The previous research investigations on key management for WSNs focus mainly on reducing overhead based on a hypothetical network model, rather than on a specific application. Some gaps in the area of key management for WSNs, are yet to be thoroughly investigated.
1. Lack of support for different types of communication. Most key management schemes for group communication in WSNs address only session key estab- lishment and renewal. Almost all the key predistribution schemes consider only the establishment of pairwise keys between sensor nodes. There are still several unsolved problems in the key predistribution field. For example, path keys do not exclusively belong to two end nodes. All the intermediate nodes on the path know the pairwise keys forwarded by them; the compromise of a limited number of nodes may lead to the exposure of the whole key pool. Most importantly, there is no way to establish different types of keys for dif- ferent kinds of communication requirements. A single key cannot meet the different communication requirements in WSNs, especially in hierarchical WSNs.
2. There is no feasible PKC-based/hybrid key management scheme for HWSNs. Although many researchers have demonstrated the feasibility of ECC-based public key generation from the hardware or software perspectives, rarely do current works propose a complete key management infrastructure using Pub- lic Key Cryptography. Traditional key management scheme for wired net- work cannot be directly transplanted to HWSNs given the unique attributes of the latter. As far as we know, SACK-P is the first trial of a PKC-based key management scheme for HWSNs. In fact, it cannot be seen as an original PKC-based key management scheme; it is a direct transformation of the basic SACK scheme which is based on Symmetric Key Cryptography. Public Key Cryptography has incomparable advantages over Symmetric Key Cryptogra- phy in key management and authentication. Nevertheless, great effort has to be put into making PKC-based/hybrid key management a reality in HWSNs.
3. Deficiencies of authentication. Existing authentication schemes have at least one or several of the following shortcomings: high computation or commu-
nication overhead, no resilience to nodes compromises, delayed authentica- tion, loose or even strict time synchronization, and absence of scalability. Lightweight authentication and Public Key Cryptography based authentica- tion are ideal alternative options for WSNs while the unique characteristics of WSNs should be given full consideration. Current literature is mainly con- cerned with authentication of communication content which happens after key establishment. In fact, authentication is also indispensable during the process of key establishment.
4. High-cost and limited capability of fault-tolerance. Due to the nature of WSNs, they are inherently susceptible to packet loss and node failure. Much current research on group management has been dedicated to minimizing storage, computational and the communication overhead to meet scalability. However, little attention has been paid to the robustness of these protocols. Most of the current key management protocols are not designed to cope with failures. However, such failures may block the normal run of key manage- ment protocols which are the building block of the whole security architec- ture. Self-healing key distribution is an ideal mechanism to deal with packet loss in session key distribution. However, problems such as robustness in- consistence remain unsolved. Existing countermeasures against node failure are either under stringent assumptions or are too costly to be feasible. To date, node failure tolerance property of pairwise key establishment protocols has not been addressed. How to maintain an acceptable trade-off between fault-tolerance and redundancy is still an open problem.
2.7 Conclusion
In this chapter, we carried out a survey of existing literature. We evaluated existing literature critically with a view to analyzing and assessing each category. We first surveyed existing key management schemes for WSNs security. We classified these approaches into different categories based on the key mechanism. We then talked about the necessity of and techniques for establishment of different types of keys in HWSNs. After that, we surveyed the authentication mechanism and self-healing mechanism. In the next chapter, we propose a problem definition and present a
3
Problem Definition and Solution
Overview
3.1 Introduction
As a result of significant advances in pervasive computing and wireless commu- nication technology, WSNs have gained wide application. However, some unique features of sensor networks make them more vulnerable to security attacks than their wired counterparts. Security countermeasures should be taken to resist cor- responding attacks. Key management works as the cornerstone of other security mechanisms as almost all of security mechanisms rely on, or are related to, en- cryption. Chapter 2 surveyed the literature and identified a series of weaknesses in current approaches aiming to address key management for sensor network secu- rity. We have found that, despite significant contributions have been made over the decades, very few practical approaches, especially in terms of key management so- lutions for HWSNs, have been proposed in the literature. In addition, as discussed in Chapter 2, some important auxiliary properties of key management in WSNs, such as authentication and self-healing, have not been addressed sufficiently.
To address the shortcomings discerned in the literature, in this chapter we will outline the problems that we intend to address in this thesis. Then the research methodology and solutions are proposed. In Section3.2, we outline a set of defi-
nitions that will be used throughout the thesis. In Section3.3, we define the main problems to be addressed in this thesis. In Section 3.4, we break down the main problems into research issues in order to better propose a solution. In Section3.5, we introduce the research method that we will adopt in this thesis. In Section3.6, we discuss the solutions to each of the research issues identified in Section 3.4. Finally, in Section3.7, we conclude the chapter.