1. Field of the Invention
The present invention relates to a method for authentication of elements of a group, and in particular to a method for authentication of sensor nodes in a preferably wireless sensor network, wherein the group has one specific element—leading element—with which each of the elements of the group can exchange information and wherein the authentication of the elements of the group takes place with regard to the leading element.
2. Description of the Related Art
In practice, different methods of authentication have been known for a long time. Authentication in these cases serves for proving the identity and is meant to prevent that non-authorized entities are able to produce information that is only supposed to be generated by a defined group. In order to prove its authorization, one party has to prove specific characteristics to a second party within the authentication process. Once the necessary proof is given, i.e. the authentication process was successful, the party identified to be authorized can be allowed to have access to information which is not publicly accessible.
In particular, in wireless sensor networks (WSN) efficient authentication processes are of outstanding importance, for example to secure a reliable collection of information. Due to some specific characteristics of such networks, authentication within networks is also a big challenge.
Sensor networks generally comprise a big number, of sensor nodes that serve for example for collecting environmental data. Sensor networks can, for example, be used to measure humidity in vineyards or temperature on surfaces or to create movement patterns etc. All the individual sensors of a sensor network, which communicate with each other in a wireless way, consist in general of a probe, a processing unit, a communication device and a battery. The sensor nodes are usually produced in miniature size, so the functionalities of data collection, communication and computation are combined in a minimum amount of space. The limits of their transceiver, processor power, battery capacity, existing storage space or similar physically defined factors are therefore often very critical parameters for a sensor node. Due to these physical restrictions the methods used for authentication of sensor nodes must meet specific requirements.
Even though multiple solutions for one-to-one authentications are already known, these solutions cannot be directly applied in an environment in which the elements of the group have such restricted capabilities, as it is the case with sensor nodes. Facing the fact that big sensor networks have to organize themselves in a decentralized way, it can be observed that often cluster-based mechanisms are used. Hence, for such topologies, where a leading element (a so-called cluster-leader or dealer) is able to authenticate elements of the group, group authentication schemes are needed.
In practice, there are also different methods for group authentication already known. Purely symmetric schemes, characterized in that they are based on one single group key, are highly efficient, but are troublesome in the sense that they do not allow pairwise authentication. See rcf2040 “The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms” pp. 1-29, October 1996). This disadvantage can basically be met by using asymmetric schemes. Asymmetric schemes, though, are in many ways problematic regarding the enormous computation effort, as the latter often exceeds the capacities that are in general available in, for example, ad hoc- or sensor networks. See E. Mykeletun, M. Narashimha, and G. Tsudik “Signature Bouquets: Immutability for Aggregated/Condensed Signatures” European Symposium on Research in Computer Security (ESORICS'04), September 2004.