TY - JOUR
T1 - Location-based compromise-tolerant security mechanisms for wireless sensor networks
AU - Zhang, Yanchao
AU - Liu, Wei
AU - Lou, Wenjing
AU - Fang, Yuguang
N1 - Funding Information:
Manuscript received October 1, 2004; revised August 10, 2005. This work was supported in part by the U.S. Office of Naval Research under Young Investigator Award N000140210464 and the U.S. National Science Foundation under Grant ANI-0093241 (CAREER Award).
PY - 2006/2
Y1 - 2006/2
N2 - Node compromise is a serious threat to wireless sensor networks deployed in unattended and hostile environments. To mitigate the impact of compromised nodes, we propose a suite of location-based compromise-tolerant security mechanisms. Based on a new cryptographic concept called pairing, we propose the notion of location-based keys (LBKs) by binding private keys of individual nodes to both their IDs and geographic locations. We then develop an LBK-based neighborhood authentication scheme to localize the impact of compromised nodes to their vicinity. We also present efficient approaches to establish a shared key between any two network nodes. In contrast to previous key establishment solutions, our approaches feature nearly perfect resilience to node compromise, low communication and computation overhead, low memory requirements, and high network scalability. Moreover, we demonstrate the efficacy of LBKs in counteracting several notorious attacks against sensor networks such as the Sybil attack, the identity replication attack, and wormhole and sinkhole attacks. Finally, we propose a location-based threshold-endorsement scheme, called LTE, to thwart the infamous bogus data injection attack, in which adversaries inject lots of bogus data into the network. The utility of LTE in achieving remarkable energy savings is validated by detailed performance evaluation.
AB - Node compromise is a serious threat to wireless sensor networks deployed in unattended and hostile environments. To mitigate the impact of compromised nodes, we propose a suite of location-based compromise-tolerant security mechanisms. Based on a new cryptographic concept called pairing, we propose the notion of location-based keys (LBKs) by binding private keys of individual nodes to both their IDs and geographic locations. We then develop an LBK-based neighborhood authentication scheme to localize the impact of compromised nodes to their vicinity. We also present efficient approaches to establish a shared key between any two network nodes. In contrast to previous key establishment solutions, our approaches feature nearly perfect resilience to node compromise, low communication and computation overhead, low memory requirements, and high network scalability. Moreover, we demonstrate the efficacy of LBKs in counteracting several notorious attacks against sensor networks such as the Sybil attack, the identity replication attack, and wormhole and sinkhole attacks. Finally, we propose a location-based threshold-endorsement scheme, called LTE, to thwart the infamous bogus data injection attack, in which adversaries inject lots of bogus data into the network. The utility of LTE in achieving remarkable energy savings is validated by detailed performance evaluation.
KW - Compromise tolerance
KW - Location
KW - Pairing
KW - Security
KW - Wireless sensor networks
UR - http://www.scopus.com/inward/record.url?scp=33144476837&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33144476837&partnerID=8YFLogxK
U2 - 10.1109/JSAC.2005.861382
DO - 10.1109/JSAC.2005.861382
M3 - Article
AN - SCOPUS:33144476837
SN - 0733-8716
VL - 24
SP - 247
EP - 260
JO - IEEE Journal on Selected Areas in Communications
JF - IEEE Journal on Selected Areas in Communications
IS - 2
ER -