An Efficient Key Management Scheme for Wireless Sensor Network

Abstract

Wireless sensor networks (WSN) have been widely used in various applications. WSN consists of sensor motes, which are tiny, low power, computationally limited and battery constrained electromechanical devices. Deployment of such devices in the physical environment gives an opportunity to the attackers that could tamper devices, eavesdrop communications, alter transmitted data, or attach unauthorized devices to the network. To provide security for WSN it is necessary to encrypt the message sent among communicating nodes; for encryption/decryption network needs to manage a key. Hence, Key Management is a major challenge to achieve security in WSN. Key management with symmetric cryptography is inflexible as compared to Public Key Cryptography (PKC). For PKC, sensor motes need to agree on shared session key to establish a secure communication. However, achieving such key agreement in a resource-constrained environment is not a trivial task, as security protocols always require additional overhead on the computational, storage and energy resources. In such a scenario, the variants of PKC are better options, as traditional PKC have some limitations, which are unsuitable for WSN. Identity Based Cryptography (IBC) and CertificateLess Public Key Cryptography (CL-PKC) are advantageous in terms of computation cost and storage cost. The contributions of this thesis to the area of key management in WSN are manifold. In this thesis, we present a historical perspective and brief introduction of key management in WSN. We present an overview of WSN, security requirements for WSN. We also present, the literature review of symmetric key management schemes especially designed for WSN. This thesis also reviews the literature of asymmetric key agreement protocols. Based on the literature review, we propose four protocols. The proposed protocols are as follows: (i) A Pairing-Free Identity-based Two-Party Authenticated Key Agreement (PF-ID- 2PAKA) protocol for WSN. (ii) Breaking of CertificateLess Key Agreement Protocol against Key-Compromise Impersonations attack and providing a viable solution. (iii) A Non-Interactive Certificateless Two-Party Authenticated Key Agreement (NICTAKA) Protocol for WSN. (iv) An Improved Forward Secure Elliptic Curve Signcryption KeyManagement Scheme for WSN. The first and fourth protocols are based on IBC, the second and third protocols are based on CL-PKC. PF-ID-2PAKA, the improved protocol and NI-CTAKA are based on the hardness assumption of Gap Diffie-Hellman (GDH) and proven secure in eCK model for IBC and CL-PKC presented by Liang et al. and Lipold et al. respectively. For the verification and validation of these protocols, we implemented them on the experimental setup, which includes the MICAz mote, TinyOS, RELIC-Toolkit and AVRORA. We also perform the comparative analysis of these protocols with the existing schemes based on the computation cost, which includes the important operations like scalar point multiplication, point addition, etc., communication cost, running time, energy consumption and storage cost. We cryptanalyze the existing Certificateless Two-Party Authenticated Key Agreement (CTAKA) protocol against Key-Compromise Impersonation (K-CI) attack. We present a forward secure elliptic curve signcryption key management scheme for WSN. The scheme is an improvement in the existing scheme.