Skip to main content
SpringerLink
Log in

Public-key based access control in sensornet

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

Symmetric cryptography has been mostly used in security schemes in sensor networks due to the concern that public key cryptography (PKC) is too expensive for sensor devices. While these schemes are efficient in processing time, they generally require complicated key management, which may introduce high memory and communication overhead. On the contrary, PKC-based schemes have simple and clean key management, but cost more computational time. The recent progress in PKC implementation, specially elliptic curve cryptography (ECC), on sensors motivates us to design a PKC-based security scheme and compare its performance with the symmetric-key counterparts. This paper proposes a practical PKC-based access control for sensor networks, which consists of pairwise key establishment, local access control, and remote access control. We have implemented both cryptographic primitives on commercial off-the-shelf sensor devices. Building the user access control as a case study, we show that PKC-based protocol is more advantageous than those built on symmetric cryptography in terms of the memory usage, message complexity, and security resilience. Meanwhile, our work also provides insights in integrating and designing PKC-based security protocols for sensor networks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Notes

  1. Based on our experimental result of forwarding a 60 byte payload in MICAz motes.

References

  1. Bollobs, B. (1985). Random graphs. NY :Acadamic Press Inc.

    Google Scholar 

  2. Boneh, D., & Franlin, M. (2001). Identity-based encryption from the weil pairing. In CRYPTO, pp. 213–229. Berlin: Springer.

  3. Carman, D., Matt, B., Kruus, P., Balenson, D., & Branstad, D. (2000). Key management in ditributed sensor networks. In DARPA Sensor IT Workshop.

  4. Chan, H., & Perrig, A. (2005). PIKE: Peer intermediaries for key establishment in sensor networks. Miami, FL: INFOCOM.

  5. Chan, H., Perrig, A., & Song, D. (2003). Random key predistribution schemes for sensor networks. In IEEE symposium on security and privacy, pp. 197–213, Berkeley, California, May.

  6. Du, W., & Deng, J. (2003). A pairwise key pre-distribution scheme for wireless sensor networks. In ACM CCS.

  7. Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. In ACM CCS, November.

  8. Fox, A., & Gribble, S. D. (1996). Security on the move: Indirect authentication using Kerberos. In Mobicom, New York, November.

  9. Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In CHES, Cambridge, MA, August.

  10. Crossbow Technology INC. Wireless sensor networks. http://www.xbow.com/.

  11. Karlof, C. , Sastry, N., & Wagner, D. (2004). TinySec: A link layer security architecture for wireless sensor networks. In SENSYS, Baltimore, MD, November.

  12. Liu, A., & Ning, P. (2005) http://discovery.csc.ncsu.edu/software/TinyECC/.

  13. Liu, D., & Ning, P. (2003). Establishing pairwise keys in distributed sensor networks. In ACM CCS, Washington, DC, October.

  14. Malan, D. J., Welsh, M., & Smith, M. D. (2004) A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography. In The first IEEE international conference on sensor and Ad Hoc communications and networks. Santa Clara, CA, October.

  15. Mathur, G., Desnoyers, P., Ganesan, D., & Shenoy, P. (2006). Ultra-low power data storage for sensor networks. In IPSN ’06, New York, NY, USA.

  16. Neuman, B. C., & Ts’o, T. (1994). Kerberos: An authentication service for computer networks. IEEE Communications, 32(9), 33–38.

    Article  Google Scholar 

  17. NIST. (2001). Key management guideline. In Workshop Document (DRAFT), October

  18. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, D. (2002). SPINS: Security protocols for sensor networks. NY: ACM/Kluwer Wireless Networks Journal (WINET).

    Google Scholar 

  19. Di Pietro, R., Mancini, L. V., & Mei, A. (2006). Efficient and resilient key discovery based on pseudo-random key pre-deployment. Wireless Networks 12(6).

  20. Di Pietro, R., Mancini, L. V., Mei, A., Panconesi, A., & Radhakrishnan, J. (2008) Redoubtable sensor networks. ACM Transaction on Information and Systems Security, 11(3), March.

  21. Ren, Kui , & Lou, Wenjing (2005). Privacy enhanced access control in pervasive computing environments. In Proceedings of BroadNet05, October.

  22. Shamir, A. (1979) How to share a secret. Communications of the ACM 22(11), 612–613

  23. Shantz, S. C. (2001). From Euclid’s GCD to montgomery multiplication to the great divide. In Technical report, Sun Microsystems Laboratories TR-2001-95, June.

  24. TinyOS. TinyOS 1.1.15. http://www.tinyos.net, 2006.

  25. Traynor, P., Kumar, R., Saad, H. B., Cao, G., & Porta, T. L. (2006). LIGER: Implementing efficient hybrid security mechanisms for heterogeneous sensor networks. In MOBISYS, Uppsala, Sweden, June.

  26. Wang, H., & Li, Q. (2006). Distributed user access control in sensor networks. In IEEE international conference on distributed computing in sensor systems(DCOSS), pp. 305–320, San Francisco, CA, June.

  27. Wang, H., & Li, Q. (2010). Achieving robust message authentication in sensor networks: A public-key based approach. ACM Journal of Wireless Networks (WINET), 16(4), 999–1009.

    Article  Google Scholar 

  28. Wang, H., Sheng, B., & Li, Q. (2006). Elliptic curve cryptography based access control in sensor networks. International Journal on Sensor Networks, 1(2).

  29. Wang, H., Sheng, B., Tan, C.C., & Li, Q. (2007). WM-ECC: An elliptic curve cryptography suite on sensor motes. Technical Report WM-CS-2007-11, College of William and Mary, Computer Science, Williamsburg, VA.

  30. Ye, F., Luo, H., Lu, S., & Zhang, L. (2004). Statistical en-route filtering of injected false data in sensor networks. In INFOCOM.

  31. Zeinalipour-Yazti, D., Lin, S., & Kalogeraki, V. (2005). Dimitrios Gunopulos, Walid A. Najjar. MicroHash: An efficient index structure for flash-based sensor devices. In FAST.

  32. Zhang, W., Song, H., Zhu, S., & Cao, G. (2005). Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks. In MOBIHOC, Chicago, IL, May.

  33. Zhang, Y., Liu, W., Lou, W., & Fang, Y. (2006). Location-based compromise-tolerant security mechanisms for wireless sensor networks. IEEE Journal on Selected Areas in Communications, 24(2), 247–260.

    Article  Google Scholar 

  34. Zhang, Y., Liu, W., Lou, W., & Fang, Y. (2005). Securing sensor networks with location-based keys. In WCNC, New Orleans, Louisiana, March.

  35. Zhu, S., Setia, S., & Jajodia, S. (2003). LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In ACM CCS, Washington D.C., October.

  36. Zhu, S., Setia, S., Jajodia, S., & Ning, P. (2004). An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. In IEEE symposium on security and privacy, Oakland, CA, May.

Download references

Acknowledgments

The authors would like to thank all the reviewers for their insightful comments and kind guidances to improve the paper. This project was supported in part by US National Science Foundation grants CNS-0721443, CNS-0831904, and CAREER Award CNS-0747108.

Author information

Authors and Affiliations

  1. Department of Computer and Information Science, Cleveland State University, Cleveland, OH, 44115, USA

    Haodong Wang

  2. Department of Computer Science, University of Massachusetts Boston, Boston, MA, 02125, USA

    Bo Sheng

  3. Department of Computer and Information Science, Temple University, Philadelphia, PA, 19122, USA

    Chiu C. Tan

  4. Department of Computer Science, College of William and Mary, Williamsburg, VA, 23187, USA

    Qun Li

Authors
  1. Haodong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bo Sheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chiu C. Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qun Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haodong Wang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wang, H., Sheng, B., Tan, C.C. et al. Public-key based access control in sensornet. Wireless Netw 17, 1217–1234 (2011). https://doi.org/10.1007/s11276-011-0343-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-011-0343-x

Keywords

Search

Navigation