Replication attack on random key pre-distribution schemes for wireless sensor networks

摘要

When setting up a sensor network, one of the first requirements is to establish cryptographic keys for later use. However, the traditional key establishment techniques cannot be directly applied due to the inherent properties of sensor networks. Recently, a promising methodology, random key pre-distribution schemes based on symmetric cryptography, has been proposed. In this paper, the authors studied the problem of replication attack on random key pre-distribution schemes. Using a combination of modeling, analysis, and experiments, the relationship among the replicated hostile nodes, the sensor networks, and the resiliency of various random key pre-distribution schemes were analyzed, characterized, and discussed against replication attack. Example findings include: (1) the sensor networks with random key pre-distribution schemes, even with one replicated sensor, start to become almost 100% insecure when the adversary captures and stores the key information equivalent to those carried by one good sensor node; and (2) among the proposed schemes, the q-composite scheme with larger q is most resilient against replication attack while the basic scheme is least resilient and the Blom-based scheme lies in between the above two schemes when the replicated node has less memory to store key information than the original node. Interestingly, it is the other way round when the replicated node has more memory to store key information than the original node. Moreover, as a transition, the resilience against replication attack is the same for all the random schemes when the replicated and original nodes have the same memory to store key information. This study does not only provide practical insights into the design of more secure and efficient key establishment schemes allowing simple key establishment for large-scale sensor networks but can also be used to accurately predict the payoff that an adversary can gain after injecting a certain number of nodes into the sensor networks.