Enhancing privacy for ad hoc systems with predeployment key distribution

Abstract

Achieving security in distributed systems of constrained devices (like Wireless Sensor Networks) requires methods that can be performed while very limited computational, memory and communication resources are available. Moreover, while designing security protocols one needs take into account the adversary that can eavesdrop communication or compromise some of the devices. To achieve some level of security, two communicating devices need to establish a communication key. In the setting of severely constrained devices traditional methods are infeasible due to resource limitations, and one has to incorporate other security providing methods. One of the first such protocols has been introduced in Eschenauer and Gligor [23]. The paper followed by dozens of others relies on probabilistic key sharing among the nodes before deployment (key predistribution) in the Ad Hoc environment.In our paper, we show that regular protocols of key predistribution designed primarily for providing confidentiality of communication do not provide privacy in many natural scenarios. More precisely, even a weak adversary may “link” transmissions of the same nodes. In particular even a passive adversary that is eavesdropping the communication can easily recognize whether the same devices start communication several times. Such information not only breaches nodes’ privacy but also can be a starting point for an more advanced attacks and can give significant information about network’s activity. We define several models of adversary and introduce some general methods that can be used for addressing this issue. For the model with weaker adversary we show how to fully secure the privacy in an efficient manner. For the case of stronger adversary, we propose a method based on local key exchange allowing mitigation of the privacy threat.