Research On Application Oriented Broadcast Authentication Protocols In Wireless Sensor Networks

With WSN (Wireless Sensor Networks), people can get numerous environment data they care about cheaply anytime and anywhere. However, the luxuriant applications in WSN make the design of security protocols a challenge. WSN is data centric; and packet broadcast is the basic communication way between sensor nodes. So broadcast authenti-cation is a critical security service in WSN. On the other hand, broadcast authentication in WSN is a challenge due to the limited resources in sensor nodes, the distributed network structure, and the complicated network environment. The existing broadcast authentica-tion protocols in WSN try to propose protocols with low overhead and mechanisms for transmitting initial authentication parameters, lack of considering the impact of WSN ap-plication features such as packet transmission models, the authentication delay request, and so on. This leads to the inefficiency of current broadcast authentication protocols when applied some specific applications. This paper investigates mechanisms of using application features for optimizing broadcast authentication protocols in WSN.This paper first elaborates the main challenges broadcast authentication protocol de-sign in WSN, and then summarizes the ideal properties of broadcast authentication proto-cols in WSN. We analyze the performance of proposed broadcast authentication protocols based on digital signature and symmetric cryptography. It highlights some mechanisms in these protocols when designing broadcast authentication protocols in wireless sensor net-works. This paper brings forward the notion of integrality problems of broadcast authen-tication protocols, meaning relative key management problems of these protocols such as distribution of bootstrap parameters and update of keys. We also conclude the limitation of existing methods. The main contribution of the thesis is detailed as follows:This paper analyzes various packet transmission models in WSN applications. We point out the problems of existing broadcast authentication protocols when applied to ap-plications in which broadcast messages are sent infrequently, such as the low usage of key resources and long authentication delay. This paper presents a new protocol named GBA (Generalized Broadcast Authentication), for efficient broadcast authentication in these ap-plications. Compared with existing broadcast authentication protocols, the mechanisms of key assignment and disclosure in GBA are better at adapting to the packet transmission models in applications. The proposed technique can take full advantage of keys resources; shorten the authentication delay; reduce the computation overhead and storage overhead at cost of small additional communication overhead.Some efficient broadcast authentication protocols have been proposed for wireless sensor networks. However, these protocols face authentication delay problem, which is not suitable for applications that needs quick response and for hop-by-hop authentica-tion mechanisms. This paper concludes the protocols proposed for immediate authenti-cation and points out that they actually turn the authentication delay from receivers to senders. This paper proposes a new fast broadcast authentication protocol named FBAP (Fast Broadcast Authentication Protocol). FBAP is based on the loose demand on au-thentication delay. Through carefully configuration on packet sending mechanism, the authentication delay of FBAP is limited to a threshold. It is concluded from analysis and performance evaluation that FBAP works well in more communication scenarios and has smaller communication overhead than RPT and other protocols proposed before.The security threats are various in WSN due to its diverse applications and compli-cated network environment. This application feature highlights security self-adaptive pro-tocols in WSN. The overhead in these protocols are smaller while maintaining high secu-rity level. This paper proposes a protocol design framework in WSN called SABA (Self-Adaptive hybrid Broadcast Authentication) for efficient construction of self-adaptive broad-cast authentication protocols. SABA includes two parts. The off-line part selects a group of protocols for sensor nodes. The on-line part generates protocol transition rules with risk changes. This paper makes use of the protocol utility, derived from the analysis of system risk and the evaluation of protocol security strength and performance, for the best protocol selection algorithm in various system risks.The WSN experimental environments in the current researches include two types: the physical environments based on actual sensor nodes, and the simulation environments based on various simulators. These two types of experimental environments have limi-tations separately. In the physical experimental environments, the network size is often small, and the result is affected by many uncontrolled factors in the networks. Thus the experiments in physical environments are often unrepeatable. While in the simulation environments, the complicated factors in real world are abstracted and modeled. Thus the results got from simulations are often deviated from the truth. This paper proposes and constructs a mote emulation environment called MoteEmu. MoteEmu utilized the strong points of the above two types of experimental environments. It uses a gateway program to transmit packets from one environment to another. And thus it is highly repeatable and believable, and provides support for heterogeneous networks.