A Novel Scalable Key Management Protocol for Wireless Sensor Networks

Abstract

Wireless Sensor Networks (WSNs) are ad-hoc networks consisting of tiny battery- operated wireless sensors. The sensor nodes are lightweight in terms of memory, computation, energy and communication. These networks are usually deployed in unsecured, open, and harsh environments, where it is difficult for humans to perform continuous monitoring. Consequently, it is very crucial to provide security mecha- nisms for authenticating data among sensor nodes. Key management is a pre-requisite for any security mechanism. Efficient distribution and management of keys in WSNs is a challenging task. Many standard key establishment techniques have been pro- posed using symmetric cryptosystems. Unfortunately, these systems often fail to pro- vide a good trade-off between memory and security and since WSNs are lightweight in nature, these cryptosystems are not feasible. On the other hand, public key in- frastructure (PKI) is infeasible in WSNs because of its continuous requirement of a trusted third party and heavy computational demands for certificate verification. Pairing-Based Cryptography (PBC) has paved the way for how parties can agree on keys without any interaction. It has relaxed the requirement of expensive certificate verification on PKI systems. In this thesis, we propose a new hybrid identity-based non-interactive key management protocol for WSNs, which leverages the benefits of both symmetric key based cryptosystems and pairing-based cryptosystems. The pro- posed protocol is scalable, suits many applications and can be deployed in multiple types of networks without modifications. We also provide mechanisms for key refresh when the network topology changes. A security analysis is presented to prove that the scheme is resilient to many types of attacks. To validate our scheme, we have implemented it on Crossbow TelosB motes running TinyOS and analyzed the perfor- mance in terms of memory, communication, computation and energy consumption. The results indicate that our scheme can be deployed efficiently to provide high level of security in a large-scale network without increasing memory, communication and energy overheads.