TELKOM
NIKA Indonesia
n
Journal of
Electrical En
gineering
Vol.12, No.5, May 2014, pp
. 3969 ~ 39
7
8
DOI: http://dx.doi.org/10.11591/telkomni
ka.v12i5.4241
3969
Re
cei
v
ed O
c
t
ober 1
3
, 201
3; Revi
se
d Decem
b
e
r
20, 2013; Accept
ed Ja
nua
ry 9,
2014
An Improved Key Man
a
gemen
t
Scheme for Hierarchical
Wireless Senso
r
s Networks
Abdoulay
e D
i
op*, Yue Qi, Qin Wang
Schoo
l of Com
puter an
d Com
m
unic
a
tion En
gin
eeri
n
g
Univers
i
t
y
of Scienc
e an
d T
e
chno
log
y
B
e
ij
ing
,
Beijin
g, Chin
a
.
Corresp
on
din
g
author, e-mai
l
: adio
p
.ustb@
g
m
ail.com*
, q
i
yu
ee@
ustb.ed
u
.cn,
w
a
ng
qi
n@i
e
s.ustb.edu.cn
A
b
st
r
a
ct
Key
ma
nag
e
m
ent p
l
ay
a ce
n
t
ral rol
e
for
pr
otecting
co
mmunic
a
tion
in
W
S
Ns. Due
to t
he l
i
m
ite
d
me
mory reso
u
r
ces and
en
ergy constrai
nts, complex
s
e
c
u
rity alg
o
rith
ms cannot b
e
used i
n
sens
or
netw
o
rks. T
herefore, to s
e
cur
e
dat
a co
mmu
nicati
on
and
w
e
ll
bal
anc
e b
e
tw
een the
secu
rity leve
l a
nd t
h
e
associ
ated e
n
e
rgy cons
u
m
p
t
ion is a ch
all
eng
ing ta
sk. In this pa
per, w
e
present a
n
Impr
oved K
e
y
ma
na
ge
me
nt
Sche
me
for S
e
curin
g
co
mmu
nicati
on
in
Hi
er
archic
al W
i
r
e
le
ss Sens
ors
Ne
tw
orks (IKS). The
prop
osed
tech
niq
ue
bas
ed
o
n
sy
mmetric
k
e
y
mec
han
is
m, gen
erates
a
n
d
d
i
stributes
t
he k
e
ys w
i
thi
n
a
cluster
efficien
tly an
d u
p
d
a
te
s peri
o
dically
keys to
mitigat
e the node
com
p
r
o
m
i
se attack. We prov
ide
a
detai
led s
e
curit
y
ana
lysis of o
u
r IKS protoco
l
and s
how
its a
d
vanta
ges i
n
a
v
oidi
ng
no
de c
apture
attack a
n
d
several serious attacks from m
a
licious
nodes. Finally, us
ing NS-2 s
i
m
u
la
tor, the result
s shows that IKS
provi
des en
erg
y
saving a
nd h
a
s low
commu
nicati
on over
h
ead a
nd e
nd to end d
e
l
a
y co
mp
are
d
to exis
ting
key ma
na
ge
ment sche
m
es.
Ke
y
w
ords
: wireless sensor network, hierarc
h
ical
networks, key m
a
nagem
ent, security, attacks.
Copy
right
©
2014 In
stitu
t
e o
f
Ad
van
ced
En
g
i
n
eerin
g and
Scien
ce. All
rig
h
t
s reser
ve
d
.
1. Introduc
tion
With the
de
sign a
nd
dev
elopme
n
t of
micro d
e
vice
s, the
comm
unication te
chnolo
g
y
enabl
ed the desig
n and de
velopment of WSNs with
lo
w co
st, low energy con
s
u
m
ption and hi
gh
utilization.
WSNs have
lot
of appli
c
at
io
n
s
in
military, h
ealth a
nd
ot
h
e
r in
du
strial
sectors. Be
ca
u
s
e
of the characteristics
of WSNs, sen
s
or
node
s are usually
cha
r
a
c
terized by limi
t
ed power, lo
w
band
width, m
e
mory si
ze a
nd limited en
ergy [1, 5].
Cluste
r ba
se
d sen
s
o
r
s n
e
tworks is o
ne of the main re
sea
r
ch
area
s in WSNs an
d
behave bette
r in perfo
rma
n
ce a
nd reli
a
b
ility than traditional flat WSNs (FS
N
s). Clu
s
ter topol
ogy
is used to e
x
tend the lifetime of WSNs and
can p
r
ovide scal
ab
ility, good organi
zation a
nd
energy effici
ent. Many
routing
proto
c
ols fo
r
clu
s
ter-ba
sed
WSNs have b
een pro
p
o
s
e
d
by
resea
r
chers [
2
, 6]. In clu
s
ter-b
ased
rou
t
ing prot
ocols, netwo
rk is
d
i
vided into
cl
uster an
d ea
ch
clu
s
ter h
a
s it
s own Clu
s
te
r He
ad (CH).
Furthe
r,
CHs are re
spo
n
s
ible fo
r relay
i
ng of messa
ges
from ordina
ry node
s to the Base Station
(BS).
To achieve
both se
cu
rity and efficie
n
cy
for WS
Ns, several key dist
ributi
on and
manag
eme
n
t scheme
s
h
a
ve been p
r
o
p
o
s
ed in
WSNs.
The first key pre
-
di
stributio
n schem
e wa
s
pre
s
ente
d
by
Eschena
ue
r and Gli
gor
[7]. They
propo
se
a pro
babili
stic key
pre
-
di
stributi
o
n
techni
que, where
t
w
o sen
s
or nod
es ne
ed
to
ide
n
tify
the com
m
on
keys th
ey sh
are, to e
s
tabli
s
h a
pair-wi
se
key
betwe
en the
m
. However t
h
is
schem
e
cannot p
r
ovide
sufficie
n
t se
curity when t
h
e
numbe
r of compromised
node
s incre
a
s
e
s
. Zhu et al. [9] propo
se Lo
cali
zed
Encryption
and
Authentication Protocol
(LEAP), wh
i
c
h
establi
s
hes four types of
keys that m
u
st be
stored
in
each se
nsor.
One wea
k
n
e
ss of this a
ppro
a
ch is
th
at once th
e initial key is
comp
romi
se,
an
adversa
ry ca
n de
du
ce
all
the p
a
ir-wi
s
e keys i
n
stal
led in
the
ne
twork [8]. Y.
Ch
eng
an
d
D.
Agra
wal p
r
op
ose IK
DM (a
n Improve
d
Key Distri
buti
on Me
cha
n
ism) [10] b
a
se
d on hi
erarch
ical
netwo
rk a
r
chi
t
ecture
and bi
variate polyn
omial-key pre
-
dist
ributio
n mech
ani
sm.
In IKDM, Onl
y
two pai
r-wi
se key
s
a
r
e
preload
ed in
ea
ch
sen
s
o
r
n
o
de to
redu
ce
the key
stora
ge ove
r
head. Fo
r
se
curi
ng LEA
C
H (L
ow-Ene
rg
y Adaptive Clu
s
terin
g
Hi
era
r
chy) p
r
e
s
ented
by Hein
zelm
an et al. [2], some
se
cu
re ro
uting p
r
otocol
s have
been p
r
op
o
s
ed,
such a
s
SecLEACH [11], GS-LEACH [12] an
d SLEACH [13]
.
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 12, No. 5, May 2014: 3969 – 39
78
3970
SecLEACH
sho
w
ho
w a rand
om key pre-distri
bution can be used for secure
comm
uni
cati
on in
clu
s
ter-based p
r
oto
c
ols.
Ho
weve
r, GS-LEA
CH, SLEACH
and Se
cLEA
CH
pre
s
ent some
security vulnerabilitie
s cau
s
ed by
the ra
ndom key pre
-
dist
ributio
n schem
e and a
r
e
also vul
nerab
le to key
colli
sion
attacks.
Most of the
s
e schem
es
a
r
e vulne
r
a
b
le
to a numb
e
r of
se
curity threa
t
s [3]. Furthe
r, if a node
get
s comp
romi
sed, it is p
o
ssi
b
le for th
e ad
versa
r
y to
kn
ow
all the keys
stored in the n
o
de.
In this pap
e
r
, we p
r
op
o
s
e an Imp
r
o
v
ed Key managem
ent Schem
e for
Secu
ring
comm
uni
cati
on in Hie
r
archical
Wirel
e
ss Sensors Ne
tworks (IKS) to overcome
the limitations of
curre
n
t key di
stributio
n
and
man
agem
ent
sche
me
s.
Ba
sed
on
the
hi
era
r
chical
network
structu
r
e,
IKS use different ki
nd of
keys to en
sure ba
si
c
secu
rity requi
rements. Data encryption
is
perfo
rmed fo
r se
cu
re
co
mmuni
cation.
One way hash fun
c
tion
and Me
ssa
ge Authenti
c
ation
Cod
e
(MAC) are also used to provid
e authent
ication and me
ssag
e integrit
y. The propo
sed
techni
que ba
sed o
n
sym
m
etric
key mech
ani
sm, ge
ner
ate
s
an
d distrib
u
tes eff
i
ciently the keys
within a cl
ust
e
r and u
pdat
es pe
riodi
call
y keys to mitigate the nod
e
comp
romi
se
attack [4].
Indeed, if an
intrude
r ma
n
age
s to captu
r
e
a n
ode, a
n
encryption m
e
ch
ani
sm sh
ould b
e
pre
s
ent to
re
stri
ct the a
ccess of int
r
ud
e
r
to
the
me
ssage hi
sto
r
y of
node
[5, 16].
The
r
efore, af
ter
key e
s
tabli
s
h
m
ent pha
se,
a key u
pdati
ng ph
ase
sh
ould be
used
to update th
e key
s
re
gul
arly.
After ce
rtain
time interval
new nod
es a
r
e
sele
cted
a
s
CH, a
nd B
S
gene
rate
s
a ne
w
key u
s
ing
the hash fun
c
tion and the
current key. T
h
is p
r
o
c
ed
ure
ensu
r
e
s
that
intrude
rs
ca
n
not acq
u
ire the
keys ea
sily, hen
ce
avoi
d different t
y
pes
of
atta
cks f
r
om
m
a
licio
us no
d
e
s, b
e
cau
s
e
only
legitimate no
des
can joi
n
the network.
The rest of t
he pa
per i
s
o
r
gani
ze
d a
s
follows. Secti
on 2 d
e
scrib
es the
netwo
rk m
odel.
Section 3
explain
s
the propo
sed
key
manag
eme
n
t
scheme in
d
e
tails. In Section 4, we p
r
ese
n
t
the se
cu
rity analysi
s
an
d simulation
re
sults of
the p
r
opo
sed
key
manag
eme
n
t scheme. Fi
n
a
lly,
we con
c
lud
e
our work an
d pre
s
ent some
future re
sea
r
ch directio
ns i
n
se
ction 5.
2. Net
w
o
r
k
Model
We focus on hierarchi
c
al structure of sensor
network
[10], as illustrated in Figure 1.
a)
BS is
co
nsi
d
e
r
ed
tru
s
two
r
th
y with
unlimit
ed
re
sou
r
ces
and i
s
lo
cate
d in
a
safe
pl
ace.
BS has auth
enticatio
n sy
stem for any
node in th
e
network [15]
, a node me
mber tabl
e o
f
all
node
s in the
netwo
rk a
nd
an intru
s
ion d
e
tection
syste
m
.
b)
Senso
r
s nod
es colle
ct info
rmation of
su
rro
undi
ng en
vironme
n
t an
d tran
smit the
m
to
the clu
s
ter he
ad.
c)
CH i
s
re
spo
n
s
ible for
colle
cting data
within a clu
s
ter
and tran
smi
s
sion to the B
S
.
Figure 1. Pro
posed Sch
e
m
e
architectu
re
.
De
scription
s
of the notati
ons
used in
t
he pro
p
o
s
ed
key man
a
g
e
ment techni
que a
r
e
listed in Tabl
e 1.
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
An Im
proved
Key Man
age
m
ent Scheme for Hie
r
arch
ical Wi
rele
ss Senso
r
s… (A
bdoul
aye Dio
p
)
3971
Table 1. Nota
tion De
scripti
on used in IKS
S. No
Nota
tio
n
Descrip
tio
n
1.
idSNi
Identification Number of nod
e i
2.
idCHi
Identification Cluster Head i
3.
idBS
Identification Base Station
4. KNet
Net
w
ork
ke
y
5.
KBS,CHi
Shared Pair-w
ise
Ke
y
6. KCHi,Si
Intra-cluster
ke
y
7. KCHi,CHj
Inter-cluster
ke
y
8. KI
Initial
key
9.
EK(M)
Encr
y
p
tion of me
ssage M w
i
th s
y
mmetric ke
y
K
10.
V
An arra
y of no
de
ids
11.
H ( )
One-
wa
y hash fu
nction
12.
MACK()
The message au
thentication c
ode of message M u
s
ing sy
mmet
r
ic ke
y
K
13.
Bit w
i
se XOR
op
eration
14.
N
Nonce
Initially, we consi
der that
WS
Ns are ho
mogen
eou
s a
nd symmet
r
ic.
Senso
r
nod
e
s
kee
p
stati
onary
after deployme
nt durin
g
th
e
n
e
twork
op
era
t
ion.
To
disting
u
ish be
tween them,
each nod
e ha
s a uniq
ue id
with eno
ugh l
ength.
In our sche
me, we u
s
e
Low-Ene
rgy
Adapt
ive Clu
s
terin
g
Hi
era
r
chy
(LEACH) [2] to
rand
omly cho
o
se
CHs. Se
nso
r
s no
de
s
cho
o
se thei
r
clu
s
ter
hea
d
according
so
me pa
ram
e
te
rs
su
ch a
s
the
stron
g
e
s
t sig
nal re
ceive
d
[2]. As sho
w
n in Figu
re
1
,
there i
s
no
comm
uni
cati
on
betwe
en sen
s
ors nod
es. After
ce
rtain time
interv
al
new nod
es a
r
e
sele
cted
a
s
CH to
p
r
ov
ide
energy savin
g
of a cluste
r
head [2].
We a
s
sume
that when
CH is lo
cated
far from the
BS, CHs
can
commu
nicate each
other. In this
ca
se, CH sen
d
s the a
ggre
gated sen
s
in
g data to the
relay CH ne
a
r
the BS to save
energy.
In this n
e
two
r
k
mod
e
l, ea
ch
exch
ange
d me
ssage
h
a
s
a time
sta
m
p that g
uarantee th
e
fresh
n
e
ss of i
n
formatio
n. We al
so con
s
ider a minim
u
m time “Tmin
”
after depl
oyment, in whi
c
h a
node
can
not be com
p
romi
sed.
Furthe
r, as t
h
reat m
odel
we a
s
sum
e
that
an
adversary
ca
n eav
esd
r
op
on th
e traffic,
inject ne
w m
e
ssag
es, spo
o
f other ident
ities, r
eplay a
nd modification of old me
ssage
s. Ho
wever
we con
s
ide
r
that an adversary need at le
ast
time “T
ca
pture
”
to com
p
romi
se a n
o
de.
3. The Propo
sed Hier
arch
ical Ke
y
Man
a
gemen
t
Scheme
3.1. Ke
y
pre-distributio
n phase
In our propo
sed
scheme,
each n
ode
are p
r
elo
ade
d with one u
n
ique
se
cret
key K
I
,
sha
r
ed
with t
he BS
before
they a
r
e
de
p
l
oyed. N
ode
s mu
st auth
ent
icate th
em
sel
v
es
with th
e
BS
usin
g
their correspon
ding
unique key K
I
. Hence no
de se
nd
req
uest to the
BS con
s
istin
g
of
sen
s
o
r
nod
e’
s id, non
ce, a
nd MAC, wh
e
r
e MAC is
cal
c
ulate
d
by using K
I
. The BS authenticat
es
the node
s by verifying the MAC.
Afterwa
r
ds, if authentication is su
cce
s
sful, the BS
gene
rate
s a netwo
rk
key K
Net
for
sen
s
o
r
no
de
with id
SNi
and
load
s ea
ch
node
with thi
s
Netwo
r
k ke
y. K
Net
will be used during
the
initial clu
s
ter formation p
hase. Note that a
ll mem
bers sh
ould
prove thei
r validity to the BS.
Furthe
r K
I
is deleted fro
m
SN’s mem
o
ry
after joining the network.
3.2. Ke
y
Est
a
blishment
Shared Pair-w
i
se Ke
y
Es
tablishment
(K
BS,CHi
):
After the de
ploym
ent, some
no
des
are
rand
omly selected
as
CH, hen
ce BS n
eed
s to e
s
ta
blish
pair-wi
se key
with ea
ch
CH to
se
cure
the comm
uni
cation b
e
twe
en them. The
BS generate
s
an a
r
ray V of all sen
s
o
r
s node
s id
SNi
in the
netwo
rk.
The
BS first
u
s
in
g the
net
work
key K
Net
e
n
c
rypt
s a
thre
shol
d valu
e
T(n
)
, ge
nerates
a
MAC and b
r
oad
ca
sts the
s
e informatio
n with a non
ce to all sen
s
or n
ode
s. Node ge
nerate
s
a
rand
om nu
m
ber
R bet
wee
n
0 and
1. If R is le
ss than
a given threshold T
(
n), the
node a
c
t
s
as a
clu
s
ter he
ad.
T(n
)
is calcul
ated as:
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 12, No. 5, May 2014: 3969 – 39
78
3972
Whe
r
e p i
s
the percenta
g
e
of cluste
r he
ads, r
i
s
the current rou
nd
numbe
r, G is the set
of node
s whi
c
h haven’t bee
n electe
d as
clu
s
ter-he
ad
s in the last r mod (N / p ) round
s.
a)
Wh
en
a n
o
de S
N
i b
e
co
mes CH first t
i
me, it send
s
an a
u
thenti
c
a
t
ion pa
cket to
the BS
By inserting it
s id and e
n
crypting messa
ge usi
ng K
Net
.
CH
i
→
BS :
i
d
C
Hi , idBS
||
E K
Ne
t
(M|N) || MAC
K
Ne
t
(M|N
)
Whe
r
e MAC ensu
r
e
s
da
ta integrity and aut
he
ntication, the timestam
p N avoids
messag
e re
pl
ay attack. M is the clu
s
ter
head’
s me
ssage
(M
= id
CHi
|id
BS
| K
Ne
t
).
b) Up
on receiving the CH i
n
formatio
n, the BS
authe
nticate
s
M an
d verifies the
MAC. If
CH i
s
a valid
node, BS compute
s
a n
e
w
key K
BS,C
Hi
by using
a
keyed o
n
e
-
way ha
sh
function H
K
(v
al). BS encry
pts M and K
BS,CHi
using net
work key K
Net
and se
nd
s it to CHi.
BS
→
CHi :
idCH
i , idBS || EK
Ne
t
(M|N| K
BS,
C
H
i
) || MACK
B
S
,
CHi
(M|N)
Intra-cluster
ke
y
establishment (K
CHi,Si
):
Ea
ch
CH ne
ed
s to e
s
tabli
s
h a
sh
ared
key
with its
clu
s
t
e
r me
mbe
r
SNi to en
su
re se
cu
re
co
mmuni
cation
betwe
en th
em (a
s ill
ust
r
ated
Figure 2). Thi
s
key e
s
tabli
s
hment ca
n be
briefly descri
bed a
s
follows:
a) First, Each CH b
r
oa
dcasts a
n
adve
r
tisem
ent me
ssage M u
s
i
ng KNet, id
CHi
and a
timestamp
N to avoid repla
y
attack.
CHi
⇒
SNi:
idCHi || EK
Ne
t
(M|N) || MACK
Net
(M|N)
b) Node S
N
i
authenti
c
ate
s
CHi by verify
ing the MAC, usi
ng the
netwo
rk
key
K
Net
. A
node S
N
i jo
ins a
clu
s
te
r ba
sed
on
the re
ceive
d
sig
nal
strength [2]. T
hen, for
membe
r
ship
of this
clu
s
ter, a
nod
e gen
erates a me
ssage
M as follo
ws:
M=
id
SNi
|id
CH
i|K
Ne
t
c)
No
w nod
e
SNi encrypt
s the me
ssa
ge M u
s
ing
K
Net
, includes the timesta
m
p N a
nd
sen
d
s the e
n
c
rypted m
e
ssage to the sel
e
cted
CHi.
SNi
→
CHi:
idS
Ni, idC
Hi ||
EK
Ne
t
(M|N) ||
MAC K
Ne
t
(M|N
)
d) Afterwa
r
d,
CHi
sen
d
s t
he id
entity list (idLi
st) of e
a
ch
no
de
me
mber in th
e
cluster to
the BS.
CHi
→
BS:
idC
Hi, idBS || EK
B
S
,
CHi
(M|N |
idList ) || K
B
S
,
CHi
(M|N)
Whe
r
e id
List
= {idS
N1,idS
N2,…… ,idS
Nk-1},
k is th
e numb
e
r of
node i
n
the cl
uster
an
d
M is the clu
s
t
e
r hea
d me
ssage.
e) BS com
p
u
t
es the
cluste
r key K
CHi,Si
using
a one
-way hash funct
i
on and th
e p
a
ir-wi
s
e
key
K
BS,CHi
and sen
d
it to th
e CH
with an
authenti
c
atio
n respon
se m
e
ssag
e.
BS
→
CHi:
i
d
BS,
idCHi || EK
B
S
,
CHi
(M|N| K
CHi,S
i
) || MACK
B
S
,
CHi
(M|N)
f) Each
CH i
s
re
spo
n
sibl
e
for
distri
buti
ng thi
s
sha
r
e
d
key to it
s
clu
s
ter mem
ber SNi.
Therefore
CHi auth
entica
t
es BS, de
crypts
the me
ssag
e an
d se
nd the i
n
tra
-
cluster key
K
CHi,Si
to all c
l
us
ter members
.
CHi
→
SNi:
i
d
CHi || EK
Ne
t
(M|N | K
CHi,S
i
) ||
MACK
Ne
t
(M|
N)
g) The cl
uste
r membe
r
s a
u
thenticate M by veri
fying the MAC, if a
u
thentication is valid,
K
CHi,Si
will be
act as the
shared
key bet
we
en CH and cluster mem
bers.
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
An Im
proved
Key Man
age
m
ent Scheme for Hie
r
arch
ical Wi
rele
ss Senso
r
s… (A
bdoul
aye Dio
p
)
3973
Figure 2. Keys Gen
e
ratio
n
and Di
strib
u
tion in IKS
Inter-cluster
ke
y
establishment (K
CHi,CHj
):
In Inter c
l
us
ter
c
o
mmunic
ation, the s
o
urce
CH (l
ocated far from the B
S
), commu
nicates with
BS throu
gh the re
lay CH alo
ng
the path. The
key sh
arin
g schem
e co
ntai
ns the follo
wi
ng step
s:
Source CH
send
s a re
que
st for inter-cl
uste
r
key ge
neratio
n to the BS with the list of
CHs alo
ng th
e path of com
m
unication.
Upo
n
receiving the
re
qu
est from the
init
iating CH,
the
BS a
u
thenticates the
CH’
s
messag
e an
d
ge
nerates sha
r
ed
key
f
o
r
i
n
ter-clu
s
t
e
r com
m
uni
cation
b
e
twe
e
n
CHi and
CHj.
Afterward BS
enc
r
ypts K
CHi,CHj
using K
BS,CHi
and sen
d
s to
the
co
rrespon
ding
s
CHs. Th
us CHs
us
e the inter-c
l
us
ter
k
e
y to c
o
mmunicate in a s
e
c
u
re way.
3.3. Data T
r
a
n
smission Phase
a) T
h
is p
hase mai
n
ly con
s
ist
s
of
two
distin
ct ste
p
s in
hierarchi
c
al se
nsor
n
e
twork.
Firstly, sen
s
o
r
node
s send
encrypted dat
a packe
t
s
to it correspon
di
ng CH as foll
ows:
SNi
→
CHi:
i
d
SNi, id
CHi
|| E K
CHi,S
i
(M ) |
|
MACK
CHi,S
i
(M)
Whe
r
e M is t
he se
nse dat
a.
b) The confid
entiality of th
e messag
e is ensu
r
ed by usin
g K
CHi,Si
.
Afterwa
r
d CH send
s
encrypted a
g
g
reg
a
te data
packet
s
to B
S
for pr
ocessing, en
crypte
d by the pai
r-wise key
K
BS,CHi
.
CHi
→
BS:
idCHi || EK
B
S
,
CHi
(H(M1, Mj ,
….., Mn))
3.4. Ke
y
Updating Phas
e
To redu
ce
th
e ri
sk of
nod
e
ca
pture
atta
cks, it
i
s
e
s
se
ntial to u
pdat
e the
key
s
[9]
.
Hen
c
e
the network
key K
Net
is upd
ated pe
riodi
cally. This
key
is valid
only for a limited time period that is
less than th
e
predi
cted ti
me re
quired
for nod
e co
mpromi
se
(T
capture
). That
perio
d of tim
e
is
depe
ndent o
n
the network
environ
ment.
Thus BS gen
erate
s
and
se
nds the n
e
w
netwo
rk
key K
Net+1
to CHi encrypted wit
h
K
CHi,B
S
.
BS
→
CHi:
idBS, idC
Hi || EK
BS,C
H
i
(M|N| K
Ne
t+1
) || MACK
B
S
,
CHi
(M|N)
Upo
n
re
ceivi
ng the m
e
ssage, CHi
a
u
thenticates B
S
, decrypt
s a
nd
broad
ca
st
s the info
rma
t
ions
t
o
it
s clust
e
r
membe
r
s.
CHi
→
SNi:
id
CHi, idS
Ni ||
EK
CHi,S
i
(M|N| K
Ne
t+1
) || MACK
CHi,S
i
(M|N
)
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 12, No. 5, May 2014: 3969 – 39
78
3974
The le
gitimat
e
cl
uste
r m
e
mbers
re
ceiv
e the
broad
cast m
e
ssa
ge,
authe
nticate
s
CHi
by
verifying MAC, decrypt it us
in
g the cu
rrent netwo
rk
key and get the new n
e
two
r
k key.
The int
r
a-clu
s
ter keys
ca
n
also
be
refreshed
peri
odi
ca
lly. In this case BS u
s
ing th
e ha
sh
function
(H)
and th
e
current cl
uste
r
key, gene
rate
s a
ne
w
clu
s
ter key. Th
e me
ssage
s are
encrypted wit
h
K
CHi,BS
and
sent to CHi.
BS
→
CHi:
idBS, idC
Hi || EK
B
S
,
CHi
(M|N|
K’
CHi,S
i
) || MACK
B
S
,
CHi
(M|N)
CHi
authe
nticate
s
BS an
d tran
smits the ne
w int
r
a
-
CH
key to i
t
s clu
s
te
r m
e
mbe
r
s,
encrypted wit
h
the cu
rre
nt K
CHi,S
only known by the le
gitimate clu
s
ter memb
ers.
CHi
→
SNi:
id
CHi, idS
Ni ||
EK
CHi,S
i
(M|N|
K’
CHi,S
i
) || MACK
CHi,S
i
(M|N)
It is worth no
ting that, sen
s
or n
ode
s SNi or
CHi ca
nnot un
cover the new clu
s
ter key
sin
c
e it doe
s not kno
w
the
curre
n
t one
s.
3.5. Node Co
mpromise and Cluster Re-org
anizati
on
In WSNs, in
the ca
se of a node comp
romi
se,
it is necessa
ry to preserve the
shared
keys se
crecy
,
hence avoid
that
the num
ber of
comp
romise
d no
de
s re
ached a
critical value.
In
this sch
e
me,
upon i
dentifying a
comp
ro
mised
se
ns
or node,
CH
broad
ca
sts a
n
o
tification to i
t
s
clu
s
ter mem
b
ers, an
d rem
o
ves the com
p
romi
se
d nod
e from its clu
s
ter me
mbe
r
table.
If a CH i
s
compromised,
a
re-clu
steri
ng of
clu
s
te
r memb
er of
the comp
rom
i
sed
CH
among
the
re
maining
CH n
eed
s to ta
ke
place. In this
ca
se, BS info
rms its
clu
s
te
r mem
b
e
r
s
a
nd
other
CHs.
Clu
s
ter m
e
mbe
r
of t
he
comp
ro
mised
CH
are
dist
ribut
ed am
ong
other
uncomp
r
omi
s
ed CHs. It is
worth
noting
that to di
stribu
te the nod
es
among
them
selves, the
CHs
use the
clu
s
tering al
go
rith
m as di
scussed in
[2, 14]. Af
terward
BS initiates
the k
e
y update
mech
ani
sm, however nod
es disca
r
d
s
it
s cu
rre
nts
ke
ys
an
d
u
s
e
s
a
ne
w network key and
cl
u
s
ter
key fo
r future
comm
uni
cati
on. Fu
rthe
r, the n
e
ws
key
s
are u
s
e
d
to
secu
re
all the
comm
uni
cati
ons
in the netwo
rk between th
e comm
uni
ca
ting partie
s
.
It is worth n
o
t
ing that in IKS, as long a
s
t
he duratio
n of an epo
ch i
s
less tha
n
the key
comp
romi
sin
g
time, adve
r
sa
ry
can
no
t comp
ro
mi
se
the key
s
, therefo
r
e co
nfidentiality and
integrity will b
e
still guarant
eed in IKS.
In this prop
o
s
ed mo
del of
key manag
e
m
ent techni
q
ue, we co
nsi
der that clu
s
t
e
r hea
ds
are
rotate
d af
ter certai
n ti
me inte
rval [2
], and all
nod
es
get a
chan
ce to
be
a
clu
s
ter
hea
d e
q
ual
numbe
r of times. Thi
s
ap
proa
ch all
o
ws bala
n
ci
ng the ene
rgy co
nsum
ption a
m
ong all no
d
e
s in
the netwo
rk.
BS bro
a
d
c
ast
a p
a
cket
to
all CHs at th
e en
d of
clu
s
ter d
u
ratio
n
t
o
remove it
s
membe
r
table. Ne
w cl
uster
hea
d create a ta
ble
of its
memb
er no
de whe
n
a ne
w clu
s
ter goe
s on,
as
descri
bed in i
n
tra-clu
s
ter
key establi
s
hm
ent, fo
rwa
r
d it to the BS an
d contin
ue its process.
4. Securit
y
A
n
aly
s
is and
Simulation Results
Here, we eva
l
uate the security prop
erti
es an
d net
wo
rk p
e
rfo
r
man
c
e of ou
r IKS and we
comp
are it with some of ex
isting sch
e
me
s.
4.1. Securit
y
Analy
s
is of
IKS
In IKS, assu
ming the
BS i
s
trust
w
orthy,
ke
y ca
n
b
e
safely
esta
blished between
the
CH
and the BS,
and between
CH and
clu
s
ter membe
r
s.
Before the transmi
ssion o
f
the messa
g
e
,
encryption is
perfo
rmed to
secure the communi
cati
o
n
with the he
lp of one wa
y hash functi
on.
One-way ha
sh function i
s
use
d
to provi
de authe
ntica
t
ion and me
ssag
e integrity
.
Protocols i
n
clu
s
ter b
a
se
d WSNs miti
gate
mo
st attacks ex
cept
Sinkhol
e, Wormh
o
le
at
t
a
ck
s.
In IKS, each cl
uste
r membe
r
s e
n
crypt
s
info
rmation u
s
i
ng K
CHi,Si
, avoiding
eavesdro
ppin
g
attacks. On
ly legitimate
CH that
owns the cluste
r key can de
cry
p
t the messa
ge.
IKS provide
s
fre
s
hn
ess
u
s
ing
time i
n
terval,
time
-st
a
mps a
nd
n
once. Th
e n
once
N i
s
v
e
ry
importa
nt sin
c
e it prevent
s a replay attack a
nd
en
su
res the integ
r
ity of the message. Hen
c
e a
n
external atta
cker
ca
nnot m
odify or inje
ct
rout
ing i
n
formation with
o
u
t being d
e
te
cted. Fu
rther
to
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
An Im
proved
Key Man
age
m
ent Scheme for Hie
r
arch
ical Wi
rele
ss Senso
r
s… (A
bdoul
aye Dio
p
)
3975
kno
w
the o
r
ig
ination of the
messag
e for f
u
rthe
r actio
n
, BS checks th
e CH i
d
whi
c
h is attached
to
the me
ssag
e. To
prevent
a mali
ciou
s n
ode to
attem
p
keys e
s
tabl
ishme
n
t, the
BS authenti
c
ate
CH by verifying the MAC calcul
ated
usin
g K
Net
. Since
K
Net
is only kno
w
n
by the BS a
n
d
legitimate no
des. The MA
C en
sures th
e data int
egri
t
y and authentication of sensi
ng data. It is
worth
noting t
hat after the
keys
establishment, ke
y
s
will be used to encrypt the transmitted data
for the next transmi
ssi
on,
hence
will
ensure secure comm
uni
cati
on.
Further, i
f
we expect t
hat
the attacker requires a fixed amou
nt of time
to compromi
se the
node, the ke
ys would ha
ve
cha
nge
d to a new o
ne befo
r
e the attacke
r
coul
d use the comp
romi
sed key
s
.
Hen
c
e,
cha
n
g
ing p
e
rio
d
ically the key
s
,
av
oids eave
s
drop attack and
p
r
ovide
s
se
cu
re
comm
uni
cati
on in our S
c
h
e
me.
Furthe
r, if co
mpromi
se
d n
ode
se
nd
s da
ta usi
ng th
e
previou
s
key,
BS will
reje
ct all data
that have
re
ceived from th
e mali
ciou
s n
ode
s. Th
e
wh
ole p
r
o
c
e
s
s e
n
su
re
s th
at
malicio
us no
des
will not
be a
u
t
henticate
d
b
y
the BS. He
nce, a
s
l
ong
as the
du
ratio
n
of an
epo
ch is l
e
ss tha
n
the
key com
p
rom
i
sing time, ou
r pro
p
o
s
ed
schem
e is secure. The
r
efo
r
e, sinkhole at
tack, worm
ho
le
attac
k
,
selec
t
ive forwarding
attac
k
fail agains
t IKS.
Table 2. Keys Storage an
d Secu
rity Mechani
sms
Ke
y
s
Stora
g
e
& Securit
y
Mechani
s
ms
Protoc
ol Na
m
e
SLE
A
C
H
SecLE
A
H
IKS
Cr
y
p
togra
p
h
y
Sc
hme
S
y
mmetric Cr
ypt
ograph
y
S
y
mmetric Cr
ypt
ograph
y
S
y
mmetric Cr
ypt
ograph
y,
AES
Ke
y
Manag
emen
t Scheme
Random ke
y
predistribution scheme
Ke
y
Manag
emen
t for
Hi
errarc
hi
c
a
l
W
S
Ns
Authentication Scheme
MAC
Don't p
r
ovide
broadcasts
authentication
MAC
Ke
y
Stora
ge ove
r
head
m key
s
× key
size
m key
s
× key
size
(2 ke
y
s
for
CM +
4 ke
y
s
for
CH
)
× key
size
Table 3. Security and Perf
orma
nce req
u
irem
ent Co
mparaison
A
t
t
a
c
ks T
y
p
e
s & Perfor
mance
s
Require
me
nts
Protocol
Name
GSLE
A
C
H
SLE
A
C
H
SecLE
A
H
IKS
Node Capt
ure att
a
ck
×
×
×
√
Sinkhole attack
×
√
×
√
Wormhole attack
×
×
×
√
Seclective forw
ar
ding
×
√
√
√
Energ
y
Ef
ficient
Good
Medium
Medium
Good
Storage Loa
d
High
High
High
Lo
w
Connectivity Medium
Medium
Medium
Full
Scalability
Robustness
Medium
Limited
Medium
Limited
Medium
Limited
Good
Good
IKS as comp
ared
to othe
r key p
r
e
-
di
stribution
sche
mes
su
ch
as SecLEA
CH [
11], GS-
LEACH [12]
and SLEACH [13] based
on LEA
CH
and rando
m key pre-di
stri
bution p
r
ovid
es
efficient security.
GS-LEA
CH,
S
L
EACH and S
e
cLEACH
present so
me security
vulnerabilities
cau
s
e
d
by th
e ra
ndom
ke
y pre
-
dist
ribu
tion sche
me
and a
r
e
also
vulnerable t
o
key colli
sio
n
attacks. Se
curity me
cha
n
ism
s
, resili
ence ag
ain
s
t attacks
an
d Perfo
r
man
c
e
req
u
ire
m
ents
Comp
araison
are presente
d
in Table 2 a
nd Table 3.
IKS allows e
v
ery entity in the network to
be confirmed o
r
auth
enticate
d
con
t
inuou
sly
and
redu
ce
s the ch
an
ce
s of no
de
comp
romi
se.
Furthe
r, IKS satisfie
s
gene
ral
se
curity
requi
rem
ents,
su
ch
as
confidentiality
with e
n
cryp
tion, messa
g
e integ
r
ity with MAC, no
de
authenti
c
atio
n as mentio
n
ed before, messag
e fr
esh
ness of message
s excha
n
ged in the net
work
with non
ce a
nd full confid
entiality.
4.2. Simulati
on Results
To evalu
a
te t
he p
r
op
osed
Key Mana
ge
ment
techniq
ue, we
comp
are
ou
r IKS
scheme
based
on
hie
r
archi
c
al
net
work with
LE
ACH protocol
usi
ng th
e
NS2 sim
u
lator
[17]. We
con
s
ide
r
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 12, No. 5, May 2014: 3969 – 39
78
3976
a rand
om ne
twork of 250
sen
s
or n
ode
s depl
oy
ed i
n
an are
a
of 200x200m.T
he sin
k
no
de
is
assume
d to
be n
ear the
sen
s
in
g. Sim
u
lation time
wa
s 4
00
se
cond
s. Advan
c
ed
Encrypti
on
Standard (AES) [18] (block size of 128
bits) was
used to implement the encryption/decryption
algorithm. Due to execution ti
me and energy consumption requi
rement of AES is much less
than other
cry
p
togra
phy alg
o
rithm
s
[18].
In ord
e
r, to
e
v
aluate the
p
e
rform
a
n
c
e
o
f
the
se
cu
rity overhe
ad,
we
co
nsid
er two
metri
cs:
the energy con
s
um
ption
and the End to End
delay. We measured th
e averag
e e
nergy
con
s
um
ption
of sen
s
or n
o
d
e
s follo
wing d
i
fferent netwo
rk
size.
Figure 3. Clu
s
ter
Den
s
ity Vs %Energy
Con
s
um
ed b
y
a CH
Figure 4. Nu
mber of no
de
s Vs Ene
r
gy
Con
s
um
ed b
y
Sensor
Nod
e
s
Figure 5. Nu
mber of Node
s Vs End to End Del
a
y
Figure 3
sho
w
s that
with t
he in
crea
se
num
be
r
of no
des from
50
node
s to
25
0
nod
es,
the energy consumption o
f
IKS prot
oco
l
is slightly greater by
1.45
% to 1.65%
whe
n
com
pared
with LEACH becau
se of the com
m
uni
cation overh
e
ad. The grap
h also indi
cat
e
s that for b
o
th
scheme
s
, the
avera
ge e
n
e
r
gy is
almo
st
con
s
tant
fo
r varying
netwo
rk si
ze
n an
d t
he ga
p bet
we
en
IKS and
LEACH is extre
m
ely low an
d
p
r
acti
cally id
en
tical. Thi
s
re
sult wa
s expe
cted
be
cau
s
e
in
IKS, cluste
r
membe
r
s
co
mmuni
cate
o
n
ly with th
e
cluster h
ead,
each o
r
din
a
ry node
send
s one
messag
e and
receive
s
on
e
message. T
h
is is be
ca
use, in IKS data are tran
smi
tted via one hop
betwe
en cl
ust
e
r memb
ers
and CH. The
r
efore, provide
s
ene
rgy savi
ng.
Figure 4 sho
w
s the Ave
r
age en
ergy percenta
ge
consumed
by a clu
s
ter h
ead ove
r
clu
s
ter d
e
n
s
ities. Both mo
dels
sho
w
th
at the
energy con
s
um
ption
of CH in
crea
se
s with
clu
s
ter
den
sity. This
is be
ca
use in
cre
a
si
ng th
e
numbe
r of
m
e
ssag
es add
signifi
cant co
st
to
the clu
s
t
e
r
energy. In a
network
of
250
se
nsors and
cl
uste
r
den
sity of 25
nod
es, th
e
averag
e e
n
e
r
gy
con
s
um
ption
of CH in IKS is more
than 2.
15% compa
r
ed
to LEACH, beca
u
se of
the
comp
utation overhe
ad.
Figure 5 illustrates the av
erag
e end
-to-end del
ay time followin
g
the numbe
r o
f
nodes.
Define
d as th
e time taken
by a packet to rea
c
h the d
e
stinatio
n fro
m
the sou
r
ce
. We can n
o
tice
that the E2E delay in ou
r I
KS sch
eme i
s
sli
ghtly
gre
a
ter comp
are
d
to LEACH. Therefore
we
ca
n
con
c
lu
de that
the security
mech
ani
sm u
s
ed
in I
KS d
oes not ta
ke
a lot of time.
We
also
noti
c
e
Evaluation Warning : The document was created with Spire.PDF for Python.
TELKOM
NIKA
ISSN:
2302-4
046
An Im
proved
Key Man
age
m
ent Scheme for Hie
r
arch
ical Wi
rele
ss Senso
r
s… (A
bdoul
aye Dio
p
)
3977
that, incre
a
si
ng the nu
mb
er of no
de in
LEACH
as
well as in IKS, the E2E dela
y
remain
s al
most
unchan
ged.
This i
s
be
ca
use n
o
n
-
CH
comm
uni
cate
s only with it
s corre
s
pon
d
i
ng CH with
one
hop.
5. Conclusio
n
In this pa
per, we
present
ed a
n
Imp
r
o
v
ed Key m
a
nagem
ent S
c
hem
e fo
r S
e
cu
ring
comm
uni
cati
on in
Hie
r
a
r
chical
Wi
rele
ss Sen
s
o
r
s Networks
(IKS). We
find th
at the ove
r
h
ead
whi
c
h the IK
S proto
c
ol le
ads to
be a
c
cepta
b
le
with
low m
e
mory
overhe
ad a
nd E2E del
a
y
.
Based
on th
e hierarchi
c
a
l
netwo
rk
structure, IKS
distrib
u
te the
keys
within
a clu
s
ter a
nd
provide
s
re
keying p
r
o
c
e
s
s to e
nha
nce
netwo
rk
security avoidin
g
node
-captu
r
i
ng p
r
obl
em a
n
d
assure that only legitimate node
s send d
a
ta for pro
c
e
s
sing.
Before m
e
ssage e
n
cryptio
n
, com
m
uni
cating pa
rtie
s
need to
be i
n
agreeme
n
t o
n
a
key,
hen
ce provid
es co
ntinuo
u
s
authent
i
c
ati
on of node
s in the network. IKS mecha
n
ism is scal
a
b
le
with few me
ssag
es u
n
like
to random
key predi
strib
u
tion schem
e
s
ba
sed o
n
key pools
whi
c
h
gene
rate
a l
o
t of me
ssage,
with
hig
h
sto
r
age
ove
r
he
a
d
. Simulation
and
analy
s
is
has
sho
w
n
th
a
t
IKS approa
ch
not only achi
eves efficient
security
, but also provide
s
ene
rgy savi
ng. Our Futu
re
works m
a
y concentrate
o
n
devel
oppi
n
g
a
co
mplete
se
cu
rity sch
e
me fo
r
clu
s
ter
ba
sed
WS
Ns
unde
r mobilit
y to deal with varied an
d co
mplex attacks.
Ackn
o
w
l
e
dg
ements
The work re
p
o
rted in thi
s
p
aper
wa
s sup
ported
by Nat
i
onal Natural
Scien
c
e Fo
u
ndation
of
China (No
.
611720
49, 6100
3251
), Nation
al
Hig
h
Technol
og
y Research
and Develop
m
ent
Program of Chin
a (Grant
No. 2011AA
0401
01-3), Doct
oral Fund
of Minist
ry of Education
of
Chin
a (No. 20100
0061
100
15).
Referen
ces
[1]
J Z
hang, V Var
adh
araj
an. W
i
r
e
less s
ensor
n
e
t
w
o
r
k ke
y m
a
nag
ement s
u
rve
y
an
d ta
xo
no
m
y
.
Jour
na
l of
Netw
ork and C
o
mputer Ap
plic
ations
. 20
10; 3
3
(2): 63-7
5
.
[2]
W
Hei
n
zelm
an,
A C
h
a
ndrak
as
an, H
Ba
lakris
hna
n.
En
ergy-
e
fficient c
o
mmunic
a
tion
pr
oto
c
ol for
W
S
Ns,
Proc. of the 33
rd Ha
w
a
ii Inter
natio
nal C
onfer
ence o
n
S
y
st
e
m
Sciences, W
a
shi
ngto
n
. 200
0.
[3]
A Diop, Y Qi, Q W
ang, S
Hussai
n
. An A
d
vanc
ed Surv
e
y
on Sec
u
re
Energ
y
-Effici
en
t Hierarch
i
ca
l
Routi
ng Prot
oc
ols i
n
W
i
rel
e
ss
Sensor
Net
w
orks.
Internatio
nal J
ourn
a
l
of
Co
mp
uter Scie
nce Issues
.
201
3; 10(1-
2): 490-
500.
[4]
J Lee, V
Leu
n
g
, K W
ong, J
Cao, H
Cha
n
.
Ke
y
m
a
na
gem
en
t i
ssue
s
in
wireless sens
or networks:
current pro
pos
als an
d future
deve
l
op
ments
. IEEE Wireless Commun
i
cati
o
n
s. 2007; 1
4
(5)
:
76 –84.
[5]
MA Simplício Jr, PS
Barreto, CB Margi, T
C
Carval
ho. A Su
rve
y
on K
e
y M
ana
geme
n
t Me
chan
isms fo
r
Distribut
ed W
i
reless Se
nsor N
e
t
w
o
r
ks.
Co
mp
uter Netw
orks
. 201
0; 54(1
5
): 2591-
261
2.
[6]
P Z
hu, F
Ji
a. A
Ne
w
Ap
proac
h to S
ens
or En
erg
y
S
a
vin
g
Al
gorithm.
T
E
LK
OMNIKA Indon
esia
n Jo
urn
a
l
of Electrical En
gin
eeri
n
g
. 20
1
3
; 11(5): 24
85-
248
9.
[7]
L Eschenauer,
VD Gligor.
A k
e
y man
age
me
nt sche
m
e for
distrib
u
ted se
n
s
or netw
o
rks
. Proc. of the 9th
ACM confere
n
c
e on Com
pute
r
and commu
ni
cations sec
u
rit
y
, Ne
w
Y
o
rk. 2002: 41-
47.
[8]
AH Sodhr
o, Y Li, M Ali Sh
ah. Nove
l Ke
y Storage a
nd
Mana
geme
n
t Soluti
on for th
e Securit
y
o
f
Wireless Sens
or Net
w
orks.
T
E
LKOMNIKA Indo
nesi
an Jo
u
r
nal of
El
ectrical Eng
i
n
eeri
ng.
2013;
11(6):
338
3-33
90.
[9]
S Z
hu, S S
e
tia
,
S Jaj
odi
a.
LE
AP: Efficient S
e
curity Mec
h
a
n
is
ms for
Lar
g
e
-Scal
e
D
i
strib
u
ted S
ens
or
Netw
orks
. Proceed
ings of the
10th ACM conf
erenc
e on
Co
mputer an
d co
mmunicati
ons
securit
y
, N
e
w
York. 2003: 6
2
–72.
[10]
Y Ch
eng,
D A
g
ra
w
a
l. An
im
prove
d
ke
y
dis
t
ribut
io
n mec
h
anism for
lar
g
e-scal
e
h
i
erarc
h
ical
w
i
r
e
l
e
ss
sensor n
e
t
w
ork
s
.
Ad Hoc Netw
orks (Elsevier
)
. 2007; 5(1): 3
5–4
8.
[11]
LB Oliveir
a
, A F
e
rreira, MA Vilac
a
, et al. Se
cLEAC
H-on
the securit
y
o
f
clustered sen
s
or net
w
o
rks.
Sign
al Process
i
ng
. 20
07; 87(
1
2
): 2882-
28
95.
[12]
P Baner
jee, D
Jacobs
on, SN
Lah
iri.
Secur
i
ty and
perfor
m
a
n
ce a
nalys
is of
a secur
e
clust
e
rin
g
protoc
o
l
for sens
or n
e
tw
orks
. Proc. 6th IEEE Intl. S
y
mposium on Net
w
ork Computing
and Applic
ations.
2007:
145-
152.
[13]
AC F
e
rreir
a, M
A
Vil
a
ca, LB
Oliveir
a
, E H
a
b
i
b, HC W
o
ng,
AA Lo
ureir
o
.
T
he
s
e
curity of cluster-b
ase
d
communic
a
tio
n
protoc
ols for
w
i
reless se
nso
r
netw
o
rks
. Proc. 4th IEEE I
n
ternational Conference
on
Net
w
orki
ng (IC
N
Š05). 20
05: 4
49–
45
8.
Evaluation Warning : The document was created with Spire.PDF for Python.
ISSN: 23
02-4
046
TELKOM
NI
KA
Vol. 12, No. 5, May 2014: 3969 – 39
78
3978
[14]
PK Sah
oo, JJ
Ch
en, P
i
S
u
n.
Efficient
security
m
e
c
hanism
s
f
o
r th
e di
stri
b
u
t
ed
wi
re
le
ss sen
s
or
netw
o
rks
. Proceedings of the IEEE
T
h
ird In
ternatio
nal Conferenc
e on Information T
e
chnology
and
Appl
icatio
ns (ICIT
A
'
05). 2005
; (2): 541-546.
[15]
D Li
u, P N
i
n
g
,
Efficient
di
stributio
n of k
e
y cha
i
n c
o
mm
it
me
nts for
broa
dcast a
u
thentic
atio
n i
n
distrib
u
ted se
n
s
or netw
o
rks
. Proc. of the 10th Ann
ual N
e
t
w
o
r
k an
d Di
stributed S
y
st
em Securit
y
S
y
mp
osi
u
m, Califor
nia. 20
03.
[16]
C Karl
of, D W
agn
er,
Secur
e
routin
g i
n
w
i
r
e
less s
ens
or n
e
tworks: Attac
ks and counterm
easur
e
s
, In
Procee
din
g
s o
f
First IEEE
Internatio
nal Wo
rkshop
o
n
Se
nsor
Net
w
o
r
k Protocols and Appl
icatio
ns.
200
3:
113-
127.
[17]
NS-2
w
e
b site, http://
w
w
w
.
isi.
e
du/nsn
a
m/ns
[18]
J Daeme
n
, V Rijme
n
. T
he D
e
sig
n
of Rijn
d
ael: AES - the Advance
d
En
cr
y
p
ti
on Stan
d
a
rd. Sprin
ger-
Verla
g
Ne
w
Yo
rk. 2002.
Evaluation Warning : The document was created with Spire.PDF for Python.