无线传感器网络密钥管理

无线传感器网络密钥管理极具挑战性,不仅因为传感器节点拥有的资源有限,不宜采用非对称密码技术,同时也因为传感器节点暴露在恶劣甚至敌对环境中,易于被敌手俘获。虽然目前提出许多密钥分配协议,但没有一个协议能在扩展性、共享密钥概率、存储代价和抵御节点俘获攻击等方面同时具有良好性能。密钥管理协议采用的技术必须与具体网络需求和传感器节点拥有的资源一致。分析和评估了典型的密钥管理方案和协议,并指出了该方向存在的开放问题及今后的发展趋势。     

基于按对平衡设计的异构无线传感器网络密钥预分配方案

利用异构无线传感器网络中普通节点和簇头节点间的差异性,基于中心可分解型按对平衡设计构造了异构的节点密钥环,设计了2种密钥预分配方案DCPBD和VDCPBD.其中,DCPBD利用了中心可分解类型PBD,将普通区组作为普通节点的密钥环,将特殊区组作为簇头节点的密钥环.VDCPBD基于DCPBD进行了扩展,将单一核密钥替换为基于另一密钥池进行SBIBD设计出的簇间密钥环,减小了DCPBD由于单个簇头节点被俘后对整个网络抗毁性的影响.由于在设计时考虑了节点的异构特性,使用确定性方法构造了异构密钥环,使得在保持密钥连通率不变的前提下获得了更低的空间复杂度.仿真实验表明,2个方案都支持大规模网络,且单跳密钥连通率随网络规模增大而趋近于1,2跳连通率恒为1.VDCPBD还具备了更强的抗节点捕获能力和更好的网络可扩展性.     

无线传感器网络密钥管理研究进展

分析了当前无线传感器网络密钥管理协议设计中所存在的主要问题,在对具有代表性的最新研究成果进行系统论述的基础上,全面分析了其利弊以及适应性问题。考虑到传感器网络应用背景的细化和结构、功能的多元化,提出了今后的研究方向。     

基于分簇的有效无线传感器网络密钥管理方案

针对现有无线传感器网络密钥管理中计算量过大、存储空间过多和网络安全问题,在分簇结构无线传感器网络基础上,提出一种新的密钥管理方案,它通过将已存储的密钥部分地转化为即使被攻击者截获也无影响的特殊信息,来获取更加良好的安全性,同时又不降低网络的连通性。通过仿真与其他算法进行性能对比,结果显示这种方案具有更好的性能。     

无线传感器网络的多空间密钥预分配方案

针对无线传感器网络的安全性要求,分析R.Blom的密钥预分配方案,并在此基础上做出改进,提出了多空间密钥预分配方案:为无线传感器网络中的每一个传感器节点构建多个密钥空间,并通过节点间的共同密钥空间使每个节点对之间都形成一个成对密钥。通过仿真实验测试该方案的安全性,实验结果认为该方案对于该方案对节点捕获攻击具有较高的弹性。     

无线传感器网络的密钥管理方案研究

随着无线传感器网络的广泛应用，其安全性也越来越受到人们的关注。文章针对AdHoc网络，提出了一些密钥管理机制在无线传感器网络中的应用方法，同时在简要介绍了无线传感器密钥管理方案的同时，也对其优缺点作了简单的评价。     

基于逻辑网格的无线传感器网络密钥分配方案

由于无线传感器网络能源受限、拓扑易变化等特性,需要解决其密钥管理机制涉及到的机密性、完整性、源端认证和无充足空间存储大量密钥信息等问题.针对当前研究工作的一些局限,提出了一种基于逻辑网格的无线传感器网络密钥分配方案,基于层簇式的网络拓扑,描述了系数矩阵求解、密钥设定和具体实现的流程.最后通过与多种现存方法(例如SPIN协议和逻辑密钥树方案)的仿真实验比较,验证了该方案在安全性、存储性和节能性方面的优势.     

基于密钥联系表的无线传感器网络密钥管理方案

考虑到多播密钥管理必须满足前向私密性、后向私密性、抗同谋破解、可扩展性以及健壮性等安全需求,同时针对于无线传感器网络能源受限的特点,提出了一种新的基于门限机制和密钥联系表的密钥管理方案。通过把密钥映射于空间曲线和曲面上,该方案在小幅度增加计算复杂性的同时,对通信复杂性和存储复杂性进行了较大的优化。     

无线传感器网络的密钥管理方案选择

随着大量的密钥管理方案的提出,设计者在设计无线传感器网络的过程中,并不清楚如何选择最合适的密钥管理方案去应用在特定的无线传感器的网路中。在此基础上,全面回顾了不同的密钥管理协议的性能和应用条件,对其优缺点进行了分析,并提出一种可以使无线传感器网络设计者选择最适合此网络的密钥管理协议的方法。     

无线传感器网络密钥预分配蜂窝模型

要达到无线传感器网络的安全通信,必须对网络中节点之间的通讯数据用密钥进行必要的加密。文章使用蜂窝模型分组方案,把节点按照预测的地理位置关系分组,给处于相同组或是相邻组的节点之间分配共享密钥,使节点的分组模式和查询更符合节点广播特征。蜂窝模型密钥预分配机制极大的提高密钥利用率,减少了密钥分配和维护代价,使传感器网络的安全性和连通性极大的提高。     

An effective key management scheme for heterogeneous sensor networks

Security is critical for sensor networks used in military, homeland security and other hostile environments. Previous research on sensor network security mainly considers homogeneous sensor networks. Research has shown that homogeneous ad hoc networks have poor performance and scalability. Furthermore, many security schemes designed for homogeneous sensor networks suffer from high communication overhead, computation overhead, and/or high storage requirement. Recently deployed sensor network systems are increasingly following heterogeneous designs. Key management is an essential cryptographic primitive to provide other security operations. In this paper, we present an effective key management scheme that takes advantage of the powerful high-end sensors in heterogeneous sensor networks. The performance evaluation and security analysis show that the key management scheme provides better security with low complexity and significant reduction on storage requirement, compared with existing key management schemes.     

适合于无线传感器网络的混合式组密钥管理方案

针对无线传感器网络中经常出现节点加入或退出网络的情况,提出了一种安全有效的混合式组密钥管理方案.多播报文的加密和节点加入时的组密钥更新,采用了对称加密技术;而系统建立后,组密钥的分发和节点退出后的组密钥更新,采用了基于身份的公钥广播加密方法.方案可抗同谋、具有前向保密性、后向保密性等安全性质.与典型组密钥管理方案相比,方案在适当增加计算开销的情况下,有效降低了节点的存储开销和组密钥更新通信开销.由于节点的存储量、组密钥更新开销独立于群组大小,方案具有较好的扩展性,适合应用于无线传感器网络环境.     

A scalable multicast key management scheme for heterogeneous wireless networks

Secure multicast applications require key management that provides access control. In wireless networks, where the error rate is high and the bandwidth is limited, the design of key management schemes should place emphasis on reducing the communication burden associated with key updating. A communication-efficient class of key management schemes is those that employ a tree hierarchy. However, these tree-based key management schemes do not exploit issues related to the delivery of keying information that provide opportunities to further reduce the communication burden of rekeying. In this paper, we propose a method for designing multicast key management trees that match the network topology. The proposed key management scheme localizes the transmission of keying information and significantly reduces the communication burden of rekeying. Further, in mobile wireless applications, the issue of user handoff between base stations may cause user relocation on the key management tree. We address the problem of user handoff by proposing an efficient handoff scheme for our topology-matching key management trees. The proposed scheme also addresses the heterogeneity of the network. For multicast applications containing several thousands of users, simulations indicate a 55%-80% reduction in the communication cost compared to key trees that are independent of the network topology. Analysis and simulations also show that the communication cost of the proposed topology-matching key management tree scales better than topology-independent trees as the size of multicast group grows.     

WSN中同构模型下动态组密钥管理方案

研究了同构网络模型的组密钥管理问题,首次给出了一个明确的、更完整的动态组密钥管理模型,并提出了一种基于多个对称多项式的动态组密钥管理方案。该方案能够为任意多于2个且不大于节点总数的节点组成的动态多播组提供密钥管理功能,解决了多播组建立、节点加入、退出等所引发的与组密钥相关的问题。该方案支持节点移动,具有可扩展性,并很好地解决了密钥更新过程中多播通信的不可靠性。组成员节点通过计算获得组密钥,只需要少量的无线通信开销,大大降低了协商组密钥的代价。分析比较认为,方案在存储、计算和通信开销方面具有很好的性能,更适用于资源受限的无线传感器网络。     

基于动态累加器的异构传感网认证组密钥管理方案

利用动态累加器的证人能够证明特定累加项是否参与累加的特性,实现了组成员身份认证,提出了一种新的支持节点动态增加和撤销的组密钥管理方案DAAG。在需要建立组密钥时,所有成员节点提供自己持有的累加项,参与累加计算。DAAG方案在保证成员节点证人机密性的基础上, 通过绑定证人与组密钥更新计算,限制了非成员节点对新密钥的计算能力。安全性和性能分析表明,DAAG方案虽比FM方案消耗更多的通信代价,但能够抵抗伪造、重放和共谋等恶意攻击,提供前后向安全性。     

Tree-based key predistribution for wireless sensor networks

The establishment of secure links between neighboring nodes is one of the most challenging problems in wireless sensor networks. In this article, we present an efficient key predistribution scheme for sensor networks such that pairwise keys are defined by iterated hash computations based on a tree structure. Our scheme can be regarded as an improvement of HARPS, Ramkumar and Memon (IEEE J Sel Area Commun 23(3):611–621, 2005),or a generalization of Leighton and Micali’s scheme (Lect Notes Comput Sci 773:456–479, 1994). We rigorously analyze our scheme focusing on the resiliency of the network and hash computational complexity for each node and compare the performance with existing schemes. Specifically, we show that our scheme provides stronger resiliency and requires less hash computational complexity than HARPS.     

Energy-balance node-selection algorithm for heterogeneous wireless sensor networks

To solve the problem of unbalanced loads and the short network lifetime of heterogeneous wireless sensor networks, this paper proposes a node-selection algorithm based on energy balance and dynamic adjustment. The spacing and energy of the nodes are calculated according to the proximity to the network nodes and the characteristics of the link structure. The direction factor and the energy-adjustment factor are introduced to optimize the node-selection probability in order to realize the dynamic selection of network nodes. On this basis, the target path is selected by the relevance of the nodes, and nodes with insufficient energy values are excluded in real time by the establishment of the node-selection mechanism, which guarantees the normal operation of the network and a balanced energy consumption. Simulation results show that this algorithm can effectively extend the network lifetime, and it has better stability, higher accuracy, and an enhanced data-receiving rate in sufficient time.     

Multilevel heterogeneous network model for wireless sensor networks

The lifetime of a network can be increased by increasing the network energy. The network energy can be increased either increasing the number of sensors or increasing the initial energy of some sensors without increasing their numbers. Increasing network energy by deploying extra sensors is about ten times costlier than that using some sensors of high energy. Increasing the initial energy of some sensors leads to heterogeneous nodes in the network. In this paper, we propose a multilevel heterogeneous network model that is characterized by two types of parameters: primary parameter and secondary parameters. The primary parameter decides the level of heterogeneity by assuming the values of secondary parameters. This model can describe a network up to nth level of heterogeneity (n is a finite number). We evaluate the network performance by applying the HEED, a clustering protocol, on this model, naming it as MLHEED (Multi Level HEED) protocol. For n level of heterogeneity, this protocol is denoted by MLHEED-n. The numbers of nodes of each type in any level of heterogeneity are determined by the secondary model parameter. The MLHEED protocol (for all level heterogeneity) considers two variables, i.e., residual energy and node density, for deciding the cluster heads. We also consider fuzzy implementation of the MLHEED in which four variables are used to decide the cluster heads: residual energy, node density, average energy, and distance between base station and the sensor nodes. In this work, we illustrate the network model up to seven levels (\(1\le n\le 7\)). Experimentally, as the level of heterogeneity increases, the rate of energy dissipation decreases and hence the nodes stay alive for longer time. The MLHEED-m, \(m=2,3,4,5,6,7\), increase the network lifetime by \(73.05, 143.40, 213.17, 267.90, 348.60, 419.10\,\%\), respectively, by increasing the network energy as \(40, 57, 68.5, 78, 84, 92.5\,\%\) with respect to the original HEED protocol. In case of fuzzy implementation, the MLHEEDFL-m, \(m=2,3,4,5,6,7,\) increases the network lifetime by \(282.7, 378.5, 435.78, 498.50, 582.63, 629.79\,\%\), respectively, corresponding to the same increase in the network energy as that of the MLHEED (all levels) with respect to the original HEED. The fuzzy implementation of the HEED, MLHEEDFL-1, increases the network lifetime by \(176.6\,\%\) with respect to the original HEED with no increase in the network energy.     

SKWN: Smart and dynamic key management scheme for wireless sensor networks

In the era of the Internet of Things (IoT), we are witnessing to an unprecedented data production because of the massive deployment of wireless sensor networks (WSNs). Typically, a network of several hundred sensors is created to ensure the interactions between the cyber world and the physical world. Unfortunately, the intensive use of this kind of networks has raised several security issues. Indeed, many WSN‐based applications require secure communication in order to protect collected data. This security is generally ensured by encryption of communication between sensors, which requires the establishment of many cryptographic keys. Managing these keys, within a protocol, is an important task that guarantees the effectiveness of the security mechanism. The protocol should be intelligently adaptable not only to intrusion events but also to the security level needed by some applications. An efficient protocol optimizes also sensors energy and consequently increases the network life cycle. In this paper, we propose, a smart and dynamic key management scheme for hierarchical wireless sensor networks (SKWN). Our protocol offers three subschemes to deal with key establishment, key renewal, and new node integration. Regarding existing schemes, SKWN does not only provide reliable security mechanisms, but it also optimizes energy consumption and overheads related to the communication and memory usage. Furthermore, our approach relies on a machine learning approach to monitor the state of the network and decide the appropriate security level. We provide a formal approach and its implementation, together with simulations allowing to compare resources usage with respect to existing approaches.