Computationally and Resource Efficient Group Key Agreement for Ad Hoc Sensor Networks
ABSTRACT Secure and reliable group communication is an important aspect of security in distributed ad hoc sensor networks. Most sensors are built to be inexpensive, low power devices and consequently have limited computational and communication resources. Constraints in resources make most conventional security protocols, such as Diffie-Hellman key exchange impractical. This work adapts existing work on tree-based group key agreement that combines key trees with Diffie-Hellman key exchange, by replacing expensive public key operations with relatively cheaper symmetric key operations. The modular exponentiations in Zn* used in Diffle-Hellman key exchange are replaced by polynomial evaluations in GF(2m) Galois fields, thereby reducing the code space and time complexity requirements for the protocols substantially. This makes the protocol adaptable for use on resource-constrained sensor networks. We also focus on secure and efficient group key management in the case of group mutation. Our group key management scheme will set up a per-session shared secret key among the group members when new members join or existing members leave the group. We also discuss a performance analysis of our scheme wherein we show that our protocol is efficient in terms of computational and memory requirements.
- SourceAvailable from: Gianluca Dini[show abstract] [hide abstract]
ABSTRACT: Group communication has proven a powerful paradigm for designing applications and services in Wireless Sensor Networks (WSNs). Given the tight interaction between WSNs and the physical world, a security infringement may translate into a safety infringement. Therefore, in order to fully exploit the group communication paradigm we need to secure it. Traditionally, this requirement has been formalized in terms of backward and forward security and fulfilled by means of rekeying. In WSNs, group rekeying becomes particularly a complex problem because communication takes place over an easily accessible wireless medium and because sensor nodes have severe limitations in terms of computing, storage, energy, and tamper-resistance capabilities for cost reasons. In this article we present a Lightweight Authenticated ReKeying (LARK) scheme for clustered WSNs. LARK guarantees backward and forward security, is scalable in terms of communication overhead, and efficient in terms of computing overhead for key authentiticy verification. LARK achieves security, efficiency, and scalability by exploiting two basic well-known mechanisms, namely key graph and key chain, and integrating them in an original way. LARK supports a general group model where groups can be hierachical and partially overlapping. In contrast to other WSN group rekeying schemes, LARK considers grouping a tool for designing and implementing applications and services rather than for network management. Consequently, LARK receives a group topology reflecting the application needs and manages rekeying at single-group level. In the article we describe LARK, formally argue that it meets the backward and forward security requirements, and, finally, evaluate its performance in terms of communication, computing, and storage overhead in limited-resources sensor nodes.ACM Trans. Embedded Comput. Syst. 01/2011; 10:41.