IFIP International Information Security Conference

SEC 2007: New Approaches for Security, Privacy and Trust in Complex Environments pp 157-168

Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks

  • Tyler Moore
  • Jolyon Clulow
Conference paper

DOI: 10.1007/978-0-387-72367-9_14

Volume 232 of the book series IFIP International Federation for Information Processing (IFIPAICT)

Abstract

Path keys are secrets established between communicating devices that do not share a pre-distributed key. They are required by most key pre-distribution schemes for sensor networks, because topology is unknown before deployment and storing complete pairwise-unique keys is infeasible for low-cost devices such as sensors. Unfortunately, path keys have often been neglected by existing work on sensor network security. In particular, proposals for revoking identified malicious nodes from a sensor network fail to remove any path keys associated with a revoked node. We describe a number of resulting attacks which allow a revoked node to continue participating on a network. We then propose techniques for ensuring revocation is complete: universal notification to remove keys set up with revoked nodes, path-key records to identify intermediaries that are later revoked, and blacklists to prevent unauthorized reentry via undetected malicious nodes. Path keys also undermine identity authentication, enabling Sybil attacks against random pairwise key pre-distribution.

Download to read the full conference paper text

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Tyler Moore
    • 1
  • Jolyon Clulow
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK