IHKEM：一种后量子就绪的无线传感器网络分层密钥建立与管理方案

IF 2.6 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Microprocessors and Microsystems Pub Date : 2025-09-25 DOI:10.1016/j.micpro.2025.105205

Khushboo Jain , Akansha Singh

{"title":"IHKEM：一种后量子就绪的无线传感器网络分层密钥建立与管理方案","authors":"Khushboo Jain , Akansha Singh","doi":"10.1016/j.micpro.2025.105205","DOIUrl":null,"url":null,"abstract":"<div><div>Wireless Sensor Networks (WSNs) are increasingly embedded in mission-critical infrastructures, yet their constrained resources make conventional cryptographic solutions unsuitable. Existing hierarchical key management schemes, such as the RB method, provide partial protection but remain vulnerable to impersonation, replay, and node capture attacks. To address these challenges, we propose IHKEM (Improved Hierarchical Key Establishment and Management), a lightweight yet robust protocol that integrates symmetric and asymmetric primitives for mutual authentication, dynamic session key establishment, and end-to-end confidentiality. Unlike static key distribution methods, IHKEM eliminates unilateral key control, employs nonce- and timestamp-based validation for replay resistance, and supports adaptive key refreshing to preserve forward and backward secrecy. Extensive NS-2.35 simulations demonstrate that IHKEM significantly reduces energy consumption (∼15–20% over RB), improves flexibility against node compromise (>80% uncompromised links under 15% capture), extends network lifetime (delayed FND/HND thresholds), lowers memory footprint (∼20–25% reduction), while incurring only ∼3% higher overhead compared to lightweight schemes such as SEE2PK. Beyond its immediate gains, IHKEM’s modular architecture ensures post-quantum readiness, enabling seamless integration of lattice-based key encapsulation and signature schemes. This work bridges the gap between efficiency, resilience, and long-term cryptographic sustainability in WSNs.</div></div>","PeriodicalId":49815,"journal":{"name":"Microprocessors and Microsystems","volume":"118 ","pages":"Article 105205"},"PeriodicalIF":2.6000,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IHKEM: A post-quantum ready hierarchical key establishment and management scheme for wireless sensor networks\",\"authors\":\"Khushboo Jain , Akansha Singh\",\"doi\":\"10.1016/j.micpro.2025.105205\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Wireless Sensor Networks (WSNs) are increasingly embedded in mission-critical infrastructures, yet their constrained resources make conventional cryptographic solutions unsuitable. Existing hierarchical key management schemes, such as the RB method, provide partial protection but remain vulnerable to impersonation, replay, and node capture attacks. To address these challenges, we propose IHKEM (Improved Hierarchical Key Establishment and Management), a lightweight yet robust protocol that integrates symmetric and asymmetric primitives for mutual authentication, dynamic session key establishment, and end-to-end confidentiality. Unlike static key distribution methods, IHKEM eliminates unilateral key control, employs nonce- and timestamp-based validation for replay resistance, and supports adaptive key refreshing to preserve forward and backward secrecy. Extensive NS-2.35 simulations demonstrate that IHKEM significantly reduces energy consumption (∼15–20% over RB), improves flexibility against node compromise (>80% uncompromised links under 15% capture), extends network lifetime (delayed FND/HND thresholds), lowers memory footprint (∼20–25% reduction), while incurring only ∼3% higher overhead compared to lightweight schemes such as SEE2PK. Beyond its immediate gains, IHKEM’s modular architecture ensures post-quantum readiness, enabling seamless integration of lattice-based key encapsulation and signature schemes. This work bridges the gap between efficiency, resilience, and long-term cryptographic sustainability in WSNs.</div></div>\",\"PeriodicalId\":49815,\"journal\":{\"name\":\"Microprocessors and Microsystems\",\"volume\":\"118 \",\"pages\":\"Article 105205\"},\"PeriodicalIF\":2.6000,\"publicationDate\":\"2025-09-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Microprocessors and Microsystems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0141933125000729\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Microprocessors and Microsystems","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0141933125000729","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

无线传感器网络（wsn）越来越多地嵌入到关键任务基础设施中，但其有限的资源使得传统的加密解决方案不适合。现有的分层密钥管理方案（如RB方法）提供了部分保护，但仍然容易受到模拟、重放和节点捕获攻击。为了解决这些挑战，我们提出了IHKEM（改进的分层密钥建立和管理），这是一种轻量级但健壮的协议，它集成了对称和非对称原语，用于相互认证，动态会话密钥建立和端到端机密性。与静态密钥分发方法不同，IHKEM消除了单边密钥控制，采用基于nonce和时间戳的验证来抵抗重放，并支持自适应密钥刷新以保持向前和向后的保密性。广泛的NS-2.35模拟表明，IHKEM显著降低了能耗（比RB降低了15-20%），提高了针对节点妥协的灵活性（>；80%未妥协的链路在15%捕获下），延长了网络寿命（延迟FND/HND阈值），降低了内存占用（降低了20-25%），而与轻量级方案（如SEE2PK）相比，开销仅增加了约3%。除了它的直接收益，IHKEM的模块化架构确保了后量子准备，实现基于晶格的密钥封装和签名方案的无缝集成。这项工作弥合了无线传感器网络中效率、弹性和长期加密可持续性之间的差距。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

IHKEM: A post-quantum ready hierarchical key establishment and management scheme for wireless sensor networks

Wireless Sensor Networks (WSNs) are increasingly embedded in mission-critical infrastructures, yet their constrained resources make conventional cryptographic solutions unsuitable. Existing hierarchical key management schemes, such as the RB method, provide partial protection but remain vulnerable to impersonation, replay, and node capture attacks. To address these challenges, we propose IHKEM (Improved Hierarchical Key Establishment and Management), a lightweight yet robust protocol that integrates symmetric and asymmetric primitives for mutual authentication, dynamic session key establishment, and end-to-end confidentiality. Unlike static key distribution methods, IHKEM eliminates unilateral key control, employs nonce- and timestamp-based validation for replay resistance, and supports adaptive key refreshing to preserve forward and backward secrecy. Extensive NS-2.35 simulations demonstrate that IHKEM significantly reduces energy consumption (∼15–20% over RB), improves flexibility against node compromise (>80% uncompromised links under 15% capture), extends network lifetime (delayed FND/HND thresholds), lowers memory footprint (∼20–25% reduction), while incurring only ∼3% higher overhead compared to lightweight schemes such as SEE2PK. Beyond its immediate gains, IHKEM’s modular architecture ensures post-quantum readiness, enabling seamless integration of lattice-based key encapsulation and signature schemes. This work bridges the gap between efficiency, resilience, and long-term cryptographic sustainability in WSNs.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Microprocessors and Microsystems 工程技术-工程：电子与电气

CiteScore

6.90

自引率

3.80%

发文量

204

审稿时长

172 days

期刊介绍： Microprocessors and Microsystems: Embedded Hardware Design (MICPRO) is a journal covering all design and architectural aspects related to embedded systems hardware. This includes different embedded system hardware platforms ranging from custom hardware via reconfigurable systems and application specific processors to general purpose embedded processors. Special emphasis is put on novel complex embedded architectures, such as systems on chip (SoC), systems on a programmable/reconfigurable chip (SoPC) and multi-processor systems on a chip (MPSoC), as well as, their memory and communication methods and structures, such as network-on-chip (NoC). Design automation of such systems including methodologies, techniques, flows and tools for their design, as well as, novel designs of hardware components fall within the scope of this journal. Novel cyber-physical applications that use embedded systems are also central in this journal. While software is not in the main focus of this journal, methods of hardware/software co-design, as well as, application restructuring and mapping to embedded hardware platforms, that consider interplay between software and hardware components with emphasis on hardware, are also in the journal scope.