As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. We design a suite of security...

Key establishment in sensor networks is a challenging problem because asymmetric key cryptosystems are unsuitable for use in resource constrained sensor nodes, and also because the nodes could be physically compromised by an adversary. We present three new mechanisms for key establishment using the framework of pre-distributing a random set of keys to each node. First, in the q-composite keys scheme, we trade off the unlikeliness of a large-scale network attack in order to significantly strengthen random key predistribution’s strength against smaller-scale attacks. Second, in the multipath-reinforcement scheme, we show how to strengthen the security between any two nodes by leveraging the security of other links. Finally, we present the random-pairwise keys scheme, which perfectly preserves the secrecy of the rest of the network when any node is captured, and also enables node-to-node authentication and quorum-based revocation. 1 We gratefully acknowledge funding support for this research. This work was made possible in part by a gift from Bosch Research. This paper represents the opinions of the authors and does not necessarily represent the opinions or policies, either expressed or implied, of Bosch Research. Keywords: Sensor network, key distribution, random key predistribution, key establishment, node

To achieve security in wireless sensor networks, it is important to be able to encrypt messages sent among sensor nodes. Keys for encryption purposes must be agreed upon by communicating nodes. Due to resource constraints, achieving such key agreement in wireless sensor networks is non-trivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks. Pre-distribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. Recently, a random key predistribution scheme and its improvements have been proposed.

Abstract — The establishment of shared cryptographic keys between communicating neighbor nodes in sensor networks is a challenging problem due to the unsuitability of asymmetric key cryptography for these resource-constrained platforms. A range of symmetric-key distribution protocols exist, but these protocols do not scale effectively to large sensor networks. For a given level of security, each protocol incurs a linearly increasing overhead in either communication cost per node or memory per node. We describe Peer Intermediaries for Key Establishment (PIKE), a class of key-establishment protocols that involves using one or more sensor nodes as a trusted intermediary to facilitate key establishment. We show that, unlike existing key-establishment protocols, both the communication and memory overheads of PIKE protocols scale sub-linearly (O ( √ n)) with the number of nodes in the network yet achieving higher security against node compromise than other protocols. I.

. We analyse several well-known key establishment protocols for mobile communications. The protocols are examined with respect to their security and suitability in mobile environments. In a number of cases weaknesses are pointed out, and in many cases refinements are suggested, either to improve the efficiency or to allow simplified security analysis. 1 Introduction Security is a critical issue in mobile radio applications, both for the users and providers of such systems. Although the same may be said of all communications systems, mobile applications have special requirements and vulnerabilities, and are therefore of special concern. Once a call has been set up by establishing various security parameters, the problem is reduced to that of employing appropriate cryptographic algorithms to provide the required security services. The most important problem is undoubtedly that of designing protocols for authentication and key management as part of the call set-up process; security-criti...

To achieve security in wireless sensor networks, it is important to be able to encrypt messages sent among sensor nodes. Keys for encryption purposes must be agreed upon by communicating nodes. Due to resource constraints, achieving such key agreement in wireless sensor networks is non-trivial. Many key agreement schemes used in general networks, such as Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks. Pre-distribution of secret keys for all pairs of nodes is not viable due to the large amount of memory used when the network size is large. Recently, a random key pre-distribution scheme and its improvements have been proposed. A common assumption made by these random key pre-distribution schemes is that no deployment knowledge is available. Noticing that in many practical scenarios, certain deployment knowledge may be available a priori, we propose a novel random key pre-distribution scheme that exploits deployment knowledge and avoids unnecessary key assignments. We show that the performance (including connectivity, memory usage, and network resilience against node capture) of sensor networks can be substantially improved with the use of our proposed scheme. The scheme and its detailed performance evaluation are presented in this paper. I.

. Use of mobile personal computers in open networked environment is revolutionalising the way we use computers. Mobile networked computing is raising important information security and privacy issues. This paper is concerned with the design of authentication protocols for a mobile computing environment. The paper first analyses the authentication initiator protocols proposed by Beller,Chang and Yacobi (BCY) and the modifications considered by Carlsen and points out some weaknesses. The paper then suggests improvements to these protocols. The paper proposes secure end-to-end protocols between mobile users using both symmetric and public key based systems. These protocols enable mutual authentication and establish a shared secret key between mobile users. Furthermore, these protocols provide a certain degree of anonymity of the communicating users to be achieved vis-a-vis other system users. 1 Introduction The rapid progress of portable communications technology is making m...

In this paper, we propose a scheme for providing anonymous channel service in wireless communications. By this service, many interesting applications, such as electronic elections, anonymous group discussions, with user identification confidential can be easily realized. No one can trace a sender's identification and no one but the authority centre can distinguish an anonymous message from a normal message when a user uses the anonymous channel. The user anonymity in our scheme is neither based on any trusted authority nor on the cooperation of all potential senders. Our scheme can be easily applied to existing wireless systems, such as GSM and CDPD, without changing their underlying structures. # 1999 Elsevier Science B.V. All rights reserved. Keywords: Anonymous channel; Authentication; Untraceable e-mail systems; Electronic elections; Anonymous group discussions; Privacy and security 1. Introduction Many applications, such as electronic voting schemes [1-- 3], anonymous group dis...

geable key agreement schemes/protocols are presented. All these protocols are based on the signcryption schemes. The shortened signature, signcryption and key agreement schemes can all be extended to similar schemes on secure elliptic curves. This is outlined in Appendix A. Discussions on the computational efficiency of the schemes are dependent on a techique proposed by Shamir that allows fast computation of the product of multiple exponentials with the same modulo. This technique is briefly described in Appendix B. The submission is based on the following publications whose on-line versions are available at http://www.pscit.monash.edu.au/~yuliang/ 1. Y. Zheng. Digital signcryption or how to achieve cost(signature & encryption) !! cost(signature) + cost(encryption). In Advances in Cryptology - CRYPTO'97, volume 1294 of Lecture Notes in Computer Science, pages 165--179, Berlin, New York, Tokyo, 1997. Springer-Verlag. 2

This chapter reviews several key distribution and key establishment techniques for sensor networks. We briefly describe several well known key establishment schemes, and provide a more detailed discussion of our work on random key distribution in particular.