Efficient Key Management Scheme Research Articles

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

Energy Efficient Key Management Scheme using Modified Blom’s Scheme in Wireless Sensor Network

Objectives: To compute a new secret common key pair value consuming less energy, time and storage. Methods/Statistical analysis: Finding of effective energy efficient key management scheme is still a challenging task. To produce effective key management system, Hexagonal cluster based routing protocol (HCRP) is proposed with modified Hadamard matrix as a public matrix that is obtained from the balance factor using AVL tree applied in each cluster head in the hexagonal network model where each vertex is considered as cluster head. Public matrix and secret matrix are used for finding common key pair value. Findings: The newly designed public matrix is beneficial to obtain the common key value. Result shows that proposed HCRP protocol consumes less packet ratio with minimum data rate. The work is implemented using NS2 simulator considering various factors like packet drops, computation time, energy consumption and storage overhead. Application/Improvements: The proposed key management scheme is an efficient one and can be used as a security measure for the computational field.

An efficient key management scheme for user access control in outsourced databases

Recently, researches on key management scheme for user access control in outsourced databases have been actively done. Because outsourced databases require dealing with a lot of users and data resources, an efficient key management scheme for reducing the number of authentication keys is required. However, the existing schemes have a critical problem that the cost of key management is rapidly increasing as the number of keys becomes larger. To solve the problem, we propose an efficient key management scheme for user access control in outsourced databases. For this, we propose an Resource Set Tree(RST)-based key generation algorithm to reduce key generation cost by merging duplicated data resources. In addition, we propose a hierarchical Chinese Remainder Theorem(CRT)-based key assignment algorithm which can verify a user permission to gain accesses to outsourced databases. Our algorithm can reduce key update cost because the redistribution of authentication keys is not required. We also provide the analytic cost models of our algorithms and verify the correctness of the theoretical analysis by comparing them with experiment results. Finally, we show from the performance analysis that the proposed scheme outperforms the existing schemes in terms of both key generation cost and update cost.

A Survey on Efficient Group Key Management Schemes in Wireless Networks

Background/Objectives: With the unequalled growth in Wireless networks, the associated fields of group application have also seen growth like multimedia teleconferencing, stock quoting, and distance education. Security in group applications need to be maintained which cannot be accomplished by wireless networks and IP multicast, encryptions by a shared group key is required. In this paper we review on network-independent group key management, which can be classified into three types: centralized, decentralized and distributed group key management protocols. Improvements/Methods: We Analyse key management algorithms in wireless networks and compared various factors of performance like storage overhead, commutation overhead and communication overhead during the join and leave process in groups in wireless group key management approaches, with a set of assessment parameters. In this paper we find various parameters to consider when designing a key management algorithm in wireless networks for mobile environment. Findings: It is important to guarantee the safety of this group key and to ensure the group communication. In spite of the fact that group communication encryption can be utilized to secure messages exchanged among group individuals, distributing the cryptographic keys turn into an issue. However, various significant parameters are used to analysis security requirement of application, when the key management algorithm is developed. Strength of key management algorithms is minimization of key cost during the join/leave process of members in the groups. Applications: In addition, we identify the relationships between the various security issues of wireless group key management like performance, security and network compatibility with regard to the algorithms discussed. It will give better idea about designing key management algorithms with minimum cost like storage, communication and computation parameters when the members join/leave from the groups. It will enable them to take better decisions.

The Efficient key Management Scheme for Data Sharing in Cloud Server

The Efficient key Management Scheme for Data Sharing in Cloud Server

Efficient key management for publish/subscribe system in cloud scenarios

Publish/subscribe system has been well-studied for many applications. However, the key management of existing methods is not efficient enough. Therefore, we propose an efficient key management scheme based on dichotomy derivation for publish/subscribe system in cloud scenarios. The scheme derives a subscription interval to two dichotomy subscription intervals. Thus, the key management costs are logarithmic growth in base 2 with the length of subscription interval. Comparing with the linear growth of existing methods, our scheme is much more efficient for big data in cloud scenarios. Experimental results show that our scheme significantly outperforms existing methods in key management.

Design of ID-based Contributory Key Management Scheme using Elliptic Curve Points for Broadcast Encryption

Broadcast encryption is the process of delivering encrypted data through a secure channel, intended for multiple users, in which only the privileged users can decrypt the content. In a broadcasting system, all the intended recipients are required to be accommodated in an organized way, which is possible through an efficient key management scheme. An ideal Broadcast Encryption scheme should define a key management scheme and an encryption scheme. The potential steps in key management are key generation, a perfect revocation scheme, and a re-keying mechanism. This paper describes a key generation mechanism using Elliptic Curves. The generated key can be used as a symmetric key. The important feature of this symmetric key is that the key is constituted by the contribution from all the legitimate users so that the revocation mechanism can be simplified, but at the expense of communication overhead. The proposed method describes two approaches to communicate the symmetric key to the users or to the groups. General Terms Broadcast encryption, key management, re-key, elliptic curve, symmetric key

An Efficient Key Management Scheme Based on ECC and AVL Tree for Large Scale Wireless Sensor Networks

With the wide adoption of wireless sensor network (WSN), security problems emerge as a challenging issue because of the limited computational power and energy of the sensor nodes. Furthermore, the deployment of WSN in the hostile area with a large number of nodes also poses a threat. In this paper, we proposed a new efficient key management scheme based on Elliptic Curve Cryptography (ECC) and AVL tree for large scale WSNs. In our scheme the Elliptic Curve Paillier Encryption (ECPE) cryptography is adopted for communication and the AVL tree is used to store the neighbors' ID and public key. The number of keys used in our scheme is smaller than the proposed schemes as we store these keys using AVL tree to shorten the search time. Regular key updates are also designed to further improve the security of the whole network. Our scheme has a good scalability where the node addition and deletion are supported. Experimental results and analysis show our scheme can significantly reduce the energy consumed by the node and reduce the memory and computational overhead.

An Efficient Key Predistribution Protocol for Wireless Sensor Networks via Combinatorial Design

As Wireless Sensor Networks (WSNs) are usually deployed in remote or even hostile environment, the adoption of security mechanism is fundamental. To achieve secure communication between sensor nodes in WSNs, it is important to establish efficient key predistribution schemes. Unfortunately, key management scheme is a challenging issue for WSNs because of the resource limitations in the sensor nodes. In this paper, we propose an efficient key management scheme for WSNs, which assigns the key spaces to sensor nodes via combinatorial design. In the scheme Finite Projective Plane is mapped to obtain efficient key distribution scheme. Connectivity, resistance against attacks, storage and communication overhead are studied analytically and computationally. Compared to related schemes, the proposed scheme performs better against compromised node attacks.

On the Performance of a Secure Storage Mechanism for Key Distribution Architectures in Wireless Sensor Networks

Security in wireless sensor networks (WSNs) demands efficient key management schemes. In particular, one of the main research challenges is to ensure secure key storage by sensors due to their constrained resources and high exposure to tampering attempts. To address this issue, we have proposed SENSORLock, a secure key storage mechanism which can be applied to different key distribution architectures for WSNs. In this work, we evaluate SENSORLock through different study cases considering three key distribution architectures: TinySec, SPINS, and NCD. Our goal is to demonstrate its feasibility in large-scale sensor networks. Simulation results indicate that our mechanism introduces an average overhead of 1.9% in terms of end to end delay and provides a similar estimated power consumption compared to the aforementioned architectures. Hence, we argue that it is feasible to use SENSORLock (i) in large-scale sensor networks and (ii) under different key distribution schemes.

An Encryption-then-Compression System for JPEG/Motion JPEG Standard

In many multimedia applications, image encryption has to be conducted prior to image compression. This paper proposes a JPEG-friendly perceptual encryption method, which enables to be conducted prior to JPEG and Motion JPEG compressions. The proposed encryption scheme can provides approximately the same compression performance as that of JPEG compression without any encryption, where both gray scale images and color ones are considered. It is also shown that the proposed scheme consists of four block-based encryption steps, and provide a reasonably high level of security. Most of conventional perceptual encryption schemes have not been designed for international compression standards, but this paper focuses on applying the JPEG and Motion JPEG standards, as one of the most widely used image compression standards. In addition, this paper considers an efficient key management scheme, which enables an encryption with multiple keys to be easy to manage its keys.

Secured Communication Key Establishment for Cluster-Based Wireless Sensor Networks

The resource-constraint nature of wireless sensor networks (WSNs) has caused the security one of biggest challenges. An efficient key management scheme is the pre-requisite to ensure security in WSN. In this paper the authors present two versions of a secured key management scheme adopted on cluster-based topology of sensor network. The proposed schemes use partial key pre-distribution and symmetric cryptography techniques, and shows high resilience to different security attacks. Whereas one version of the proposed protocol uses shared partial keys in a cluster, the other version uses private partial keys. Both versions of the proposed key management scheme outperform other random key pre- distribution protocols in the sense that it requires lower space, lower communication overhead and offers very high session key candidates.

NaEPASC: a novel and efficient public auditing scheme for cloud data

Cloud computing is deemed the next-generation information technology (IT) platform, in which a data center is crucial for providing a large amount of computing and storage resources for various service applications with high quality guaranteed. However, cloud users no longer possess their data in a local data storage infrastructure, which would result in auditing for the integrity of outsourced data being a challenging problem, especially for users with constrained computing resources. Therefore, how to help the users complete the verification of the integrity of the outsourced data has become a key issue. Public verification is a critical technique to solve this problem, from which the users can resort to a third-party auditor (TPA) to check the integrity of outsourced data. Moreover, an identity-based (ID-based) public key cryptosystem would be an efficient key management scheme for certificate-based public key setting. In this paper, we combine ID-based aggregate signature and public verification to construct the protocol of provable data integrity. With the proposed mechanism, the TPA not only verifies the integrity of outsourced data on behalf of cloud users, but also alleviates the burden of checking tasks with the help of users’ identity. Compared to previous research, the proposed scheme greatly reduces the time of auditing a single task on the TPA side. Security analysis and performance evaluation results show the high efficiency and security of the proposed scheme.

A dynamic key management scheme for dynamic wireless sensor networks

AbstractDynamic wireless sensor network (DWSN) is a group of mobile sensor nodes deployed in an intended area. Secure communication in DWSNs depends on the existence of an efficient key management scheme. Because of the movements of sensor nodes and unknown mobility pattern, dynamic key management is an important issue in such networks. In this paper, we propose a new key management scheme, which uses key pre‐distribution and post‐deployment key establishment mechanisms for DWSNs. The proposed approach ensures that the two communicating nodes share at least one common key. It also provides efficient ways for key generation and revocation as well as addition or deletion of mobile sensor nodes. Compared with the other key management schemes, which are designed for DWSNs, our simulation and analytical results demonstrate the efficiency of the proposed approach in terms of confidentiality, resilience, memory usage, energy consumption and overhead. Copyright © 2014 John Wiley & Sons, Ltd.

EFFICIENT KEY MANAGEMENT AND AUTHENTICATION SCHEME FOR WIRELESS SENSOR NETWORKS

Wireless Sensor Networks (WSN) is vulnerable to node capture attacks in which an attacker can capture one or more sensor nodes and reveal all stored security information which enables him to compromise a part of the WSN communications. Due to large number of sensor nodes and lack of information about deployment and hardware capabilities of sensor node, key management in wireless sensor networks has become a complex task. Limited memory resources and energy constraints are the other issues of key management in WSN. Hence an efficient key management scheme is necessary which reduces the impact of node capture attacks and consume less energy. In this study, we develop a cluster based technique for key management in wireless sensor network.

An Efficient Pairwise Key Predistribution Scheme for Wireless Sensor Networks

Key management plays fundamental role in research on security service in wireless sensor networks (WSNs). However, due to the resource constraints, establishing pairwise keys in WSNs is not a trivial tasks. Several exiting key management schemes have been proposed in literature to establish pairwise keys between sensor nodes, but they either can not offer strong resilience against node capture attacks or have overly large memory requirement to achieve high degree of connectivity. In this paper, we prose an efficient pairwise key management scheme. In the proposed scheme, the sensor nodes are given different security level and the compromised sensor nodes cannot disclose the key information in the sensor nodes which have higher security level The analysis indicates that compared with existing approaches, this proposed scheme offers a stronger resilience against node capture attack

Secure and Energy-Efficient Join-Leave Operations in ZigBee Network

Since security plays an important role in several ZigBee applications, such as Smart Energy and medical sensor applications, ZigBee Specification includes various security mechanisms to protect ZigBee frames and infrastructure. Among them, the Join and Leave operations of ZigBee are investigated in this paper. The current Join-Leave operation is protected by the network key (a kind of group key). We claim it is not adequate to employ the network key for such purpose, and propose a new Join-Leave operation protected by the application link key (a kind of pairwise key), which is based on a more efficient key management scheme than that of ZigBee. Hence, the original Join operation consists of a total of 12 command frames, while the new Join operation consists of only 6 command frames. In particular, the security of the proposed Join-Leave operation is equivalent to or better than that of the original Join-Leave operation. The new Join-Leave operation is extensively analyzed in terms of security and efficiency, and compared with the original Join-Leave operation of ZigBee.

Improved migration for mobile computing in distributed networks

A mobile ad hoc network (MANET) is a special type of wireless network in which a collection of mobile nodes with wireless network interfaces may form a temporary network, without the aids of any fixed infrastructure. Security has become a hot research topic in mobile ad hoc networks. In 1998, Volker and Mehrdad proposed a tree-based key management and access control scheme for the mobile agents to manage rights to access its own resources for the visited mobile nodes. Latter, Huang et al. showed that Volker and Mehrdad's scheme needs a large amount of storage and costs for managing and storing secret keys. Huang et al. further proposed a new and efficient scheme based on the elliptic curve cryptosystems to reduce costs and gain better efficiency. However, there is a security leak inherent in Huang et al.'s scheme that the malicious node can overstep his authority to access unauthorized information. This paper will propose a secure, robust, and efficient hierarchical key management scheme for MANETs. Some practical issues and solutions about dynamic key management are also considered and proposed. As compared with Huang et al.'s scheme, our proposed scheme can provide better security assurance, while requiring smaller key-size, lower computational complexities, and constant key management costs which is independent on the number of the confidential files and the visited nodes.

Large scale wireless sensor networks with multi-level dynamic key management scheme

Cyber-Physical Systems (CPSs) have emerged as a promising approach to facilitate the integration of the cyber and physical worlds in highly interconnected and complex ways. CPSs consist of several components, such as sensors, actuators, controllers, etc., and their structures are being complicated, and their scales are increasing day by day. Therefore, the data reliability and security have emerged as critical challenges between physical and virtual components of these systems. Wireless Sensor Networks (WSNs) are accepted as one of the most crucial technologies for building future CPSs. Because of their wireless and dynamic nature, WSNs are more vulnerable to security attacks than wired networks. The main solution for this problem is the usage of signed messages with symmetric or asymmetric key cryptography. Although, asymmetric key cryptography increases network security, it also causes severe computational, memory, and energy overhead for sensor nodes. On the other hand, symmetric key cryptography has the difficulty of providing high-level security and efficient key management scheme; however, it is better in terms of speed and low energy cost. In this paper, it is aimed to build a multi-level dynamic key management system for WSNs with the aid of an Unmanned Aerial Vehicle (UAV), which is a key distribution and coordination center for asymmetric keys. After that, each sensor node constructs different symmetric keys with its neighbors, and communication security is achieved by data encryption and mutual authentication with these keys. Evaluation results show the proposed system is scalable, and its performance is significantly better than asymmetric key management systems.

Novel Key Storage and Management Solution for the Security of Wireless Sensor Networks

As wireless sensor networks continue to grow in usage for distinct applications. Storage (memory) requirement and security are major problems for these resource limited networks. This paper present a novel and an efficient key establishment and management scheme for WSNs, named Random Initial and Master Key (RIMK).We showed that our proposed technique, manages keys randomly with less storage (i.e. only two keys), less communication and computation overhead compared to existing Localized Encryption and Authentication Protocol (LEAP), in which every node uses four different keys in a static pattern and occupy greater storage space, which increases overhead and complexity in the network. Simulation results show that RIMK is more efficient and robust than LEAP. DOI: http://dx.doi.org/10.11591/telkomnika.v11i6.2703