Fiche du document
2 septembre 2013
- handle: 10670/1.a9qgrm
- hal: hal-01506711
http://creativecommons.org/licenses/by/ , info:eu-repo/semantics/OpenAccess
Mots-clés
Multi-key management scheme Key distribution server Newly joining node Shared key Wireless sensor network An incrementally constructed systemSujets proches
Locking devices KeysCiter ce document
William Cheng-Chung Chu et al., « A Multiple-Key Management Scheme in Wireless Sensor Networks », HAL-SHS : sciences de l'information, de la communication et des bibliothèques, ID : 10670/1.a9qgrm
Métriques
Partage / Export
Résumé
In a wireless sensor network (WSN), in order to provide a secure communication environment for all the sensor nodes, we often securely authenticate network nodes and protect all the messages delivered among them. When a sensor node (or simply a node or a sensor) newly joins a WSN, it is required for the Key Distribution Server (KDS) to distribute those generated security keys to this node and all the existing nodes before they can securely communicate with each other. But due to the wireless nature, when a node broadcasts a message M, all its neighbors can receive M. To securely protect this message, a security mechanism is required. Therefore, in this paper we propose a Multiple-key Management Scheme (MMaS for short), in which a sensor N receives two sets of keys from the KDS when the system starts up. The first set, named communication keys, is used by N to securely communicate with its neighbor sensors; the other, called the individual key, is employed to encrypt messages delivered between N and the KDS. When N would like to communicate with another node, e.g., M, they exchange their IDs with each other so as to correctly identify their common keys (CKs), which are used to individually generate a shared key (SK) on both sides for encrypting/decrypting messages transmitted between them. When N leaves the underlying network, the CKs currently related to N can be reused by a newly joining sensor, e.g., M. However, when M joins the network, if no such used ID is available, M will be given a new ID and CKs by the KDS. The KDS will encrypt the CKs, that will be used by an existing node H to communicate with M, with the individual key of H so that only H rather than M can correctly decrypt the CKs, with which to securely communicate with M. The security analysis shows that the proposed system is secure.