Authors: Peng Wang; Chinya V. Ravishankar
Addresses: Department of Computer Science and Engineering, University of California, Riverside, Riverside 92507, USA ' Department of Computer Science and Engineering, University of California, Riverside, Riverside 92507, USA
Abstract: We show how to establish cryptographic keys in sensor networks where neither public-key infrastructure (PKI) nor a trusted third party exists. We use a 'web-of-trust' model, establishing 'path' keys using pairwise trust relationships between intermediaries sharing preloaded keys. We first show how to defeat current schemes with key foisting, a devastating novel attack not described in the literature. Foisting compromises 90% of the path keys, when only 10% of the sensors in the network are seized. We then present a two-way path-key establishment scheme, and a highest random weight (HRW) based path-key establishment scheme to deal with key foisting, using mGKE as an illustrative example. Our schemes reduce the probability of successful key foisting to nearly zero even when 20% sensors are seized. Its overhead is affordable, and its resilience is excellent. We also discuss key foisting in general distributed systems.
Keywords: sensor networks; network security; key establishment; fey foisting attacks; key stealing attacks; cryptographic keys; cryptography; web-of-trust; path keys; pairwise trust.
International Journal of Sensor Networks, 2016 Vol.22 No.2, pp.111 - 126
Received: 25 Aug 2014
Accepted: 21 Jan 2015
Published online: 29 Sep 2016 *