TY - JOUR
T1 - Predistribution and local collaboration-based group rekeying for wireless sensor networks
AU - Zhang, Wensheng
AU - Zhu, Sencun
AU - Cao, Guohong
N1 - Funding Information:
Sencun Zhu received the B.S. degree in Precision Instruments from Tsinghua University, Beijing, China, in 1996 and the M.S. degree in Signal Processing from University of Science and Technology of China, Graduate School at Beijing, in 1999. He received the PhD degree in Information Technology from George Mason University in 2004. His research interests include network and systems security, ad hoc and sensor networks, performance evaluation, peer-to-peer computing. Currently he is working on issues related to ad hoc and sensor network security, DDoS attack prevention, and Worm detection. His research is funded by NSF and ARO. He is also a member of the Networking and Security Research Center, the Systems and Internet Infrastructure Security Lab, and the Cyber Security Lab.
PY - 2009/8
Y1 - 2009/8
N2 - When a sensor network is deployed in a hostile environment, an adversary may launch such attacks as eavesdropping the communications and compromising sensor nodes. Using the compromised nodes, he may inject false sensing reports or modify the reports sent by other nodes. To defend against these attacks, researchers have proposed symmetric group key-based schemes. In these schemes, however, if a large number of nodes are compromised, many (sub)group keys will be revealed. This greatly endangers the filtering schemes, making them very ineffective or even useless. To address this problem, we propose a family of predistribution and local collaboration-based group rekeying (PCGR) schemes, which update the compromised group keys to prevent the compromised nodes from understanding the communications between noncompromised nodes or injecting false data. These schemes are designed based on a simple while controversial idea - preload future group keys into sensor nodes before their deployment. To protect the preloaded keys from being disclosed by compromised nodes, we propose a novel technique that requires neighboring nodes to collaborate to derive the future group keys. To the best of our knowledge, our schemes are the first set of distributed group rekeying schemes for sensor networks without involving online key servers. Extensive analysis and simulations are conducted to evaluate the proposed schemes, and the results show that the proposed schemes can achieve a good level of security, outperform several previous group rekeying schemes, and significantly improve the effectiveness of false data filtering.
AB - When a sensor network is deployed in a hostile environment, an adversary may launch such attacks as eavesdropping the communications and compromising sensor nodes. Using the compromised nodes, he may inject false sensing reports or modify the reports sent by other nodes. To defend against these attacks, researchers have proposed symmetric group key-based schemes. In these schemes, however, if a large number of nodes are compromised, many (sub)group keys will be revealed. This greatly endangers the filtering schemes, making them very ineffective or even useless. To address this problem, we propose a family of predistribution and local collaboration-based group rekeying (PCGR) schemes, which update the compromised group keys to prevent the compromised nodes from understanding the communications between noncompromised nodes or injecting false data. These schemes are designed based on a simple while controversial idea - preload future group keys into sensor nodes before their deployment. To protect the preloaded keys from being disclosed by compromised nodes, we propose a novel technique that requires neighboring nodes to collaborate to derive the future group keys. To the best of our knowledge, our schemes are the first set of distributed group rekeying schemes for sensor networks without involving online key servers. Extensive analysis and simulations are conducted to evaluate the proposed schemes, and the results show that the proposed schemes can achieve a good level of security, outperform several previous group rekeying schemes, and significantly improve the effectiveness of false data filtering.
UR - http://www.scopus.com/inward/record.url?scp=64049117542&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=64049117542&partnerID=8YFLogxK
U2 - 10.1016/j.adhoc.2008.11.004
DO - 10.1016/j.adhoc.2008.11.004
M3 - Article
AN - SCOPUS:64049117542
SN - 1570-8705
VL - 7
SP - 1229
EP - 1242
JO - Ad Hoc Networks
JF - Ad Hoc Networks
IS - 6
ER -