Due to these sensitive applications, networks of the like must be provided with security services like confidentiality, authentication, integrity, and authorization.
Encryption systems used in conventional communication networks typically enable security services based on cryptographic methods for securing the communications. Cryptographic methods require cryptographic keys for their operation.
More particularly, in some networks comprising parties, or nodes, having to be very cost-efficient, symmetric cryptography is therefore usually applied to enable required security services. Indeed, in networks of the like, such as wireless sensor networks, nodes are typically resource-constrained, namely in terms of battery power, communication bandwidth, processing power, or memory. Security methods based on asymmetric cryptography are thus generally considered either inefficient or infeasible in such nodes.
The fundamental issue in symmetric cryptography lies in key-distribution, i.e. in the establishment of shared secrets in nodes belonging to a network and having to communicate securely. This problem is particularly eminent in WSNs, since their size can vary from tens to several tens of thousands of nodes, and their nature can be very dynamic, e.g. the network topology may not be known a priori.
Cryptographic keys are distributed and established between the parties involved by means of different methods based on public-key cryptography, a key distribution center or other symmetric techniques. In particular, research has been carried out on the design of key distribution schemes for sensor networks during the last years. Random key pre-distribution schemes, trust center based key distribution schemes or the application of public-key cryptography have been proposed. In many of those schemes, we find a trade-off between security and performance. For instance, random key pre-distribution schemes distribute a number of W keys randomly chosen from a pool of M keys to each node in the WSN. Thus, two nodes have a probability p of sharing a common key, which depends on W and M, and of being able to establish a secure communication link. However, these schemes can be broken by capturing nodes, and the stored keys. Besides, it requires the storage of a relatively high number of keys, for example between 50 and 200, equivalent to 500 or 2000 bytes for 100-bit keys. Public-key based key agreement schemes require the storage of a single key, but the algorithms for key generation are quite complex. Besides, the system is still slow from the computational point of view, since a few seconds are required for a key agreement handshake. Some conventional key distribution schemes are keying material share distribution schemes called alpha-secure, in which a node belonging to a network is not directly provided with cryptographic ready-made key, but with some node-specific keying material allowing it to compute a shared key with another node of the network, for securing communications. This node-specific information is a keying material share derived from a root keying material comprised in a management device of the network. These alpha-secure schemes offer a trade-off between performance, availability, and security. The main drawback of those systems refers to the fact that the root keying material is such that the capture of alpha nodes, and thus the combination of alpha keying-material shares, compromises the whole root keying material.