html5-img
1 / 11

Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin CMSC 681 Fall 2007 Advanced Computer Networks

Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks. Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin CMSC 681 Fall 2007 Advanced Computer Networks Isaac Mativo. Sensor Node. Typical sensor node contains Power unit Sensing unit

zanna
Download Presentation

Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin CMSC 681 Fall 2007 Advanced Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks Minghui Shi, Xuemin Shen, Yixin Jiang, Chuang Lin CMSC 681 Fall 2007 Advanced Computer Networks Isaac Mativo

  2. Sensor Node • Typical sensor node contains • Power unit • Sensing unit • Processing unit • Storage unit • Wireless transceiver • Wireless Sensor Node may be able to monitor several parameters by combining several kinds of sensor nodes

  3. Wireless Sensor network • Architecture of a wireless sensor network Data processing and management center Sensor field Internet/ satellite Base Station

  4. Motivation • Important to prevent unauthorized nodes to access some information • Traffic encryption key (TEK) is used to encrypt data at source and decrypt at destination • TEK refreshed continuously by the group key manager (GKM) • This process may degrade performance and scalability • Authors propose two schemes which ensures secrecy, certain collusion freedom, and group confidentiality. • Algorithm based on the dual direction hush chain (DDHC) and hash binary tree (HBT)

  5. Key management in WSN Resilience against node capture Resilience against node replication Node revocation or participation Scalability – as network grows Group-wise key distribution schemes Group confidentiality Forward secrecy Backward secrecy Collusion freedom Important Issues

  6. DDHC • DDHC is composed of two one-way hash chains • Forward hash chain • Backward hash chain

  7. Limited Time Node Revocation • y = Hash(x): Should be easy to compute y given x, but computationally infeasible to compute x such that y = Hash(x)

  8. Hash Binary Tree

  9. DDHC Group key manager (GKM) selects a secret seed to generate the one-way hash chain The rekeying message is broadcast within the sensor network from time to time Each legitimate node within the group is able to compute the traffic encryption key (TEK) to encrypt and decrypt the multicast messages Time-limited node revocation scheme: TEK = f(Nf, Nb, RK) Each node has a small storage buffer that enables it to perform self-healing recovery of a rekeying message. Lost RK can be recovered using the one-way hash function and the last received RK HBT Also based on hash functions To improve security, the HBT is adopted to generate all pre-assigned seeds. GKM assigns the seeds, which include the sub-root nodes that are then used to compute the leaf nodes Each TEK is linked to a leaf node, and all leaf nodes are derived using a hash algorithm on these seeds. Time-limited node revocation mechanism: TEK = f(S(D, t), RK) Lost RK can be recovered using the one-way hash function and the last received RK How the Schemes Work

  10. Conclusion • Scheme provides: • Low storage overhead • Low Communication overhead (broadcast and unicast) • Low to medium implementation complexity • Implicit authentication • Tolerance for lost rekeying messages • Forward and backward secrecy

  11. Questions? • The End

More Related