Key Exchange for Service Discovery in Secure Content Addressable Sensor Networks
Autor: H. Hof, I. Baumgart, M. Zitterbart Links:
Quelle: Kommunikation in Verteilten Systemen (KiVS 2007), pp. 139-150, Bern, Switzerland, Februar 2007
Secure Content Addressable Network (SCAN) is an architecture for service discovery in service centric sensor networks that enables dynamic service composition. This paper proposes two new security mechanisms for SCAN: Single Path Key Exchange (SPX) and Multi Path Key Exchange (MPX). Both security mechanisms allow two arbitrary nodes of SCAN to exchange a symmetric key for secure communication. We also propose to use replication service information and majority vote to achieve security. We evaluated the performance and security of Secure Content Addressable Networks with Single Path Key Exchange, Multi Path Key Exchange and replication using a worst case attack model. It has been found, that in a network with 1000 nodes and 5% malicious nodes the probability of a successful lookup operation is still 80%. The results of the simulation indicate, that the overhead and the security level of SCAN with SPX and MPX scale with an increasing number of nodes. The simulation results also show that SCAN is suitable for networks with 100 to 1000 nodes.