Probabilistic Analysis and Threshold Investigations of Random Key Pre-distribution based Wireless Sensor Networks

Li, Wei-shuo

23 August 2010

In this thesis, we present analytical analysis of key distribution schemes on wireless sensor networks. Since wireless sensor network is under unreliable environment, many random key pre-distribution based schemes have been developed to enhance security. Most of these schemes need to guarantee the existence of specific properties, such as disjoint secure paths or disjoint secure cliques, to achieve a secure cooperation among nodes. Two of the basic questions are as follows: 1. Under what conditions does a large-scale sensor network contain a certain structure? 2. How can one give a quantitative analysis behave as n grows to the infinity? However, analyzing such a structure or combinatorial problem is complicated in classical wireless network models such as percolation theories or random geometric graphs. Particularly, proofs in geometric setting models often blend stochastic geometric and combinatorial techniques and are more technically challenging. To overcome this problem, an approximative quasi-random graph is employed to eliminate some properties that are difficult to tackle. The most well-known solutions of this kind problems are probably Szemeredi's regularity lemma for embedding. The main difficulty from the fact that the above questions involve extremely small probabilities. These probabilities are too small to estimate by means of classical tools from probability theory, and thus a specific counting methods is inevitable.

Wireless sensor networks

random key pre-distribution

regularity lemma

The Design and Analysis of Hash Families For Use in Broadcast Encryption

January 2012

abstract: Broadcast Encryption is the task of cryptographically securing communication in a broadcast environment so that only a dynamically specified subset of subscribers, called the privileged subset, may decrypt the communication. In practical applications, it is desirable for a Broadcast Encryption Scheme (BES) to demonstrate resilience against attacks by colluding, unprivileged subscribers. Minimal Perfect Hash Families (PHFs) have been shown to provide a basis for the construction of memory-efficient t-resilient Key Pre-distribution Schemes (KPSs) from multiple instances of 1-resilient KPSs. Using this technique, the task of constructing a large t-resilient BES is reduced to finding a near-minimal PHF of appropriate parameters. While combinatorial and probabilistic constructions exist for minimal PHFs with certain parameters, the complexity of constructing them in general is currently unknown. This thesis introduces a new type of hash family, called a Scattering Hash Family (ScHF), which is designed to allow for the scalable and ingredient-independent design of memory-efficient BESs for large parameters, specifically resilience and total number of subscribers. A general BES construction using ScHFs is shown, which constructs t-resilient KPSs from other KPSs of any resilience ≤w≤t. In addition to demonstrating how ScHFs can be used to produce BESs , this thesis explores several ScHF construction techniques. The initial technique demonstrates a probabilistic, non-constructive proof of existence for ScHFs . This construction is then derandomized into a direct, polynomial time construction of near-minimal ScHFs using the method of conditional expectations. As an alternative approach to direct construction, representing ScHFs as a k-restriction problem allows for the indirect construction of ScHFs via randomized post-optimization. Using the methods defined, ScHFs are constructed and the parameters' effects on solution size are analyzed. For large strengths, constructive techniques lose significant performance, and as such, asymptotic analysis is performed using the non-constructive existential results. This work concludes with an analysis of the benefits and disadvantages of BESs based on the constructed ScHFs. Due to the novel nature of ScHFs, the results of this analysis are used as the foundation for an empirical comparison between ScHF-based and PHF-based BESs . The primary bases of comparison are construction efficiency, key material requirements, and message transmission overhead. / Dissertation/Thesis / M.S. Computer Science 2012

Computer science

Broadcast Encryption

Cryptography

Key Pre-distribution

Scattering Hash Family

Security Schemes for Wireless Sensor Networks with Mobile Sink

Rasheed, Amar Adnan

2010 May 1900

Mobile sinks are vital in many wireless sensor applications for efficient data collection, data querying, and localized sensor reprogramming. Mobile sinks prolong the lifetime of a sensor network. However, when sensor networks with mobile sinks are deployed in a hostile environment, security became a critical issue. They become exposed to varieties of malicious attacks. Thus, anti threats schemes and security services, such as mobile sink?s authentication and pairwise key establishment, are essential components for the secure operation of such networks. Due to the sensors, limited resources designing efficient security schemes with low communication overhead to secure communication links between sensors and MS (Mobile Sink) is not a trivial task. In addition to the sensors limited resources, sink mobility required frequent exchange of cryptography information between the sensors and MS each time the MS updates its location which imposes extra communication overhead on the sensors. In this dissertation, we consider a number of security schemes for WSN (wireless sensor network) with MS. The schemes offer high network?s resiliency and low communication overhead against nodes capture, MS replication and wormhole attacks. We propose two schemes based on the polynomial pool scheme for tolerating nodes capture: the probabilistic generation key pre-distribution scheme combined with polynomial pool scheme, and the Q-composite generation key scheme combined with polynomial pool scheme. The schemes ensure low communication overhead and high resiliency. For anti MS replication attack scheme, we propose the multiple polynomial pools scheme that provide much higher resiliency to MS replication attack as compared to the single polynomial pool approach. Furthermore, to improve the network resiliency against wormhole attack, two defensive mechanisms were developed according to the MS mobility type. In the first technique, MS uses controlled mobility. We investigate the problem of using a single authentication code by sensors network to verify the source of MS beacons, and then we develop a defensive approach that divide the sensor network into different authentication code?s grids. In the second technique, random mobility is used by MS. We explore the use of different communication channels available in the sensor hardware combined with polynomial pool scheme.

Wireless Sensor Network

Key Pre-Distribution Schemes

Mobile Sensor Networks

Toward securing links and large-scale

Delgosha, Farshid

13 September 2007

Applications of finite-field wavelets, paraunitary matrices, and multivariate polynomials in the design of efficient cryptographic algorithms for resource-limited devices and wireless sensor nodes is the main topic of this thesis. In this research, multivariate paraunitary matrices over fields of characteristic two are of special importance. Therefore, the factorization of their bivariate counterpart into the product of fully-parameterized building blocks was studied. Result were a two-level factorization algorithm and new building blocks over the ring of polynomials that allow a complete first-level factorization. One of the contributions in this thesis was a completely new design for self-synchronizing stream ciphers based on wavelets over fields of characteristic two. Since these wavelets can be efficiently designed and implemented using paraunitary matrices, the designed cipher is highly efficient in terms of encryption and decryption complexities. The cryptanalysis of the proposed cipher did not reveal any vulnerabilities to the current state of the art attacks developed for stream ciphers. A completely novel framework for the design of multivariate asymmetric cryptosystems (based on paraunitary matrices) is a main contribution in this thesis. Using algebraic properties of paraunitary matrices, the computational security of systems designed based on this framework was studied. It was proved, for the first time, that breaking any instance of such systems provides a positive answer to an algebraic longstanding (non- computational) open problem. Therefore, the proposed framework certainly is an improvement toward the design of provably secure multivariate cryptosystems. Using this approach, a public-key cryptosystem and a digital signature scheme was proposed. Considering the attractiveness of algebraic techniques, their applications in the design of cryptographic algorithms for wireless sensor networks was investigated. A novel key pre-distribution scheme for data confidentiality in sensor networks was proposed. This scheme outperforms all previous designs in terms of network resiliency against the node capture. Theoretical analysis showed improvement over previous schemes and also robustness in design. In addition to key pre-distribution, a location-aware scheme was proposed that provides authenticity and availability for sensor networks. Main ingredients of this scheme are node collaboration for entity authenticity, hash tree for data authenticity, and random network coding for data availability. This scheme is the first one in its category that provides a practical solution to all the aforementioned security services.

Key pre-distribution

Wireless sensor network

Authentication

Public-key cryptography

Digital signature

Stream cipher

Multivariate paraunitary matrix

Finite-field wavelet

Computer security

Data protection

Cryptography