Browse > Article
http://dx.doi.org/10.3837/tiis.2017.02.015

KMMR: An Efficient and scalable Key Management Protocol to Secure Multi-Hop Communications in large scale Wireless Sensor Networks  

Guermazi, Abderrahmen (ISET Sfax, CES Research Lab- University of Sfax)
Belghith, Abdelfettah (College of Computer and Information Sciences, King Saud University)
Abid, Mohamed (ENIS, CES Research Lab-University of Sfax)
Gannouni, Sofien (College of Computer and Information Sciences, King Saud University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.11, no.2, 2017 , pp. 901-923 More about this Journal
Abstract
Efficient key distribution and management mechanisms as well as lightweight ciphers are the main pillar for establishing secure wireless sensor networks (WSN). Several symmetric based key distribution protocols are already proposed, but most of them are not scalable, yet vulnerable to a small number of compromised nodes. In this paper, we propose an efficient and scalable key management and distribution framework, named KMMR, for large scale WSNs. The KMMR contributions are three fold. First, it performs lightweight local processes orchestrated into upward and downward tiers. Second, it limits the impact of compromised nodes to only local links. Third, KMMR performs efficient secure node addition and revocation. The security analysis shows that KMMR withstands several known attacks. We implemented KMMR using the NesC language and experimented on Telosb motes. Performance evaluation using the TOSSIM simulator shows that KMMR is scalable, provides an excellent key connectivity and allows a good resilience, yet it ensures both forward and backward secrecy. For a WSN comprising 961 sensor nodes monitoring a 60 hectares agriculture field, KMMR requires around 2.5 seconds to distribute all necessary keys, and attains a key connectivity above 96% and a resilience approaching 100%. Quantitative comparisons to earlier work show that KMMR is more efficient in terms of computational complexity, required storage space and communication overhead.
Keywords
Wireless sensor network; Key management Protocol; Secure multi-hop;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Lloret, et al., "A wireless sensor network deployment for rural and forest fire detection and verification," Sensors, 9(11): 8722-8747, 2009.   DOI
2 G. Bitella, et al., "A novel low-cost open-hardware platform for soil water content and multiple soil-air-vegetation," Sensors, 14(10): 19639-19659, 2014.   DOI
3 Nesc: A prog. language for deeply networked systems. http://nescc.sourceforge.net/, 2007.
4 Tinyos. http://www.tinyos.net/, 2012.
5 N. Sastry and D. Wagner, "Security considerations for IEEE 802.15.4 networks," WiSe '04, pages 32-42, 2004.
6 I. Jemili, A. Belghith and M. Mosbah, "A Synchronous Tiered Based Clustering Algorithm for large-scale Ad hoc Networks," Wireless and Mobile Networking, Vol. 284, pp. 41-55, 2008.
7 T. Gazdar, A. BenSlimane and A. Belghith, "Secure clustering scheme based keys management in VANETs," in Proc. of 73rd IEEE Vehicular Technology Conference (VTC Spring 2011), Budapest, Hungry, 2011.
8 X. Huang, et al., "Effective algorithm for protecting WSNs from internal attacks in real-time," ACSW'16, ACM, New York, NY, USA, 2016.
9 W. Akkari, B. Bouhdid and A. Belghith, "LEATCH: Low energy adaptive tier clustering hierarchy," Elsevier, Procedia Computer Science, Vol. 52, pp. 365-372, 2015.   DOI
10 M.H. Anisi, G. Abdul-Salaam, A.H. Abdullah, "A survey of wireless sensor network approaches and their energy consumption for monitoring farm fields in precision agriculture," Precision Agriculture (Springer) 16(2): 216-238, 2015.   DOI
11 L. Pan, V.I. Adamchuk, D.L. Martin, et al., "Analysis of soil water availability by integrating spatial and temporal sensor-based data," Precision Agriculture (Springer) 14(4): 414-433, 2013.   DOI
12 Inc. CrossbowTechnology. Telosb mote platform.
13 R.D. Pietro, et al., "Connectivity properties of secure wireless sensor networks," SASN'04, pages 53-58, 2004.
14 A. Gupta and J. Kuri, "Deterministic schemes for key distribution in wireless sensor networks," COMSWARE 2008, January 5-10, 2008, Bangalore, India, pages 452-459, 2008.
15 H. Alzaid, D. Park, J.M.G. Nieto, C. Boyd and E. Foo, "A forward and backward secure key management in wireless sensor networks for PCS/SCADA.," S-CUBE 2009, Pisa, Italy, September 7-9, 2010, pages 66-82, 2009.
16 X. Zhang, J. He and Q, "Wei. EDDK: energy-efficient distributed deterministic key management for wireless sensor networks," EURASIP JWCN, 2011.
17 G. DeMeulenaer, F. Gosset, F.X. Standaert, and O. Pereira, "On the energy cost of communication and cryptography in wireless sensor networks," WiMob 2008, Avignon, France, 12-14 October 2008, Proceedings, pages 580-585, 2008.
18 A. Shamir R. Rivest and L. Adlemani, "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM, 21(2):120-126, 1978.   DOI
19 A. Liu and P. Ning, "Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks," IPSN'08, USA, pages 245-256, 2008.
20 C. Karlof, N. Sastry, and D. Wagner, "Tinysec: Link Layer Security Architecture for wireless sensor networks," SenSys 2004, Baltimore, MD, USA, November 3-5, pages 162-175, 2004.
21 D.E. Eastlake, J.I. Schiller, and S. Crocker, "Randomness requirements for security," BCP 106, RFC 4086, 2005.
22 S. Blackshear and R.M. Verma, "R-leap+: Randomizing leap+ key distribution to resist replay and jamming attacks," in Proc. of SAC '10, pages 1985-1992, New York, NY, USA, 2010.
23 R. Geetha and E. Kannan, "A hybrid key management approach for secure communication in wireless sensor networks," Indian Journal of Science and Technology, 8(5): 1-8, 2015.
24 E.B. Barker and J.M. Kelsey, "Recommendation for random number generation using deterministic random bit generators," TC, NIST, USA, 2012.
25 C. Intanagonwiwat, R. Govindan, D. Estrin, J.S. Heidemann, and F. Silva, "Directed diffusion for wireless sensor networking," IEEE/ACM Trans, Netw., 11(1): 2-16, 2003.   DOI
26 W.B. Heinzelman, et al., "An application-specific protocol architecture for wireless micro sensor networks," IEEE TWC 1(4): 660-670, 2002.
27 X. Liu, "A survey on clustering routing protocols in wireless sensor networks," Sensors, 12(8): 11113-11153, 2012.   DOI
28 802.15.4-2006-IEEE standard for information technology-local and metropolitan area networks-specific requirements-part 15.4: MAC and PHY specifications for low rate wireless personal area networks (wpans). IEEE Xplore, 2006.
29 M.L. Messai, M. Aliouat, and H. Seba, "Tree based protocol for key management in wireless sensor networks," EURASIP JWCN, 910695, 2010.
30 N.A. Alrajeh, et. al., "Intrusion detection systems in wireless sensor networks: A review," Int. J. Distributed Sensor Networks, Vol. 2013, 7 pages, 2013.
31 M.M. Patel and A. Aggarwal, "A survey of attacks, security mechanisms and challenges in wireless sensor networks," in Proc. of ISSP, March 2013.
32 Q. Yang, X. Zhu, H. Fu, and X. Che, "Survey of security technologies on wireless sensor networks," Journal of Sensors, 2015:842392:1-842392:9, 2015.
33 I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "Wireless sensor networks: a survey," Computer Networks, 38(4):393-422, 2002.   DOI
34 C. Karlof and D. Wagner, "Secure routing in WSN: attacks and countermeasures," Ad Hoc Networks, 1(23):293-315, 2003.   DOI
35 Y. Zhou, Y. Fang, and Y. Zhang, "Securing wireless sensor networks: a survey," Communications Surveys Tutorials IEEE, 10(3):6-28, 2008.
36 J. Zhang and V. Varadharajan, "Wireless sensor network key management survey and taxonomy," JNCA, Elsevier, 33(2):63-75, 2010.   DOI
37 M.A. Simplicio Jr., P.S. L.M. Barreto, C.B. Margi, and T.C.M. B. Carvalho, "A survey on key management mechanisms for distributed wireless sensor networks," Computer Networks, 54(15):2591-2612, 2010.   DOI
38 T. Bonaci, et. al., "Node capture attacks in wireless sensor networks: A system theoretic approach," CDC2010, Atlanta, USA, pp. 6765-6772, 2010.
39 H. Maddar, A. Trad, A. Guermazi, and S. Ben Othman, "Secopp+: A secure dynamic scheme for adding new nodes in secopp protocol," WSCAR'14, pages 1-5, Jan 2014.
40 M. Perez-Ruiz, J. Aguera, J.A. Gil, et al., "Optimization of agrochemical application in olive groves based on positioning sensor," Precision Agriculture (Springer) 12(4): 564-575, 2011.   DOI
41 A. Perrig, et. Al., "SPINS: security protocols for sensor networks," Wireless Networks, 8(5): 521-534, 2002.   DOI
42 L. Eschenauer and V.D. Gligor, "A key-management scheme for distributed sensor networks," CCS 2002, Washington, DC, USA, November 18-22, pages 41-47, 2002.
43 D. Liu and P. Ning, "Establishing pairwise keys in distributed sensor networks," CCS 2003, Washington, DC, USA, pages 52-61, 2003.
44 D. Liu and P. Ning, "Location-based pairwise key establishments for static sensor networks," SASN '03, pages 72-82, 2003.
45 N.T.T. Huyen, M. Jo, T.D.Nguyen and E.N. Huh, "A Beneficial Analysis of Deployment Knowledge for Key Distribution in Wireless Sensor Networks," Security and Communication Networks, 5(5): 485-495, May 2012.   DOI
46 P. Traynor, et al. "Establishing pairwise keys in heterogeneous sensor networks," INFOCOM 2006, pp. 1-12, 2006, Barcelona, Spain, 2006.
47 A. Perrig, R. Canetti, D.X. Song, and J. D. Tygar, " Efficient and secure source authentication for multicast," NDSS 2001, San Diego, California, USA, 2001.
48 S. Zhu, S. Setia, and S. Jajodia, "LEAP: efficient security mechanisms for large-scale distributed sensor networks," CCS 2003, Washington, DC, USA, October 27-30, pages 62-72, 2003.
49 S. Zhu, S. Setia, and S. Jajodia, "Leap+: Efficient security mechanisms for large-scale distributed sensor networks," TOSN, 2(4):500-528, 2006.   DOI
50 L. Lamport, "Password authentication with insecure communication," Communications of the ACM, 24(11):770-772, 1981.   DOI
51 J. Deng, C. Hartung, R. Han, and S. Mishra, "A practical study of transitory master key establishment for wireless sensor networks," SecureComm 2005, pages 289-302, 2005.
52 The AVISPA Team. Hlpsl tutorial. http://www.avispa-project.org, 2006.
53 The AVISPA Team. Automated validation of internet security protocolds an applications user manual. http://www.avispa-project.org, 2006.