110 likes | 123 Views
This paper introduces time-limited node revocation for enhanced security in wireless sensor networks using innovative key distribution schemes. Dual direction hush chain and hash binary tree algorithms improve resilience against node capture and replication. The approach ensures group confidentiality, collusion freedom, and forward/backward secrecy. The time-limited node revocation mechanism enables self-healing recovery of lost keys, enhancing network security and scalability.
E N D
Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin CMSC 681 Fall 2007 Advanced Computer Networks Isaac Mativo
Sensor Node • Typical sensor node contains • Power unit • Sensing unit • Processing unit • Storage unit • Wireless transceiver • Wireless Sensor Node may be able to monitor several parameters by combining several kinds of sensor nodes
Wireless Sensor network • Architecture of a wireless sensor network Data processing and management center Sensor field Internet/ satellite Base Station
Motivation • Important to prevent unauthorized nodes to access some information • Traffic encryption key (TEK) is used to encrypt data at source and decrypt at destination • TEK refreshed continuously by the group key manager (GKM) • This process may degrade performance and scalability • Authors propose two schemes which ensures secrecy, certain collusion freedom, and group confidentiality. • Algorithm based on the dual direction hush chain (DDHC) and hash binary tree (HBT)
Key management in WSN Resilience against node capture Resilience against node replication Node revocation or participation Scalability – as network grows Group-wise key distribution schemes Group confidentiality Forward secrecy Backward secrecy Collusion freedom Important Issues
DDHC • DDHC is composed of two one-way hash chains • Forward hash chain • Backward hash chain
Limited Time Node Revocation • y = Hash(x): Should be easy to compute y given x, but computationally infeasible to compute x such that y = Hash(x)
DDHC Group key manager (GKM) selects a secret seed to generate the one-way hash chain The rekeying message is broadcast within the sensor network from time to time Each legitimate node within the group is able to compute the traffic encryption key (TEK) to encrypt and decrypt the multicast messages Time-limited node revocation scheme: TEK = f(Nf, Nb, RK) Each node has a small storage buffer that enables it to perform self-healing recovery of a rekeying message. Lost RK can be recovered using the one-way hash function and the last received RK HBT Also based on hash functions To improve security, the HBT is adopted to generate all pre-assigned seeds. GKM assigns the seeds, which include the sub-root nodes that are then used to compute the leaf nodes Each TEK is linked to a leaf node, and all leaf nodes are derived using a hash algorithm on these seeds. Time-limited node revocation mechanism: TEK = f(S(D, t), RK) Lost RK can be recovered using the one-way hash function and the last received RK How the Schemes Work
Conclusion • Scheme provides: • Low storage overhead • Low Communication overhead (broadcast and unicast) • Low to medium implementation complexity • Implicit authentication • Tolerance for lost rekeying messages • Forward and backward secrecy
Questions? • The End