{"title":"分布式传感器网络密钥预分配方案的合谋攻击","authors":"T. Moore","doi":"10.1109/PERCOMW.2006.3","DOIUrl":null,"url":null,"abstract":"Key predistribution schemes are a favoured solution for establishing secure communication in sensor networks. Often viewed as the safest way to bootstrap trust, the main drawback is seen to be the large storage overhead imposed on resource-constrained devices. In this paper, we argue that predistribution schemes can actually be quite insecure: pre-loading global secrets onto exposed devices strengthens the incentive for attackers to compromise nodes. Furthermore, lack of coordination between nodes arising from localised communication helps attackers hide misbehaviour. We consider one scheme in particular - Chan et al.'s random pairwise key predistribution (2003) - and demonstrate an attack where colluding nodes reuse selected pairwise keys to create many false identities. We find that a small, colluding minority can hijack a majority of node communication channels. Finally, we consider countermeasures, from improved detection to scrapping predistribution altogether","PeriodicalId":250624,"journal":{"name":"Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":"{\"title\":\"A collusion attack on pairwise key predistribution schemes for distributed sensor networks\",\"authors\":\"T. Moore\",\"doi\":\"10.1109/PERCOMW.2006.3\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Key predistribution schemes are a favoured solution for establishing secure communication in sensor networks. Often viewed as the safest way to bootstrap trust, the main drawback is seen to be the large storage overhead imposed on resource-constrained devices. In this paper, we argue that predistribution schemes can actually be quite insecure: pre-loading global secrets onto exposed devices strengthens the incentive for attackers to compromise nodes. Furthermore, lack of coordination between nodes arising from localised communication helps attackers hide misbehaviour. We consider one scheme in particular - Chan et al.'s random pairwise key predistribution (2003) - and demonstrate an attack where colluding nodes reuse selected pairwise keys to create many false identities. We find that a small, colluding minority can hijack a majority of node communication channels. Finally, we consider countermeasures, from improved detection to scrapping predistribution altogether\",\"PeriodicalId\":250624,\"journal\":{\"name\":\"Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06)\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-03-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"39\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PERCOMW.2006.3\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PERCOMW.2006.3","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A collusion attack on pairwise key predistribution schemes for distributed sensor networks
Key predistribution schemes are a favoured solution for establishing secure communication in sensor networks. Often viewed as the safest way to bootstrap trust, the main drawback is seen to be the large storage overhead imposed on resource-constrained devices. In this paper, we argue that predistribution schemes can actually be quite insecure: pre-loading global secrets onto exposed devices strengthens the incentive for attackers to compromise nodes. Furthermore, lack of coordination between nodes arising from localised communication helps attackers hide misbehaviour. We consider one scheme in particular - Chan et al.'s random pairwise key predistribution (2003) - and demonstrate an attack where colluding nodes reuse selected pairwise keys to create many false identities. We find that a small, colluding minority can hijack a majority of node communication channels. Finally, we consider countermeasures, from improved detection to scrapping predistribution altogether
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
