TY - JOUR
T1 - Replication attack on random key pre-distribution schemes for wireless sensor networks
AU - Fu, Huirong
AU - Kawamura, Satoshi
AU - Zhang, Ming
AU - Zhang, Liren
N1 - Funding Information:
This material is based upon work partly supported by the National Science Foundation under Grant No. 0542374 and Grant No. 0716527, Michigan Space Grant Consortium Research Seed Grant, and Oakland University Faculty Research Fellowship. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation, Michigan Space Grant Consortium, or Oakland University.
PY - 2008/3/5
Y1 - 2008/3/5
N2 - When setting up a sensor network, one of the first requirements is to establish cryptographic keys for later use. However, the traditional key establishment techniques cannot be directly applied due to the inherent properties of sensor networks. Recently, a promising methodology, random key pre-distribution schemes based on symmetric cryptography, has been proposed. In this paper, we study the problem of replication attack on random key pre-distribution schemes. Using a combination of modeling, analysis, and experiments, we analyze, characterize, and discuss the relationship among the replicated hostile nodes, the sensor networks, and the resiliency of various random key pre-distribution schemes against replication attack. Example findings include: (1) the sensor networks with random key pre-distribution schemes, even with one replicated sensor, start to become almost 100% insecure when the adversary captures and stores the key information equivalent to those carried by one good sensor node; and (2) when the replicated node has less memory to store key information than the original node, among the proposed schemes, the q-composite scheme with larger q is most resilient against replication attack while the basic scheme is least resilient and the Blom-based scheme lies in between the above two schemes. Interestingly, it is the other way round when the replicated node has more memory to store key information than the original node. Moreover, as a transition, the resilience against replication attack is the same for all the random schemes when the replicated and original nodes have the same memory to store key information. This study not only provides practical insights into the design of more secure and efficient key establishment schemes allowing simple key establishment for large-scale sensor networks, but can also be used to predict the payoff that an adversary can gain after injecting a certain number of nodes into the sensor networks.
AB - When setting up a sensor network, one of the first requirements is to establish cryptographic keys for later use. However, the traditional key establishment techniques cannot be directly applied due to the inherent properties of sensor networks. Recently, a promising methodology, random key pre-distribution schemes based on symmetric cryptography, has been proposed. In this paper, we study the problem of replication attack on random key pre-distribution schemes. Using a combination of modeling, analysis, and experiments, we analyze, characterize, and discuss the relationship among the replicated hostile nodes, the sensor networks, and the resiliency of various random key pre-distribution schemes against replication attack. Example findings include: (1) the sensor networks with random key pre-distribution schemes, even with one replicated sensor, start to become almost 100% insecure when the adversary captures and stores the key information equivalent to those carried by one good sensor node; and (2) when the replicated node has less memory to store key information than the original node, among the proposed schemes, the q-composite scheme with larger q is most resilient against replication attack while the basic scheme is least resilient and the Blom-based scheme lies in between the above two schemes. Interestingly, it is the other way round when the replicated node has more memory to store key information than the original node. Moreover, as a transition, the resilience against replication attack is the same for all the random schemes when the replicated and original nodes have the same memory to store key information. This study not only provides practical insights into the design of more secure and efficient key establishment schemes allowing simple key establishment for large-scale sensor networks, but can also be used to predict the payoff that an adversary can gain after injecting a certain number of nodes into the sensor networks.
KW - Attack
KW - Combinatorics
KW - Experimentation
KW - Key management
KW - Performance
KW - Reliability
KW - Security
KW - Sensor networks
KW - Statistics
KW - Theory
UR - http://www.scopus.com/inward/record.url?scp=39049172951&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=39049172951&partnerID=8YFLogxK
U2 - 10.1016/j.comcom.2007.10.026
DO - 10.1016/j.comcom.2007.10.026
M3 - Article
AN - SCOPUS:39049172951
SN - 0140-3664
VL - 31
SP - 842
EP - 857
JO - Computer Communications
JF - Computer Communications
IS - 4
ER -