Matrix based Hybrid Key Establishment Schemes for Securing the Communication in Group based WSN

Abstract

Secure key distribution is extremely crucial in commercial and military applications of WSN and wireless sensor and Actor networks (WSAN) for providing confidentiality to messages shared among sensors. It becomes more challenging when two cluster heads cannot communicate directly due to communication range. In this case, an ordinary node located at cluster boundaries to play a role of gateway node that has established keys in both clusters. Entire communication between clusters is transmitted through these gateway nodes. The main problem is that compromised gateway node exposes all keys transmitted through that node and relevant links are compromised before establishment. We have proposed Key Distribution using Key Fragmentation (KDKF) scheme that solves the problem. Sender divides the actual key into fragments using key fragmentation algorithm and sends these using gateway nodes as intermediaries. Receiver Node assimilates these key fragments using XOR operation to interpret actual key. KDKF scheme provides deployment scenarios and detailed protocol description to elaborate the message structure to exchange security credentials between distant nodes. Moreover, formal modeling is performed using Rubin Logic to verify and analyze the proposed protocol. Performance and resilience of protocol is validated through simulations using ns-2.35. It proves that a compromised gateway node cannot retrieve the actual key and only gets the key fragment. To assimilate the single actual key, adversary needs to subvert exactly those gateway nodes that participated in key fragments transmission. In contemporary schemes, all future keys transmitted through compromised gateway nodes were exposed. Results proof that KDKF is much more resilient against compromising attack and keys in network are not exposed to adversary. To further improve the communication overheads and better connectivity, we have proposed a Matrix based Key Establishment Scheme (MKES) where actual key is never transmitted on network. In MKES, each node is pre-loaded with one row and one column from a matrix. After deployment, indices for row and column are exchanged between the two nodes and values at intersection of row and column index is used to calculate the key on each node. It can establish keys with neighboring nodes, cluster heads, SINK and even across different WSN using same matrix values. Results are produced for analyzing resilience, storage and communication costs to prove dominance of MKES. It is also tested by deploying on android for securing messaging. Moreover, MKES is used in Critical Data Reclamation (CDR) that provides aggregated data extraction in isolated clusters where cluster head (GH) is destroyed. GH receives the query from sink node to send towards the cluster members and then transmits the aggregated Ata Ullah 52-FBAS/PHDCS/F09 vAbstract response to sink node. In the absence of GH, gateway nodes located at common boundary of neighboring clusters communicate with the neighboring GHs to transmit critical data to sink in a timely manner until a new GH is not added in the cluster. A secure protocol scenario is discussed in a stepwise manner to add new GH to the network. Proposed schemes is simulated and evaluated for Density of cluster, Connectivity, Resilience, Storage and Communication overhead.