key pre-distribution approach in wireless sensor networks using lu matrix
DESCRIPTION
Key Pre-distribution Approach in Wireless Sensor Networks Using LU Matrix. Authors: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol.10, no.8, pp.1399-1409, 2010. Presenter: Yung- Chih Lu ( 呂勇志 ) Date: 2010/11/05. Outline. Introduction Polynomial-based scheme - PowerPoint PPT PresentationTRANSCRIPT
Key Pre-distribution Approach in Wireless Sensor Networks Using LU Matrix
Authors: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol.10, no.8, pp.1399-1409, 2010. Presenter: Yung-Chih Lu (呂勇志 )Date: 2010/11/05
1
OutlineIntroductionPolynomial-based schemeProposed SchemePerformance EvaluationConclusionComment
2
Introduction (1/3)
Goal◦Key agreement◦Against attack
node capture attack
◦Saving resource storage overhead
◦Extra service node to node authentication
3
Introduction (2/3)
Wireless Sensor Network
:Base station
:Low-end Sensor
:High-end Sensor
Introduction (3/3)
The Aspect of Key Predistribution◦Keys are distributed to all sensor
nodes prior to deployment.
◦Random key predistribution Polynomial-based scheme
◦Deterministic key predistribution Combinatorial design
5
Key pool={1,2,3,4}
Key pool={1,2,3,4}
SensorA
SensorB
drawing
Ex:
{2,4}
{1,4}
L. Eschenauer and V. Gligor. “A Key-Management Schemefor Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002.
Theorem ◦ Setup server randomly generates a
symmetric bivariate t-degree polynomial
Ex: f(x,y) = 4x2y2 + x3y1 + x1y3 + 5
It’s a symmetric bivariate 3-degree polynomial
Polynomial-based scheme (1/2) C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, M. Yung.
"Perfectly-secure Key Distribution for DynamicConferences." Lecture Notes in Computer Science,471–486 , 1993.
[ ] 5 0 0 00 0 0 10 0 4 00 1 0 0
6
Key Agreement
Polynomial-based scheme (2/2)
L-sensor: Low-end sensor s: Step
:Lv-sensor
5 1 4 1y0 y1 y2 y3 :Cluster head
step1: computes 1: Cluster Head ID 2: Lv-sensor ID f(1,y) = 4y2 + y1 + y3 + 5
f(2,y) = 16y2 + 8y1 + 2y3 + 5
step2: The Setup server loads the sensor node with coefficients
step3: Each sensor node broadcasts its own ID
step4: Receiver use ID to compute a shared secret keyKuv = f(u,v) = f(v,u) = Kvu
K12 = f(1,2) = 31 = f(2,1) = K21
5 8 16
2y0 y1 y2 y3
7
s3
s4
s4
LU Decomposition
K12=K21
Proposed Scheme (1/5)
8
L: Lower Triangular Matrix U: Upper Triangular MatrixK: Symmetric Matrix
LU Decomposition
9
Proposed Scheme (2/5)
9
Assuming that u11=1, u22=2, u33=3
K: Symmetric Matrix
Proposed Scheme (3/5)
Polynomial pre-distribution phase
10
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
drawing
1: A symmetric bivariate polynomialS: Sensor
Ex:
Sa Sb
Proposed Scheme (4/5)
Shared key establishment phase
11
1 3 0
1 0 0s1
s2
s22 0 01/2
2 0
Lr2
Lr1
Uc2
Uc1
step1: Each sensor node broadcasts its L array
step2: Sensors use L array to compute a shared secret Polynomial
K21 = Lr2×Uc1 = 1 = Lr1×Uc2 = K12
1: f(x,y) = 4x2y2 + x3y1 + x1y3 + 5
1: Shared secret polynomialS: Sensor
[ ] 5 0 0 00 0 0 10 0 4 00 1 0 0
Proposed Scheme (5/5)
Shared key establishment phase
12
Sa SbLr
K21 = Lr2×Uc1
EK21[ Sb_ID ]
Lr1×Uc2 = K12
DK12 [EK12[ Sb_ID ]]
= Sb_ID
EK12[ CLR ]
MAC(K12, Sb_ID || CLR)
EK21[ Sb_ID ]
EK12[ CLR ]
MAC(K12,SB || CLR)
DK21 [EK21[ CLR ]]
= CLR
Verify
MAC(K12, Sb_ID || CLR) ?=
MAC(K21, Sb_ID || CLR)K: Shared secret polynomial CLR: Confirmation message S: Sensor
Performance EvaluationNetwork Connectivity
13
L. Eschenauer and V. Gligor. “A Key-Management Schemefor Distributed Sensor Networks.” In Proc. 9th ACM Conference on Computerand Communication Security, pp.41-47, Nov. 2002.
S:The key pool size
S. A. Camtepe and B. Yener, “Combinatorial design of key Distribution mechanisms for wireless sensor network,” in Proc. Comput. Secur.-ESORICSpp. 293–308 , 2004.
Performance EvaluationResilience Against Node Capture
14
k: the storage per node τ:the number of polynomials in each nodet': the degree of the polynomial in the Blundo schemeN: the number of nodes in the networkt: the degree of a polynomial in our scheme ω :the polynomial pool size
K=400
Performance EvaluationResilience Against Node Capture
15
k: the storage per node τ:the number of polynomials in each nodeN: the number of nodes in the networkt: the degree of a polynomial in our scheme ω :the polynomial pool sizeS:the key pool size q:a prime power
K=400
Performance EvaluationMemory Overhead
16
N: the number of nodes in the networkt: the degree of a polynomial in our schemeh: nonzero-element parts2z: number of zeros
N t Our scheme memory(bit)
MemorySaving (bit)
Saving ratio
50 5 0.3×105 1.1×105 78.57%
50 10 0.6×105 1.9×105 76%
100 5 1.25×105
3.8×105 75.25%
100 10 2.25×105
7.2×105 76.19%
ConclusionHigh network connectivityStrong resilience against node
captureNode to node mutual
authenticationOptimize the memory overhead
17
Comment
1 2 9 5
2 7 4 6
9 4 2 3
5 6 3 1
18
LU=
1 2 9 5
2 7 5 6
9 5 2 3
5 6 3 1
=LU
K12=K21=
[ ]9 55 6
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
drawing
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
Polynomialpool =
{1,2,3,4,5,6,7,8,9,10}
drawing