Research On Broadcasting Authentication And Defending DoS Attacks In Wireless Sensor Networks

Recent advances in electronics and wireless communication technologies have enabled thedevelopment of the large-scale wireless sensor networks that consist of lots of low-power, low-cost,and small-size sensor nodes. Wireless sensor networks use small nodes with constrained capabilitiesto sense, collect, and disseminate information in many types of applications. As the wide-spread ofthe sensor networks and the introduction of the wireless communication technology, its securityproblems become a central concern, especially in the military target tracking and the securitymonitoring. Broadcast authentication is an essential part of the security system in wireless sensornetworks. Because of a large number of the sensor nodes in the networks and the broadcast natureof the wireless communication, it is usually desirable for the base stations to broadcast commandsand data to the sensor nodes. Due to the limited computation capabilities, storage and energy inwireless sensors, the authentication techniques used in the traditional networkscan not be applied directly in wireless sensor networks. In this dissertation, the broadcastauthentication based on public key systems and the Denial of Service (DoS) attacks against thebroadcast authentication are mainly discussed. The main results are summarized as follows:(1) An identity-based short signature broadcast authentication protocol (ISSBAP) is proposed.The size of the signature generated by this scheme is approximately 160 bit long, which is theshortest signature so far. And the computation cost is much less than those of other public keysignatures. It also provides the feature that it can authenticate the broadcast messages from themulti-base-stations. Based on the MICA2DOT platform, the energy consumptions on thecommunication and the computation are analyzed. The other performances of ISSBAP are alsoanalyzed. Therefore, our ISSBAP can effectively reduce the resource cost and satisfy some cardinalproperties of the broadcast authentication.(2) We notice that the short-term public key scheme for the broadcast authentication namedShortPK has the disadvantages of complicated public key distribution process and high energy cost.Hence, considering these disadvantages, we propose an improved broadcast authentication schemenamed Improved-ShortPK. Our scheme uses Bloom Filter for the public key distribution andauthentication. The performance analysis of our scheme shows that it consumes less energy thanShortPK scheme and simplifies the process of the public key distribution.(3) When digital signatures are applied in the broadcast authentication, the related networks arevulnerable to the DoS attacks. In this dissertation, based on both a weak authentication and areputation grade, a new scheme named WARGS (Weak Authentication and Reputation Grade-based Scheme) is proposed to defend against such DoS attacks. For the cluster-based wireless sensornetworks, our new scheme uses Chinese Remainder Theorem (CRT) and one-way function toexecute the weak authentication. In the meantime, we apply a reputation management to grade thenodes. Our stimulation experiments show that, compared with the schemes of P. Ning and R. Wang,our scheme expresses better advantages on the security，the effectiveness and the ability ofdefending the DoS attacks against the broadcast authentication.