Framework for Key Management Scheme in Heterogeneous Wireless Sensor Networks

Ubiquitous computing environments find their practical implementations through wireless sensor networks, which sense a relationship among themselves and the environment. Presently devised key management schemes are classified namely for homogeneous environments, or heterogeneous environments. In this paper, we propose a deployment conscious security framework supporting, a shift of complex operations to more capable nodes of heterogeneous environment and relieving resource constrained generic sensor nodes of major activities. We introduced a concept of deployment knowledge independent group key generation using a special kind of heterogeneity-multilevel transmission. Performance of proposed key management schemes is evaluated across relevant matrices and concluded to be satisfactory. Findings show that asymmetric key cryptography is comparatively more demanding in resources than symmetric version but ensures maximum security. Through our work we able to conclude that a hybrid of asymmetric and symmetric key cryptography best suits heterogeneous environments.


I. INTRODUCTION
Wireless sensor networks (WSNs) are commonly used in ubiquitous and pervasive applications such as military, homeland security, health-care, and industry automation.WSNs consist of numerous small, low-cost, independent sensor nodes, which have limited computing and energy resources.
These systems have traditionally been composed of a large number of homogeneous nodes with extreme resource constraints.This combination of austere capabilities and physical exposure make security in sensor networks an extremely difficult problem.In WSN, the medium of communication is wireless, which is inherently insecure.Thus, each sensor node must know one or more keys to secure its communication.Furthermore, situations might arise wherein an authenticated node is compromised by the intruder, revealing partial or entire keying information to the intruder -making it necessary to remove such node from the network.Needless to say, that the robustness of a security framework relies upon the strength of its key management schemes.
Until now asymmetric encryption or PKI is not seen practical solution in this environment, a number of clever symmetric-key management schemes have been introduced.But Certainly with increasing technological and economical advances comparatively better sensor nodes are available with bit more Energy, Memory and comparatively better computing capabilities.Thus requirements of PKI are not a burden on the WSN.
One well received solution that has been extended by several researchers is to pre-distribute a certain number of randomly selected keys in each of the nodes throughout the network [9], [4], [7], [10].Using this approach, one can achieve a known probability of connectivity within a network.These previous efforts have assumed a deployment of homogeneous nodes and have therefore suggested a balanced distribution of random keys to each of the nodes to achieve security.Likewise, the analysis of those solutions relies on assumptions specific to a homogeneous environment.A deviation from the homogeneous system model has been increasingly discussed in the research community.Instead of assuming that sensor networks are comprised entirely of low-ability (PKI Compliant) nodes, a number of authors have started exploring the idea of deploying a heterogeneous mix of platforms and harnessing the available "microservers" for a variety of needs.For example, Mhatre et al. [17] automatically designate nodes with greater inherent capabilities and energy as cluster heads in order to maximize network lifetime.
In this paper, we propose a Hybrid Key Management (HKM) scheme for heterogeneous wireless sensor networks.A variation of HKM supporting (Public Key Infrastructure) PKI named HKM-P (Public) and HKM-H(Hybrid) a hybrid scheme supporting both symmetric and public key for divided communications.Even without using deployment knowledge, we harness Location Dependence to generate a group key among geographical neighboring nodes.The rest of the paper is organized as follows.Section 2 and Section 3 discusses the proposed network's model, network deployment and clustering approach.In section 4 HKM and its variants has been discussed with section 5 and 6 discuss performance related issues.Section 7 reviews the state of art in key management in WSN.Finally paper concluded in section 8.

II. NETWORK ELEMENTS
Basically, two architectures are available for wireless networks, distributed flat architecture and hierarchical architecture.The former has better survivability since it does not have a single point of failure, and the latter provides simpler network management, and can help further reduce transmissions.As we know, WSNs are distributed event-driven systems that differ from traditional wireless networks in several ways such as extremely large network size, severe energy constraints, redundant low-rate data, and many-to-one flows.It is clear that in many sensing applications, connectivity between all Sensor Nodes ( SNs ) is not required but some applications require explicit connectivity between every pair of nodes.Mostly wireless SNs merely observe and transmit data to those nodes with better routing and processing capabilities, and do not share data among themselves.Data centric mechanisms should be performed to aggregate redundant data in order to reduce the energy consumption and traffic load in WSNs (out of scope of our proposal).Therefore, the hierarchical heterogeneous network model has more operational advantages than the flat homogeneous model for WSNs with their inherent limitations on power and processing capabilities [11][12] [13][8] and [12].Moreover recent trend is towards secure connectivity between geographical neighboring nodes.This phenomenon requires of Group Key which is shared symmetric key among a group of neighboring nodes.In this paper, we focus on large-scale HWSNs with the same three-tier hierarchical architecture as in [2] [3].AN are able to transmit at different power level and thus can transmit in multiple ranges.We here assume that the Anchor Nodes are able to transmit at six power levels in Figure 1.All this implies that more number of transmission levels results in lower density groups and vice-versa with similar information received.SN is replying with its ID ;CHs forwards ID of SNs to SINK for Authentication against legal SNs Database.If SN is legal SINK will send the information pertaining to a particular variant of HKM.
Otherwise SINK Updates its CRL and initiates revocation of the SN .CHs stores information sent by SINK for future reference.CHs now reply Join Completed to the concerned SNs and some information pertaining to HKM variant.

C. Geographical Group Key Generation
Sensor nodes in the same geographical group i.e. triangular cell, can construct a group key j i G K , using the broadcast received from s AN .But all the nodes receiving the same set of nonce need not be covered or administered by the same CH.Thus we can have some members be administered by one CH and some by other CH.Now CH in their coverage areas may have nodes with different set of nonce but nodes with same set of nonce co-located.This is the strength of our proposal that without using any deployment information we are able to harness location dependent group of nodes.We are now able to have cluster with possibly several sets of nodes with same nonce thus geographical and logically related nodes.This small set of nodes may be called to form a group.Using the information from CH and nonce; nodes in a cluster will form several groups of co-located nodes.

IV. SECURITY FRAMEWORK
In existing key pre-distribution schemes, two communicating sensors either use one or some of their shared pre-loaded keys directly as their communication key [15][10], or compose a communication key by their pre-loaded secret shares.Although this kind of mechanism has low computational overhead, it could lead to a serious security threat in practice.If some SNs are captured after the deployment, an adversary may crack some or even all the communication keys in the network by those compromised keys or secret shares.This node capture attack is the main threat to a key pre-distribution scheme.To address the limitations of existing key pre-distribution schemes, we proposed to incorporate the location dependence with pre-distribution.Our proposed framework supports three schemes.HKM is proposed in three variants namely HKM, HKM-P (HKM-Public) and HKM-H (HKM-Hybrid).
A. HKM: Before SNs are deployed, setup keys need to be pre-loaded into them.Also each node is assigned with ID .Each sensor node is pre-programmed according to the application requirements for deployment.At the same time, one unique Key ( , = about M K .Our scheme generates and distributes keys simultaneously, unlike [16] and [10] which require separate key distribution algorithms for key allocation.Key Generation: For our scheme, we will use key generation algorithm as proposed in [27].This algorithm is combination of pre and post-deployment key generation mechanisms.It generates CH K and i C K and used for specific epochs and are removed from SN after that epoch.These keys will also be generated during rekeying or revocation.a. Re-keying: Re-keying is optional instead of an obligation.The re-keying helps in refreshing or replacing security keys.It is needed when a compromised node needs to be excluded from the system, or a clustering is required.Re-keying after session expiry and new cluster formation is same as explained in key assignment and distribution section.Keys assigned in last session can now be used for secure seed propagation during re-keying if uncompromised.In the situation of a node compromise, SINK first performs a node revocation REVOKE operation, on the node which is malicious using its b.Node Revocation: A compromised node reveals all the information to the intruder, including the master key and leaves network vulnerable.A counter control operation must, be triggered to let the network become aware of the problem and resolve it.Such a problem cannot be circumvented using temporary mechanisms such as assigning new keys only to the compromised node and/or its In HKM Framework we proposed REVOKE operation to be triggered after detection of the compromised/malicious node.For Pre REVOKE operation; existing schemes like [28] can be utilize.
SINK knows the keying information in the compromised node.It unicasts REVOKE (step 3) message masked as a normal primitive operation just before the epoch for the next key update phase (step 4).The target node executes the command.This is followed by the resetting of the FLASH ROM, deleting compromised keying information of the sensor node.The RAM is totally reset.At least another epoch passes (step 5), before the compromised node and its intruder recover from the REVOKE that struck.It may take up to several epochs before the sensor board cold starts, initializes variables, and intruder re-deploys the keys (step 6 and has both encryption algorithms ECC/AES installed over it.In addition, a master key M K and basic keying material for ECC is preinstalled on each H-Node only.The key generation process is initiated by the SINK , which calculates its public/private key pair and broadcasts its public key, so that each CH receives the public key of the SINK .Each CH after generating its public/private key pair sends its public key along with its ID to SINK .SINK saves this public key and also broadcasts it along with s CH ' ID so that all the CHs get the public keys of all the other CHs.After the completion of the key generation at CH level, each cluster head generates a seed and broadcasts it to all the CN s.CN suseseed to generate i C K and

V. EVALUATION MATRICES
To determine the efficiency of our key management protocol for HWSN is checked against the following matrices.Scalability: Our schemes support high scalability.In HKM and HKM-H, whenever a new node wish to enter the network it propagates Similarly, each CH possesses the public keys for all the other CH's, hence complete network-wide key connectivity is ensured.In HKM-P communications is via public keys.CHs have public keys CHs and have public keys of CN and CH of their cluster.We are in process to propose the use of group keys in scenario where path key establishment becomes necessary.In actual will be replacement of Path Key.Depending upon the application we may use the group key to reduce the multiple instances of the messages generated from a locality.Revocation: Each of the three schemes considers the REVOKE operation for the compromised node removal as described in the node revocation section.For HKM-P, although the node compromise does not reveal any important keying information but REVOKE can be used for removal of other s CN public keys from compromised node.This will prevent compromised node from generating any kind of attacks on s CN whose public keys it possesses.
For our framework, SINK has been assigned the role of trusted certificate authority (CA) as well as issue certificate revocation list (CRL), containing information about revoked nodes at regular intervals.HKM-P employs hierarchical mode of communication, which makes application of CRL scheme simple.The CRLs are updated whenever a node (CH/CN) is revoked after being declared as compromised/malicious.The CRLs are broadcasted periodically from SINK to CHs.Each CH filters the CRL according to its CN s.According to HKM-P communication architecture, when a CH wants to communicate with another CH the process takes place via SINK and whenever any CN wants to communicate with another CN , the communication takes place via relevant CHs.For the CH-CH communication, CRL is checked at SINK to determine the status of the receiver.
If found revoked, the communication request is returned to the sender with an indication that the intended CH has been revoked.In a similar manner, for the CN-CN interaction, Necessary checks are performed at each CH on the CRL to check the validity of a node uncompromised status.
Resilience: Network resilience is defined as its resistance against node captures [20] Any node compromise in HKM-P does not reveal any keying information except its own private key and a few public keys.The maximum harm this compromised node can do is to decrypt messages destined for it.Table 1 gives a comparison of scalability and resilience for the three schemes along with describing the revocation method.
The evaluations are based on the simulations carried out in MATLAB environment for the individual implementations of HKM, HKM-H and HKM-P.
We used PROWLER plug-in in MATLAB for analysis (Table 2).Table 3 gives experimental values for memory, energy and time analysis of all three schemes and compared them with [5], as it is the only other key generation and distribution solution based on ECC.  A. Memory analysis: HKM is based on symmetric key cryptography hence occupies the smallest portion of RAM and ROM in the three schemes (Table 2).HKM-P utilizes public key cryptography for all the communications and hence utilizes maximum RAM and ROM space compared to other two schemes.HKM-H uses public key cryptography for SINK -CH interaction whereas symmetric key cryptography is used for CH-CN communication hence it memory usage falls between other two schemes.This memory analysis is done excluding SINK as SINK has no energy/memory constraints and is maintaining public keys for all the nodes involved in the network.The reason that HKM-P takes more memory than [5] being that HKM-P also provides key update and node revocation mechanism in addition to just key generation and distribution provided by [5].EBS based schemes [15][16][17] store a key pool (P) of size k+m where k keys are stored per node along with c communication keys.E.g. in [17]  Based on these results can say that our schemes provide optimum solution for storage and communication for key management.Reason is each cluster node select its nearest possible cluster leader so there is not much variation is their distance.The little variation in time for key distribution from SINK to CH is due to the distance of CH from the SINK .In real life scenario this variation could be much noticeable depending on the size of WSN.For HKM and HKM-H, the energy consumption tends to balance out with the changing number of nodes i.e. there is slight increase in energy consumption with the increase in number of nodes.A linear trend of slight increase is visible in the energy characteristics of HKM and HKM-H.For HKM-P, the energy consumption increases rapidly with the increase in number of nodes.This is because comparatively more number of nodes are involved in the activities of key generation, key registration and key distribution.Thus caused an exponential increase in the energy characteristics of HKM-P which becomes prevalent as the network size increases (Figure 3).In case of HKM and HKM-P, there are no specific energy characteristics corresponding to node role but for HKM-H, the measurements differ in context to node role.For HKM-H the initial hypothesis has been that SINK performs the most energy consuming operations of key management (Figure 4).P is computation energy.The energy consumed in sending 1 byte is estimated to be 59.2µJ whereas the energy consumed in receiving is specified to be 28.6µJ.Also energy cost of computation is small compared to data transmission.These values are based on actual mote implementation [1] (Table 6).Since we simulated energy for small number of nodes, so here we will calculate energy characteristics of the three schemes.These values indicate that even for larger network energy consumption at CN does not increase significantly, except in HKM-P.For HKM all analytical values remain almost same as noticed in experimental results.Nodes using asymmetric key in HKM-H and HKM-P shows exponential increase in energy consumption with the increase in network size.

VII. RELATED WORK
Typical key-distribution schemes focus on probabilistic key distribution, as in Eschenauer and Gligor [9].Probabilistic schemes have several undesirable side effects that public-key-based schemes do not: they cannot guarantee that a given node will be able to establish a shared secret with its neighbor(s), and they cannot guarantee security for uncompromised nodes after a number of nodes have been compromised.Research has also shown that Elliptical Curve Cryptography is practical for small sensor nodes [21].In [22], Du et al. have designed security schemes for HSNs which use public key cryptography.Du et al. [7] proposed a key predistribution scheme with the objective to improve the resilience of the network if compared to the previous schemes.In [23], Du et al. proposed another scheme to utilize node deployment knowledge to improve the Eschenauer-Gligor scheme in [24] in terms of network connectivity, memory usage, and network resilience against node compromise.Their scheme assumes a group based deployment model, in which sensor nodes are deployed in groups around their deployment points and the distribution of deployment points follows a rectangular grid model.In each group, the Eschenauer-Gligor scheme is applied.Zhou et al. [9] presented a location-based key establishment scheme, which is a hexagonal-grid-based deployment model combined with a polynomial-based key establishment model to establish a key between two neighboring nodes.We in our proposal introduced the concept of location based key management scheme without using deployment knowledge using special kind of heterogeneity.

VIII. DISCUSSION
We focused on keying methodology in our proposal.The results expectedly show that there exist an inverse relationship between the resource availability and the achievable level of security.cording to the observations, HKM-P utilizes maximum resources but it also provides end to end security and maximum resilience to node compromise, and thus most secure solution.From the resource utilization perspective, the schemes can be arranged from the least expensive to the most expensive as HKM, HKM-H, and HKM-P.From Energy consumption issue HKM and HKM-H show similar energy characteristics.Both follow a linear trend of increase with the increase in the number of nodes.HKM-P is efficient in energy requirements for smaller number of nodes but exhibits exponential increase to support larger number of nodes.From security perspective, the schemes can be arranged from the least favorable to the most favorable as HKM, HKM-H, and HKM-P.Also only HKM-P provides end-to-end security.For example in case of

CH
and set of SNs (distinct from other sets).SNs monitor the surrounding environment and transmit the sensed readings to their respective CH for relay.SNs may use multi-hop or single hop communication pattern for communication with CHs .III. GROUPING AND CLUSTERING APPROACH SNs are large in number and have limited capabilities.SNs are deployed randomly in the field for deployment like can be dropped from an aircraft.H-nodes which would bear Cluster heads responsibility are also deployed randomly.ANs are placed uniformly and in controlled manner using a manned or unmanned deployment vehicle which is equipped with GPS system to connect with satellite to retrieve exact location for ANs .Using hexagonal/triangular deployment of ANs in the deployment field the network deployment field is roughly divided into hexagonal/triangular field using multiple transmission power levels of ANs .As shown in the Figure 1 the lines in dark are transmission radius of ANs placed at triangular points.The higher is the transmission level larger is the transmission radius.Depending upon the number of ANs whose transmission ranges are aligned/covering a small area completely, SNs in that area/cell will receive the equivalent number of nonce, considering that each transmission level of a AN transmits an entirely different nonce.In Figure1 we assumed that intersection of transmission levels results in approximately triangular area/cell thus nodes in a triangular area/cell will receive nonce from the ANs whose transmission level is covering the triangular cell completely.For e.g.Nodes in Blue Cluster receives Selected Nonce but from all the ANs .Each SN in Triangular cell in blue colored cluster receives different set of nonce.Nodes in Triangular cell closer to

Figure 1 :
Figure 1: Hexagonal deployments of ANs and Resultant Hexagonal Clusters.For sake of convenience the circular arcs are approximated as straight lines.Transmission ranges from closely placed Anchor Nodes at six corners intersect with each other and resulting into triangular shaped cells.Adjoining cells may be joined to give a hexagonal shaped clusters which are supposed to managed by cluster Heads. A. CHs Discovery: CHs now can start discovering their neighbor CHs to form second tier in the hierarchical organization of HWSN.CHs broadcasts CH-Discover ( ) D CH _ signal which is received by neighboring CHs.SNs which receives D CH _ replies with CH-Discover Reply ( ) DR CH _ with their

.
The operation is explained in next section.REVOKE clears the keys stored in the FLASH RAM of the node and making it impossible to get new communication keys.For extremely security critical application re-keying could be performed.If the compromised node was CN , then re-keying is required only within cluster and can be done by just generating new

Figure 4 :
Figure 4: Node Role wise Energy Consumption getting each other public keys will take about four cycles of encryption/decryption.But from next time messages will not need any encryption/decryption on intermediate nodes.In HKM and HKM-H every communication between i CN to j CN will require extra encryption/decryption at CH

Base station ( SINK ): Sink node is the most powerful node in a WSN, it has virtually unlimited computational and communication power, unlimited memory storage capacity, and very large and powerful radio transmission range which can reach all the SNs in a WSN. Sink node can be located either in the center or
SNs are divided into two categories namely H-Sensors and L-Sensors.H-Sensors are small number of SNs possessing higher memory, transmission range, multiple transmission ranges, processing power and battery life.Our network model has four different kinds of wireless devices on the basis of functionality; sink node/base station ( BS ), cluster head node ( CH ), Anchor Nodes ( AN ) and sensor node ( SNs ).
and SINK .These are assumed to be capable enough to support the PKI.We propose to store two different encryption algorithms i.e. one for asymmetric key cryptography and one for symmetric key cryptography.We propose to use Elliptical Key Cryptography (ECC) for asymmetric key and .CHs are responsible for dividing SNs into clusters of uniform size.Anchor Nodes ( ANs ): Anchor Nodes are a special kind of H-Sensors which have multiple power level for transmission.Thus ANs have SNs in the same area/cell receive the same set of nonce thus grouped into same geographical group.
Thus we have several groups with different group key with in the same cluster because of different set of nonce and different from groups in neighboring cluster because of different information from their CHs.Following equation can be used to generate group key: i C K .M K H is the keyed hash function which uses M K ; pre-deployed Master Key.
Key Assignment and Distribution: Since a single key is inappropriate for securing all communication in a sensor network, our framework supports establishment of three different keys.This helps in limiting the impact of any key's compromise to only a certain number of nodes. is used by CN of th i cluster to communicate with their CH and other members of their cluster.Group key ( i SN with the SINK .SINK use this key to communicate any interest directly to that SN .CH K is used by CHs to communicate with SINK and other CHs .Any CH can reach SINK indirectly using CH K .Our next work is to propose a routing protocol which is aware of underlying key management scheme where we will use CH K .CE k s CN .Each Node of th i cluster then computes i C K by a function of i C S and M K .Initially no SN is physically compromised, an intruder eavesdropping into bootstrap communication; unable to produce any keys as it doesn't have information ( )....(1) REVOKE Operation communicating neighbors.Instead of assigning new keys to neighbors or compromised nodes only, more concrete solutions are needed to isolate such nodes from network. of the node for future references and adds SN as its CN , otherwise the message is discarded.Having converted all SNs as CN s, SINK broadcast nearest CH.As CH unable to decrypt the message therefore forwards this message to SINK .SINK verifies the node's authenticity by decrypting the message with the public key registered against that node ID stored in its database.If node is authentic, an OK message is sent to the CH; otherwise a REVOKE message is directed to the CH.If the CH receives an OK message, CH stores the pub K i CH to own CN s.C.HKM-H (Hybrid):Here we try to harness the heterogeneity of nodes.Burden of complex, ID to closest CH which routes the message to SINK .Upon authentication by SINK , the new node is allowed to be the cluster member and its public key is stored with the SINK .
j i C K for CH-CN interaction based on session seeds which is location based i.e. i C S .This provides 100% network wide connectivity.HKM-H provides good key connectivity on frequent interaction basis.Frequent CN -CN communication is ensured by a common . Resilience has a direct relation with network security i.e. higher resilience of a network means more security.In HKM; s CN and CH of that particular cluster are vulnerable.

Table 1 :
Scalability and Resilience

Table 2 :
Memory and Energy Analysis

Table 3 :
Number of Keys stored per node

Table 4 .
d number of neighbors and L = number of keys in key chain.Thus we can easily claim from Table 3, that HKM and HKM-H have very less storage requirement for nodes other then SINK , which in our case have limitless resources.Although HKM-P consumes little larger memory space but it provides maximum resilience and security.Table 4 also shows maximum message exchange which is in case of communication between CN of one cluster with CN of other cluster in all three schemes.Table also gives communication overhead for re-keying procedure. =

Table 4 .
Message Communication for Key Management Phases S AN for group rekeying

Table 5 :
Energy Consumption Equation for Various Levels of Nodes

Table 6 :
Analytical Values for Energy Consumption