A Key Management Scheme for Wireless Sensor Networks Using
Deployment KnowledgeWenliang Du et al.
Outline
• Introduction• Modeling deployment knowledge• Key pre-distribution using deployment
knowledge • Performance evaluation• Conclusion
Introduction
• Problem– Key pre-distribution in sensor network
• Previous work– Random key pre-distribution scheme– Improvement to random scheme
• q-composite scheme• Polynomial-based scheme
• Common assumption– No deployment knowledge is available
New assumption• In many practical scenarios
– Certain deployment knowledge may be available• What is deployment knowledge
– How are sensors deployed?– Are they uniformly randomly distributed?
• Deployment method– Uniformly randomly distributed
• No deployment knowledge– Non-uniform distribution
• Deployed by groups• Possible to know where a node is more likely to reside
• Useful– Most communications are between neighbors– Deployment knowledge helps us to know which nodes are more likely to
be neighbors for each node
Modeling deployment knowledge
• Probability density function (pdf)• General Deployment Model
– Deployment area• 2-dimensional rectangular area X x Y
– pdf for the location of node i, i = 1,…,N• fi(x,y), • Existing key pre-distribution schemes assume
– fi(x,y) = 1/XY– All sensor nodes are uniformly distributed over the deployment
region
],0[ Xx ],0[ Yy
Modeling deployment knowledge (Cont’d)
• Group-based Deployment Model– N sensor nodes are divided into t x n groups
• Probability node is in a certain group is (1 / tn)– Group Gi,j is deployed from the point (xi,yj)– The resident point of node k in group Gi,j follow the pdf
• Example of pdf f(x,y): 2-dimensional Guassian distribution)|,( , jiGkyxf
Deployment Points
Modeling deployment knowledge (Cont’d)
• Deployment distribution used in paper– 2-dimensional Gaussian distribution for each group
– Overall distribution over the entire deployment region
Modeling deployment knowledge (Cont’d)
• Why use group-based model– Easy to determine which nodes are more likely to be close to
each other• Distance between two deployment points increases Probability for
two nodes from these two groups become neighbors decreases– Different groups can use different key pools
• Key pool size is smaller better connectivity• Two groups are far away overlap between their key pools
becomes smaller
• Notations– Si,j: key pool used by group Gi,j,
– |Sc|: size of Si,j , njtiSS ji ..1,,...1,,
Key Pre-distribution Scheme
• Step 1: Key pre-distribution– Divide the key pool S into t x n key pools Si,j
• Si,j corresponding to deployment group Gi,j
• | Si,j | = | Sc|, for any i, j• Nearby key pools share more key• Far away key pools share less or no key
– Two horizontally or vertically neighboring key pools share exactly a|Sc| key spaces, 0 <= a <= 0.25
– Two diagonally neighboring key pools share exactly b|Sc| key spaces, 0 <= b <= 0.25
– Two non-neighboring key pools share no key spaces
Key Pre-distribution Scheme
• Key sharing among key poolsHorizontal
Vertical Diagonal
a
a b
b
b b
b
A C
F
H I
D
G
aa aa
B
Key Pre-distribution Scheme
• Determining |Sc|– Given key pool |S|, overlapping factor a, b– Si,j
– Determine
bnttnantntnSSc
)1(2)2(||||
njtiSS ji ..1,,...1,,
Key Pre-distribution Scheme
• Select keys for each key pool Si,j
– Global key pool S – Overlapping factor a
and b
Global Key Pool S
1 1-a 1-a 1-a1-(a+b) 1-2(a+b) 1-2(a+b) 1-(2a+b)1-(a+b) 1-2(a+b) 1-2(a+b) 1-(2a+b)1-(a+b) 1-2(a+b) 1-2(a+b) 1-(2a+b)
|Sc| keys
a|Sc| keys1-a|Sc| keys
a|Sc| keys b|Sc| keys
1-(a+b)|Sc| keys
t = 4, n = 4
Key Pre-distribution Scheme
• Effects of the Overlapping Factors– Best overlapping factors
• Combination of a and b that maximizes the local connectivity
Key Pre-distribution Scheme
• Step 2: Shared-key discovery– After deployment, every node will find out
whether it shares keys with its neighbors• Step 3: Path-key establishment
– Two neighboring nodes cannot find any common key
– Use secure channels that have already been established
Performance Evaluation• Performance metrics:
– Local connectivity plocal• The prob. of any two neighboring nodes sharing at least one
key– Resilience against node capture
• The fraction of additional communications (communications among uncaptured nodes) that an adversary can compromise based on the information retrieve from x captured nodes
– Communication overhead• When two neighboring nodes cannot find a common key• ph(l): prob. That the smallest number of hops needed to
connect two neighboring nodes is l
Performance Evaluation
• Local connectivity
Performance Evaluation
• Resilience against node capture
Performance Evaluation
• Communication overhead
Conclusion
• Use pdf to model deployment knowledge• Propose a key pre-distribution scheme
using deployment knowledge– Sensors carry less key– Achieves same level of connectivity– Improves network’s resilience against node
capture