Key Management in Sensor Networks

Abstract

Secure communications in wireless ad hoc networks require setting upend-to-end secret keys for communicating node pairs. It is widelybelieved that although being more complex, a probabilistic keypredistribution scheme is much more resilient against node capture thana deterministic one in lightweight wireless ad hoc networks. Supportedby the surprisingly large successful attack probabilities (SAPs)computed in this chapter, we show that the probabilistic approaches haveonly limited performance advantages over deterministic ones. We firstconsider a static network scenario as originally considered in theseminal paper by Eschenauer and Gligor {[}9], where any node capturehappens after the establishment of all pair-wise links. In thisscenario, we show that the deterministic approach can achieve aperformance as good as the probabilistic one. In a mobile networkscenario, however, the probabilistic key management as described in{[}9] can lead to a SAP of one order of magnitude larger than the one ina static network due to node fabrication attacks.The above analysis motivates us to propose two low-costsecure-architecture-based techniques to improve the security againstsuch attacks. Our new architectures, specifically targeted at thesensor-node platform, protect long-term keys using a root of trustembedded in the hardware System-on-a-Chip (SoC). This prevents anadversary from extracting these protected long-term keys from a capturednode to fabricate new nodes. The extensive simulation results show thatthe proposed architecture can significantly decrease the SAP andincrease the security level of key management for mobile ad hocnetworks.Finally, we develop an analytical framework for the on-demand keyestablishment approach. We propose a novel security metric, the REMresilience vector, to quantify the resilience of any key establishmentschemes against Revealing, Erasure, and Modification (REM) attacks. Ouranalysis shows that previous key establishment schemes are vulnerableunder REM attacks. Relying on the new security metric, we prove auniversal bound on achievable REM resilience vectors for any on-demandkey establishment scheme. This bound that characterizes the optimalsecurity performance analytically is shown to be tight, as we propose aREM-resilient key establishment scheme which achieves any vector withinthis bound. In addition, we develop a class of low-complexity keyestablishment schemes which achieve nearly optimal REM attackresilience.