Broadcast Authentication

2.4 Summary

In this chapter, we first developed a multi-level key chain scheme to efficiently distribute the key chain commitments for the broadcast authentication scheme named μTESLA. By using pre-determination and broadcast, our approach removed μTESLA’s requirement of a unicast-based distribution of initial key chain commitments, which introduces high communication overhead in large distributed sensor networks. We also proposed several techniques, including periodic broadcast of commitment distribution messages and random selection strategies, to improve the survivability of our scheme and defeat some DOS attacks. The resulting protocol, named multi-level μTESLA, satisfies several nice properties, including low overhead, tolerance of message loss, scalability to large networks, and resistance to replay attacks as well as DOS attacks.

We then identified a number of new challenges in broadcast authentication for wireless sensor networks. Several practical tree-based broadcast authentication techniques were developed to support multiple senders, distribute parameters for μTESLA instances, and revoke the broadcast authentication capabilities of compromised senders in wireless sensor networks. Our analysis and experiment show that the tree-based techniques are efficient and practical and have better performance than previous approaches.

Note that all the proposed schemes require loosely time synchronization, which may not be true in some applications. There are many mechanisms to disrupt the time synchronization method. Thus, it is particularly desirable to have alternative ways of authenticating broadcast messages without the assumption of time synchronization.