International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
Mobility Based Key Management Scheme of Wireless Sensor Network
1
T.Lalitha, 2G.M.Kadhar Nawaz, 3T.Dharaniselvan
Sr. Asst. Prof/MCA, Director/MCA, MCA
Sona College of Technology,Salem-5.
Email: [email protected], [email protected], [email protected]
Abstract— In this paper, a mobility management technique
for keying scheme of wireless sensor networks is presented.
The technique selects nodes with high energy resources,
wide communication range and high processing capacity as
cluster heads. Cluster keys for cluster heads and pair wise
keys for nodes are generated by the sink through Exclusion
Basis Systems (EBS). Whenever a node moves from
currently connected cluster to another in the network, the
mobility based key management scheme is triggered. The
sink verifies the authenticity of roaming node and allocates
it to a nearby cluster. New pair wise keys are generated and
transmitted to the roaming node through newly connected
cluster head. Further, a key organization technique is
presented to ensure the forward and backward secrecy of
nodes. The proposed technique is simulated in NS2 and
simulation results show the efficiency of our technique.
Index Terms—Mobility,Key
Encryption
Management,
head selection algorithm, each node decides if it is
capable of serving as a cluster head based on the
following selection criteria: (i) High Energy Resources,
(ii) Wide Communication Range and (iii) High
Processing Capacity. For the authentication process, the
encryption mechanism is carried on.
When the selection criteria are satisfied by a particular
node, it is capable of being the cluster head. So, this node,
Ni broadcasts a Cluster head beacon (CH_BEACON)
packet. We assume that each node is deployed with a key
called the primary key (Kpri) by the sink. This key is used
as a global key for communicating data with other nodes
and the sink initially. Thus, the CH_BEACON packet is
encrypted with the primary key, Kpri.
Cluster,
I. INTRODUCTION
A network comprising of several minute wireless sensor
nodes which are organized in a dense manner is called as
a Wireless Sensor Network (WSN). Every node estimates
the state of its surroundings in this network. The
estimated results are then converted into the signal form
in order to determine the features related to this technique
after the processing of the signals.
Based on the multi hop technique[3], the entire data that
is accumulated is directed towards the special nodes
which are considered as the sink nodes or the Base
Station (BS). The user at the destination receives the data
through the internet or the satellite via gateway. The use
of the gateway is not very necessary as it is reliant on the
distance between the user at the destination and the
network [1].
II. MOBILITY MANAGEMENT FOR
KEYING SCHEME
A. Cluster Formation
In wireless sensor network, after the nodes are deployed
in the physical environment, they first report to the base
station their physical locations, and then the network
starts to select cluster heads. According to the cluster
When the neighboring nodes Si receive this message, a
cluster head reply (CH_REPLY) message is sent to the
node, Ni by the nodes which intend to join the cluster.
The reply message contains the ID and the response
content Ack.
If the number of reply messages received by Ni is greater
than a threshold Rth, then Ni can be selected as the cluster
head, CH. Finally, the cluster head assigns IDs to all its
member nodes that intend to join the cluster.
After the clusters are formed in the network, the CH
sends the information of its members like <cluster id,
member id> to the sink. The sink allots a cluster key, KCH
to every cluster in the network. The diagram in figure-1
illustrates the cluster formation. In that, X1, X2 and X3
represent the cluster member information that is
transmitted to the sink by cluster heads. After getting the
cluster key from the sink, each CH receives the pair wise
key set which is based on Exclusion Basis System (EBS)
[2]. The EBS key set includes the pair wise keys namely
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -4, 2014
28
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
Pij for communication between the CH and its member,
and also the pair wise keys, PHii’ for communication
between the CHs encrypted by the cluster key. The intra
and inter cluster communication are described at length in
our previous paper [1].
(ii) On receiving C-REQ message, the sink checks
cluster information of MSi to ensure its legitimacy. If MSi
is proved to be the valid sensor then the sink verifies the
MAC using Kpri. On successful verification of MAC, the
sink generates the pair wise keys (Pij and PHii) using
Exclusion Basis System (EBS). Pij and PHii keys are used
for inter and intra cluster communication respectively.
(iii) The sink generates a random number Rn+1 and
constructs a support message to the cluster nearby MSi.
This support message comprises of MS_ID, pairwise
keys, cluster ID and random number (Rn and Rn+1)
generated by MSi and the sink respectively. The content
of support message is encrypted using cluster key (KCHi).
The support message is transmitted to the nearby cluster
head (CHi+1).
The Sink    The Cluster Head
SupportMessage
Support Message:
SinkID, MS ID, CH , E
i
B. Mobility Based Key Management
We consider a sensor network with a large number of
sensor nodes that are randomly moves within the
network. Hospital environment and nuclear power plants
are some examples for this kind of distributed sensor
network. When a sensor node moves from the
transmission range of one cluster to another, then it
invokes the mobility management scheme. This scheme
function as follows,
(i) Let MSi be the sensor node that moves from cluster Ci
of the network. It first forwards the C-REQ (cluster
request) message to the sink. (Figure-2) The C-REQ
message includes the ID of MSi, sink ID, old cluster head
id (O-CH-ID) and the random number (Rn) produced by
MSi. This can be denoted as,
C REQ
MSi   The sink
C-REQ:
MS , SinkID, O  CH  ID || R
i
n
|| MAC K pri , MS i || SinkID || Rn 

The Message Authentication Code (MAC) is generated to
the content of C-REQ message using the key Kpri. Here,
Kpri is the global key .
K CHi 1
P
ij ,

PH ii , Rn , Rn1 
(iv) Apart from transmitting support message to the new
cluster head, an intimation message is transmitted to the
old cluster head of MSi. The intimation message informs
the cluster head about the removal of node MSi to another
cluster head.
(v) While receiving the support message, the CHi+1
decrypts it using its cluster key and retrieves the pairwise
keys. And then it forwards an approval message to MSi. It
includes random keys generated by MSi and the sink,
pairwise keys, node ID and cluster head ID.
 MSi
Cluster Head  
Approval
Approval:
, MS ID, CH , R , R
i
n
n 1
, MAC Pij , PH ii 
(vi) Now, MSi verifies the random number Rn with its
original random number and verifies the MAC using Kpri
and retrieves the pair wise keys. Finally, the MSi joins
with the new cluster by transmitting back ACK message
to the new cluster head.
(vii)
The overall procedure of mobility based key management
scheme is given below in algorithm-1.
Algorithm-1
1. Assume MSi be the roaming sensor node
2. Let C-REQi be the cluster request message forwarded
by MSi
3. MSi forwards C-REQi to the sink
4. The sink checks the authenticity of MSi through
checking its old cluster information
5. If (Authentication is successful) then
5.1 MAC value is verified
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -4, 2014
29
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
5.1.1 If (MAC value of MSi is successful) then
(a) The sink generates Pij and PHii using EBS
(b) The generated keys are transmitted to the cluster head
nearer to MSi
Both the sink and cluster heads maintain the table called
key table (K-Table). The format of K-table of the sink
and cluster heads are given below in table-1 and table-2
respectively
(c) The cluster head sends approval message to
Clus
ter
Nam
e
MSi
(d)MSi joins in the new cluster by forwarding
back acknowledgement message
Clus
ter
Hea
d ID
Clus
ter
key
Key
Lifeti
me
Clust
er
Mem
ber
ID
Pairw
ise
Keys
Keys
Lifeti
me
5.1.2 Else if (MAC value is failed) then
Table-1 K-Table of the Sink
(a) Goto Step- 6
6. Else if (Authentication is unsuccessful) then
Cluster Member
ID
(a) C-REQ message is dropped
(b) The corresponding
compromised node
node
is
considered
as
7. End if
Pairwise Keys
Keys Lifetime
Table-2 K-Table of Cluster Head
Whenever keys are updated by the sink they are modified
in K-Table of sink and K-Table of cluster head. Upon the
expiration of key lifetime, new key is generated and
updated. When a cluster member moves from the
connected cluster to another, the corresponding entry is
completely deleted from K-table of sink and cluster head.
Thus, consider when a cluster member (say node 3)
moves from cluster head (CH1) and joins another cluster
head (CH2). After a time interval tn, assume that node 3
wishes to join again in CH1, at this instant, node 3 cannot
be included in CH1 using its old pairwise keys.
It is considered as a new connection rather than rejoining
operation. By doing this, the proposed key organization
technique offers forward and backward secrecy in the
network, where it is impossible for the malicious nodes to
perform their action.
Consider the mobility based key management illustration
given in Figure-3. In that, consider node CM8 of Cluster
C2 roams away from the transmission range of CH2. At
first, CM8 transmits a C-REQ message to the sink. By
receiving C-REQ, the sink checks the authenticity of that
node and generates a pair wise keys for inter and intra
cluster communications. The generated keys are included
in the support message and forwarded to the nearby
cluster of CM8. In figure-3, the nearby cluster is C3 (i.e)
CH3. Now, CH3 transmits an approval message to CM8
and an ACK message is forwarded back to CH3 by CM8.
Finally, CM8 joins C3 and it became a member of CH3.
III. KEY ORGANIZATION
To organize keys effectively and make available
freshness of keys, this paper presents a key organization
technique. The proposed technique defines the life time
for every key such as cluster key and pairwise keys. Upon
the expiration of lifetime of keys, it invoke rekeying
scheme by sending key request to the sink. While
receiving the request, the sink generates the new key
through EBS and forwards it to the cluster head by
encrypting using old secret key.
Upsides of Proposed Technique
(i) The technique effectively handles the challenge of
mobility of nodes in key management system of cluster
based wireless sensor networks.
(ii) Since, cluster keys are transformed periodically; the
technique offers more security.
(iii) In addition, forward and backward secrecy is
assured.
(iv) The new addition of lifetime of keys introduces
dynamic changes in keys and freshness of keys. Thereby,
it guarantees that malicious user is precluded in the
network.
IV. NETWORK SECURITY IN SENSOR
NETWORKS
In wireless channels, the communication is not
completely secure and is subjected to security hazard. In
the wireless channels, the possible security threat can be
divided into two threats: inside threat and outside threat.
In case of outside threat in the sensor network, the
attacker does not possess control over the cryptographic
_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -4, 2014
30
International Journal on Advanced Computer Theory and Engineering (IJACTE)
_______________________________________________________________________________________________
materials. Whereas in case of the inside threat, the
attacker will be possess some key materials and trust of
some sensor nodes.
Compromising the sensor nodes is an easy task due to the
absence of the expensive tampering resistant hardware.
Even if it possesses the tampering resistant hardware, it
may be very reliant. Modification, forging and discarding
the messages is possible in case of a compromised node
[2].In vulnerable locations, maintaining the security of
the sensor nodes is a major task. In WSN, the encoding
and the authentication of the communication carried out
is necessary, to ensure security. Key Management in
Wireless Sensor Networks.
Use of the pair wise keys between sensor nodes is the
necessary requirement of the WSN for ensuring security.
The trusted-server scheme, the self-enforcing scheme,
and the key pre distribution scheme are the three classes
of the key agreement schemes. A trusted server is
assumed to exist in the case of trusted-server scheme for
the establishment of keys between the nodes. But in case
of distributed sensor networks, trusted server scheme is
not appropriate due to the difficulty in developing a
trusted network. Asymmetric cryptography, like that of
public key certificate is utilized in the self enforcing
scheme. But for sensor networks, use of the public key
algorithm is inappropriate due to the restricted amount of
power and resources for computation in the minute sensor
node. In the key pre-distribution schemes, loading of the
keying materials takes place at a prior basis in the sensor
nodes [3].
The technique selects nodes with high energy resources,
wide communication range and high processing capacity
as cluster heads. Cluster keys for cluster heads and
pairwise keys for nodes are generated by the sink through
Exclusion Basis Systems (EBS). Whenever a node moves
from currently connected cluster to another in the
network, the mobility based key management scheme is
triggered. The sink verifies the authenticity of roaming
node and allocates it to a nearby cluster. New pairwise
keys are generated and transmitted to the roaming node
through newly connected cluster head. Further, a key
organization technique is presented to ensure the forward
and backward secrecy of nodes. The proposed technique
is simulated in NS2 and simulation results show the
efficiency of our technique.
REFERENCES
[1]
Lalitha,.T “Energy Efficient Cluster based Key
Management &
Authentication Technique for
Wireless Sensor Networks”,
[2]
M. Eltoweissy, M.H. Heydari, L. Morales and H.
Sudboorough,“Combinatorial Optimization of
Group Key Management”, ACM, Journal of
Network and Systems Management, Vol-12,
Issue-1, pp-33-50, 2004
[3]
G. Jolly, M. Kuscu, P. Kokate, and M. Younus, “A
International Journal Of Intelligent Control And
Systems,
VOL.
13,
NO.
2,
JUNE
2008Low-Energy Key Management Protocol for
Wireless Sensor Networks,” in: Proceedings of
the 8th IEEE Symposium on Computer and
Communications (ISCC), Antalya, 335-340,
2003.
V. CONCLUSION
In this paper, a mobility management technique for
keying scheme of wireless sensor networks is presented.

_______________________________________________________________________________________________
ISSN (Print): 2319-2526, Volume -3, Issue -4, 2014
31