Content uploaded by Qasem Abu Al-Haija
Author content
All content in this area was uploaded by Qasem Abu Al-Haija on Dec 15, 2013
Content may be subject to copyright.
1
Performance Evaluation of Probabilistic Key
Management Approaches for Wireless Sensor
Networks
Omar Banimelhem Qasem Abu Al-Haija Ahmad Al-Badawi
omelhem@just.edu.jo Eng Qasem1982@yahoo.com caesar etos@yahoo.com
Jordan University of Science and Technology, Department of Network Engineering and Security,
Irbid 22110, P. O. Box 3030
F
Abstract—Recently, the security issue has gained a noticeable interest in the
field of networks especially in wireless sensor networks(WSNs). Selecting
a certain security approach in order to be applied in a WSN is a decision
that usually depends on many factors. In this paper, we have evaluated
the performance of four probabilistic key management approaches using
two metrics: communication complexity and power Consumption. These
approaches are: Random key pre-distribution, Q-composite key scheme, Multi-
Path Reinforcement Scheme, and Random Pair-Wise Keys Scheme. The
results have shown that the random key pre-distribution approach can be
applied over a small sensor network with a large key pool size, while Q-
composite scheme has an improvement over the basic scheme for small scale
network attack. On the other hand, it was shown by simulation that the
random multipath scheme will give a great level of security if it is used
with average size of networks; however, it will consume much power in
transmission. Finally, the pairwise key scheme, which does most of its job
before distribution, is shown to give the best results which makes it the best
applicable approach especially if it is used in large networks.
Index Terms—Wireless Sensor Networks (WSN), Probabilistic Approaches,
Random Key Pre-Distribution, Q-Composite Key Scheme, Multi-Path Rein-
forcement Scheme, Random Pair-Wise Keys Scheme.
1 INTRODUCTION
THe technology of Wireless Sensor Networks (WSNs) is
in the front part of the investigation of the computer
networks and it could be the next technologic market of a
huge sum of money. A WSN contains hundreds to thousands
of small sensors where these sensors are designed to be self-
organized wireless networks. Sensor nodes have limited pro-
cessing power, storage, bandwidth, and energy. This limitation
makes provision of the security in sensor networks not an easy
task [6].
As discussed in [4], a WSN has no fixed infrastructure;
the sensor nodes are scattered in a special domain, which
makes the network threatened by attackers in many ways of
attacking [5]. For this reason, an efficient approaches have to
be proposed in order to make WSNs secure. The applicable
distribution techniques use the key management techniques
[3]- such as cryptographic public key-to provide the security
issues.
A sensor network must be confidential and should not reveal
Fig. 1. Problem statement.
sensor readings to the adversary. The standard approach for
keeping sensitive data secret is to encrypt the data with a
secret key such that only the intended receivers possess, hence
achieving confidentiality. The key in WSN is encrypted at the
sender then decrypted by the receiver using such symmetric
cryptographic algorithms [2] such as RC4 [9], RC5 [10], and
DES [13].
Probabilistic key management approaches depend on the
randomness in selecting a set of encryption keys (to distribute
between the sensor nodes in distributed WSN) from a pool
of keys that contain a large number of encrypted keys. These
approaches will work after the deployment stage of the sensors
and have no idea about the area so every thing will be
probabilistic-wise.
The problem addressed in this paper focuses on the prob-
abilistic key management approaches [1, 2, 3,5]. Based on
[1] where all approaches appear to be static and can be
applied on a WSN, we study those approaches by taking into
consideration the WSN constraints: Battery Life, Transmission
Range, Bandwidth, Memory, and Density of sensor in the
network. The problem is depicted in Fig. 1.
In the next section, we discuss the description and sim-
plification of probabilistic key management approaches in a
WSN, and briefly present their basic operations. Section 3
presents the system modeling where it forms the core of
the implementation phase proposed in this paper. In Section
4, system equations that show the detailed calculation of
communication complexity and power consumption of sev-
eral schemes are presented. Section 5 shows the simulation
environment. The comparison between different probabilistic
approaches for WSN’s security is given in Section 6. The paper
is concluded in Section 7.
2 PROBABILISTIC APP ROAC HE S
Probabilistic approaches group is characterized by the use
of key chains that are randomly selected from a large key
pool and distributed to sensors [8, 11]. Inside this group,
there are a lot of algorithms. However, we concentrate our
evaluation in this paper on the following common approaches:
1) Random key pre-distribution [4]. This algorithm is known
as the basic scheme. It depends on the probability of using
the random graph theory [2]. A simple summary of the
operation of this scheme is shown in Fig. 2. For more
details see [4, 8, 11].
2) Q-composite key scheme [1, 8, 11]. This algorithm is
very similar to the basic scheme with some differences
in the size of key pool and in the need of q common keys
to establish a link key. The main objective of this scheme
is to improve the resilience against node capture although
the probability that the nodes share the keys decreases.
Fig. 3 shows the operation of this scheme. This approach
is discussed in more details in [1, 7].
3) Multi-path reinforcement scheme [1, 8, 11]. This al-
gorithm uses multiple independent paths to establish a
link key. Normally, it is used with the basic scheme
because this conjunction gets a good resilience against
node capture attacks. The objective of this scheme is to
strengthen the security of a link key. Usually, initiation
phase and key setup work like the scheme that it is in
conjunction with the basic scheme. A simple summary
of the operation of this scheme is depicted in Fig. 4. For
further detail about this approach see [1, 7, 8].
4) Random pair-wise keys scheme [1, 7]. This algorithm
is a variation of the pair-wise keys scheme. The main
difference between both schemes is that in the random
pair-wise keys scheme, we use less than N-1 keys to have
a connected graph with high probability. The reason for
this change is to decrease the consumption of memory
and to increase the scalability. In random pair-wise keys
scheme, and due to the use of fewer keys, it is possible
that a node shares the same key with several nodes. To
avoid problems with the origin node and the destination
node, this scheme gives node to node authentication
properties. Fig. 5 gives a summary of the operation of
this scheme where further details are discussed in [1, 7,
11].
Fig. 2. Random key pre-distribution.
Fig. 3. Random Q-composite key scheme.
Fig. 4. Random Multi-path reinforcement scheme.
Fig. 5. Random pair-wise keys scheme.
3 SY STEM MODELING
There are different evaluation metrics that can be applied
to WSNs. Inside a WSN, we can evaluate the features of the
sensor nodes or the features of the WSNs as a whole entity.
In the first case, sensor nodes have several parameters that
can be taken into account, such as: energy, flexibility, security,
communication, computation, synchronization or size and cost.
These evaluation metrics are used as an indication to determine
which kind of nodes is going to be used in a network.
However, in this paper, we evaluate the features of the
entire network rather than the nodes themselves. Examples
of the metrics that are used to evaluate the network are:
communication complexity and power Consumption [1].
If we use the approach that makes a node itself calculate
these metrics and choose the appropriate probabilistic key
management, then we will get a self configurable approach
that makes the use of a WSN an efficient.
In this paper, we use the following parameters:
U: Number of nodes in the network.
S: key pool size.
K: Number of keys in a node’s key ring.
P: Probability that two neighbor nodes can set up a secure
link during the key-setup phase.
D: Degree of a node (the expected number of secure links a
node can establish during key-setup).
E: The expected number of neighbor nodes within
communication radius of a given node.
Q: The required amount of key overlap in the q-composite
scheme.
N: Random set of pair-wise keys stored to achieve probability
P.
J: Number of paths between two nodes in the multipath
reinforcement scheme.
Moreover, the following assumptions have been used in
our paper:
1) The encryption key is encrypted with RC4 algorithm
[9]. Therefore it takes about 40-128 bits. Moreover, we
assume the minimum number of bits in this work (40-bit).
2) The key pool size is chosen randomly. We assume that
the pool size is 10 times the network size.
3) For Multipath Reinforcement, Number of paths between
two nodes J =2.
4) For the q-composite scheme, the required amount of key
overlap Q=2.
5) Number of keys in a node’s key ring (K) is assumed to
be randomly selected from key pool (S) where K<S.
For example, if a WSN has U=10 then S=100 and K =
5, 10, 20, 30, or 50...etc <S.
6) The desired probability for network connectivity P is
calculated by random graph theory [2].For example,
P=0.9999
Fig. 6. Communication Complexity.
7) We can calculate the number of key rings supported by
the WSN by: ¡S
K¢. For instance, if a WSN has 5 nodes
and the key pool size S=50, and let the key ring size
K=20, then the number of key rings = 47129212243960
8) The degree of node is computed according to [5]. P is
calculated from the random graph theory)
D= (U−1
U)(ln(U)−ln(−ln(P))
4 SY STEM EQUATIO NS
4.1 Communication Complexity
Communication complexity is measured as the number and
size of packets sent and received by a sensor node and it is
the most power consumed by a sensor node. As was assumed
in [1, 11], let [a×c, b ×d]mean: anumber of messages of
size cunits are sent and bnumber of messages of size dunits
are received.
From Fig. 6, we conclude that communication complexity can
be bounded by the sum of the sent and received packets. Thus,
Communication Complexity =a×c+b×d(1)
1) Random Key Pre-distribution scheme (Basic scheme):
comm. comp = 1 ×k+d×k(2)
2) Q-Composite Random Key Pre-distribution scheme:
comm. comp =q×k+d×k(3)
3) Multi-path Key Reinforcement scheme:
comm. comp = 1 ×k+j×1 + d×k+j×1(4)
4) Random Pair-wise Keys scheme:
comm. comp = 1 ×1 + d×1(5)
4.2 Power Consumption
Power consumption is a measure of the amount of power
consumed by each node in transmitting and receiving the keys
when a scheme is applied over a WSN. There is another
power that will be consumed during the processing of the keys.
However, we will neglect it because its small compared with
the power consumed in communication. According to [12] ,
power consumption is one of the most important metrics in
WSNs.
Fig. 7. Power Consumption.
From Fig. 7, we conclude that the power consumption in
a node can be bounded by the sum of the receiving and
transmitting power. Thus,
P ower Consumption =ER+ET(6)
assuming that B is the number of bits weather sent or received
, we conclude that:
ET=Eelec ×B+Eamp ×B×Distance2(7)
ER=Eelec ×B(8)
Etotal =B×(2Eelec + (Eamp ×Distance2)) (9)
Where,
Eelec: Transmitter Electronics
Eamp: Transmit Amplifier
Moreover, assume Bp is the number of bits in each packet,
we can calculate the power consumption for each protocol as
follows:
1) Random Key Pre-distribution scheme:
T otal num of bits =Bp ×(1 ×k+d×k)
power cons. = [Bp ×(1 ×k+d×k)]
×(2Eelec + (Eamp ×Distance2))nJ
2) Q-Composite Random Key Pre-distribution scheme:
T otal number of bits =Bp ×(q×k+d×k)
power cons. = [Bp ×(q×k+d×k)]
×(2Eelec + (Eamp ×Distance2))nJ
3) Multi-path Key Reinforcement scheme:
T otal number of bits =Bp ×(1 ×k+j×1)
power cons. = [Bp ×(1 ×k+j×1)]
×(2Eelec + (Eamp ×Distance2))nJ
4) Random Pair-wise Key scheme:
T otal number of bits =Bp ×(1 ×1 + d×1)
power cons. = [Bp ×(1 ×1 + d×1)]
×(2Eelec + (Eamp ×Distance2))nJ
5 SIMULATION ENVIRONMENT
The approach for proceeding in the proposed solution started
by studying several key management approaches that can be
applied for WSNs and understanding the parameters in each
individual approach that can be helpful for solving the pro-
posed problem. We used the probabilistic analytical solution
as an appropriate algorithm for solving the proposed problem
where there is no pre-knowledge about the environment of
distributed sensors.
The WSN constraints (metrics) were calculated for all
probabilistic key management approaches according to the
network environment to get the best approach to be simulated.
The solution is implemented and verified using a simulation
program written in VB.NET programming language. Visual
Basic is a language for creating windows applications. It
also happens that Visual Basic is the easiest to learn, most
productive language.
The mathematical equations were verified using a mathemati-
cal software application such as: Maple Worksheets for Cryp-
tography and MS-Excel sheets. For simplicity and simulation
purposes we assume the following:
1) The number of shared key in Q-Composite protocol (q = 2).
2) The number of paths in multi-path protocol (j = 2).
3) The size of key = key ID = Node ID.
4) Homogenous nodes as a Berkeley node which has the following
characteristics:
* Transmitter Electronics (ET−elec) =
ReceiverE lectronics(ER−elec ) = 50nJ/bit.
** Transmit Amplifier (Eamp) = 100pJ/bit/m2.
5) The distance between neighboring nodes is 1 m.
6 RE SULTS
The four approaches were compared using the metrics
which we are discussed in the previous sections. Table 1 shows
some parameters needed by communication complexity and
power complexity metrics.
TABLE 1
Parameters Needed by both metrics
K D
50 13.7
100 13.7
150 13.7
200 13.7
250 13.7
300 13.7
350 13.7
400 13.7
450 13.7
500 13.7
6.1 Communication Complexity
The assumptions and results for Communication Complexity
tests are shown in Tables 2 and 3,and in Fig. 8.
TABLE 2
Communication Complexity assumptions
Symbol Value Description
U 100 number of nodes
P 0.9999 probability of setting up secure link
S 1000 keys pool
TABLE 3
Communication Complexity Values from Simulator Runs
(Packets)
Random key Q-Composite Multipath Random pairwise
735 785 739 14.7
1470 1570 1474 14.7
2205 2355 2209 14.7
2940 3140 2944 14.7
3675 3925 3679 14.7
4410 4710 4414 14.7
5145 5495 5149 14.7
5880 6280 5884 14.7
6615 7065 6619 14.7
7350 7850 7354 14.7
Fig. 8. Key and IDs VS. Communication Complexity
As we see in Fig. 8: Key and IDs VS. Communication Com-
plexity: as we see in the figure, again the upper three protocols
have a close behavior due to all of them transfer/receive a close
number of keys. A random pairwise behave as linear and we
see that logically because each node here will just send its ID
to its neighbors so it affected just by the number of neighbors
not by the number of keys or IDs.
6.2 Power Consumptions
The assumptions and results for Power Consumptions tests are
shown in Tables 4,5, and Fig9.
TABLE 4
Power Consumptions assumptions
Symbol Value Description
U 100 number of nodes
P 0.9999 probability of setting up secure link
S 1000 keys pool
As we see in Fig.9: Key Ring Size VS. Power: as we see the
behavior of each of Random Key Pre-distribution, Random
Multipath, and Random Q-Composite is close but the most
approach that consumes the power is the Q-Composite and
that’s logically accepted where it sends and receives more
keys. The pairwise Key behaves as a constant because it
doesn’t send/ receive the keys but it sends the IDS so it’s
the lowest power consumption.
TABLE 5
Power Consumptions Values from Simulator Runs (mJ)
Random key Q-Composite Multipath Random pairwise
5.88 6.28 5.912 0.1176
11.76 12.56 11.792 0.1176
17.64 18.84 17.672 0.1176
23.52 25.12 23.552 0.1176
29.4 31.4 29.432 0.1176
35.28 37.68 35.312 0.1176
41.16 43.96 41.192 0.1176
47.04 50.24 47.072 0.1176
52.92 56.52 52.952 0.1176
58.8 62.8 58.853 0.1176
Fig. 9. Key Ring Size VS. Power.
7 CONCLUSIONS
The randomness in distributing sensor nodes in a WSN
makes such environments difficult to study. From the security
perspective, there is no specific probabilistic key management
approach that could be marked as the best protocol to be
applied over any WSN with some setup parameters. Indeed,
the variation of parameters makes the use of a certain protocol
varied too. In this paper, we have evaluated the performance
of four probabilistic key management approaches using two
metrics: communication complexity and power consumption.
Simulation results have shown that the simplest protocol
to apply over a small sensor network is the random key pre-
distribution with a large key pool size. On the other hand,
Q-composite scheme improves over basic scheme for small
scale network attack.
The Random multipath scheme gives a great level of secu-
rity if it is used with average size of networks but it consumes
much power in transmission and as it is known the power
consumed in communication reward doubles of that consumed
in computations. It can be said that the pairwise key(provides
node-to-node authentication) which does the most of its job
before distribution and gives the best results in several metrics
to be the best applicable approach especially with large
networks where the security is considered the most important
factor.
For future work, we will study the four approaches with
other metrics such as scalability and confidentiality of a WSN.
8 REFERENCES
[1]Y. Xiao et al.,“A Survey of Key Management Schemes in Wireless Sensor
Networks,” Computer Communications, Vol. 30, PP. 2314-2341, 2007.
[2]W. Du, J. Deng, Y. S. Han, and P. K. Varshney, “Key Management in
Wireless Sensor Networks Extended Abstract,” Proceedings of the 5Th
Annual ACM/IEEE International Conference on Mobile Computing and
Networking (Mobicom), PP. 483-492.,1999.
[3]S. Wu and Y. Tseng, Wireless Ad Hoc Networking, Auerbach Publica-
tions, Taylor and Francis Group,Vol 1, Ch5,139-160, March. 2006.
[4]K. Sohraby, D. Minoli and T. Znati, “Wireless Sensor Networks: Tech-
nology, Protocols, and Applications,” John Wiley and Sons Inc., 2007.
[5]V. A. Radzevych and S. Mathew, “Security in Wireless Sensor Networks:
Key Management Approaches,” PPt File,University at Buffalo - The State
University of New York, Computer Science and Engineering, Nov. 2003.
[6]J. Polastre, R. Szewczyk, C. Sharp, and D.Culler, “The Mote Revolu-
tion: Low Power Wireless Sensor Network Devices,” Computer Science
Department, University of California, Berkeley, August 2004.
[7]W. Du et al., “A Pairwise Key Predistribution Scheme for Wireless Sensor
Networks,” ACM Transactions on Information and System Security
(TISSEC),Vol. 8, Issue 2,PP. 228 - 258, May 2005.
[8]H. Chan, A. Perrig and D. Song,“Random Key Predistribution Schemes
for Sensor Networks,” Proceedings of the 2003 IEEE Symposium on
Security and Privacy, 2003.
[9]Adi - Amd, Arm - Dsp Group, Lsi Logic Zsp, Mips - Ti. “RC4 Encryption
Algorithm”. Vocal Technologies, Ltd. Software Libraries Include A
Complete Range Of Etsi / Itu / Ieee Compliant Algorithms, Optimized
For Execution On Ansi C And Leading Dsp Architectures (Adi, Amd-
Alchemy, Arm, Dsp Group, Lsi Logic Zsp, Mips And Ti), 2003.
[10]B. S. Kaliski Jr, and Y. L. Yin, “On The Security of the RC5 Encryption
Algorithm,” RSA Laboratories Technical Report Tr-602, A Division Of
RSA Data Security, Man, Version 1.0—September 1998
[11]S. A. Camtepe and B.Yener, “ Key Distribution Mechanisms for Wireless
Sensor Networks: A Survey”, Rensselaer Polytechnic Institute- Computer
Science Department Troy, Ny, Technical Report Tr-05-07, Man, 23 March
2005.
[12]I. F. Akyildiz, T. Melodia and K. R. Chowdhury, “A Survey on Wireless
Multimedia Sensor Networks,” Computer Networks, Vol. 51, Issue 4, PP.
921-960, 2007.
[13]W. Trappe and L. C. Washington, Introduction to Cryptography with
Coding Theory, Prentice Hall, Second edition, 2005.
