Efficient Self-healing Key Distribution with Revocation for Wireless Sensor Networks Using One Way Key Chains

Security of group communication for large mobile wireless sensor network hinges on efficient key distribution and key management mechanism. As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key distribution schemes. Therefore, self-healing is a good property for key distribution in wireless applications. The main idea of self-healing key distribution scheme is that even if during a certain session some broadcast messages are lost due to network faults, the users are capable of recovering lost session keys on their own, without requesting additional transmission from the group manager. The only requirement for a user to recover the lost session keys, is its membership in the group both before and after the sessions in which the broadcast packets containing the keys are sent. Self-healing approach of key distribution is stateless in the sense that a user who has been off-line for some period is able to recover the lost session keys immediately after coming back on-line. In this paper, we propose two constructions for scalable self-healing key distribution with t revocation capability. The novelty of our constructions are that we apply a different and more efficient selfhealing mechanism compared to the ones in the literature using one-way key chain. The main improvements that our proposed schemes achieve over previous approaches are (a) communication bandwidth reduces from O((tj + j − t− 1) log q) to O((t+ 1) log q), and (b) computation costs for our first and second constructions reduce from O(2tj + j) to O(2t + 1) and O(2(t + t)) respectively, where m is the maximum number of sessions, j is the current session number, t is the maximum number of compromised group members that may collude and q is a large prime number. We achieve this result without any increase in the storage complexity. The schemes are scalable to very large groups in highly mobile, volatile and hostile network. We J. Katz and M. Yung (Eds.): ACNS 2007, LNCS 4521, pp. 385–400, 2007. c © Springer-Verlag Berlin Heidelberg 2007 386 R. Dutta, E.-C. Chang, and S. Mukhopadhyay prove in an appropriate security framework that our constructions are computationally secure and achieve both forward secrecy and backward secrecy.