Abstract
Secure Content Addressable Network (SCAN) is an architecture for service discovery in service centric sensor networks that enables dynamic service composition. This paper proposes two new security mechanisms for SCAN: Single Path Key Exchange (SPX) and Multi Path Key Exchange (MPX). Both security mechanisms allow two arbitrary nodes of SCAN to exchange a symmetric key for secure communication. We also propose to use replication service information and majority vote to achieve security.
We evaluated the performance and security of Secure Content Addressable Networks with Single Path Key Exchange, Multi Path Key Exchange and replication using a worst case attack model. It has been found, that in a network with 1000 nodes and 5% malicious nodes the probability of a successful lookup operation is still 80%. The results of the simulation indicate, that the overhead and the security level of SCAN with SPX and MPX scale with an increasing number of nodes. The simulation results also show that SCAN is suitable for networks with 100 to 1000 nodes.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
H.-J. Hof, E.-O. Blass, T. Fuhrmann, and M. Zitterbart, “Design of a secure distributed service directory for wireless sensor networks,” First European Workshop on Wireless Sensor Networks, Berlin, Germany, Jan. 2004.
H.-J. Hof, E.-O. Blass, and M. Zitterbart, “Secure overlay for service centric wireless sensor networks,” First European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), Heidelberg, Germany, Aug. 2004.
H.-J. Hof and M. Zitterbart, “SCAN: A secure service directory for service-centric wireless sensor networks,” Computer Communications, July 2005.
S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker, “A scalable content-addressable network,” ACM SIGCOMM 2001, San Diego, California, USA, Aug. 2001.
J. R. Douceur, “The sybil attack,” in IPTPS’ 01: Revised Papers from the First International Workshop on Peer-to-Peer Systems. London, UK: Springer-Verlag, 2002.
F. Stajano and R. J. Anderson, “The resurrecting duckling: Security issues for adhoc wireless networks,” in Proceedings of the 7th International Workshop on Security Protocols. London, UK: Springer-Verlag, 2000, pp. 172–194.
D. Balfanz, D. K. Smetters, P. Stewart, and H. C. Wong, “Talking to strangers: Authentication in ad-hoc wireless networks,” Symposium on Network and Distributed Systems Security (NDSS’02), San Diego, California, USA, Feb. 2002.
H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes for sensor networks,” 2003 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 2003.
A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, 1979.
X. Zeng, R. Bagrodia, and M. Gerla, “Glomosim: A library for parallel simulation of large-scale wireless networks,” Workshop on Parallel and Distributed Simulation, Banff, Alberta, Canada, 1998.
E. Guttman, C. Perkins, J. Veizades, and M. Day, “Service Location Protocol, Version 2,” RFC 2608 (Proposed Standard), June 1999, updated by RFC 3224. [Online]. Available: http://www.ietf.org/rfc/rfc2608.txt
S. Czerwinski, B. Zhao, T. Hodes, A. D. Joseph, and R. H. Katz, “A secure service discovery service,” ACM/IEEE International Conference on Mobile Computing and Networks (Mobicom 1999), Seattle, Washington, USA, Aug. 1999.
F. Almenárez and C. Campo, “Spdp: A secure service discovery protocol for adhoc networks,” 9th Open European Summer School and IFIP Workshop on Next Generation Networks, Balatonfured, Hungary, Sept. 2003.
Y. Yuan and A. William, “A secure service discovery protocol for manet,” 14th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC 2003), Beijing, China, Sept. 2003.
R. Handorean and G.-C. Roman, “Secure service provision in ad hoc networks,” First International Conference on Service-Oriented Computing, Trento, Italy, Dec. 2003.
W. Diffie and M. E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644–654, 1976.
L. Eschenauer and V. D. Gligor, “A key-management scheme for distributed sensor networks,” Proceedings of the 9th ACM conference on Computer and communications security, Washington, DC, USA, 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hof, HJ., Baumgart, I., Zitterbart, M. (2007). Key Exchange for Service Discovery in Secure Content Addressable Sensor Networks. In: Braun, T., Carle, G., Stiller, B. (eds) Kommunikation in Verteilten Systemen (KiVS). Informatik aktuell. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69962-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-69962-0_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69961-3
Online ISBN: 978-3-540-69962-0
eBook Packages: Computer Science and Engineering (German Language)