Ⅰ. Introduction
Wireless sensor networks are dense wireless networks of sensor nodes collecting and disseminating data in a distributed manner. Sensor nodes are usually small resourceconstrained devices so may sense around themselves, communicate over wireless channels within short ranges, and fall into the sleep mode for saving their power. Since they are deployed in unattended fashions even in hostile environments, security functions including secure key establishment are very significant, many studies have been devoted to this challenging area since the first elegant proposal of key predistribution by Eschenauer and Gligor[l-10J. Among them, we are interested in the key predistribution schemes 〔1, 3, 5〕, which are composed of three phases such as key (installation), shared key discovery (for neighboring nodes having shared keys), and path- establishment (for neighboring nodes not having shared keys). With those schemes, we observe that path-key establishment phase has been somewhat neglected in practical senses.
In this paper, after reviewing the random key predistribution briefly, we remark that the computation and overhead for path-key establishment grows exponentially as the number of hops increases establishing the path, in order to attain a certain connectivity. For higher connectivities, the path-key could become impractical. Thus, we propose a novel path-key offering method for improving path-key establishment with regard to connectivity and efficience, and provide rigorous analyses.
Ⅱ. Random Key Predistribution and Its problem
2.1 Three biases of Random Key Predistribution Schemes
Eschenauer and Gligor first introduced the random (probabilistic) key predistributiion scheme, RKP, 2002〔5〕, and then Chan et al. proposed its improvement with q-composite and multi-path methods connectivities as well as the random pairwise-key predistribution scheme, RP, in 2003C11.Since seminal studies, a number of related schemes have been proposed[2-4], 6, 8-10). RKP s산leme 아low 나le basic structure of those schemes, consisting of three main phases under large pool of random keys (with node identities in such schemes as RP). In Phase 1, a set of sub- are selected at random from the large key pool and pre-installed to each node. In Phase 2, after deployment, each node discovers common keys with all its neighboring nodes, saying, in wireless range, by exchanging key identities (meaning node identities in RP). The common keys a single shared key, as in RP) are then used for a new pairwise key. In Phase 3, if there is no intersected between sub-key sets of two neighboring nodes, a path-key establishment step is proceeded, so that could establish a path-key through two or more hops between them. This procedure has been a technique in the related probabilistic key establishment schemes for wireless sensor networks. RP scheme and more derivatives of RKP follow those three phases[2-4, 6, 8-10].
2.2 Overhead of Path-Key Establishment
With regard to the path-key establishment step, we remark that the computation and communication could grow exponentially as the number of hops increases in establishing the actual path with broadcast, in order to attain a certain connectivity p. Since the 1-hop connectivity pi , meaning connectivity in Phase 2, between any two neighboring nodes should be given in a probabilistic manner storage efficiency of sensor nodes, as referred to in Eq. 1 in the following section, the path-key should be done to the amount of filling the gap between p and pi for any two neighboring which must be high. Even in the standard example of〔5〕such that pi = 0.5 for storing 250 keys from the 100,000~key pool, the path-key establishment is likely to run so frequently for p. The path extended beyond neighbors should result in further message broadcast and exchange of neighbor and so on. For higher connectivities, the path-key establishment could become impractical, in the following section, we propose a path-key offering method to cope with this problem.
Ⅲ. Path-Key Establishment with Path-Key Offering
Suppose that a sensor node u has neighbors v and w, respectively, denoting unidentified and identified Here we mean by "identified” that the node share a key and so connected with u, while the unidentified does not. We define a list of identified neighbors of u by 幻Mu), and that of unidentified by /un(u), so that w u/Wu) and v u/\n(u). Let Lid (u) be a list of pairs, < v, k> , for all v and values given to u, such that v is an unidentified neighbor and k is one of key identities broadcast by v in Phase 2. Similarly let 方血) be those of unidentified neighbors. For simplicity, we also let S(v) a set of key identities broadcast by v in Phase 2. We say, K(w) denotes a set of key identities intersect between the keys of w and v-nodes satisfying that vr is not sharing with its own neighbors, also say, V(w) denotes the identified neighbors of w, broadcast by w itself through b(w). path-key offering means that w offers to u the keys satisfying S(v)nK(w), so that u and v can a shared key. We denote this by PKO(vy, u, V)as follows. Let CPK(u, w, v) denote the classical establishment assuming that a trusted path through w is already found between u and v.
First, u broadcasts b(u), that is a pair of its own identity and the list Lun (u) implying its unidentified and their key lists. Similarly, other nodes may also broadcast the pairs, for example, b(v). each identified node w, set a 2-tuple of lists, c(w) = < K(w), V(w) > . Subsequently u runs PKO (矽, u, v) some w for identifying v, if there are keys satisfying S(v) QK(w). Otherwise, in case of satisfying v w V(w), u runs CPK(u, w, v) as in the legacy Phase 3. PKO(w, u, v) may rule out many of CPK(u, 时, v).
Algorithm L Path-key establishment with path-key offering
#
Ⅳ. Analysis
Let us denote by pi the 1-hop connectivity, which is the probability that two nodes share at least a key be connected directly. Then, when we assume that the size of key pool is £ and each node has m keys, pi for RKP is given by
#(1)
and pi for RP is given by
#(2)
where N is the total number of sensor nodes. We start from the analysis of〔7〕for considering multi-hop connectivities. Suppose that two neighboring u and v have failed to discover their common keys within a single hop, while u has neighbors, two-hop connectivity P2 then means the probability of being connected within a two-hop path:
#(3)
where (:)就(1-孔)“-”denotes that, among n neighbors, k nodes are identified and connected with pi. Then, those k neighbors are also identified and connected by each other with PcPi, where pc is the probability that any two of those neighbors reside within each other's communication range, that pc = 0.5865 if the communication range is circular regardless of its radius. Readers are referred 〔7〕for pc. Thus, [1 — (1-刀费)*] is 나出 probability that at least one of those k nodes is paired with v.
As shown in Eq. 3, the node u could use, in part, only limited neighbors which reside within the range of v. If there is no neighbor who shares a key with v, then the search path should expanded with more hops resulting in more overhead. On the contrary, with PKO, u can be helped all of its connected neighbors within its own communication range, which means that u can borrow connected neighbors' key pools in part. For fairness, if a connected neighbor of u resides out of communication range of v, then u borrows the keys shared with v from that neighbor, of which probability is pi. Otherwise, u borrows the shared keys, in part, such that the neighbor has not used for its connection with v. However, even in case that all shared keys are already used by the neighbor, it rather assures that CPK can be done no more than within two hops. Thus, with PKO, we gain that u can utilize the keys (shared with v) of all connected neighbors regardless of their actual connection to v, while also making CPK enjoy it. It means that pc of Eq. 3 can be ruled out, with PKO. Finally, P2 with PKO, denoted as P2, pko, is given by
#(4)
〔Fig. 1] illustrates according to the number of neighbors, that PKO improves two-hop connectivities significantly compared to the case of using CPK only, with both schemes such as RKP and RP. When the number of neighbors is 10, the two-hop connectivity is improved by 22.4% for RKP and 52.6% for RP. If there still remains a neighbor which is not connected within two hops either by PKO or CPK, then the CPK process is extended beyond two hops, which may require broadcast beyond those neighbors. Thus, after the connection within two hops has failed, the number of messages may increase exponentially by 以S’yi) where h is the number of hops in the extended path.
[Fig. 1) Two-hop connectivities according to the number of neighbors, (a) RKP (£ = 4000, m = 50 p1 = 0.469) (b) RP (N = 200, m = 50, p1 = 0.25)
Let P3 denote the probability of going beyond two hops such that 孔=(1—%)(1-孔).It represents then the probability of the communication overhead that increases exponentially. Fig. 2 illustrates ps according to the number of keys, with regard to the CPK only case and the case with PKO. We could observe that PKO allows less communication overhead than the CPK only case, due to that the probability of going beyond two hops for further CPK process is getting lower with PKO.
〔Fig. 2〕Probability of going beyond two hops according to the number of keys, (RKP, £ = 4000)
References
- H. Chan, A. Perrig, and D. Song, "Random key predistribution schemes for sensor networks." Proceedings of IEEE Symposium on Security and Privacy, pp.197-215, May 2003 https://doi.org/10.1109/SECPRI.2003.1199337
- W. Du. J. Deng, Y.S. Han. S. Chen, and P. Varshney. "A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge ," Proceedings of IEEE INFOCOM, pp. 586-597, Mar. 2004
- W. Du, J. Deng. Y. Han, P. Varshney, J. Katz, and A. Khalili, ''A pairwise key predistribution scheme for wireless sensor networks." ACM Transaction on Information and System Security, vol. 8,no. 2, pp. 228-258, Feb 2005 https://doi.org/10.1145/1065545.1065548
- w. Du, J. Deng, YS. Han, S. Chen, and P.Varshney, "A key predistribution scheme for sensor networks using deployment knowledge," IEEE Transaction on Dependable Secure Computing, vol. 3, no.1. pp. 62-77, Jan.-Mar 2006 https://doi.org/10.1109/TDSC.2006.2
- L. Eschenauer and V.D. Gligor. "A key-management scheme for distributed sensor networks," Proceedings of the 9th ACM Conference on Computer and Communication Security (CCS" 02). pp. 41-47, Nov. 2002 https://doi.org/10.1145/586110.586117
- D. Huang. M. Mehta, D. Medhi, and L. Harn, "Location-aware key management scheme for wireless sensor networks," Proceedings of the 2nd ACM workshop on Security of ad-hoc and sensor networks (SASN'04), pp. 29-42, Oct. 2004 https://doi.org/10.1145/1029102.1029110
- D. Huang, M. Mehta, A. Liefvoort, and D. Medhi, ''Modeling pairwise key establishment for random key predistribution in large-scale sensor networks," IEEE/ ACM Transaction on Networking, vol. 15, no. 5, pp. 1204-1215, Oct 2007 https://doi.org/10.1109/TNET.2007.896259
- J. Lee, T. Kwon, and J. Song, "Locationaware key management using multi-layer grids for wireless sensor networks," Applied Cryptography and Network Security ACNS'06, LNCS 3989, pp.390-404, 2006
- D. Liu and P. Ning, "Establishing pairwise keys in distributed sensor networks," Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS'03), pp. 52-61. Oct. 2003 https://doi.org/10.1145/1053283.1053287
- D. Liu and P. Ning, "Location-based pairwise key establishments for relatively static sensor networks," in Proc. 1st ACM workshop onSecurity of ad-hoc and sensor networks (SASN'03), pp. 72-82,Nov. 2003