1. Field of the Invention
The present invention relates to a method for encrypted data transmission in a preferably wireless sensor network, wherein the sensor network comprises a multitude of sensor nodes and at least one sink node and wherein the data traffic within the sensor network converges like a reverse multicast traffic to the sink node.
2. Description of the Related Art
The usage of sensor networks is rapidly growing and they are especially used in the area of environmental monitoring, such as for purposes of examining the weather conditions, distribution of humidity or water contamination, or for purposes such as measuring the temperature of surfaces, analyzing movement patterns, controlling big industrial facilities etc. Every individual sensor of a sensor network is a sensor node which communicates—mainly in a wireless manner—with the other sensor nodes which in general consist of a sensor, a processing unit, a communication device as well as a battery. The functionalities of data acquisition, communication and computation are combined in the sensor node in a very small space.
Critical parameters which may restrict the possible fields of application of sensor networks are in particular physical restrictions of the individual sensor nodes, as for example the transmission range of their communication device, processor power, battery capacity, available storage capacity and the like. Since the individual sensor nodes—in contrast to the sink nodes where the sensed data is received—are restricted in many ways, an efficient organization of the sensor network in terms of energy consumption is especially important.
Another important aspect, which has to be taken into consideration when building up a sensor network, is the secure transmission of sensed data by the sensor node. The platform which is the base of the sensor node has in general extremely small dimensions and does in general not have a tamper resistant unit. Especially aggregator nodes which are sensor nodes, and which have the special function of collecting data from sensor nodes in their neighborhood and forward it, are an attractive aim for unwanted eavesdropping since the sensed data of a whole region of a sensor network is available and consolidated there.
In order to increase security of data transmission in sensor networks, the sensed data of the individual sensor nodes are generally transmitted in an encrypted form. To do so, in general an end-to-end encryption is chosen, i.e. the sensed data is encrypted directly at the sensor node and only decrypted after receipt at the sink node. Due to the problems discussed above, security schemes for sensor networks, as known up to now, loose their level of security if a malicious attacker is able to get knowledge of the key(s) used for data transmission.
Another increase in security in the context of data transmission in sensor networks can be achieved by special care in the key distributions. One such key distribution mechanism for pairwise secure communication is for example described in L. Eschenauer, V. Gligor, “A key-management Scheme for Distributed Sensor Networks”, in the proceedings of 9th ACM Conference on Computer and Communications Security (CCS'02), 41-47, November, 2002. According to this work, in every sensor node of the sensor network, a small number of keys are stored wherein the stored set of keys is taken out from a commonly used key pool. So, there is a certain probability that two randomly chosen sensor nodes share the same key.
In the framework of applications where data is aggregated, the known method is unusable since it only refers to a pairwise communication and is inappropriate for communication between n:1 partners.