A Two-Layer Key Establishment Scheme for Wireless Sensor Net-
works
Yun Zhou, Student Member, IEEE, Yuguang Fang, Senior Member, IEEE
IEEE TRANSACTIONS ON MOBILE COMPUTING
20083150 김진석
Introduction• Security and Key Management in WSNs
Overview of LAKE Key Management in LAKE Security Analysis and Performance Evalua-
tion Discussion and Conclusion
Contents
WSN• Thousands of Resource-Limited Nodes Without Infra-
structure• Unattended, Hostile Environment
• Battlefield, Homeland Security Monitoring
• Network Vulnerability to Malicious Attacks• Need of Security
Key Management• Base for Encryption, Authentication• How to Set Up Keys to Protect Connections between
Nodes• Link Layer Key and Transport Layer Key
Introduction
LLK• One-hop Connection Between Neighbor• Shared LLK for Secure Link Layer Connection• Vulnerability to Node Compromise Attack
• Secrets in Compromised Node is used to derive Secret Shared by Non-compromised Nodes
• Compromised Can be Failure Point of Infrastructure
• Large Memory Requirement • Certain Level of Security, Connectivity
Introduction
TLK• Multi-hop Connection Between Nodes• TLK for End-to-end Security• Memory Requirement Increases When Network is Large
• Each Node Must Preload N-1 Keys
• Relaxed Security Requirement• LLK between any pair of Neighboring Nodes Saving Memory• Based on LLK Infrastructure, Negotiate TLK over Multi-hop
Path• On-demand TLK Negotiation• Vulnerability to Node Compromise Attack• Multi-hop Path can be Large
Introduction
Previous Work• Global Key -> Centralized Key Distribution• Distributed, LLK • Using Intersection of Shared Secret of Each Node• Key Predistribution (Random, Probabilistic Key
Agreement)
• Deterministic LLK Scheme• Location Based LLK Scheme• t-Degree Polynomial for Key Establishment
Introduction
two-LAyer Key Establishment• For Establishment of LLK and TLK• Nodes are in 2-dimensional Space (Logical)• Trivariate Polynomial is Predistributed• Used to Establish Keys
• Neighbors are Pre-loaded with Correlated Secrets• Called Shares, Derived from Trivariate Polynomial
• Proper Degree t assures Resilience to the Node Compromised Attack
• 3 Phase : Share Predistribution, Direct Key Calcula-tion, Indirect Key Negotiation
Overview of LAKE
Share Predistribution
• Polynomial Coefficients are in Finite Prime Field• Symmetric
• 2 Credential for each Nodes -> Univariate Polynomial• Node u (u1, u2), v (v1, v2)• One Common Credential -> Key Calculation
Overview of LAKE
Using Deployment Information• N1 non-overlapping Cells, N2 Nodes for each Cells• 2 Dimensional Space• Coordinate (n1, n2) is used for Credentials• c1 [N2+1,N1+N2] [1,N2]
• Assumption• Gaussian Node Distribution in Cells• When Direct Key Calculation is unable, Indirect Key Negoti-
ation can be done by Using underlying Routing protocol• Correctly Routes Key Negotiation Messages over Multi-hop Path
Overview of LAKE
Share is Pre-Distributed
Direct Key Calculation
LAKE
Indirect Key Negotiation• Using Level 2 Neighbor and Level 1 Neighbor• Intermediate Agent Node• Case : (v1, v2) (u1, u2)• Agent : (v1, u2), (u1, v2)
LAKE
LLK• Neighbors in Radio Radius• Direct Key Calculation Between Neighbors• Indirect Key Negotiation Between Nodes with Deployment
Error TLK• Dynamic Establishment of TLK (On Demand)• Similar to LLK Establishment• Direct Key Calculation for Level 2 Neighbors• Using Underlying Routing Protocol for Deployment Error• Secure Link
• Two Nodes Already have Shared Key• No more than 1 Agent Node Needed.
LAKE
Metrics• Resilience to the Node Compromise Attack• Node Compromise Attack is Unavoidable• Reducing Additional Key Exposure Probability
• Local Secure Connectivity• Probability that two Neighboring Nodes Establish
a Direct Key (Portion of Neighbors have Direct Keys)• Energy Consumption of Multihop Routing, Indi-
rect Key Negotiation
Security Analysis and Performance Evaluation
Metrics• Memory Cost• How many memory units per node are needed• Polynomial Share Memory Requirement
• Computational Overhead• Overhead in Calculation of Direct Keys• LAKE : Efficient Symmetric Key Technique
Security Analysis and Performance Evaluation
Memory Cost
Security Analysis and Performance Evaluation
Additional Key Exposure Probability
Security Analysis and Performance Evaluation
Local Connectivity
Security Analysis and Performance Evaluation
Computational Overhead
Security Analysis and Performance Evaluation
LAKE : t-Degree Polynomial Based Scheme Sensor Nodes in 2-dimensional Space Efficiently Establishes LLK and TLK More Secure, Lesser Memory Use• Security to Node Compromise Attack• Compared with Conventional Schemes
Energy Efficient• Due to the Location-based Deployment• Neighbors can Calculate Key Directly, not Multi-
hop
Conclusion
Higher Dimensional Space• Higher Dimensional Multivariate Polynomial• Node Identification : k indices• t-Degree (k+1)-variate Polynomial• Same Approach for PIKE, HyperCube• Memory Cost is higher than LAKE• Given same amount of Memory Resource, LAKE
achieves a Higher Security Level
Discussion