This Article 
 Bibliographic References 
 Add to: 
On the Distribution and Revocation of Cryptographic Keys in Sensor Networks
July-September 2005 (vol. 2 no. 3)
pp. 233-247
Key management has two important aspects: key distribution, which describes how to disseminate secret information to the principals so that secure communications can be initiated, and key revocation, which describes how to remove secrets that may have been compromised. Key management in sensor networks face constraints of large scale, lack of a priori information about deployment topology, and limitations of sensor node hardware. While key distribution has been studied extensively in recent work [1], [2], [3], [4], [5], the problem of key and node revocation in sensor networks has received relatively little attention. Yet, revocation protocols that function correctly in the presence of active adversaries pretending to be legitimate protocol participants via compromised sensor nodes are essential. In their absence, an adversary could take control of the sensor network's operation by using compromised nodes which retain their network connectivity for extended periods of time. In this paper, we present an overview of key-distribution methods in sensor networks and their salient features to provide context for understanding key and node revocation. Then, we define basic properties that distributed sensor-node revocation protocols must satisfy and present a protocol for distributed node revocation that satisfies these properties under general assumptions and a standard attacker model.

[1] H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” Proc. IEEE Symp. Security and Privacy, May 2003.
[2] W. Du, J. Deng, Y. Han, and P. Varshney, “A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks,” Proc. 10th ACM Conf. Computer and Comm. Security (CCS 2003), pp. 42-51, Oct. 2003.
[3] L. Eschenauer and V. Gligor, “A Key-Management Scheme for Distributed Sensor Networks,” Proc. Ninth ACM Conf. Computer and Comm. Security, pp. 41-47, Nov. 2002.
[4] D. Liu and P. Ning, “Establishing Pairwise Keys in Distributed Sensor Networks,” Proc. 10th ACM Conf. Computer and Comm. Security (CCS 2003), pp. 52-61, Oct. 2003.
[5] D. Liu and P. Ning, “Location-Based Pairwise Key Establishments for Static Sensor Networks,” Proc. ACM Workshop Security in Ad Hoc and Sensor Networks (SASN '03), Oct. 2003.
[6] H. Chan, A. Perrig, and D. Song, “Key Distribution Techniques for Sensor Networks,” Wireless Sensor Networks, T. Znati et al., eds., 2004.
[7] S.P. Miller, C. Neuman, J.I. Schiller, and J.H. Saltzer, “Kerberos Authentication and Authorization System,” Project Athena Technical Plan, section E.2.1, 1987.
[8] J. Kohl and C. Neuman, “The Kerberos Network Authentication Service (V5),” RFC 1510, Sept. 1993,, .
[9] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.D. Tygar, “SPINS: Security Protocols for Sensor Networks,” Proc. Seventh Ann. Int'l Conf. Mobile Computing and Networks (MobiCom 2001), pp. 189-199, July 2001.
[10] R. Blom, “An Optimal Class of Symmetric Key Generation Systems,” Advances in Cryptology: Proc. Eurocrypt '84, pp. 335-338, 1984.
[11] C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-Secure Key Distribution for Dynamic Conferences,” Proc. Conf. Advances in Cryptology (Crypto '92), E.F. Brickell, ed., pp. 471-486, 1992.
[12] R. Merkle, “Protocols for Public Key Cryptosystems,” Proc. IEEE Symp. Research in Security and Privacy, pp. 122-134, Apr. 1980.
[13] J. Lee and D. Stinson, “Deterministic Key Predistribution Schemes for Distributed Sensor Networks,” Selected Areas in Cryptography, 2004.
[14] S. Camtepe and B. Yener, “Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks,” Proc. Ninth European Symp. Research Computer Security, 2004.
[15] H. Chan and A. Perrig, “PIKE: Peer Intermediaries for Key Establishment in Sensor Networks,” Proc. 24th Conf. IEEE Comm. Society (Infocom 2005), Mar. 2005.
[16] C.S. Laboratory, “Secure Hash Standard,” pp. 180-182, Aug. 2002.
[17] V. Gligor and P. Donescu, “Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes,” Fast Software Encryption (FSE), M. Matsui ed., Apr. 2001.
[18] C. Jutla, “Encryption Modes with Almost Free Message Integrity,” Proc. Advances in Cryptology— EUROCRYPT 2001, pp. 525-542, May 2001.
[19] P. Rogaway, M. Bellare, J. Black, and T. Krovetz, “OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption,” Proc. Eighth ACM Conf. Computer and Comm. Security, Nov. 2001.
[20] J. Newsome, E. Shi, D. Song, and A. Perrig, “The Sybil Attack in Sensor Networks: Analysis and Defenses,” Proc. Third Int'l Workshop Information Processing in Sensor Networks (IPSN), 2004.
[21] B. Parno, A. Perrig, and V. Gligor, “Distributed Detection of Node Replication Attacks in Sensor Networks,” Proc. IEEE Symp. Security and Privacy, 2005.

Index Terms:
Index Terms- Sensor networks, security, revocation, key distribution, key management, distributed algorithms.
Haowen Chan, Virgil D. Gligor, Adrian Perrig, Gautam Muralidharan, "On the Distribution and Revocation of Cryptographic Keys in Sensor Networks," IEEE Transactions on Dependable and Secure Computing, vol. 2, no. 3, pp. 233-247, July-Sept. 2005, doi:10.1109/TDSC.2005.37
Usage of this product signifies your acceptance of the Terms of Use.