An optimal class of symmetric key generation systems
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
Random Key Predistribution Schemes for Sensor Networks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Key Infection: Smart Trust for Smart Dust
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Group-based key pre-distribution in wireless sensor networks
Proceedings of the 4th ACM workshop on Wireless security
Combinatorial design of key distribution mechanisms for wireless sensor networks
IEEE/ACM Transactions on Networking (TON)
Analytic Combinatorics
Key Levels and Securing Key Predistribution against Node Captures
Algorithmic Aspects of Wireless Sensor Networks
From key predistribution to key redistribution
ALGOSENSORS'10 Proceedings of the 6th international conference on Algorithms for sensor systems, wireless adhoc networks, and autonomous mobile entities
| Hi-index | 5.23 |
One of crucial disadvantages of key predistribution schemes for ad hoc networks is that if devices A and B use a shared key K to determine their session keys, then any adversarial device that holds K can impersonate A against B (or vice versa). Also, the adversary holding such a device can eavesdrop on communication between A and B for the lifetime of the system. We develop a dynamic scheme where the devices are preloaded with permanent keys according to a predistribution scheme, but these keys are not used directly for setting up session keys. For this purpose devices use a pool of temporal keys, which periodically are selected at random by a system provider. The temporal keys are broadcast by the system provider in an encrypted form (e.g. using the GSM network or local broadcasting services). For the transmission, the temporal keys are encrypted with permanent keys, each temporal key occurring m times encrypted with m different permanent keys. (Parameter m is a small constant.) Encrypting the same temporal key with different permanent keys has the effect that with a high probability two devices share many more temporal keys than the permanent keys from the main pool of keys. Also, the shared temporal keys come not only from ciphertexts encrypted with shared permanent keys but predominantly from ciphertexts encrypted with the permanent keys that are not shared by the devices. After each re-distribution different pairs of permanent keys provide such shared temporal keys. This feature is the key property of our design. It makes it possible not only to protect communication against an adversary that has collected a large fraction of keys from the main pool of keys, but also enables using key predistribution for authentication in the presence of such an adversary. Finally, we present a scheme for renewing the permanent keys in a way that an adversary loses the knowledge of permanent keys except for the keys that it learns via the legitimate devices that he holds. The scheme is based on projective plane techniques.