| Wireless Sensor Network(WSN), a key component for the next generation network, has attracted intensive public attention as an empowering technology in a wide variety of military and commercial applications including national defense, public security and environmental technology. As WSN-related technology continues to mature, it has become one of the most active frontier fields related to interdisciplinary studies and advanced technology, with significant potential and important scientific value.WSN has some distinguished characteristics compared to traditional wired network. The energy source of the sensors inside the WSN is very limited, and their capabilities in recognizing, computing and communication are all restricted. Furthermore, wireless sensor nodes are easy targets for external attack due to the facts that they are usually spread into geometric spots out of direct control, they use broadcast for wireless communication and they are self-organizing networks, etc. Security risks of WSN differ from those of traditional network; therefore, research on WSN security is more complex and poses a higher sense of urgency. Key-management, a cornerstone of security study of WSN, is a challenging core research topic.Currently all the mainstream studies use random key pre-distribution mechanism. Various proposals and protocols have common problems, such as isolation of sensor nodes, waste in key pre-distribution, problem of pre-shared keys leak, ignorance or inability in re-keying. In particular, most studies only consider pair-wise keys between neighboring nodes which are only setting up one-to-one communication but do not support group or global broadcasting.To solve these problems, this paper provides an original framework for key-management of WSN, which consists of three schemes of pair-wise, group and global key-management for the corresponding communication models and focuses on key pre-distribution before sensor nodes distribution, key creation after sensor nodes distribution and key renewing during the maintenance period.This work designs UEGS, a new approach for key management and re-keying in WSN based on random key pre-distribution. With UEGS we developed a new way to construct key pool using one-way cryptographic hashing function for key list, which can prevent node capture attack from faking sensor nodes during hand-shaking between new and old sensor nodes. It can also promptly remove untrusted nodes in re-keying scheme based on simultaneity of security events and time-span, and prevent DoS attack from fake old nodes using the design of different key sets in the pool for different time-span, thus forward and backward security of pre-distributed keys guaranteed.Different from the classical approach where creation of indirect key between nodes depends solely on the existence of a secure path among neighboring nodes, UEGS creates indirect keys with multiple-hop assistance, thus enhancing the probability of creating indirect keys and permitting neighboring nodes without shared keys to build indirect keys. Both the theoretical analysis and empirical simulation results show that UEGS has significantly higher probability in creating secure paths among nodes than other approaches, for the same amount of pre-distributed keys. Our work also suggests that UEGS has comparative advantage in re-keying, security and scalability.Communication via self-organization is a practical and most common model for WSN. Its security, efficiency and cost and corresponding key management are one of the key research topics on WSN security. In this study, we have developed G2KMS, an original scheme for key management and re-keying to WSN based on the self-organized structure, grid-loop. Grid-loop is the basic topological unit of the network when the nodes in WSN organize themselves into loops; it is the smallest unit for the network communication, the unit that fits best the geographic position of sensor nodes. Based on grid-loop, we proposed new algorithms for key management, i.e., forming grid-loops via Minimum Spanning Tree and forming group key, which provides an original scheme to the WSN for creating loop keys and their maintenance and renewing.Grid-loop structure of WSN is not only secure and efficient in construction, but also simple and robust. Our analysis shows that G2KMS based on self-organized grid-loops have comparative advantage over traditional scheme based on clusters, in load-balance, energy saving, efficiency and security.In the final part, this study presents a scheme GKH for global key management and renewing based on one-way cryptographic key hashing series, which is capable of fulfilling one-to-many broadcast between the sink and other nodes in WSN. A scheme of global key in-advance announcement is presented, which differs from classical global keys management protocol; then a scheme of global key in-advance announcement based on one-way cryptographic hashing is proposed to prevent security attacks from the captured keys in compromised nodes. It guarantees that,even when the algorithm and global keys are leaked, information in the very next global key to be announced is still out of induction, which assures the backward security of global keys.This paper also appends an authentication approach to GKH for global keys based on MSP. This method forces multiple hashing calculation and numerical considerations to falsify the first intercepted data package in each round broadcasting, thus wins time in broadcasting trusted message packages to cover the whole network. Authentication and validations are added via the additional checking process for relay nodes to effectively avoid possible attacks with fake data package, to help implement security checking and protection of the broadcasted messages, to guarantee secure, reliable and timely broadcasting of messages among every trusted node in the whole network.
|
PDF Full Text Request