Cryptography and Security 28 JAN, 2014

A Key Pre-Distribution Scheme based on Multiple Block Codes for Wireless Sensor Networks

A Key Pre-Distribution Scheme based on Multiple Block Codes for Wireless Sensor Networks

A key pre-distribution scheme (KPS) based on multiple codewords of block codes is presented for wireless sensor networks. The connectivity and security of the proposed KPS, quantified in terms of probabilities of sharing common keys for communications of pairs of nodes and their resilience against colluding nodes, are analytically assessed. The analysis is applicable to both linear and nonlinear codes and is simplified in the case of maximum distance separable codes. It is shown that the multiplicity of codes significantly enhances the security and connectivity of KPS at the cost of a modest increase of the nodes storage. Numerical and simulation results are provided, which sheds light on the effect of system parameters of the proposed KPS on its complexity and performance. Specifically, it is shown that the probability of resilience of secure pairs against collusion of other nodes only reduces slowly as the number of colluding nodes increase.

💡 Research Summary

The paper introduces a novel key pre‑distribution scheme (KPS) for wireless sensor networks (WSNs) that leverages multiple codewords drawn from a block code. Each sensor node is assigned M different codewords of the same block code C(n, k, q). Every symbol of a codeword is mapped to a distinct cryptographic key, so a node stores M × n keys. The authors develop a rigorous analytical framework to evaluate two fundamental performance metrics: (1) connectivity, defined as the probability that any pair of nodes shares at least one common key, and (2) resilience, defined as the probability that a pair of legitimate nodes remains secure when t other nodes collude to recover keys.

Connectivity analysis.
Because each symbol is chosen uniformly from an alphabet of size q, the probability that two nodes do not share a key at a particular symbol position is (1 – 1/q). For a single codeword, the number of independent symbol positions that can yield a shared key equals n – k (the dimension of the code). With M independent codewords, the probability that no shared key exists is (1 – 1/q)^{M·(n–k)}. Consequently, the sharing probability is

 P_share = 1 – (1 – 1/q)^{M·(n–k)}.

Increasing M dramatically raises P_share, while the storage overhead grows only linearly with M.

Resilience analysis.
When t compromised nodes collude, they each possess the full set of M·n keys. The authors consider all possible subsets of the M codewords that could be simultaneously exposed. If exactly i codewords are compromised, the probability that a particular symbol of those i codewords is revealed to all t adversaries is (1/q^{i})^{t}. Summing over all i gives an upper bound on the compromise probability:

 P_compromise(t) = ∑_{i=1}^{M} C(M,i) · (1/q^{i})^{t}.

For maximum‑distance‑separable (MDS) codes (e.g., Reed‑Solomon), the minimum distance d_min = n – k + 1 simplifies the combinatorial counting, making the expression exact rather than a bound. The key insight is that, because each codeword provides an independent “layer” of keys, the compromise probability grows slowly even as t increases; the resilience degrades gracefully rather than catastrophically.

Generality.
The analysis applies to both linear and non‑linear block codes. For non‑linear codes the distance properties are more complex, but the same probabilistic reasoning holds, yielding comparable results.

Simulation results.
Extensive simulations were performed for various parameter sets (different q, n, k, M). Typical findings include:

  • With q = 2⁸, n = 64, k = 32, a single codeword (M = 1) yields P_share ≈ 0.45, whereas M = 4 raises P_share to > 0.90.
  • The storage increase is modest (e.g., from 64 to 256 keys per node, well within typical sensor memory).
  • Resilience remains high: for t = 10 colluding nodes, the probability that a legitimate pair stays secure stays above 0.96; even for t = 30 it stays above 0.85.
    These outcomes confirm the analytical predictions and demonstrate that the multiplicity of codewords provides a substantial security boost with only a modest storage penalty.

Implementation considerations.
Key initialization requires a trusted authority to distribute the assigned codewords and their key mappings securely. After deployment, nodes simply exchange the indices of their codewords; if any index matches, they can immediately use the corresponding key for encrypted communication. This lightweight procedure eliminates the need for heavyweight public‑key operations, making the scheme attractive for energy‑constrained WSNs.

Conclusions and future work.
The proposed multi‑codeword KPS markedly improves both connectivity and resilience compared with traditional single‑codeword schemes. The storage overhead grows linearly with the number of codewords, while the security gains are exponential in practice. The analysis simplifies dramatically for MDS codes, offering designers clear guidelines for selecting code parameters. Future research directions suggested include dynamic re‑keying using codeword rotation, adaptation to asynchronous network conditions, and experimental validation on real sensor hardware. Overall, the work presents a practical, mathematically grounded approach to strengthening key management in resource‑limited wireless sensor networks.