runs a challenge-response protocol if L-sensor find the communication key. q’: the number of common keys :L-Sensor H-sensor α = Dski[Eski(α)]
Proposed Scheme(5/5) • Shared-key discovery phase Step1︰ Each L-sensor computes their respective bonus key rings Step2: Each L-sensor Broadcasts a list of group key ID. Step3: L-sensor runs a challenge-response protocol if L-sensor find the communication key. q’: the number of common keys Key ring (τ keys and key ID) bonus key ring (w group keys And group key ID)
Performance Evaluation(1/4) • Connectivity a. number of groups v = 30, size of the key pool |S| = 10000, size of key rings τ = 75 b. value of threshold t = 2, size of the key pool |S| = 1000, size of key rings τ = 40
Performance Evaluation(2/4) Network connectivity Local connectivity
Performance Evaluation(3/4) • Connectivity
Performance Evaluation(4/4) • Communication overhead a. EG scheme b. Proposed scheme
Security Analysis • Resilience against node capture a. τ =40 and p =0.33 b. τ =40 and p =0.5 p: local connectivity
Conclusion • Dependent keys • High connectivity • It is able to adjust its system parameters