LEAP: Efficient security mechanisms for large-scale distributed sensor networks

Sencun Zhu, Sanjeev Setia, Sushil Jajodia

Research output: Contribution to journalConference article

954 Citations (Scopus)

Abstract

In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node - an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.

Original languageEnglish (US)
Pages (from-to)62-72
Number of pages11
JournalProceedings of the ACM Conference on Computer and Communications Security
StatePublished - Dec 1 2003
EventProceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003 - Washington, DC, United States
Duration: Oct 27 2003Oct 31 2003

Fingerprint

Authentication
Sensor networks
Cryptography
Network protocols
Sensor nodes
Base stations
Processing
Communication

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

@article{ceb14dbb7a674ed8b16b9d37fac8632f,
title = "LEAP: Efficient security mechanisms for large-scale distributed sensor networks",
abstract = "In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node - an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.",
author = "Sencun Zhu and Sanjeev Setia and Sushil Jajodia",
year = "2003",
month = "12",
day = "1",
language = "English (US)",
pages = "62--72",
journal = "Proceedings of the ACM Conference on Computer and Communications Security",
issn = "1543-7221",
publisher = "Association for Computing Machinery (ACM)",

}

LEAP : Efficient security mechanisms for large-scale distributed sensor networks. / Zhu, Sencun; Setia, Sanjeev; Jajodia, Sushil.

In: Proceedings of the ACM Conference on Computer and Communications Security, 01.12.2003, p. 62-72.

Research output: Contribution to journalConference article

TY - JOUR

T1 - LEAP

T2 - Efficient security mechanisms for large-scale distributed sensor networks

AU - Zhu, Sencun

AU - Setia, Sanjeev

AU - Jajodia, Sushil

PY - 2003/12/1

Y1 - 2003/12/1

N2 - In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node - an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.

AB - In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types of messages exchanged between sensor nodes have different security requirements, and that a single keying mechanism is not suitable for meeting these different security requirements. LEAP supports the establishment of four types of keys for each sensor node - an individual key shared with the base station, a pairwise key shared with another sensor node, a cluster key shared with multiple neighboring nodes, and a group key that is shared by all the nodes in the network. The protocol used for establishing and updating these keys is communication- and energy-efficient, and minimizes the involvement of the base station. LEAP also includes an efficient protocol for inter-node traffic authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing and passive participation. We analyze the performance and the security of our scheme under various attack models and show our schemes are very efficient in defending against many attacks.

UR - http://www.scopus.com/inward/record.url?scp=10044284351&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=10044284351&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:10044284351

SP - 62

EP - 72

JO - Proceedings of the ACM Conference on Computer and Communications Security

JF - Proceedings of the ACM Conference on Computer and Communications Security

SN - 1543-7221

ER -