Besides, other cutting-edge technologies including Internet of Things, blockchain, cloud and big data also motivate the development of such networks. However, more sensitive data than ever are being transmitted over wireless links. Although the emerging wireless networks have attracted much research effort, the security issues, as well as the privacy concerns, of these networks have not been fully investigated.
Moreover, the involved new techniques also bring more challenges in securely accessing these networks, authentication, user privacy protection and more. Buy Hardcover. Buy Softcover. FAQ Policy. About this book Wireless sensor networks have recently received a high level of attention due to their wide applications in military and civilian operations.
Show all. From the reviews: "Security for Wireless Sensor Networks provides a detailed overview of wireless sensor security issues, describing techniques for protecting networks and the results of recent studies in wireless sensor network security.
Table of contents 6 chapters Table of contents 6 chapters Introduction Pages Broadcast Authentication Pages Pairwise Key Establishment Pages An easy way of key distribution is to use the same key for all sensor nodes Figure 5 A. In this way, sensor nodes are pre-loaded with the primary key such that any two nodes can use it for encrypted communication.
- The Security Issues and Common Attacks in Wireless Sensor Networks.
- Oracle JDeveloper 11gR2 Cookbook (RAW).
- History of the Abderites;
However, the attackers can control the entire networks if they gain access to the primary key. Another extreme approach is for any two nodes to share a unique key pair Figure 5 B. When a node is attacked, it will not affect the security of the other nodes. This method can prevent the entire network from being attacked easily. If n is a large number, this method requires a lot of memory space to store the key pairs. Figure 5. Cases of using a primary key and unique key pairs. The random key pre-distribution methods randomly select k keys from a key pool to establish the key ring for a node, and each key contains the corresponding identity ID number.
Therefore, a secure communication can be established as long as there is at least one key being shared Figure 6. If there is no shared key between two nodes, the link has to be established through two or more key paths. Figure 6. Random key pre-distribution methods. Compared with the fully pair-wise shared key mechanisms, this method requires fewer pre-loaded keys and thus can save the memory space, but it can not verify the identity of neighbor nodes due to multiple links with the same shared keys.
Random key pre-distribution methods do not require too much computation time for generating key pairs, but the time for searching the shared keys is proportional to the number of keys. Hence, there is a trade-off between network connectivity and memory space, and a certain number of pre-loaded keys are required to achieve a high connectivity in the network. Since a sensor node has a higher chance to communicate with their neighbor nodes, a group-based key management mechanism was proposed for deploying sensor nodes .
In Figure 7, there are four groups and each group has three nodes. To allow communications among different in-groups, the nodes in different in-groups are organized into cross-groups. For example, nodes 1, 4, 7 and 10 belong to cross-group G 1. In deployment, the nodes within a group can be pre-loaded with the same key pairs to establish a secure communication.
This method can reduce the required memory space and achieve a better performance and scalability. However, if a node has to establish secure communication with the cross-group nodes, there is no guarantee that these nodes are within its communication range. Figure 7. Group-based key management mechanism.
Main navigation dropdown
The PKC is based on the concepts of public key and private key, and its security is achieved by using digital signature as well as key encryption and decryption to solve the discrete logarithm problem DLP. Elliptic curve is an old mathematic problem, which has been studied in algebra and geometry for a long time. In , Miller and Koblitz proposed to apply elliptic curves to the PKC, including key exchange, encryption, and digital signature, to reduce the computation cost of the DLP.
ECC is based on the characteristics of elliptic curves, so its variables and coefficients are limited to the elements in a finite field, which contains only finitely many elements.
- Security in Wireless Sensor Networks | SpringerLink.
- Sea Kayaking Safety and Rescue: From mild to wild, the essential guide for beginners through experts.
- Necrology: Immortality (Cyberpunk).
- To Hope and Back: The Journey of the St. Louis (Holocaust Remembrance Series).
- Speech-less: Tales of a White House Survivor!
Addition and multiplication are the specific operators, by which the result of any two elements is still within the finite field. The finite fields are classified by their size or order , and there is exactly one finite field up to isomorphism of size p n for each prime p and positive integer n. If the series is defined as p , then the finite field is expressed as F p. In the applications requiring a higher security, using ECC prime curves is more efficient than traditional cryptography , so this study is based on the prime field F p.
In general, an elliptic curve E is expressed by the equation. The elliptic curve E is defined in the prime field F p , where the point x, y falling into the elliptic curve E will meet the equation. The above equation is expressed as E p a,b , where p is a large prime number and x , y , a , b are the elements of the finite field F p. Also, a and b must satisfy the following equation.
IEEE SMC - eNewsletter
The elliptic curve also contains a point at infinity, denoted by O. The order n of an elliptic curve is the number of all points including the point at infinity. It is necessary for E p a,b to meet the requirement. For any point P on the elliptic curve, it is true that. Multiplication of a point P by an integer k on an elliptic curve is performed by adding P for k times, defined as.
ECC provides an efficient key-exchange mechanism. The following example Figure 8 describes how the keys are exchanged between two users. The operation of key exchange by ECDH. So far, many studies in wireless sensor networks have used ECDH to develop information security methods because it only needs a small key length to achieve the same degree of security as that of the RSA algorithm.
Therefore, ECDH is very suitable for applications in wireless sensor networks. With known Q and G , it is very difficult to calculate k with limited time if n is very large. To prevent the DLP from being cracked, one can use bit RSA as the baseline security, and the prime number P must be greater than bits in the elliptic curve equation. The order n of the elliptic curve base points must also be a prime number greater than bits.
Since ECC has the advantages of a lower computation complexity and storage requirement, the key management mechanism developed in this study is based on ECC by using bit key length and the ECDH for key exchange. This study is focused on the design of a defense mechanism against multiple attacks in a two-tiered clustered wireless sensor network Figure 9. A sensor node may be out of service due to power exhaustion or malicious attacks, so adding new sensor nodes to the network is sometimes necessary.
A key management mechanism based on ECC is proposed in this study to provide authentication services for the identity and message transmission of sensor nodes.
Wireless Sensor Network Security
The mechanism provides the added nodes with pre-loaded public keys as certificates to help the other nodes verify their legitimacy, and these keys can also be used as the shared keys with neighbor nodes. By doing so, the old nodes do not have to update their keys for secure communications with the new nodes. Figure 9. A two-tiered clustered wireless sensor network.
The wireless sensor network under investigation includes a base station, a number of sensor nodes and some cluster heads, and their major functions are described as below:. The base station is a powerful node in the wireless sensor network and it can reach a wide range of communication area. The base station can be located at any place of the network, and it is not limited by electric power, memory space, or data-processing capacity.
The base station serves as the gateway for external communication. If the base station has been invaded then the whole network will be taken over, so it is assumed that the base station is well protected and can always be trusted. It is assumed that sensor nodes are randomly distributed, and each node has a unique identity number.
Sensor nodes are limited by electric power, memory space, computation capacity, and communication range. A sensor node can communicate directly with other nodes in the same cluster, and it has to transmit the collected data to its cluster head. A cluster head is selected from the sensor nodes in the same cluster, so it has the same capacity and functions as the other nodes.
After deployment, the cluster head is responsible for collecting data from the sensor nodes, and the data are then forwarded to the base station. It is noted that a sensor node will not enter the sleep mode when serving as a cluster head. Before deployment, each sensor node has to go through an initialization phase, in which the base station functions as the trusted certification authority. The base station generates a pair of public and private keys for each node, and issues the pre-loaded certificates to ensure the legitimate identity of the newly added nodes.
The base station will first initialize the system parameters Table 1 by selecting a large prime number p and the elliptic curve parameters a and b to define the elliptic group E p a,b. Then, a base point G is selected from E p a,b with order n being a large number. Table 1. Parameters in the key management system.
The initialization steps are shown in the following:. Then, each cluster will elect a cluster head. The pre-loaded public key can be used as the certificate to ensure the legitimate identity of newly added nodes. The sensor nodes within a cluster can also verify the legitimacy with each other within the valid period of certificates and then select their cluster head. For example, node A and node B in Figure 10 send their certificates to each other for verification.
Because the certificates were pre-loaded with the public key by the BS, each node can verify the validity with each other through the public key. Figure