| Summary: | 博士 === 國立臺灣大學 === 電機工程學研究所 === 99 === Due to resource constraints on sensor nodes, public key cryptography and key distribution center (KDC) are not desirable to use in sensor networks. Instead, symmetric cryptosystem using preloaded keys is suitable for this environment. In such a solution, pairwise key establishment is a fundamental task for securing sensor networks. However, the conventional polynomial-based key predistribution approach, on which many existing key management schemes in sensor networks were based, can only offer probabilistic authentication. In this dissertation, we first develop a novel tame-based key predistribution approach, where we exploit tame automorphisms to get symmetric and two-one bivariate maps for pairwise key establishment. This tame-based approach can provide deterministic authentication between two parties. We then present a general framework for key predistribution, in the basis of the tame-based approach.
Based on this framework, we propose several schemes of pairwise key establishment. They are the local symmetric-tame maps predistribution scheme, robust hypercube-based key predistribution scheme, robust grid-based key predistribution scheme, enhanced tame-based key predistribution scheme, cluster-based key predistribution scheme, and pairwise key establishment in mobile sensor networks. In the local symmetric-tame maps predistribution scheme, we utilize the location information of sensor nodes for key predistribution. The analysis demonstrates that, in addition to being able to provide deterministic authentication service, the scheme not only has significantly better performance, but can also achieve greater resilience on security than existing schemes.
The hypercube-based key predistribution scheme is superior to other methods in some features. These features include being able to establish a pairwise key between any two sensor nodes, having resilience against node compromises, and the low memory, computation and communication overhead. Nevertheless, it can only provide probabilistic authentication service for sensor networks. In this dissertation, we improve the hypercube-based scheme to provide deterministic authentication service. Then we further present a variance of the grid-based scheme (one case of the hypercube-based scheme). It turns out that in addition to keeping the advantages of the improved hypercube-based scheme, the analysis demonstrates that the variance of the grid-based scheme can have the lower computation overhead and higher probability of having a direct pairwise key between two neighboring sensor nodes (two sensor nodes within the transmission range).
Although we can utilize the location information to improve the performance of key management scheme in sensor networks, however, in some applications, the location information of sensor nodes may not be available. Therefore, in this dissertation, we additionally take advantage of heterogeneous sensor nodes to enhance the tame-based key predistribution scheme. The analysis and simulation demonstrate that the enhanced scheme has better performance in terms of the initialization time, memory overhead, communication overhead, probability to establish a pairwise key between two neighboring nodes, and resilience against node compromises. We further extend the enhanced scheme to a cluster-based key predistribution scheme. The analysis and experiment indicate that in addition to preserving the advantages of the enhanced scheme, the cluster-based scheme has more efficient key predistribution process, much less energy consumption for the pairwise key establishment, and perfect resilience against node compromises. Finally, we apply the cluster-based scheme in mobile sensor networks to support the pairwise key establishment between mobile sensor nodes.
|
|---|
