hop-by-hop message authentication and source privacy in wireless sensor networks
Hop-By-Hop Message authentication is one of the most effective ways to thwart unauthorized and corrupted messages from being forwarded in wireless sensor networks (WSNs). For this reason, many message authentication schemes have been developed, based on either symmetric-key cryptosystems or public-key cryptosystems. Most of them, however, have the limitations of high computational and communication overhead in addition to lack of scalability and resilience to node compromise attacks. To address these issues, a polynomial-based scheme was recently introduced. However, this scheme and its extensions all have the weakness of a built-in threshold determined by the degree of the polynomial: when the number of messages transmitted is larger than this threshold, the adversary can fully recover the polynomial. A scalable authentication scheme based on elliptic curve cryptography (ECC) is proposed. While enabling intermediate nodes authentication, the scheme allows any node to transmit an unlimited number of messages without suffering the threshold problem. The scheme can also provide message source privacy.
Symmetric-key based approach
The shared key is used by the sender to generate a message authentication code (MAC) for each transmitted message. Authenticity and integrity of the message can be verified by the node with the shared secret key, which is generally shared by a group of sensor nodes.
Secret polynomial based message authentication scheme
This scheme is similar to a threshold secret sharing, where the threshold is determined by the degree of the polynomial. This approach offers information-theoretic security of the shared secret key when the number of messages transmitted is less than the threshold. The intermediate nodes verify the authenticity of the message through a polynomial evaluation.
An alternative solution was proposed to thwart the intruder from recovering the polynomial by computing the coefficients of the polynomial. The idea is to add a random noise, also called a perturbation factor, to the polynomial so that the coefficients of the polynomial cannot be easily solved. However, the random noise can be completely removed from the polynomial using error-correcting code techniques.
Public-key based approach
Each message is transmitted along with the digital signature of the message generated using the senderÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s private key. Every intermediate forwarder and the final receiver can authenticate the message using the senderÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s public key.
Under Symmetric key an intruder can compromise the key by capturing a single sensor node.
Symmetric key method does not work in multicast networks.
Public key based scheme requires high computational overhead
To propose an unconditionally secure and efficient source anonymous message authentication (SAMA) scheme based on the optimal modified ElGamal signature (MES) scheme on elliptic curves.
SAMA enables the intermediate nodes to authenticate the message so that all corrupted message can be detected and dropped to conserve the sensor power.
To develop a source anonymous message authentication code (SAMAC) on elliptic curves that can provide unconditional source anonymity.
To offer an efficient hop-by-hop message authentication mechanism for WSNs without the threshold limitation.
To devise network implementation criteria on source node privacy protection in WSNs.
To propose an efficient key management framework to ensure isolation of the compromised nodes.
Provides hop-by-hop node authentication without the threshold limitation
Performance better than the symmetric-key based schemes
Suitable for decentralized networks