Energy Effcent Sesson ey Estlshment n Wreless Sensor Networks Y Cheng nd Dhrm P. Agrwl OBR Center for Dstruted nd Mole Computng, Deprtment of ECECS Unversty of Cncnnt, Cncnnt, OH 45 {chengyg, dp}@ececs.uc.edu Astrct ey dstruton nd mngement s the foundton of ny secure servces of wreless sensor networks. Due to the resource constrnts, estlshng cryptogrphc keys etween communctng sensors n lrge-scle wreless sensor networks s g chllenge. Trdtonl symmetrc key cryptogrphy s not sutle for wreless sensor envronment ecuse of ts complexty. Bsed on the polynoml-key pre-dstruton scheme, n mproved sesson key estlshment method s proposed n ths pper. Compred wth exstng key dstruton schemes, our proposed scheme hs lower energy consumpton, less key storge nd lower communcton overheds s well s etter network reslence gnst node cpture ttcks. eywords: Communcton securty; Wreless sensor networks; ey estlshment.. Introducton Wth the recent technology mprovements n tny sensor devces, wreless sensor networks (WSNs) re expected to e pplcle n vrous pplctons n the ner future. A wreless sensor network s usully composed of lrge numer of smll, low-cost wreless devces clled sensor nodes. Ech sensor hs lmted dt processng cpcty, memory storge nd short rdo trnsmsson rnge. Dependng on the pplctons, sensor nodes cn e equpped wth vrety of sensors to mesure dfferent physcl chrcterstcs such s sound, temperture, pressure, etc. [][5][6]. Wreless sensors cn e orgnzed n clusters to trckng prtculr oect or montorng n re [][8]. In most cses, WSNs re deployed n hostle envronment nd workng on unttended mode, therefore, the crtcl dt redngs should e protected properly [4][][3][6][7]. As we known, n wreless envronment n dversry not only cn evesdrop the communcton trffc n network, ut lso cn mpersonte good nodes to spred msledng nformton ntentonlly. Furthermore, n mny pplctons such s ttlefeld survellnce, wreless sensors my e physclly destroyed or cptured y the dversry. To ensure sensor network work properly n such stutons, securty mechnsms must e dopted to cheve the nformton securty requrements. In trdtonl wred networks or nfrstructure-support wreless networks, nformton securty s provded y encryptng the communcton dt nd mutul uthentcton etween communctng prtes. Pulc-key cryptosystems nd trusted thrd-prty uthentcton protocols re used frequently to cheve the network securty requrements. Snce sensor nodes only hve lmted power, memory storge nd dt processng cpcty, pulc-key sed securty protocols re not sutle for lrge-scle sensor networks ecuse of ther complcted hrdwre requrement nd hgh energy consumpton. Lck of nfrstructure support s nother lmtton of WSNs, due to the unpredctle network topology, trusted nfrstructure sed protocols lso cn not e used for WSNs drectly. To cheve oth securty nd effcency, mny key dstruton nd mngement mechnsms hve een nvestgted [3][4][7][8][3][5][7][9][]. In whch, key pre-dstruton protocols re consdered to e prctcl mechnsm to solve the key dstruton nd mngement prolems n wreless sensor envronments [3]. The sc de of key pre-dstruton scheme s qute smple, ust pre-lodng set of symmetrc keys nto sensor nodes efore they re deployed. After deployment, ech sensor exchnges ts stored key nformton wth ts neghors. If two neghorng nodes hve common key, they cn use t to encrypt the communcton etween them. Bsed on the dstruted network rchtecture, severl key pre-dstruton schemes hve een proposed n lterture [3][4][3][9][], tred to cheve securty nd scllty for the lrge-scle WSNs. We rgue tht for lrge-scle pure dstruted network, t s extremely hrd for key pre-dstruton scheme to cheve oth securty nd scllty requrements when the sensor nodes re resource-constrned. [5][6] showed tht the herrchcl network rchtecture hs etter performnce nd scllty thn flt structure for lrge-scle WSNs, snce most dt re destned to the snk node (se stton), nd whch cn e reched n few hops n the herrchcl pproch. Reserch shows tht when usng the sme numer of sensors n gven coverge re, the
herrchcl topology cn sgnfcntly ncrese the network throughput nd decrese the system dely [5][6]. To cheve securty nd network performnce smultneously, we proposed new sesson key estlshment mechnsm for lrge-scle WSNs n ths pper. Bsed on the herrchcl network rchtecture, n mproved polynoml-key dstruton nd mngement mechnsm s nvestgted to estlsh energy effcent sesson keys etween communctng prtes. Compred wth exstng schemes, our pproch hs etter network performnce, s well s the securty. The rest of ths pper s orgnzed s follows. Secton ntroduces some relted work. We present our proposed scheme n detl n Secton 3. Secton 4 gves the securty nlyss nd the performnce evluton of our scheme. Fnlly, we conclude our work n Secton 5.. Relted Work Due to the resource constrnts, the extremely lrge network sze nd the lck of the nfrstructure support, trdtonl pulc-key sed symmetrcl key dstruton protocols nd trusted nfrstructure uthentcton securty mechnsms re not sutle for WSNs. Pre-dstrutng secret keys nto sensor nodes efore they re deployed s pplcle soluton for key mngement n wreless sensor envronment [3]. Severl key pre-dstruton schemes hve een proposed n the lterture [3][4][3][9][]. Eschenuer et l. [3] proposed rndom key predstruton scheme n. In ther scheme, suset of keys from lrge sze key pool s rndomly selected nd pre-loded nto sensors. If two nodes cn fnd common key, they cn setup secure lnk y t. Otherwse, they need to estlsh pth-key etween them. Accordng to the rndom grph theory, f the prolty tht ny two nodes hve t lest one common key stsfes crtcl vlue, the network s connected wth hgh prolty. Bsed on [3], Chn et l. proposed q -composte scheme to mprove the network reslence gnst node cpture ttcks [4]. Network reslence here s defned s how mny secure lnks etween non-cptured nodes could e roken when numer of sensors re compromsed. [4] requres two sensors shre t lest q ( q ) common keys to estlsh secure lnk. Chn et l. showed tht when the numer of the compromsed nodes s less thn crtcl vlue, the network reslence cn e mproved. Both [3] nd [4] cn not gurntee the full network connectvty. To cheve hgh network connectvty, n ddtonl pth-key estlshment procedure s requred, whch not only degrdes the securty, ut lso produces ddtonl communcton overheds. In [3][4] prtculr key my e reused for dfferent prs of nodes, some node s cpture could compromse the communcton etween non-cptured nodes, whch s the node cpture ttck prolem n WSNs. Cheng et l. proposed n effcent prwse key estlshment nd mngement scheme (EPEM) n [8]. In ths scheme, two-dmensonl key mtrx s constructed to pre-dstrute symmetrc keys nto sensors. Ech sensor stores row nd column from the key mtrx. EPEM gurntees every two nodes shre t lest two common keys fter the deployment. Comned wth the denttes of the communctng prtes, EPEM cn estlsh dstnct prwse key for ech pr of sensors. Although Cheng et l. s scheme cn provde etter network reslence thn prevous schemes; t stll hs some lmttons when used for lrge-scle WSNs. The communcton overhed s stll hgh, sensors need to store too mny keys n the network ntlzton phse. All ove work re sed on the pure dstruted network rchtecture. [5][6] show tht the herrchcl network rchtecture hs the etter network performnce thn the flt network, more nvestgtons hve een focused on ths network rchtecture recently. Jolly et l. proposed low-energy key mngement protocol for herrchcl WSNs n [9]. In ths work, some gtewy nodes prtton sensor network nto severl dstnct clusters. Ech cluster hs cluster hed nd set of sensors, senor node only communctes wth ts cluster hed. Ech cluster hed s pre-loded set of symmetrc keys n ts memory, nd ech of these symmetrc keys s lso pre-loded nto prtculr sensor node. After deployment, ech sensor needs to exchnge ts key nformton wth ts cluster hed. If they shre common key drectly, they cn use t s ther prwse key. Otherwse, the cluster hed needs to requre the ntended keys from other cluster heds. Although [9] provdes etter network performnce thn prevous key pre-dstruton schemes, t s not secure for node cpture ttck. Ech cluster hed hs lots of keys stored. Any cluster hed s cpture could compromse lot of keys n network. [9] uses group key to encrypt the communcton mong cluster heds, whch s extremely dngerous for wreless sensor envronment. Once the group key s compromsed, the dversry cn trck ll the communctons mong the cluster heds. In ths cse, the whole network would e roken. To ddress the ove prolems n [9], we proposed n energy effcent sesson key estlshment mechnsm (EES) for lrge-scle herrchcl WSNs. Bsed on the sme network model n [9] nd the polynoml-key estlshment procedure, our scheme cn mprove the network securty gnst the node cpture ttck. 3. Energy Effcent Sesson ey Estlshment (EES) 3.. Network Model In ths pper, we use the sme network model n [][]. Illustrted y Fg., there re three knds of wreless devces re exsted n our model: snk node/se stton (), cluster hed nodes (), nd wreless sensor nodes (S). Sensor nodes (S): Sensor nodes re resource constrnts, ech sensor only hs lmted power, memory
storge nd short rdo trnsmsson rnge. Sensor nodes only communcte wth ther cluster hed drectly; no communcton etween sensor nodes exsts. Sensor nodes re sttc fter the deployment. Cluster hed nodes (): Compred wth sensor nodes, cluster heds hve consderly hgh energy resources. They re equpped wth hgh power CPUs, lrge memory storges nd rdo trnsmsson rnge. Cluster heds cn communcte wth ech other drectly, nd rely nformton etween sensor nodes nd snk node. Snk node/bse stton (): Snk node s the most powerful node n network. It hs vrtully unlmted computtonl nd communcton power, unlmted memory storge, nd very lrge rdo trnsmsson rnge to rech ll the sensors n the network. In our network model, lrge numer of sensors re rndomly dstruted n n re. Snk node s deployed n well-protected plce. As shown n Fg., s prtton the sensors nto dstnct clusters y some clusterng lgorthm, e.g., []. Ech cluster hs cluster hed nd set of sensors; cluster hed ggregtes the dt from sensors, performs msson-relted dt processng, nd sends the processed dt to the snk node. Snk Node Cluster Heds Sensor Nodes Fg.. A herrchcl wreless sensor network rchtecture 3.. Bckground of Polynoml ey Predstruton Scheme To mprove the network securty gnst the node cpture ttck, vrte polynoml-key pre-dstruton mechnsm [3] s dopted n our scheme. Consder vrte polynoml of degree t, defned s t = x y (), = ) where the coeffcents (, t re rndomly chosen from fnte feld GF (q). The vrte polynoml hs symmetrc property such tht = f ( y, x) () In the ntlzton phse, n offlne ey Dstruton Server (DS) frst ntlzes set of sensors y gvng ech node p the polynoml g p ( = f ( p,, whch s the polynoml otned y evlutng t x = p. After deployment, node p knows tht g = t = ( p) ( t) (3) where p s d of the node, g s coeffcent of y n the polynoml f ( p,. In order to estlsh sesson key etween nodes p nd q, p evlutes f ( p, t y = q, nd q evlutes f ( q, t y = p. Snce f ( p, q) = f ( q, p), nodes p nd q cn otn the sme vlue from the two dstnct evlutons. Ths vlue s only known y p nd q, nd cn e worked s ther prwse communcton key. 3.3 Our Proposed Approch Our proposed key dstruton scheme s symmetrckey mechnsm, whch ncludes two phses: key predstruton phse nd network ntlzton phse. The nottons used n ths pper re lsted n Tle. Tle : Nottons used n our scheme Notton Descrpton Snk node (Bse stton) Cluster hed node S Sensor node Set of cluster heds n the network S Set of sensor nodes n the network A-B Symmetrc key etween A nd B (A, B cn e snk, cluster hed or sensor node) E (dt) Encrypted messge y key t-degree vrte symmetrc f ( x, polynoml (used for key clculton etween cluster heds) t-degree vrte symmetrc polynoml (used for key clculton ( m) etween cluster hed nd sensors) A) ey Pre-dstruton Phse Due to the resource constrnts of wreless sensors, the est key dstruton method s pre-lodng symmetrc keys nto sensor nodes efore they re deployed [3][4][3][9][]. There re three knds of wreless nodes n our network model, ech knd of nodes hve dfferent keys stored nsde, we descre them seprtely n follows. For convenence, we ssume there re n sensor nodes nd m cluster heds n the network, nd ech cluster hs ( n / m ) memers n ts cluster. Snk node: In our model, snk node needs to store ( n + m ) keys nsde, ech key s shred wth prtculr sensor node or cluster hed node.
Cluster heds: Ech cluster hed stores symmetrc key nd two polynomls g (, g (. g ( s otned y evlutng f ( x, t x =, g ( s the otned y evlutng t x =. Sensor nodes: Ech sensor node S s pre-loded two keys n ts memory, one s S, the other s S. These two keys re generted n dfferent wys to provde the requred securty. In our scheme, S s rndomly generted y DS, whch s the sesson key etween S nd the snk. S s generted complctedly to cheve hgh level securty. The procedure s llustrted s follows. ) DS rndomly selects l ( l ) polynomls from the m polynomls, ( m). Suppose l = nd polynomls nd re selected y the DS. ) DS evlutes t ( x =, ) y = S, t ( x =, ) y = S, respectvely. Suppose k = f (, S), k (, ) = f S fter the evlutons. 3) DS clcultes the correspondng secret key S y exclusve-or k nd k under Equton (4): S = k k (4) 4) S wll e pre-loded nto sensor S s memory, nd works s the sesson key etween S nd ts ntended cluster hed. S lso stores the two cluster heds d nd n ts memory. After key pre-dstruton phse, ech node n the network stores dfferent keys n ts memory. Those preloded keys wll e used to setup the eventul network fter the deployment. B) Network Intlzton Phse After the deployment, cluster heds prtton the entre network nto severl dstnct clusters nd network ntlzton phse s trggered. In network ntlzton phse, ech cluster hed needs to exchnge the hndshkng messges wth ts cluster memers nd setup secure lnk wth ech of ts memers. We stll use the prevous nstnce to llustrte ths procedure. Suppose sensor S s cluster memer of cluster hed fter the deployment. Frst, sensor S sends ts d nd stored cluster heds ds nd to ts physcl cluster hed. then sends S to nd to requre the correspondng key shres. Once receved the key shre requrement messge, nd evlute ts stored polynomls wth the correspondng sensor s d S nd reply the clculted vlues k nd k to. Once receved k nd k, t cn clculte the ntended sesson key S y Equton (4). The procedure s llustrted s follows: ) Frst, sensor S sends ts d nd cluster hed S to nd ) sends 3) nd respectvely to ts evlutes g ( = f (, t ( y = S), nd g ( = f (, t ( y = ) 4) Suppose k = g ( S ), ( ) = g. After clculton, sends ck E k ) to ( 5) decrypts E ( k ) y to get k, where = g ) f (, ) ( = 6) Smlrly, cn get k from wy 7) uses k nd Equton (4) Now, k to clculte n the sme y S cn communcte wth ts cluster memer S securely y the sesson key. Once ll the S cluster heds clculted ther sesson keys wth ts cluster memers, the network ntlzton phse s fnshed. After the network ntlzton phse, secure herrchcl wreless sensor network hs een estlshed. Ech sensor hs sesson keys wth ts cluster hed nd snk node. Ech cluster hed hs sesson keys wth ts cluster memers, other cluster heds nd the snk node. These sesson keys not only cn e used to encrypt the exchnged nformton, ut lso cn e used to mutully uthentcte the ntended communctng prtes. In ths cse, mlcous nodes cn not on n the network y mpersontng good node. All the communctons n the network s encrypted y certn sesson key shred etween the communctng prtes, therefore, the nformton uthentcty, confdentlty nd ntegrty cn e gurnteed n our proposed scheme.
4. Securty Anlyss nd Performnce Evluton In ths secton, we compre the performnce of our scheme wth the rndom key sed pre-dstruton schemes n [3][4], effcent prwre key estlshment nd mngement scheme (EPEM) n [8] nd low-energy key mngement protocol (LEM) n [9]. 4. Securty Anlyss Node cpture ttck s serous thret n WSNs, n dversry my physclly cpture sensor nodes to otn the secret nformton. In [3][4], sme prwse key my e used mong dfferent prs of sensors, hence some sensors cpture could compromse the communcton etween other noncptured nodes. In LEM [9] nd our proposed EES, no communcton etween sensor nodes exsts, ech sensor only needs to store two sesson key n ts memory, whch extremely reduce the key storge overhed for sensor nodes. Frcton of compromsed keys n noncompromsed sensor nodes.9.8.7.6.5.4 rndom key pre-dstruton "q-compost" scheme (q=).3 "q-compost" scheme (q=3). EPEM LEM. EES 4 6 8 Numer of compromsed sensor nodes Fg.. Frcton of compromsed keys n non-cptured sensor nodes vs. numer of compromsed sensor nodes After the network ntlzton phse, ny sensor s compromse does not ffect the secure communcton etween non-compromsed nodes. Fg. compres the reslence gnst sensor node cpture ttck for dfferent schemes. We cn see tht EPEM, LEM nd EES cn prevent the key compromse for non-cptured sensor nodes no mtter how mny sensors re cptured n network. In LEM [9], ll secret keys re pre-loded n cluster heds (s) on the network ntlzton phse, nd ech stores ( n / m ) keys n ts memory. Once s cptured n ths phse, ll ts stored keys could e compromsed. Furthermore, group key s used n LEM to secure the communcton mong s, whch lso could led to the sngle-pont flure ttck n WSNs. Any sngle s cpture could compromse ll the communcton etween non-compromsed s. If ths cse hppened n the ntlzton phse, mlcous node cn trck ll the exchnged key nformton etween s, nd rek the entre network ltely. In EES only polynoml shres re pre-loded n s. Any two s need to setup unque sesson key etween them efore they exchnge the senstve nformton. There s no group key exsts n EES, ny communcton etween s need to e encrypted y the ntended sesson key. Therefore, ny s compromse does not ffect the communcton etween noncompromsed s. Accordng to securty property of t - degree vrte polynoml, EES cn gurntee the network s securty when there s no more thn t s re compromsed. Furthermore, n our network model, the s hve consderly hgh energy nd memory storge. By settng t > m (where m s the numer of cluster hed nodes n network), we cn gurntee tht even ll the s re compromsed, the coeffcents of the polynoml re stll keep secret to the dversry. Numer of compromsed keys n sensor nodes 9 8 7 6 5 4 3 LEM EES 4 6 8 Numer of compromsed cluster heds Fg.3. Numer of compromsed sensor keys vs. numer of the compromsed cluster heds n the network ntlzton phse Fg.3 shows the reslence gnst cluster hed node cpture ttck n the network ntlzton phse. Suppose there re, sensor nodes nd s n network. In LEM, ech need store sensor s symmetrc key n ts memory, hence ech s compromse would compromse sensor nodes secret keys. The numer of compromsed key s lnerly ncresng wth the numer of compromsed ncreses. In our EES scheme, 8-degree vrte polynoml s used to clculte the sesson key etween cluster heds nd sensors. Snce there s no symmetrc-key used n EES, nd the degree of the polynoml s lrger thn the numer of cluster heds, even ll the cluster heds re compromsed, none of the keys of sensor nodes could e compromsed n the network ntlzton phse. 4. Performnce Evluton A. Mxmum Supported Network Sze Wreless sensor networks re usully composed of lrge numer of sensors, therefore, proposed key dstruton scheme should e sclle wth the sensor nodes ncreses. [3][4][8] re sed on the pure dstruted network rchtecture, when the network sze lnerly ncreses, the numer of keys stored n ech sensor node lso lnerly ncreses. Due the lmted memory storge n tny sensors, the mxmum supported
network sze s lmted for ths knd of schemes. LEM nd our proposed EES re sed on the herrchcl network model, whch hs etter scllty thn flt network, snce ech cluster hed cn tke chrge of numer of sensor nodes n ts cluster. Theoretclly, our proposed scheme cn e sutle for ny sze of wreless sensor networks y the properly selected degree of polynoml shres. B. ey Storge Overhed In [3][4], to cheve the requred network connectvty, ech sensor needs to store certn numer of keys n ts memory efore t s deployed. Although [8] hs smller key rng sze thn [3][4] for the sme network sze, ts key storge overhed s stll su-lnerly wth the network sze. In our proposed EES scheme, ech sensor only needs to store two keys n ts memory no mtter how mny nodes n the network, whch s extremely memory effcent for the lrge-scle wreless sensor networks. C. Communcton Overhed In wreless sensor networks, rdo communctons consume much more energes thn the code executon or clcultons. To sve the energy consumpton, proposed securty schemes should hve low communcton overhed. Compred wth exstng schemes, our proposed scheme s more energy effcent due to the lower communcton overhed for sensor nodes. In WSNs, the communcton overhed mnly occurs n the network ntlzton phse, snce ech sensor needs to exchnge key nformton wth ts neghors. Unlke the prevous schemes, ech sensor only stores two keys n EES, whch mens the hndshkng messge n EES s much shorter thn prevous schemes. Hence the communcton overhed of EES s sgnfcntly lower thn prevous key pre-dstruton schemes. Addtonlly, n mny pplctons, fresh sensors my need to e dded nto n exstng network to replce the power exhusted nodes, whch s nother mn energyconsumng procedure n WSNs. In [3][4], fresh node needs to exchnge ts stored key nformton wth the exstng nodes when t s deployed n the network. Ths procedure s smlr s the network ntlzton phse, nd lots of communcton overheds re nvolved. In [9], complcted energy-consumng procedure lso needs to dd new sensors nto n exstng network. Snk node needs to re-ssgn symmetrc keys to the new sensors nd re-dstrute the new keys to prtculr cluster hed. Ths procedure produces ddtonl communcton overhed n the network, especlly for lrge-scle network. EES s sed on the polynoml shre clculton, no ddtonl key re-ssgnment nd re-dstruton opertons re needed when new sensors on nto n exstng network. By pre-lodng two keys nto the new sensor under the sme procedure n the key predstruton phse, fresh node cn e deployed n nywhere to on prtculr cluster. Snk node does not need to re-exchnge key nformton wth cluster heds, whch extremely reduces the communcton overhed n the network. Communcton overhed (ts) 5 5 5 EPEM EES LEM rndom key pre-dstruton 5 6 7 8 9 Numer of dded sensor nodes Fg.4. Communcton overhed vs. Sensor node ddton To compre the communcton overhed for dfferent schemes when fresh sensors re dded nto network, we ssume ll the ds re 6 ts, symmetrc-keys nd polynoml-shres re 8 ts. To compre wth exstng schemes, we ssume there re, sensors nd cluster heds n our evluton model, ech cluster hs memers nsde, the verge degree of sensor node s 6. Fg.4 shows tht tht EPEM hs the lowest communcton overhed snce the new nodes only need to exchnge key nformton wth ther one-hop neghors. Rndom key pre-dstruton schemes hve the hghest overhed, snce the new nodes hve to exchnge key nformton wth ll the neghors to estlsh secure lnk. LEM nd EES hve lower communcton overhed thn rndom key pre-dstruton schemes snce the new nodes only need to exchnge key nformton wth ther cluster heds. EES cn reduce 5% communcton overhed thn LEM snce there s no key re-rodcst procedure nvolved. 5. Concluson In ths pper, we present n energy effcent sesson key estlshment scheme for lrge-scle wreless sensor networks. Bsed on the herrchcl network structure nd polynoml-key pre-dstruton mechnsm, our scheme s more sutle for lrge-scle wreless senor networks wth ts etter scllty nd network performnce. Compred wth the exstng key pre-dstruton schemes, our scheme cn cheve etter network reslence gnst node cpture ttck, s well s etter network performnce n term of network sze, key storge overhed nd communcton overhed. Acknowledgement Ths work hs een supported y the Oho Bord of Regents Doctorl Enhncement Funds.
References [] D. P. Agrwl nd Q-A Zeng, Introducton to Wreless nd Mole Systems, Brooks/Cole Pulshng, Aug. 3. [] Neh Jn nd D. P. Agrwl, Current trends n wreless sensor network desgn, Interntonl Journl of Dstruted Sensor Networks, Vol., No., pp.-, 5. [3] L. Eschenuer nd V. D. Glgor, A key-mngement scheme for dstruted sensor networks, In Proceedngs of the 9th ACM conference on Computer nd communctons securty, Novemer. [4] H. Chn, A. Perrg, nd D. Song, Rndom key predstruton schemes for sensor networks, In IEEE Symposum on Securty nd Prvcy, pges 97 3, Berkeley, Clforn, My -4 3. [5] P. Gupt nd P. umr, Internets n the sky: the cpcty of three dmensonl wreless networks, Communctons n Informton Systems, vol., no., pp. 33 5,. [6] S. Zho,. Tepe, I. Seskr, nd D. Rychudhur, Routng protocols for self-orgnzng herrchcl d-hoc wreless networks, n IEEE Srnoff 3 Symposum. [7] R. Blom, An optml clss of symmetrc key generton systems, Advnces n Cryptology: Proceedngs of EUROCRYPT 84 (Thoms Beth, Norert Cot, nd Ingemr Ingemrsson, eds.), Lecture Notes n Computer Scence, Sprnger-Verlg, 9:335 338, 985. [8] Y. Cheng nd D. P. Agrwl, Effcent Prwse ey Estlshment nd Mngement n Sttc Wreless Sensor Networks, n Proceedngs of the nd IEEE Interntonl Conference on Mole Ad-Hoc nd Sensor Systems, Wshngton, DC, Nov. 7-, 5. [9] G. Jolly, M. C. uscu, P. okte, M. Youns, A lowenergy mngement protocol for wreless sensor networks, In Proceedng of the Eghth IEEE Interntonl Symposum on Computers nd Communcton (ISCC 3), EMER - ANTALYA, TUREY. June 3 - July 3 3. [] M. Youns, M. Youssef, nd. Arsh, Energy-Awre Routng n Cluster-Bsed Sensor Networks, n Proceedngs of the th IEEE/ACM Interntonl Symposum on Modelng, Anlyss nd Smulton of Computer ndtelecommuncton Systems (MASCOTS), (Forth Worth, TX), Octoer. []. Arsh, M. Youssef, nd M. Youns, Energy-Awre TDMA-Bsed MAC for Sensor Networks, n Proceedngs of the IEEE Workshop on Integrted Mngement of Power Awre Communctons, Computng nd Networkng (IMPACCT ), My. [] G. Gupt, M. Youns, "Performnce Evluton of Lod- Blnced Clusterng of Wreless Sensor Networks," n Proceedngs of the th Interntonl Conference on Telecommunctons (ICT'3), Tht, Ppeete French Polynes, Ferury 3. [3] C. Blundo, A. D. Snts, A. Herzerg, S. utten, U. Vccro, nd M. Yung, Perfectly-secure key dstruton for dynmc conferences, Lecture Notes n Computer Scence, 74:47 486, 993. [4] Dvd W. Crmn, Peter S. ruus, nd Brn J. Mtt, Constrnts nd pproches for dstruted sensor network securty. NAI Ls Techncl Report #-, Septemer. [5] Sencun Zhu, Sneev Set, nd Sushl Jod, LEAP: Effcent securty mechnsms for lrge-scle dstruted sensor networks, In ACM CCS 3, pges 6 7, Octoer 3. [6] J. M. hn, R. H. tz, nd. S. J. Pster, Next century chllenges: Mole networkng for smrt dust, In Proceedngs of the 5th Annul ACM/IEEE Interntonl Conference on Mole Computng nd Networkng (MoCom), pges 483 49, 999. [7] C. rlof nd D. Wgner, Secure routng n wreless sensor networks: Attcks nd countermesures, In Frst IEEE Int l Workshop on Sensor Network Protocols nd Applctons, My 3. [8] Akyldz, W. Su, Y. Snkrsurmnm, nd E. Cyrc, A survey on sensor networks, IEEE Communcton Mgzne, vol. 4, no. 8, pp. 6, Aug.. [9] Donggng Lu nd Peng Nng Locton-Bsed Prwse ey Estlshments for Reltvely Sttc Sensor Networks, 3 ACM Workshop on Securty of Ad Hoc nd Sensor Networks (SASN 3), Octoer 3, 3 George W. Johnson Center t George Mson Unversty, Frfx, VA, USA. [] W. Du, J. Deng, Y. S. Hn, nd P.. Vrshney, A prwse key pre-dstruton scheme for wreless sensor networks, n Proceedngs of the th ACM Conference on Computer nd Communctons Securty (CCS), Wshngton DC, USA, Octoer 7-3 3, pp. 4 5.