Abstract
Security approaches in Wireless Sensor Networks (WSNs) are normally based on symmetric cryptography. Instead of symmetric encryption, some alternative approaches have been developed by using public-key cryptography. However, the higher computational cost represents a hard limitation to their use. In this paper, a new key management protocol is proposed. A transitory symmetric key is used to authenticate nodes in the network during the key establishment. However, pairwise keys are established using asymmetric cryptography. A theoretical analysis shows that the computational effort required by the public key cryptosystem is greatly reduced, while the security of the network is increased with respect to state-of-the-art schemes based on a transitory master key. Moreover, an experimental analysis demonstrates that this proposed approach can reduce the time spent for key establishment by about 35%.
Highlights
Wireless sensor networks (WSNs) [1] are a well-established pervasive technology that represents an ideal sensing component in the Internet of things (IoT) [2]
This paper presents Transitory master key Transport Layer Security (TLS) (TMKTLS), an hybrid protocol based on both symmetric and asymmetric cryptography
After an initial time slot, the transitory master key is deleted and pairwise keys among the nodes are generated using asymmetric cryptography. This scheme authenticates the public keys with a message authentication code instead of a digital certificate; the former operation takes negligible time compared to the latter, so the overall time required for key establishment is greatly reduced
Summary
Wireless sensor networks (WSNs) [1] are a well-established pervasive technology that represents an ideal sensing component in the Internet of things (IoT) [2]. After an initial time slot, the transitory master key is deleted and pairwise keys among the nodes are generated using asymmetric cryptography This scheme authenticates the public keys with a message authentication code instead of a digital certificate; the former operation takes negligible time compared to the latter, so the overall time required for key establishment is greatly reduced. If an adversary compromises the transitory master key, he/she can only add fake nodes to the network, while data secrecy is always preserved by public cryptography. These malicious nodes can be detected by a malicious node detection routine.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have