Method and apparatus for key management in distributed sensor networks
First Claim
1. A method of key-management in Distributed Sensor Networks, comprising the steps of:
- prior to deployment of a plurality of sensor nodes of the Distributed Sensor Network, storing, in each sensor node of the Distributed Sensor Network, a respective key ring formed of randomly selected keys, a respective pair of said key rings sharing, with a predetermined probability, at least one key;
upon deployment of said plurality of the sensor nodes of the Distributed Sensor Network, discovering by at least one sensor node of said plurality of the sensor nodes for at least another sensor node sharing said at least one key with said at least one sensor node to establish a secure communication link between said one and another sensor nodes; and
using said at least one key for secure communication between said at least one and another sensor nodes over said secure communication link established therebetween.
1 Assignment
0 Petitions
Accused Products
Abstract
In a distributed sensor network, a method of key management is carried out in several phases, particularly key pre-distribution phase, shared key discovery phase, and as needed, a path key establishment phase. In the key pre-distribution phase, prior to DSN deployment, a ring of keys is distributed to each sensor node, each key ring consisting of randomly chosen keys from a large pool of keys which is generated off-line. A shared key exists between each two key rings with a predetermined probability. In the shared key discovery phase, which takes place upon deployment of the DSN, every sensor node discovers its neighbors in wireless communication range with which it shares keys, and the topology of the sensor array is established by forming secure communication links between respective sensor nodes. The path key establishment phase assigns a path key to selected pairs of sensor nodes in wireless communication range that do not share a key but are connected by two or more links at the end of the shared key discovery phase. The key management scheme also assumes a revocation phase for removal of the key ring of the compromised sensor node from the network. Also, re-keying phase is assumed for removal of those keys with the expired lifetime.
127 Citations
22 Claims
-
1. A method of key-management in Distributed Sensor Networks, comprising the steps of:
-
prior to deployment of a plurality of sensor nodes of the Distributed Sensor Network, storing, in each sensor node of the Distributed Sensor Network, a respective key ring formed of randomly selected keys, a respective pair of said key rings sharing, with a predetermined probability, at least one key;
upon deployment of said plurality of the sensor nodes of the Distributed Sensor Network, discovering by at least one sensor node of said plurality of the sensor nodes for at least another sensor node sharing said at least one key with said at least one sensor node to establish a secure communication link between said one and another sensor nodes; and
using said at least one key for secure communication between said at least one and another sensor nodes over said secure communication link established therebetween. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 22)
-
-
16. A Distributed Sensor Network system, comprising:
-
at least two sensor nodes, each said sensor node being pre-loaded prior to deployment thereof with a respective key ring formed of randomly selected keys, said respective key rings of said at least two sensor nodes sharing, with a predetermined probability, at least one key, and means associated with at least one of said at least two sensor nodes for searching for another of said at least two sensor nodes sharing said at least one key with said at least one sensor node to establish a secure communication link therebetween. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification