Independent key distribution protocols for broadcast authentication

Abstract

Broadcast authentication is an important problem in several network settings such as wireless sensor networks and ad-hoc networks. We focus on the problem of independent key distribution protocols, which use eicient symmetric key signatures in distributed systems to permit (local) broadcast authentication.We focus on ive types of communication graphs: (1) star, (2) acyclic, (3) planar, (4) complete bipartite, and (5) fully connected graphs. A star graph is the simplest network topology where a central node is transmitting authenticated broadcast messages to several satellite nodes. For star graphs, we show that as n, the number of satellite nodes in the star network, tends to 8, it suices to maintain logn + 1/2 2 log logn + 1 keys at the center node, but logn + 1/2 log logn keys do not suice. We establish that this is the optimal lower bound on the number of keys for a star graph. Building on this result, we describe storage eicient key distribution for acyclic, planar, and complete bipartite graphs, when compared to existing key distribution schemes. We extend our scheme for fully connected graphs and show that it is suicient to store O(c log2 N) keys per node where c < 1. We perform a detailed analysis of collusion resistance of our protocols and show the trade-ofs against internal and external attacks depending on the size of storage. Finally, we demonstrate the practical applicability of our protocols for wireless sensor networks.