You are on page 1of 7

International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar.

2010 135

Lightweight PKI for WSN µPKI


Benamar Kadri1 , Mohammed Feham1 , and Abdallah M’hamed2
(Corresponding author: Benamar Kadri)

STIC Lab., Department of telecommunications, University of Tlemcen, Tlemcen, Algeria1


National Institute of Telecommunications, Evry, France2
(Email: enamarkadri@yahoo.fr)
(Received March 15, 2008; revised and accepted Aug. 22, 2008)

Abstract are now used in many civilian applications, including envi-


ronment and habitat monitoring, health care applications,
ireless sensor networks (WSN) grows in size and gain new home automation, traffic control, environmental monitor-
applications in our lives ranging from military applica- ing [5], or to detect and characterize Chemical, Biological,
tions to civilian ones. However security in WSN was not Radiological and Nuclear in some environments where the
carefully carried out, since only some symmetric encryp- presence of human is not possible [8].
tion based protocols are proposed in literature, under the
assumption that the nature of sensor nodes does not sup-
port public key encryption due to the limitation in battery 2 Security in Wireless Sensor Net-
and CPU power. However the new development of sen-
sors technologies may allow more computational power
works
and gives us the possibility to use public key encryption Security is a very important issue when designing or de-
in WSN if the used algorithm is energy efficient such as ploying any network or protocol. However the recently
ECC. Therefore in this paper we propose a lightweight developed networks as the wireless ones have not given
implementation of Public Key Infrastructure (PKI). Our the necessary attention to security when designing pro-
proposed protocol called µPKI uses public key encryption tocols by taking into account the specificity of these net-
only for some specific tasks as session key setup between works as the used medium and the devices constraints
the base station and sensors giving the network an ac- [22]. Thus, many security protocols were proposed trying
ceptable threshold of confidentiality and authentication. to efficiently carry out the problem of security and the
Keywords: Key management, PKI, µPKI, public key en- constraints of wireless networks [12, 16]. However, in sen-
cryption, WSN sor network the problem of security is more challenging
regarding the limitation of sensors and the area where the
sensors are deployed such as battlefields [21].
1 Introduction The proposed schemes in literature are not secure since
they use some simplified techniques to carry the limita-
Last dedicates have known the development of small, low tions of sensors, given that the majority of these protocols
cost, low power and multi-functional sensor nodes, having makes use of symmetric encryption for ensuring all the se-
the possibility of sensing and collect application-specific curity services instead of a combination of symmetric and
data as temperature, pressure and movement to allow en- asymmetric (public) encryption.
vironment monitoring [1].
A wireless sensor network WSN is a collection of hun-
2.1 Public Key Cryptography
dreds to thousands of sensor nodes connected to each
other through short range wireless links, used as an in- Public key cryptography was invented in seventies years,
frastructure to forward the collected report to the cen- it uses two keys for both encryption and decryption. In
tralized authority over a base station. Sensor nodes are the way that any message encrypted with one of the keys
self powered and equipped with low computational power can only be decrypted with the other key. One of the keys
CPU allowing the sensor to execute some specific treat- is called private key which is kept secret by its holder,
ment before sending a report to the centralized authority and the second one is publicly known by each entity in a
[19]. given community, using these two keys, the public key
The development of wireless sensor networks was orig- cryptography can ensure both confidentiality, integrity
inally motivated by military applications such as battle- and authentication. Often the management of genera-
field surveillance [5]. However, wireless sensor networks tion, distribution, renewal and publication of these keys
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 136

is achieved by a trust party called Certificate authority 3 State of The Art


(CA) which composes what we call public key infrastruc-
ture (PKI) which is recognized as the most efficient and In literature exist several key management schemes trying
powerful tool to ensure key management in conventional to solve the problem of security in WSN by taking into
networks. However PKI is omitted from the use in WSN, consideration the limitations of sensors (bandwidth and
because of its great consumption of energy and bandwidth energy), the majority of them are based on symmetric
which are very crucial in sensor network, and all the most key encryption and some others are based on asymmetric
known solution given in literature use symmetric encryp- encryption.
tion which is more power saving.
However, last years have known the development of 3.1 Symmetric Encryption Based
new cryptographic algorithms more energy efficient and
giving the same threshold of security as the conventional
Schemes
algorithms such as RSA [9, 24]. Elliptic Curve Cryptog- Shared key. This solution is the simplest way for secur-
raphy (ECC) [7], is one of these new algorithms and it is ing WSN, it uses a single shared key to encrypt traffic
the most promise regarding the energy and time consump- over the network, and this key may be periodically
tion, which makes it very attractive for data encryption updated to ensure more security against eavesdrop-
in WSN. ECC offers the equivalent security with much ping. As any other scheme based on single key, this
smaller key sizes which saves memory, computational and scheme is vulnerable against capture attack which is
energy power for constrained wireless devices [24]. more possible in sensor network, since the capture of
In the other hands, the new developed sensors will be only one sensor can compromise the shared key and
more powerful concerning the CPU and memory capaci- then the whole network.
ties, making public key encryption possible for small sen-
sors in WSN. Pre-distributed keys. These solutions assume the ex-
Thus, in this paper we are going to present a istence of an off-line dealer which distributes a set of
lightweight public key infrastructure for WSN called symmetric keys to sensors before their deployment,
µPKI. Our proposed infrastructure does not offer all the for example the authors in [7] proposed a random
services of a conventional PKI; however it gives the nec- key pre-distribution scheme for WSN in which sen-
essary threshold of security to manage the distribution sor obtains a subset of symmetric keys from a large
of session keys in a WSN, in the way that the public en- key pool. After deployment, each sensor tries to find
cryption is only used for specific services over the network a shared key with each of its neighbors to secure the
to ensure authentication; however confidentiality and in- links with them. Other works have been proposed
tegrity are achieved by symmetric encryption. under the same idea in [3, 6, 17, 18, 26] trying to
solve the problem of scalability and the manner of
obtaining the session key between sensors and the
2.2 Security Services
base station.
Confidentiality. This ensures that the exchanged data
is kept secret from any unauthorized entities over Tinysec. It is a link layer security protocol based on
the network. It is usually achieved using symmet- symmetric key encryption, TinySec [14] supports two
ric encryption which is more efficient concerning its different security options: authenticated encryption
consumption of devices resources. A mechanism en- (TinySec-AE) and authentication only (TinySec-
suring confidentiality must also protect information Auth). The use of MAC layer security instead of end
using periodic key update from long term eavesdrop- to end security may avoid denial of service attacks,
ping trying to learn from the encrypted data flow the however this scheme still vulnerable to lot of attacks
used encrypting key. as capture attacks. In other hands, this protocol can
be used by any other key management scheme as an
Integrity. This implies that the message should be un- underlying tool for encryption.
altered during its transmission from a source to desti-
nation by any intermediate sensor or malicious node. SPINS. Perrig et al. proposed SPINS, a suite of security
This is usually done in conventional network using protocols optimized for sensor networks [20]. SPINS
MAC (Message Authentication Code) or digital sig- has two secure blocks, namely Secure Network En-
natures. cryption Protocol (SNEP) and µ TESLA, which can
be run over the TinyOS operating system. SNEP
Authentication. This is the process of identification is used to provide confidentiality through encryption
that a receiving entity is sure that the message it re- and authentication; while µ TESLA is used to pro-
ceives comes from a legitimate source, this is ensured vide authentication for broadcasted data.
using Public Key Infrastructure. However in WSN is
usually done by pre-distributing some bootstrapping Cluster based protocols. These protocols are based
information used after to authenticate sensors by the on clustering, which mean that the whole network is
base station. divided into clusters [2, 13], then a set of symmetric
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 137

keys are used to ensure intra and inter cluster com-


munication as well as integrity, confidentiality and Table 1: Energy cost of digital signature (mJ)
authentication over each cluster and therefore over
Algorithm Sign
the whole network.
RSA-1024 304
ECC-160 22,82
3.2 Public Key Based Schemes RSA-2048 2302,7
ECC-224 61,54%
Simplified SSL handshake. In [24], the authors give
the energy cost analysis of a simplified version SSL
[23] applied to WSN, which reduces the amount of
exchanged data between any pair of nodes to save 4 Encryption Algorithms
energy and bandwidth. The simplified handshake is
used to setup a secure key between any two sensors
4.1 Elliptic Curve Cryptography
in the network as the one in SSL [23].
As a brief analysis of this scheme, it seems that The ECC algorithm [10] can be classified as the one of the
it is not energy saving since a handshake between most efficient asymmetric algorithms regarding its energy
each pair of sensors is too expensive concerning the cost as well as its encryption speed [24], making it the
amount of exchanged data. Therefore this scheme base of future key management and security protocol for
can not be applied to mobile sensor networks, since WSN and any other wireless ad hoc network. In table 1 we
the mobility of sensors needs new handshake at each give the energy cost of the RSA and ECC algorithms for
time a sensor changes its position and therefore its signature applied to Berkeley/Crossbow motes platform,
neighbor sensors, which consumes lot of energy. specifically on the Mica2dots [4], as we can observe the
ECC is always more efficient compared to RSA for the
TinyPK. The TinyPK system described in [25] is de- two used key length, given that the length of keys used by
signed specifically to allow authentication and key ECC are much smaller than RSA’s keys which may save
agreement between resource constrained sensors. lot of memory space for sensors. Also, ECC’s encrypted
The protocol is designed to be used in conjunction blocks are more small than the RSA’s ones which saves
with other symmetric encryption based protocols as network bandwidth during transmission.
TinySec [14], in order to deliver secret key to that
underlying protocol. To do this, they implement the
Diffie-Hellman key exchange algorithm. 4.2 Message Authentication Codes
As said above, using a session key between each pair (MACs)
of sensors is not efficient and it consumes lot of energy
Is the common solution to ensure integrity and authenti-
and network bandwidth for the setup of the session
cation of messages in conventional networks [23]. A MAC
key beyond of the energy consumed by the encryp-
can be viewed as hash function applied on data packets,
tion algorithms. Using this scheme as an end-to-end
resulting on a digest which is encrypted by the session key
security mechanism may be energy efficient however
shared between the two entities, the encrypted digest is
Diffie-Hellman key agreement is very sensitive to man
called MAC and it is sent with the original packet in the
in the middle attacks which can be easily performed
same message. A receiver sharing the same session key
in such situation.
can verifies the integrity of the message by computing the
MAC value and compares it with the received one if the
Simplified Kerberos protocol. The authors in [11]
verification fails; this means that an adversary has altered
proposed an adapted version of Kerberos [15] for
the packet during its transmission over the network.
WSN in order to setup a session key between
each communicating pair of sensors by contacting a
trusted third party which may be the base station or
a cluster head in a hierarchical network. They as- 4.3 Symmetric Cryptography
sume that a long term key is shared between each
node and the trusted authority which is responsible Is a cryptographic method employing a single key for both
of the generation of the secret key for each pair of encryption and decryption [23]. The use of a single key
sensors. makes the decryption process a simple reversal of the en-
cryption process. In literature, there exist lot of sym-
This scheme is very vulnerable against capture at- metric algorithms such as RC4, DES and AES. In our
tacks to which sensor are very often exposed, and as protocol we do not propose any algorithm to be used nor
the previous work the handshaking is not energy sav- the method to implement it (hard or soft), which are let
ing and it may consume lot of network resources if for the implementation and the specificity of the environ-
the trusted third party is far from the pair of nodes. ment.
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 138

Regular Session key encrypted with the Regular


Header public key of the base station Header

Figure 2: Structure of session key’s message

after in the handshake between the base station and sen-


sors, since each link between any sensor node and the base
station is secured using a symmetric session key which is
periodically updated.
Figure 1: Sensor network architecture Two handshakes exist in µPKI, the first one between
the base station and sensors intended to secure end to end
transmission between them. However the second one is
intended to secure sensor to sensor communication, this
5 µPKI for WSN handshake is established trough the cooperation of the
In this section we are going to give an overview of µPKI base station which plays the role of authenticator between
(Micro Public Key Infrastructure). µPKI is a lightweight sensors during this phase.
implementation of PKI for WSN since it only implements
a subset of a conventional PKI services. 5.3 Base Station to Sensor Nodes Hand-
In µPKI, only the base station needs to be authen- shake
ticated using a pair of keys. The public one is used to
authenticate the base station by the sensors in the net- This handshake is very simple and efficient, aims to setup
work, while the private key is used by the base station to a session key between the base station and any sensor over
decrypt data sent by sensors which ensure its confiden- the network used for end to end traffic encryption between
tiality. these two entities. We suppose that a sensor node needs
to setup a secured link with the base station using µPKI
5.1 Network Architecture in order to transmit some data to the base station, thus
both the base station and the sensor node collaborate to
We conceder a WSN composed of a set of sensor nodes execute the following steps:
wireless connected to each other, this sensors are used to
forward the collected report to a centralized authority or 1) Generation of the session key, As we have said links
base station Figure 1. between the base station and sensors are secured us-
For the implementation of µPKI, we assume that: ing symmetric encryption, therefore any sensor will-
ing to secure its transmission with the base station,
• The base station have more computational and en- generates a random key, encrypts it with the public
ergy power compared to sensors. key of the base station, already distributed to sensors
by an off-line dealer. It embeds the encrypted key in
• The base station has a pair of keys (private and pub-
a regular message Figure 2 and sends its to the base
lic key).
station using the underlying protocol.
• Each sensor is capable to use symmetric and asym-
metric encryption, by implementing (hard or soft) 2) When the message containing the session key is re-
each of these operations. ceived by the base station, it decrypts this message
using its private
• Each sensor has the capacity to save at least the pub- key and saves the session key in a global table where
lic key of the base station and a session key used for are saved all the session keys corresponding to each
data encryption. sensor in the network. A global table is maintained
• Each sensor node gets the public key of the base sta- by the base station and contains the pairs of sensors’
tion before deployment from an off-line dealer. identifier and the corresponding session key.

3) The base station encrypts an OK message using the


established session key and sends it to the corre-
5.2 µPKI System Bootstrapping
sponding node; this Ok message is a challenging mes-
Before the deployment of the WSN, we suppose that an sage ensuring the authenticity of the base station,
off-line dealer distributes the public key of the base sta- since if this message is a successfully decrypted by
tion to each sensor in the network, which means that only the sensor using the key generated in step 1 means
legitimate sensors have the possibility to authenticate the that the session key setup is successful Figure 3, oth-
base station trough its public key, this public key is used erwise an attack is assumed and therefore a new at-
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 139

Ok Message S1 Session Key


S2
S1
S2 S3
Session Key request
Encrypted Session S3
Key S7
BS S8 Secure tunnel S9
BS S8 S
S9 S6
S4
S4 S5 S11
S7
Session Key S10
S5 S6

Figure 4: Sensor to sensor handshake


Figure 3: Session key establishment

MAC Data encrypted Header


tempt is launched, by the sensor node to establish a (Session key ) (Session key)
new session key.
The purpose of any handshake is the setup of a secure Figure 5: Data packet structure in µPKI
tunnel between two or more entities in a given community.
As we can observe µPKI handshake ensures a great level
of security since the session key sent to the base stationtiality of the exchanged traffic using symmetric encryp-
over multi hops link can not be decrypted by any mali- tion.
cious sensors, because it is encrypted by the public key of
In order to guaranty the integrity and the authenticity
the base station which means that only the base station
of the exchanged data between each communicating par-
can retrieves this key using the corresponding private key,
ties, we propose to apply on each sent packet an MAC
as well as the Ok message which can only be decrypted function using the same session key. Hence, each commu-
using the true session key which guaranties an acceptable
nicating party verify the integrity and the authenticity of
level of security due to the use of both symmetric and
each packet by verifying the joined MAC, if the verifi-
asymmetric encryption. After the establishment of this
cation fails this means that an attacker has altered this
session key the sensor and the base station begin to use packet, therefore a mechanism is launched as multi-path
it for data encryption until the next key update. routing to avoid this attacker. Otherwise the base station
launches any mechanism to detect and exclude this sensor
5.4 Sensor to Sensor Handshake from the network, if it exists.
As we can observe in Figure 5, the original structure
After the establishment of the session key between each
of the packet is kept unchangeable; we only join to the
sensor and the base station, we suppose that some sensors
original packet the MAC applied on the data packet.
need to establish a secure channel between them for any
purpose. To do so, both the base station and the sensors
execute the following steps: 5.6 µPKI Key Update
1) One of the two sensors sends a request to the base A key update tries to prevent long term attack aiming to
station in order to establish a secure tunnel with the extract the encrypting keys by analysing the encrypted
other sensor. This request contains the identifier of traffic over the network for long time, in a WSN an auto-
the corresponding node. matic key update must be defined, since a network can be
deployed for many days or months. Therefore, in µPKI we
2) When receiving this request the base station gener- propose to use a periodic key update for each established
ates a random key for this purpose, it encrypts a session key.
copy for each sensor using the corresponding session The key update is initiated by the sensor node by
key, and sends it embedded in a message using the launching new handshake; the period of the key update is
underlying routing protocol to each sensor. relative to the key length and the complexity of the used
algorithm which means that this period is fixed by the
3) When receiving the new key by sensors they begin
administrator of the WSN.
to use it to secure data transmission between them-
selves.
5.7 Joining the Network
If a new node wants to join the network, the administra-
5.5 µPKI Functioning
tor of this network must load the public key of the base
After the achievement of the handshake, each two entities station into this node, after getting the public key of the
have a unique session key used to guaranty the confiden- base station the new sensor can automatically launch a
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 140

handshake and join the network if there is any report to 128 bits key length. Therefore the total energy cost of
send. µPKI handshake is 28, 46µJ.
The Sensor to Sensor handshake is less energy consum-
ing, since only one message needs to be send as a hand-
6 Analysis shake request and one message for receiving the session
key, added to the cost of decrypting the received message
6.1 Security Services to retrieve the session key sent by the base station. Thus,
Scalability. This propriety deals with network widening the total energy consumed is 3, 66µJ for the received and
is possible with µPKI, since µPKI manages the in- the sent data and 0, 039µJ for decrypting it which results
creasing number of sensor nodes by new handshakes on 3, 70µJ for the whole handshake.
and a new entry is created in the global table of the Compared to the energy cost of the simplified Ker-
base station to manage this connection. beros [11] and SSL [24] presented in Section 3, which are
respectively between 39, 6µJ and 47, 6µJ for simplified
Confidentiality. This aspect is ensured by the use of Kerberos [11] and 93,9µJ for simplified SSL [24] it seems
symmetric encryption to encrypt the exchanged traf- that µPKI is more energy saving, which makes it appli-
fic between the base station and sensors. The con- cable for WSN. In addition to this it also guaranties a
fidentiality is enforced using periodic key update to great threshold of security by using periodic key update
prevent long term attacks. and public key cryptography.
Authentication. In µPKI we have tried to ensure au-
thentication by using the public key cryptography at
the level of the base station the authority which needs
7 Conclusion
to be authenticated by sensors since all the WSN re- In this paper we have presented a Public Key Infrastruc-
ports are sent to this base station. Consequently, we ture for wireless sensor network called µPKI. µPKI tries
have ensured its authentication using a public key to solve the problem of security in WSN by the use of pub-
pre-installed in each deployed sensor. lic key cryptography as a tool for ensuring the authentic-
Integrity. The integrity in µPKI is ensured using MAC ity of the base station. µPKI is composed of two phases,
(Message authentication codes) computed and joined the first is the µPKI sensor to base station handshake in
to each sent packet between the base station and any which the base station and a given sensor node setup a
sensor over the network as well as between sensors if session key to secure end to end link between them, this
there is any communication. handshake is protected and authenticated using the pub-
lic key of the base station. The second phase is the use
of this session key for data encryption to ensure confiden-
6.2 Energy Cost Analysis of µPKI tiality and ensuring the integrity of the exchanged data
The energy cost of any key management scheme is deter- using the MAC joined to each packet. We have also pro-
mined by the energy required for the execution of crypto- posed sensor to sensor handshakes in order to establish
graphic primitives and the energy needed for transmitting secure tunnels between each two sensors; this handshake
the encrypted data. According to [24], the transmission is managed and supervised by the base station. For more
of a single byte of data requires 59, 2µJ and 28, 6µJ for security a periodic key update is defined for the session
reception. key. Compared to other PKI, µPKI is energy efficient and
As described above, two kinds of messages exist in gives a considerable threshold of security.
µPKI for both Base station to Sensor or Sensor to Sen-
sor handshake, the size of each message is between 64 to
256 bits (according to session key length), added to 256 References
bits which is the size of the underlying protocols data
checksum, node’s IDs and protocol headers. Thus, the [1] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and
maximum size of each µPKI packet is 512 bits, the en- E. Cayirci, “Wireless sensor networks: A survey,”
ergy needed for transmitting such packet is 3,78mJ and Computer Networks, vol. 38, no. 4, pp. 393-422, 2002.
1,83mJ for receiving it. [2] S. Basagni, K. Herrin, E. Rosti, and Danilo Bruschi,
As described in Section 5 for Base station to Sensor “Secure pebblenets,” Proceedings of the 2nd ACM in-
handshake a sensor needs to send one message to the base ternational symposium on Mobile ad hoc Networking
station containing the session key (3, 78µJ) and receive & Computing, pp. 156-163, 2001.
the Ok message sent by the base station (1, 83µJ), in ad- [3] H. Chan, A. Perrig, and D. Song, “Random key
dition to the cost of encrypting the session key using the predistribution schemes for sensor networks,” IEEE
public key of the base station which is 22, 82µJ accord- Symposium on Security and Privacy, pp. 197-213,
ing to [24], as well as the energy needed to decrypt the Berkeley, California, May 2003.
Ok message sent by the base station which is 0, 039µJ [4] Crossbow Technology Inc., Processor/Radio Mod-
according to [24] if the used algorithm is AES and using ules, 2008. (http://www.xbow.com/)
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 141

[5] D. Culler, D. Estrin, and M. Srivastava, “Overview [19] O. Moussaoui and al, “Efficient saving in wireless
of sensor networks,” IEEE Computer Society, vol. 37, sensor networks through hierarchical-based cluster-
no. 8, pp. 41-49, 2004. ing,” Proceedings of the International IEEE Global
[6] A. K. Das, “An identity-ased random key pre- Information Infrastructure Symposium, pp. 226-229,
distribution scheme for direct key establishment to 2007.
prevent attacks in wireless sensor networks,” Inter- [20] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.
national Journal of Network Security, vol. 6, no. 2, D. Tygar, “SPINS: Security protocols for sensor net-
pp. 134-144, 2008. works,” Mobile Computing and Networking, pp. 189-
[7] L. Eschenauer, and V.D. Gligor, “A key-management 199, 2001.
scheme for distributed sensor networks,” Proceedings [21] A. Perrig, J. Stankovic, and D. Wagner, “Security
of the 9th ACM conference on Computer and Com- in wireless sensor networks,” Communications of the
munication Security, pp. 41-47, 2002. ACM, vol. 47, no. 6, pp. 53-57, 2004.
[8] C. F. G. Ehermandez, and al, “Wireless sensor net- [22] R. Ramanathan and J. Redi, “A brief overview of
works and applications,” International Journal of ad hoc networks: Challenges and directions,” IEEE
Computer Science and Network Security, vol. 7, no. Communications Magazine, vol. 40, no. 5, pp. 20-22,
3, pp. 264-273, Mar. 2007. 2002.
[9] N. Gura, A. Patel, A. Wander, H. Eberle, and S. [23] B. Schneier, Cryptographie App.liquée Algorithms,
C. Shantz, “Comparing elliptic curve cryptography Protocoles, 2nd Edition, Wiley, 2001.
and RSA on 8-bit CPUs,” Proceedings of the Sixth [24] A. S. Wander, N. Gura, H. Eberle, V. Gupta, and S.
Workshop on Cryptographic Hardware and Embedded C. Shantz, “Energy analysis of public-key cryptog-
Systems (CHES’04), pp. 119-132, 2004. raphy for wireless sensor networks,” Proceedings of
[10] D. Hankerson, A. Menezes, and S. Vanstone, Guide PerCom, pp. 324-328, 2005.
to Elliptic Curve Cryptography, Springer-Verlag New [25] R. Watro, D. Kong, S. Cuti, C. Gardiner, C. Lynn,
York, ISBN 0-387-95273-X, Inc. 2004. and P. Kruus, “Tinypk, securing sensor networks
[11] G. Johann, S. Alexander, and T. Stefan, “The en- with public key technology,” Proceedings of the 2nd
ergy cost of cryptographic key establishment,” Pro- ACM Workshop on Security of Ad Hoc and Sensor
ceedings of the 2nd ACM Symposium on Informa- Networks (SASN 04), pp. 59-64, 2004.
tion, Computer and Communications Security, pp. [26] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient se-
380-382, 2007. curity mechanisms for large-scale distributed sensor
[12] B. Kadri, A. Mhamed, and M. Feham, “Secured clus- networks,” ACM CCS 2003, pp. 62-72, 2003.
tering algorithm for mobile ad hoc networks,” Inter-
national Journal of Computer Science and Network Benamar Kadri received his engineer degrees in com-
Security, vol. 7, no. 3, pp. 27-34, Mar. 2007. puter science from the University of Tlemcen, Algeria in
[13] B. Kadri, M. Feham, and A. Mhamed, “A new man- 2004, and his M.S. degrees in networks and telecommu-
agement scheme of cluster based PKI for ad hoc net- nication systems within of the same University. Member
works using multi-signature,” Proceeding of the in- of STIC laboratory in the University of Tlemcen, his
ternational IEEE Global Information Infrastructure recent work is dealing with mobile wireless networks,
Symposium, pp. 167-172, 2007. their security, routing and management.
[14] C. Karlof, N. Sastry, and D. Wagner, “Tinysec A link
layer security architecture for wireless sensor net- Mohammed Feham received his PhD in Engineering
works,” Second ACM Conference on Embedded Net- in optical and microwave communications from the
worked Sensor Systems (SensSys 2004), pp. 162-175, university of Limoges, France in 1987, and his PhD
2004. in science from the university of Tlemcen, Algeria in
[15] J. T. Kohl, and B. C. Neuman, The Kerberos Net- 1996. Since 1987 he has been assistant professor and
work Authentication Service (Version 5), Internet professor of microwave and communication engineering
Engineering Task Force (IETF), Internet Draft RFC his research interest is in telecommunication systems and
1510, 1993. mobile networks.
[16] T. Landstra, S. Jagannathan, and M. Zawodniok,
“Energy-efficient hybrid key management protocol Abdallah M’hamed is an associate professor in Net-
for wireless sensor networks,” International Journal work security and dependability. He received his Doc-
of Network Security, vol. 9, no. 2, pp. 121-134, 2009. tor degree in dependability studies from the Technologi-
[17] D. Liu, and P. Ning, “Location-based pairwise key cal University of Compiegne, France. In 1990 he joined
establishments for relatively static sensor networks,” the National Institute of Telecommunications, in Evry
2003 ACM Workshop on Security of Ad Hoc and Sen- France. His current teaching activities are dealing with
sor Networks (SASN03), pp. 72-82, 2003. network security services, cryptographic protocols and ac-
[18] A. Mohaisen, D. Nyang, and K. Lee, “Hierarchical cess controls. Member of the Handicom laboratory, his
grid-based pairwise key pre-distribution in wireless recent research activities are focused on authentication
sensor networks,” International Journal of Network protocols and architectures, security and privacy in smart
Security, vol. 8, no. 3, pp. 282-292, 2009. environments.

You might also like