3.6 Performance Analysis and Simulation
3.6.2 Storage and Computation Overhead
Storage Overhead : In GPLD, a sensor stores the GKEKs corresponding to all the elementary groups it belongs to. Specifically, a sensor of class Cj belongs to the
network-wide group, the individual group of itself, and the class-based group con- sisting of all class Cj sensors. Moreover, there are n0 neighbor-pair groups de-
fined for each sensor, where n0 is the number of immediate neighbors a sensor has. Additionally, each sensor also belongs to 7*(L-1) location-based groups and 7*(L- 1) location-class-based groups (Ref. Section 3.3.4). Therefore, there are totally 1 + 1 + 1 + n0+ 7(L− 1) + 7(L − 1) = 14L + n0− 11 GKEKs that should be stored by each sensor. In a WSN, n0 usually could range from 20 to 60, depending on different applications [28, 16, 90], while L is a system parameter of the grid. Recall that sen- sors in a level-1 cell are within each others’ direct communication range as required in GPLD. Then, the number of sensors in a level-1 cell is around 4 to 10, given n0 ranging from 20 to 60. Hence, for a WSN, whose size is no more than 100,000, L = 9 will be more than enough to support GPLD as there will be up to 4L−1 = 65, 536
level-1 cells. Thus, each sensor stores at most 161 GKEKs. Suppose each GKEK is 8 bytes, then 161 GKEKs require a storage space of 1.26 KB only. Also note that although the sink is required to know all the GKEKs, it does not have to directly store all of them. Instead, the sink could store only the master key and the locations of each sensor, and compute the GKEK on-the-fly.
Computation Overhead : The computation overhead introduced by GPLD is lightweight, as each sensor are only required to perform several times of encryption and decryption
operations over a very short message (i.e., one key). GPLD does not require sensors to perform any kind of expensive public-key or polynomial based operations.
3.7
Summary
In this chapter, we analyzed and classified the multicast group semantics for WSNs that are inherently demanded by most applications. We then proposed GPLD to address multicast encryption problem in WSNs, which, to our best knowledge, is the first scheme of its kind that supports various multicast group semantics and is tailored for WSNs. Our proposed scheme advances the current state-of-the-art by enabling not only the dynamic changing but also dynamic formation of multicast groups. We developed a novel multicast encryption technique called global-partition, local-diffusion to achieve scheme efficiency and meet the resource-constrained nature of WSNs. The security and performance of the proposed scheme are justified through both analysis and simulations.
Data Report Security
In this chapter, we propose an integrated security design providing comprehensive protection over data confidentiality, authenticity, and availability. Our design estab- lishes a location-aware end-to-end data security (LEDS) framework in WSNs.
In WSNs, data of interest, which may vary depending on different applications, usually appear as event reports sent by the sensing nodes from event happening area via multihop paths to the sink. As the communication range of sensor nodes are limited, the reports will be relayed by the intermediate nodes before finally reaching the sink. Hence, the requirement on data confidentiality in WSNs is naturally as follows: as long as the event sensing nodes are not compromised, the confidentiality of the corresponding data report should not be compromised due to any other nodes’ compromise including the intermediate nodes along the report forwarding route.
Data reports collected by WSNs is usually sensitive and even critical such as in military applications, and hence, it is important to assure data authenticity in addition to confidentiality. Since the undetected compromised node(s) can always send false reports, cryptography can not fully prevent such attacks. However, if we require a valid report be collectively endorsed by a number, say T (T > 1), of sensor nodes who sense the event at the same time, we can protect data authenticity to the
extent that no less than T compromised nodes can forge a valid report. Furthermore, by exploiting static and location aware nature of WSNs, we can Furthermore require that a legitimate event report corresponding to certain area can only be generated by the collaborative endorsement of no less than T nodes of that area. That is, to generate a valid report on a non-existing event happening at a certain area, the only way is to compromise T nodes at that area, and otherwise impossible.
As compromised nodes are assumed existing in WSNs, it is important to prevent or be tolerant to their interference as much as possible to protect data availability. In this regard, security designs should be as robust as possible in the presence of compromised nodes. In-network processing such as false data filtering is important to save scarce network resources and to prolong network lifetime. To this end, any security design in WSNs should be highly resilient against two types of DoS attacks: report disruption attack [109] and selective forwarding attack [44], in which compro- mised nodes purposefully drop legitimate packets to disrupt the event report service by taking advantage of the en-route filtering policy.