During the lifecycle of sensor networks, making use of the existing key predistribution schemes using deployment knowledge for pairwise key establishment and authentication between nodes, a new challenge is elevated. Either the resilience against node capture attacks or the global connectivity will significantly decrease with time. In this paper, a new deployment model is developed for multiphase deployment sensor networks, and then a new key management scheme is further proposed. Compared with the existing schemes using deployment knowledge, our scheme has better performance in global connectivity, resilience against node capture attacks throughout their lifecycle.
Due to limited energy capacity of batteries and the possibility of node capture, the functional lifetime of sensor networks (SNs) generally is longer than the operational lifetime of single node. To keep networks working efficiently, multiple deployments of nodes are needed. In the paper, multiphase SNs (MSNs) are studied, in which new nodes are periodically redeployed with certain intervals, called multiphase, to replace the dead or compromised nodes.
When SNs are deployed in a hostile environment, security becomes extremely important as they are vulnerable to different types of malicious attacks [
Public-key operations (both software and hardware implementations), albeit computationally feasible [
However, the security issue is still not solved for MSNs by using deployment knowledge. In the schemes [
To sum up, the problem of authentication and pairwise key establishment between nodes is still not solved for MSNs. In this paper, the main focus is twofold. (1) A new multiphase deployment model is proposed for sensor networks. In the model, the deployment field is divided into hexagonal cells, each cell has a deployment point, and nodes which have the same point form a group. When the proportion of uncaptured nodes in a group is less than the threshold
The main contributions of this paper are summarized as follows. A multiphase deployment model is presented. The model has the following two main advantages: (1) the number of nodes which are not captured in a cell can be controlled by adjusting the parameter A new method to construct key pools is proposed and a new key predistribution scheme is presented. The scheme can provide good performances in local connectivity, global connectivity, and resilience against node capture.
The remainder of the paper is organized as follows. The existing schemes are summarized in Section
To improve the performance of key establishment, Du et al. [
For MSNs, in [
As shown in Figure
A target field is partitioned into hexagon grids. ● represents a deployment point.
Nodes which are deployed in the same cell form a group. And nodes deployed in the cell
In a deployment phase, if no new nodes are needed to be added to a cell, then the number of deployment phase of the cell remains unchanged. For example, in the second deployment phase, no new nodes are needed to be added to the cell
Due to the short time period of the direct key establishment phase, it is reasonable to believe that only a limited number of sensor nodes may be compromised by an attacker [
In the scheme, the attack model is similar with [
In [
Two-dimensional key chain.
In our scheme, the key pool is made up by two-dimensional backward key chains [
Subkey pools.
Our scheme consists of three phases: key predistribution phase, shared-key discovery phase, and path-key establishment phase. Although path-key establishment phase is the same as, key predistribution phase and share-key discover phase are different in the previous schemes [
This phase is conducted offline before sensor nodes are deployed. A node
In our scheme, after shared key establishment, each node should save the hashed keys in its key ring. For example, it is supposed that an sensor
Next, we will describe the method for any two nodes
If
The common key between two sensors, where
If cells
The common key between two sensors, where
As a result, if the number of shared keys is larger than 0, that is,
In this section, we will analyze and simulate the performances of our scheme, including deployment model, local connectivity, communication overhead, and network resilience against node capture.
In the following experiments, the involved main parameters subsequent are defined as follows. We consider a SN deployed over fields of 475 m by 520 m. The area is divided into a hexagon and The center of each cell is the deployment point (see Figure The number of nodes in a The wireless communication range for a node is 40 m. We assume that node deployment follows a two-dimensional Gaussian distribution [ We assume that node deployment includes 5 phases. The value of The number of key pool of a cell, namely,
In the capture model, when an attacker locates in a cell, he can capture nodes around it. In this paper, it is supposed that compromised nodes can be identified by using schemes proposed by some scholars, such as [
Figure
The average number of uncaptured nodes in a cell as a function of σ and
For multiple deployment sensor networks, local connectivity is not only affected by the key predistribution method but also affected by the deployment model and the capture model. In this paper, only the analysis that local connectivity is affected by the key predistribution method is presented, that is, the probability
If
When
Hence, if
If cells
Hence, if cells
If cell
Figure
Local connectivity as a function of various parameters.
If direct key establishment fails, two sensor nodes need to start on path-key establishment phase to establish a pairwise key with the help of other sensor nodes. To establish a pairwise key with node
In this section, we investigate the number of hops required on this path for various parameters of our scheme. Let ph(
In our scheme, after the 5th deployment, the local connectivity keeps basically stable. So, we plot the values of
Distribution of the number of hops required to connect neighbors.
In this section, performance and security between our scheme and YG scheme [
With the same storage overhead, Figure
Comparing the local connectivity of our, YG, and ESPK scheme.
If local connectivity is less than 1, nodes in SNs may be divided into one or more isolated components. Any two nodes in an isolated component can securely communicate with each other directly or indirectly (Figure
Comparing the global connectivity of our, YG, and ESPK scheme.
In this work, we use simulation to estimate it. In
A scheme’s resilience toward node capture is evaluated by estimating the fraction of total network communications that are compromised by a capture of
We conducted simulation tests on network resilience against node capture of the above three schemes. In our simulations, it is supposed that only a few nodes are compromised during the shared-key discovery phase. In ESPK scheme, the key pools of nodes from different deployment phase are different. Therefore, its network resilience against node capture is the best. In YG scheme, the key pool is fixed. Therefore, increases in the number of captured nodes will diminish network resilience. For example, when
Comparing the resilience of our, YG, and ESPK scheme. Where
In this paper, we proposed a new deployment model for multiple deployment sensor networks, based on which a new key management scheme is further presented. We conducted a comprehensive study on connectivity, network resilience of our scheme. The results showed that our scheme can significantly improve network resilience over the YG scheme [
The authors declare that there is no conflict of interests regarding the publication of this paper.
This paper is partially supported by the National Natural Science Foundations of China (61232001 and 61173169), the Research Foundation of Education Committee of Hunan Province, China (13B057, 09A046 and 10A062), the Hunan Provincial Natural Science Foundation of China (12JJ2040), the Construct Program of the Key Discipline in Hunan Province, China, the Aid program for Science and Technology Innovative Research Team in Higher Educational Institute of Hunan Province, and the Construct Program of the Key Discipline in Hunan University of Humanities, Science and Technology.