NUST Institutions Library Catalogue

Wireless sensor networks(WSNs) consist of a large number of low power nodes, with limited
processing, communication, and storage resources. Large scale wireless sensor networks (WSNs)
are highly vulnerable to attacks because they consist of numerous resource constrained devices
communicating via wireless links.The standard security requirements in WSNs include confidentiality,
authentication and availability. These security requirements can be provided by encryption
and authentication services which in turn demands a comprehensive key management scheme.
The goal of key management is to pre-distribute cryptographic keys or keying materials among
the nodes prior to the deployment, revoke keys if nodes leave the network, assign new keys to the
nodes joining the network and periodically refreshing the keys. However, providing key management
in WSNs is difficult due to the unknown network topology prior to deployment, intermittent
connectivity and resource limitations of the sensor network environment.
Key management schemes consider hierarchical HSN consisting of a small number of high-end
sensors (H-node) and a large number of low-end sensors (L-node). A key generation process is
incorporated, where instead of generating a large pool of random keys, a key pool is represented
by a small number of generation keys, in order to address storage overhead problem in the constraint
sensor nodes. For a given generation key and a publicly known seed value, a keyed-hash
function generates a key chain; these key chains collectively make a key pool. In the scheme
proposed, after discovering the shared pairwise keys with neighbors, all H-node and L-node destroy
their initial key rings and generate new key rings by applying one-way hash function on
node’s ID and initial key ring. As a consequence, new nodes can still be added in the network
beyond the initial deployment even after the deletion of initial key rings from nodes memory. In
addition, a self-healing group key distribution scheme is developed for secure multicast communications
in HSN environment. This scheme presents a strategy for securely distributing rekeying
messages and specifies techniques for joining and leaving a group. Access control in multicast
system is usually achieved by encrypting the content using an encryption key, known as the group
key (session key) that is only known by the group controller and all legitimate group members. In
proposed scheme, all rekeying messages, except for unicast of an individual key, are transmitted
without any encryption using one-way hash function and XOR operation. Further, nodes are capable
of recovering lost session keys on their own, without requesting additional transmission from
the group controller. Also the time-limited node revocation is achieved without any intervention
from the GC.
This research reports the implementation and the performance of the proposed schemes on Crossbow’s
MicaZ motes running TinyOS and evaluates the computation and storage costs of two
keyed-hash algorithms for key chain generation, HMAC-SHA1 and HMAC-MD5. The results
show that proposed scheme can significantly reduce the storage requirements as compared to
other random key pre-distribution schemes. The performance analysis of the collusion resistant
mechanism shows that even if a large number of nodes are compromised, an adversary can only
exploit a small number of keys nearby the compromised nodes, while other keys in the network
remain safe. Also, the resiliency against node capture is better than previous key pre-distribution
schemes. The security analysis of secure group key distribution scheme shows that the proposed
scheme is computationally secure and meets the security requirements for forward and backward
secrecy.