1 Introduction

Wireless sensor network (WSN) [1] is becoming a much admired pervasive technology. It contains a large number of resource-restricted nodes in which nodes communicate with each other in a wireless manner. Incorporation of Sensing capabilities, wireless communication interfaces, and microprocessors into the tiny devices allow the embedding of computational power in random environments. They normally consist of many low-cost and low-power devices that are able to sense the environment, process information, and transmit messages by means of wireless communication. WSNs are used for different applications such as indoor tracking, labor risk prevention, infrastructure monitoring and health-care. In future, sensor network will be everywhere in order to make future technologies or environment or infrastructure as smart as possible. These include healthcare, smart homes through sensors, environment monitoring etc.

Due to the limitation of resources, WSNs undergo several security threats [2] namely hardware tampering, eavesdropping, injection of false messages etc. Hence more efficient security mechanisms that are amenable with the definite characteristics of WSN are to be imparted into the network. The most common security mechanism that can provide security features is Symmetric Cryptography [3, 4]. In this security mechanism, any two neighboring nodes that are within the communication range possess a common key o is used for both encryption and decryption of messages that are exchanged between them to provide secrecy to the message and their authentication. The process of establishing the common symmetric keys is called key management [5,6,7]. There are possibilities that these symmetric keys can be the compromised nodes in unattended environments [8, 9]. Even though many systems exist for detecmanagement ting and recovering the compromised nodes, the survival of attacks [10] remains in the network that is to be identified and eradicated [11, 12]. As of now a family of key distribution schemes exists for WSNs namely Random Pair wise key, q-composite, Transitory Master Key etc. The security scheme that is used is a variant of the q-composite scheme that fit into the family of Random Pair wise [13, 14] scheme. In q-composite scheme, a pair of communicating neighbouring nodes needs to possess a minimum of q common keys among them to establish a secure communication link. Any two couple of nodes can establish a common symmetric key if and only if they share a minimum of q-initial keys. There are two phases in Key management schemes namely (1) Pre-distribution phase and (2) Key establishment phase.

2 Related Work

A variety of key management protocols and the techniques that are used in wireless sensor networks are discussed as follows. Bechkit et al. [15] states that due to the sensitivity of the WSNs and their resource limitations, Key management provide security to the nodes in the network. While designing a key management scheme scalability issue is to be considered, since the construction of a large scale deployment of the network must be in a position to support the large number of nodes. The authors propose a novel key management scheme that is scalable enough to execute secure and efficient connectivity coverage. They proposed a new theory called unital design theory in which the unitals are mapped with the key pre-distribution that can enable the network to attain elevated scalability and an efficient key probability of key sharing. They have performed the analysis and simulations so as to compare the results of the existing methods with theirs on the factors like network scalability, storage overload, network resiliency, and securing average path length and network connectivity.

Eltoweissy et al. [16], describes a key management model that dynamically establish and maintain a secure channel among communicating. A primary challenge in this is managing the trade-off between the acceptable levels of security and conserving scarce resources, in particular energy, needed for the network operations. The budding category of dynamic key management schemes believes that a long-lasting network requires recurrent inclusion of fewer quantities of nodes thereby forcing the network to have nonstop security issues and network survivability. In this work the author provides a categorization of key management schemes in WSN relating their commonalities and differences. In addition to that they describe a more elaborate dynamic key management scheme named localized combinatorial keying (LOCK).Furthermore they evaluated and compared the security and performance of their scheme with a static key management scheme along with the future directions of research.

Gandino et al. [17], proposes a unique key management scheme called random seed distribution with transistor master key; this master key is used in random distribution of secret material and also to generate pair-wise keys. Thus this approach overcomes the drawbacks of the previous approaches based on the technique introduced. It even outperforms the state-of-art protocol in order to provide a high security level. The key pre-distribution to the nodes is made without any additional mechanism or deployment knowledge. The key management schemes introduced here are plain global key (PGK) and full pair-wise keys (FPWK).

Yu and Guan et al. [18] commenced quite a few number of key management schemes so as to address the new privacy and security challenges in WSN. Bootstrapping secure communication between the nodes is the most important challenge amongst this. They further stated that offering either a well-built resilience to tackle the node compromise attacks or to attain the preferred connectivity with less memory overhead is difficult. Hence they proposed a more efficient key management scheme that uses the deployment knowledge. In their scheme the targeted network area is separated into hexagon shaped grids and the nodes in the network are separated into the same quantity of groups as the number of grids. Finally the divided groups are positioned into an exclusive grid. The deployment knowledge is used to reduce a huge quantity of prospective groups with which neighbors of the node are added. Hence the production of pair-wise key is used for effective communication among any two nodes. They compared their scheme with the already existing scheme and proved that their method has superior connectivity consuming a reduced amount of memory with a small range of transmission. In addition to that it has a superior performance with respect to resilience towards node compromise attacks.

Hackmann et al. [19], proposed a cyber-physical architecture that maps the identification of node damage effectively in the wireless sensor network of distributed environment. Furthermore they portrayed the execution of the proposed architecture on top of a Tiny OS operating system and ISHM service tool suite. This approach has been experimented with respect to efficiency in terms of latency and power consumption of the data that has been collected. Since the existing research has a wide gap between the wireless sensor networks and structural engineering algorithm the authors introduced a cyber-physical co-design approach that does health monitoring of the network. This approach combines the damage energy efficient multilevel computing architecture and localization and is implemented on Intel Imote2 platform. The nodes in the network are organized into hierarchical structure where nodes are combined to form clusters. In each cluster the cluster head acts as a coordinator that coordinates the nodes within the cluster.

Kwon et al. [20], introduced a method that distinctively consider group hierarchies and subareas that hold deployment errors over the model called group-based deployment. In this model the entire field under sensing limit is geographically separated into normal square zones. On the other hand the unusual polygons are also treated through unique strategies of deployment. Upon the completion of the deployment with promising errors, the groups under the zones are separated among three subarea groups such as inner, border and outer areas. Later on these nodes can organize their own single hop subgroup. Three phases are devised in Location based pair-wise key pre-distribution scheme with practical concern. They are based on full and random pair-wise key pre-distribution (FRP) schemes in the deployment. In this case the first phase concerns with the key pre-distribution with deployment knowledge, the second phase is concerned with the shared key discovery and the third phase is concerned with Path Key Establishment using Path Key Offering.

Seo et al. [21], describes that dynamic wireless sensor networks enables mobility of sensor nodes this facilitate wider coverage of networks and accurate services than static wireless sensor networks. This work proposes a certificate less-effective key management (CL-EKM) protocol for secure communication which is characterized by node mobility. The introduced protocol supports key updates in an efficient way whenever the node joins or leaves the cluster and also it ensures the forward and backward key secrecy. To conclude, security evaluation is performed to demonstrate that the protocol is effective in dealing with quite a few number of attacks. ContikiOS is used to implement CL-EKM and it is simulated using Cooja simulator which is used to evaluate its performance metrics such as time, communication, energy and memory performance.

Du et al. [22], states that there exist a number of introduced schemes to provide varieties of solutions to key pre-distribution problems. In addition to that they demonstrate that it does not make use of an important piece of information that significantly improves the performance. The knowledge about the deployment of nodes is extracted from the way how the nodes are deployed in the network. This is completed by modeling node deployment knowledge in wireless sensor network and then developing a key pre-distribution scheme based on the model. It is shown that key pre-distribution with deployment knowledge can substantially improve a network’s connectivity and reduce the amount of memory required. Thus the author proposes random key pre-distribution scheme and also its significant are discussed.

Yu et al. [23], deals with the problem of the detection of replication of nodes that is challenging nowadays. These attacks require instant notice when compared with the resistance towards node replication attack. They further present that almost many of the prevailing schemes that are applied into the static networks depends on the evidence-finding strategy where this is not practically feasible to be applied in mobile networks. Hence there is a need to introduce localized algorithms that are capable of resisting node replication attacks in mobile sensor networks. The algorithm that has been introduced has benefits like efficiency and effectiveness, network-wide synchronization avoidance, localized detection and network-wide revocation avoidance. Performance comparisons are provided to demonstrate the efficiency of the introduced algorithms with known methods. Prototype implementation on TelosB mote demonstrates the practicality of the introduced methods.

Yum et al. [24], states that the Key management schemes are required for sensor networks since the wireless sensor networks are mostly deployed in the adverse hostile environments. In random key pre-distribution (RKP) which is a category of probabilistic key management scheme, each node is preloaded with a subset of keys that are being randomly chosen from a huge set of keys. The authors say that the security evaluation on resilience towards node compromise of q-composite is imprecise. In addition to that they also propose a novel scheme that formulates q-composite RKP scheme and its resilience.

A key pre distribution scheme that allows the mobile sink node to enable a safe communication link between itself and other participating nodes in the network has been presented by Rasheed et al. [25]. This hybrid scheme is a combined effort of the polynomial pool-based key pre distribution, probabilistic generation key pre distribution and the Q-composite scheme. The authors proved that the scheme proposed by them ensures that any participating node has a high probability of establishing pair wise keys with the mobile sink. In addition to that this scheme also ensures that the nodes have less communication overhead.

This section illustrated a number of q-composite schemes that belongs to the family of Random Key Pre-distribution family [26] where the idea is to have q number of common keys are to be present statically among a pair of neighbour nodes so as to have a secure link which leads to the consumption of more storage. Hence a key management scheme is to be introduced which requires reduced storage and enhanced resilience which does not depend on the static number of q common keys.

3 Seed Based Min Max Composite Scheme (S2MC)

A key management scheme named Seed Based Min–Max Composite (S2MC) is proposed which provides a secure pair-wise key generation scheme in wireless sensor network. This scheme enables the distribution of seeds instead of keys since seeds are comparatively smaller in size. The seed undergoes two function namely expansion and transformation in order to generate the key out of the seed.

It has two phases namely (1) selection of the common seeds from the seed ring of the communicating nodes between the range of min and max, (2) generation of the communication key from the XOR of the shared seeds when required by the communicating nodes for data transmission.

The major drawback of Q composite scheme is the storage overhead when more number of common key exists between the communicating nodes since the common key occupies memory. This drawback is overcome by the proposed S2MC scheme through two ways.

1. Seed pool containing seeds is used instead of keys since keys require more storage (Keys are generated from the seeds later for communication). 2. Even though many common seeds exist between two neighbors, the communicating key is generated from the min–max range of seeds. Hence it is called as Seed based Min–Max composite keys since this restricts the number of common seeds in establishing communication pair wise key between the nodes.

The first novelty of this scheme is that reduced storage space through 2 conditions (1) since seeds are used instead of keys (2) seeds are chosen in the range of min–max out of a large key pool size. The second novelty of this scheme is the erasure of the keys once the communication is over. For each communication a new key is generated from a new seed which leads to improved security. Even if the node is compromised by the attacker he is not able to compromise the other keys from the other nodes in the network since a fresh key is used for such communication. The final communication key is the XOR of the keys in the range min–max.

The selection of common seeds in the range leads to the reduced storage space (seed size is chosen as 2 bytes whereas key size is 16 bytes for encryption schemes such as AES) by using minimum number of seeds and generating the communication key from the seeds whenever needed and erased after the communication is over improves the resilience of the network. This scheme involves the Pre-distribution phase, Key Generation and Key establishment phase. The scheme presented is a variation of q composite scheme where the number of keys generated from the seeds is between the range min and max that is chosen based on the availability of common seeds in the seed ring of the communicating nodes.

The parameters of S2MC are identified before the network deployment. They are the rings of max starting seeds that must be randomly picked up from a pool of q starting seeds and loaded into the memory of each node i with its unique identifier (ID). Each node initially stores the seeds in such a way that common shared seeds exist between its neighbors with their ids.

Each and every node in the network periodically broadcasts a hello message to its neighboring nodes in the network. The node that initiates the broadcast of hello message is termed as initiator. This hello message is used by the nodes to establish communication with the neighboring node’s the id of the initiator and the ids of its starting seeds. For example in Fig. 3 node V broadcasts a message with its id along with the ids of its starting seeds to its neighbors U, W, X, Y, Z. When a node calls a receiver and receives a hello message from a new node it searches for the shared starting seeds in the received set of IDs it starts generating final communicating key. If there is less than the minimum number of shared seeds, the receiving node discontinues the handshake because it is not possible to set up a communication link between the two nodes with lesser seeds. If the quantity of shared seeds is between min and max, the receiver records their ids associated with the id of the initiator.

The pair-wise communicating key is not stored anywhere, but will be generated each time before being used. Later on the receiving node replies to the initiator node with an acknowledgement message. This message contains the id of the receiving node and the ids of the shared seeds. Furthermore the MAC authenticates the message and executes along with the subsequent XORed pair-wise seed. The seeds are transformed into keys through some functions. At last, the pair-wise key is calculated by the initiating node and the MAC of the message is checked for authentication. Once it is right, the ids of the old starting seeds are stored by the initiator. With this, the node is allowed to calculate the pair-wise key as and when it is required by the initiator. If there exists greater than min common seeds, the receiving node chooses arbitrarily min seeds between min and max values. Later on, it computes the identical routine as the amount of common seeds that may be among min and max, but only bearing in mind the chosen seeds.

At the end of handshake, every node in the network yet stores the preliminary information. Moreover, for each and every communicating link, a node stores the ids of its neighbors and the ids of the starting seeds used for the production of the pair-wise key. So as to conserve memory, the nodes can store only the position number, lower than max and higher than the minimum number of the starting keys among their set.

The performance provided by S2MC are investigated and compared with the existing schemes and for the varying values of the number of common seeds.

In this scheme, nodes by no means erase the undisclosed information necessary to set up new keys. Hence, they can set up fresh links among the nodes that are included to the network soon after the early deployment and to set up fresh links with the nodes that are met by varying the original position.

Conversely, as like in Q composite scheme, if an attacker compromises a node, he will also get back all initial seeds that are used to generate the keys. But the attacker has little chance of identifying the combination of seeds from which the final communicating key is generated. As a result, the usage of the XOR operation in the generation of a single key from the keys in the range of min max will not offer any added information to opponents.

3.1 Notations Used

The different notations used for S2MC evaluation

The parameters that determine the resilience of the S2MC scheme are:

j:

Shared starting seeds/keys

o:

Number of nodes in the network

z:

Number of seeds/keys in seed pool

s:

Number of seeds/keys in seed rings

y:

Compromised seed/key ring

q:

Maximum number of shared keys needed to create a link

min:

Minimum number of shared seeds needed to create a link

max:

Maximum number of common seeds to create a link

w:

Number of neighbors of a given node

The parameters that involve the key generation from the seed of the S2MC scheme are:

Se():

Seed expansion function (expands the seed size to that of key size by adding padding bits at the end of the seed)

St():

Seed transformation function(One way function that generate the key from the seed)

Sid:

Seed id

U, V, X, Y, Z:

Nodes

IDi:

Node id

The parameter that determine the storage efficiency of S2MC scheme are

Kl:

Key length

IDl:

Node id length

Sl:

Seed Length

SIDl:

Seed id length

KIDl:

Key id length

3.2 Assumptions

Nodes have no deployment knowledge. Adversary can compromise any seed. Nodes are homogenous except sink with improved resources.

3.3 Key Generation

The novelty of this scheme is the limited storage requirement. If more than one common seed exists between the nodes then the fixed pair wise seeds are the result of the XOR operation of the common seeds that result in a single pair wise seed. The generation of the communicating key from the pair wise seed is shown in Fig. 1. The Seed with id (Sid) that is generated as the result of the XOR of the common seeds in the range of min–max undergoes a seed expansion function (Se(f)) where the size of the seed is expanded to the size of the keys by using the padding bits(0 s are preferred as the padding bits). The expanded seed then undergoes a Seed transformation function, that is the one way irreversible function (St(f)),which leads to the generation of final key with identifier Kid.

Fig. 1
figure 1

Key generation from the seed

Full size image

For example if the common seeds are Sa and Sb then the fixed pair wise seed is the result of XOR of Sa,Sb and if the common seeds are Sa, Sb, Sc then the pair wise seed is Sa XOR Sb XOR Sc.

3.4 Pair wise Seed Establishment

Initially i seeds are picked up randomly from seed pool p and later loaded in the memory of the nodes with its identifiers that are unique. After the seed pre-distribution the communicating seed is generated from the common seeds which later on undergo two functions namely expansion and transformation that leads to the generation of the final communicating key. This is depicted in Fig. 2 with 6 nodes s = 5, min = 1, max = 3.

Fig. 2
figure 2

Nodes with their seed ring

Full size image

Every node in the network identifies the common seeds by broadcasting hello message. The node which originates the hello message is called originator. If the common seed is less than min (1 shared seed) then the node stops further communication with the node from which it receives the hello messages.

If the common shared seed is greater than max (3 shared seeds) then the node selects only the max common seeds in random. In Fig. 2

  1. I.

    Node V broadcasts its seeds {Sc, Se, Sf, Sg, Si}with its id to its neighboring node U with seeds {Sa, Sb, Sc, Sh, Sj}. When U receives the hello message from V, it searches for the existence of common seeds between them. The seed Sc is common between node V and node X. Since the number of common seeds is equal to min value the connection establishment handshake is permitted.

  2. II.

    Node V broadcasts its seeds {Sc, Se, Sf, Sg, Si}with its id to its neighboring node X. When X receives the hello message from V, it searches for the existence of common seeds between them. The seeds Sc, Sb, Si are common between node V and node X. The number of common seeds is equal to the max value the connection establishment handshake is permitted.

  3. III.

    Node V broadcasts its seeds {Sc, Se, Sf, Sg, Si} with its id to node W whose seeds are {Sc, Sa, Sm, Sh, Sj}. When W receives the hello message from V, it searches the existence of common seeds between them. Only one common seed (Sc) exists between them. Connection establishment handshake is permitted.

  4. IV.

    Node V broadcasts its seeds {Sc, Se, Sf, Sg, Si} with its id to node Y whose seeds are {Se, Sl, Sf, Sg, Si}. When Y receives the hello message from V, it searches the existence of common seeds between them. The seeds Se, Sf, Sg, Si are in common. Even though the number of common shared seed is 4 between V and Y they select the max common seeds(i.e. 3) in random. Pairwise key establishment is computed from the 3 common seeds.

  5. V.

    Node V broadcasts its seeds {Sc, Se, Sf, Sg, Si} with its id to node Z whose seeds are {Sd, Sm, Sl, Sh, Sj}. When Z receives the hello message from V, it searches the existence of common seeds between them. As there is no common shared seed further communication with the node is stopped.

Authentication part of the received ACK message is taken care by MAC along with its seed. Once the MAC is verified by the originator stores the shared seed of its authenticated originator. Later on it calculates the pair wise key from the seed when the message communication takes place. This ad-hoc generation of pair wise key and selection of nominal common seeds leads to the reduced memory overhead and thus S2MC scheme is storage efficient. If there are more than max shared seeds between the originator and its neighbors then only max common seeds are chosen and this information is stored in their memory with which the pair wise key is generated later on.

3.5 Periodic Seed Updation

The seeds are to be updated periodically in order to ensure the secure communication since the network is insecure. This periodic updation of secret material between nodes in the network is shown in Fig. 3. For example node V tries to broadcast its seeds v, c, e, f, g, i to its neighboring nodes U, X, W, Y and Z.

Fig. 3
figure 3

Periodic seed updation through broadcast

Full size image

Periodic hello messages helps in sharing the seed details with the neighbors. Since the common seeds chosen are between 1 and 3(min and max) on a random basis, every time different set of shared seeds are selected so that even if 1 seed is compromised this will not have much effect since resilience some other shared seed is used.

3.6 Storage Organization

The nodes in the network store the position of the common keys instead of the keys there by reducing the memory space. Table 1 shows the position of the common keys of each node with every other node in the network. For example in Table 1 node u stores no common position with node v, (2, 4, 5) positions with node w, (1, 3) positions with node x, (nil) position with node y, (1, 4, 5) positions with node z.

Table 1 Position of the common seeds of each node with every other node in the network
Full size table

3.7 Seed Key Pre Distribution

During initial stage of deployment all parameters are loaded into the nodes such as random distribution of seeds into the seed ring of each node form a large pool of seeds.

3.8 Seed Establishment

During this phase a hello message is exchanged between the communicating nodes. If common seeds are identified randomly in the range of min max then the key generation starts from the common seeds. The seed undergoes the expansion function and later on transformation function from which the final communication key is generated by the communicating nodes.

3.9 Modes of Attack

The scenario of an unattended wireless sensor network is that an adversary can oversee all the traffic of data in the network. The details known by the adversary when he compromises a node are the nodes ID, seed ring of the nodes, the seed expansion function and the seed transformation function. Anyway the attacker does not know which subset of common seeds out of the existing common seeds is chosen for the generation of the communication key by the communicating parties. Moreover the communicating keys are erased after the communication thereby enhancing the resilience of the nodes in the network.

3.10 Resilience

Resilience of a node is referred to as the capability of reducing the side effects caused by the compromises of the confidential information. FPWK random key pre distribution is the scheme that ensures better resilience in the presence of 1 key being compromised because it requires a minimum of 2 keys to establish communication. When Y number of communicating nodes are being compromised by the attacker during the working phase of the nodes, the resilience provided by LEAP+ provides the theoretically best whereas it provides worst resilience during the initialization phase.

Table 2 shows the probability of an attacker over hearing the link among the non compromising nodes of FPWK, EG, LEAP+, QC schemes. The resilience offered by S2MC scheme again over hearing is treated as a category of general resilience offered by QC and EG.

Table 2 Comparison of the resilience of various schemes
Full size table

The over hearing probability of S2MC scheme is given as the amount of i shared seeds between the rings of 2 nodes combined by the links \(\left( {\begin{array}{*{20}c} s \\ i \\ \end{array} } \right)\left( {\begin{array}{*{20}c} {z - s} \\ {s - i} \\ \end{array} } \right)\) multiplied by the likelihood of y compromised seed rings that falls in min(i,s) initial keys and is calculated as

$$\left( {\begin{array}{*{20}c} z \\ s \\ \end{array} } \right)^{y} \mathop \sum \limits_{j = 0}^{{{ \hbox{min} }\left( {i,max} \right)}} \left( {\begin{array}{*{20}c} i \\ j \\ \end{array} } \right) - 1^{j} \left( {\begin{array}{*{20}c} {z - j} \\ s \\ \end{array} } \right)^{y}$$
(1)

Divided by the complete feasible combinations of the shared initial seeds among the 2 rings of the 2 nodes which is connected as

$$\left( {\mathop \sum \limits_{k = min}^{max} \left( {\begin{array}{*{20}c} s \\ k \\ \end{array} } \right)\left( {\begin{array}{*{20}c} {z - s} \\ {s - k} \\ \end{array} } \right)} \right)$$
(2)

If min = 1 and max = 1 then the likelihood of overhearing in min–max is same as EG. Else if max = s then the likelihood is equivalent to QC. If max = s, QC provides same resilience as that of S2MC. If max is less than r then QC provides more resilience than S2MC.If min is greater than 1 then QC & S2MC provides greater resilience than EG. If min = 1, then QC provides high resilience than EG.

4 Storage Efficiency

The storage space required by the various scheme are shown in Table 3. The majority of memory storage required by EG scheme is to store the r keys. Hence the storage limitation depends of the value of the key ring r. QC scheme stores final pair wise key in addition to the starting keys. Moreover identification are not required to be stored by QC because the neighboring nodes uses only the initial shared keys to establish a pair wise key.

Table 3 Storage space required by various schemes
Full size table

S2MC scheme stores x seeds and v keys generated from r seeds. The overhead part of storage analysis of S2MC involves storing the seeds and the generated ad-hoc keys.

Let us assume the following values to be initialized to various parameters of storage analysis which helps to compute the actual memory required by the different scheme.

n = 400, max = 3, r = 10, v = 10, Kl = 16 bytes (Since encryption algorithm like AES requires key size of 128 bits), IDl = 2bytes, KIDl = 1byte, Sl = 2bytes,SIDl = 1byte.

From the above value the memory required by PGK is 16 bytes (i.e. Kl). EG requires the memory of 200 bytes. LEAP occupies 186 bytes. FPWK requires 6354 bytes. QC scheme is in need of 350 bytes. S2MC scheme occupies a memory storage of 222 bytes which is efficient than QC.

4.1 Connectivity

Connectivity is a measure of the probability of a node establishing a communication link with its neighbor. The connectivity of FPWK,PGK and LEAP are best(i.e. in which always links are established). The connectivity of QC and S2MC seems to be similar since the max parameter in S2MC does not affect the link establishment probability which is specified as

$$1 - \frac{{\mathop \sum \nolimits_{t = 0}^{q - 1} \left( {\begin{array}{*{20}c} s \\ i \\ \end{array} } \right)\left( {\begin{array}{*{20}c} {z - s} \\ {s - i} \\ \end{array} } \right)}}{{\left( {\begin{array}{*{20}c} z \\ s \\ \end{array} } \right)}}$$
(3)

A communication link can be established between any 2 nodes if they share a minimum of q common keys. If q = 1 for some values of z and q. QC and S2MC shows the same connectivity as that of EG. The connectivity of EG is given as

$$1 - \frac{{\left( {\begin{array}{*{20}c} {z - s} \\ s \\ \end{array} } \right)}}{{\left( {\begin{array}{*{20}c} z \\ s \\ \end{array} } \right)}}$$

Which s keys that it is the possible combination of keys in the key ring that is not the parent of other ring, divided by the combination of keys in the ring \(\left( {\begin{array}{*{20}c} z \\ s \\ \end{array} } \right)\) the whole together subtracted from 1.

5 Security Analysis and Evaluation

In order to validate the proposed work that describes resilience and storage of the schemes based on random distribution, a simulation analysis has been done. Two sets of s numbers in the range of min and max are randomly computed so as to guarantee the connectivity where each set denotes the ring of initial keys of a node. Any two nodes can be connected with each other only if they have at least a minimum number of common shared keys (for e.g. 1).To compute the likelihood of a false authentication, there is a necessity to generate a portion of r numbers between min and max. Later on x sets of r numbers are produced that denotes the compromised sets. The adversary can outperform the confirmation of authentication only if at least min of the first set is added to the y sets. The two sets of s numbers between min and max values have to be computed in random so as to calculate the likelihood of overhearing on a link. This process has to be repeated until the two sets share at least min numbers. A portion of at most max numbers has to be selected for S2MC. The common share that has been selected represents the starting key that is being used for establishing a communication link in the network. Finally y sets of s numbers are generated that denotes the compromised sets. When the complete information that is selected between the common ones is added in the y sets, the challenger can eavesdrop something on the communication link.

5.1 Resilience

Resilience is the ability to stand firm in the presence of captured undisclosed information. The resilience offered by S2MC scheme against overhearing can be considered as a common case of the resilience portrayed by the existing schemes such as EG. The formula for S2MC calculation is represented as 1 minus the possibility that there exists smaller than min keys in the offered ring of the y captured nodes that are being shared with the node that is responsible for doing the authentication confirmation.

5.2 Resilience Using Varying Number of Common Seeds

Using one common seed among the nodes, the probability of eavesdropping is comparatively lesser in the presence of the compromised nodes. This is because the attacker knows the survival of only one common seed. With this single seed he cannot overhear the rest of the transmission that is ongoing among the other nodes in the network. If two common seeds are used and both the seeds are compromised then the probability of eavesdropping is comparatively increased in comparison with one common seed. As a result if the number of common seed is increased the probability of overhearing between the compromised nodes is also increased. The same scenario is shown in Fig. 4.

Fig. 4
figure 4

Resilience of Q Composite

Full size image

5.3 Resilience Through Varying Value of Min Seeds

Figure 5 shows the varying values of min while retaining the fixed value of max. From the figure it is observed that having the min value as minimum leads to lesser probability of eavesdropping in comparison with having greater values of min. In this case the max value is unaltered and is kept as constant. Since the max value is set unaltered with a fixed value of 3 and min value is varied from 1 to 2, the results shows that probability of eavesdropping increases as the number of compromised nodes is increased. As a result, if the common seed is increased then the eavesdropping among the node is also increased.

Fig. 5
figure 5

Resilience varying min

Full size image

5.4 Resilience Through Varying Seed Ring and Seed Pool Size

The seed pool size is defined as the total number of seeds in the network that is denoted as p. The seed ring is defined as the subset of seeds that are chosen from the seed pool and assigned to the memory of each node that is denoted as k. The constraint is that from the seed ring any set of seeds can be compromised. From Fig. 6, it is clear that as the size of the seed pool increases and the size of the seed ring decreases, the probability of eavesdropping keeps decreases. This is because, if only few seeds are compromised that are present in the seed ring the rest of the uncompromised seeds from the seed pool can be chosen by eliminating the already chosen compromised seeds.

Fig. 6
figure 6

Resilience through varying seed ring and seed pool size (Z)

Full size image

5.5 Comparing the Resilience of Various Algorithm

The results as shown in Fig. 7 demonstrates the comparative analysis of the various existing key management schemes such as LEAP+, FPWK, EG against the proposed S2MC scheme. The analysis of the various schemes is in need of different requirements. The assumption of LEAP+ is that the network is static. The proposed and the existing schemes can be applied to either static or mobile networks. Furthermore, FPWK can be deployed to a network consisting of a maximum of 31 nodes because of the memory overhead and it does not support adding new nodes to the network because the node details are to be known prior to deployment. The EG resilience is maintained as slightly slower than the S2MC scheme. When compared to the other schemes the performance of S2MC is better as shown in figure without any additional constraints.

Fig. 7
figure 7

Comparing resilience of various algorithms

Full size image

Even though the resilience of the network may degrade as per the amount of compromised nodes, it is considered to match closer or equal to 0 or 1. The compared existing schemes offer a probability of false authentication that is greater than 0.99 without any additional constraints. The analysis shows that the S2MC has reduced probability of eavesdropping than the other schemes in the presence of compromised nodes.

5.6 Storage Efficiency

The core portion of the memory needed by the EG scheme is required to store s keys. Hence, the storage condition restricts the value of r and as a result the restricting the connectivity. QC scheme is involved in storing both the initial and the final pair-wise keys. QC does not require an id to store a pair-wise key because the rest of the neighbors may need to set up their pair-wise keys with the help of common initial keys. S2MC involves storing the primary keys and the ids of the common keys with the id of the respective node. Moreover, S2MC stores the key that is used for updating. LEAP+ [27] scheme is able to store w + 1 keys in addition to their node ids and the pseudo-random function. So as to offer a pessimistic examination of the proposed work, the amount of key ids that are stored by S2MC is always considered to be the maximum in the storage analysis. On the other hand, the cryptographic functions were not taken into account because it can also be used for the encryption thereby saving the concerned memory. On the whole it is concluded that FPWK can be used by only a small network when compared to the storage efficiency offered by the other considered protocols.

5.7 Communication Efficiency

PPWK and PGK schemes are in need of the lesser amount of messages, because all nodes are aware of the common key to every other node. As a result the establishment of keys is not needed for those schemes. In S2MC, LEAP+, EG, FPWK the establishment of keys are in need of the transmission of 2 one-node messages. Yet the message size is considered to be different. In S2MC, the hello message grasps the seed ids in the seed ring (sidl) and the id of the node (idl). Still to mitigate the overhead of communication and to offer a pessimistic analysis of the scheme proposed, the number of key ids that are transmitted is treated always as the maximum. The reply message holds the sender ids (sid), the ids of the chosen keys (kl) and the MAC of the message. The efficiency of communication is offered by choosing the key length of 16 bytes by the proposed scheme.

6 Conclusion

In this work, a key distribution scheme named S2MC for wireless sensor networks has been introduced. The proposed scheme is based on random pre-distribution and pair-wise key generation algorithms. The important advantage of this scheme is that it offers an efficient memory management that led to the storage of lesser amount of keys which results in the reduced memory overhead by using a new key generation method from the seeds which limits the amount of initial seeds per link. The erasure of the keys after communication results in improving the resilience of the network. The simulation analysis shows that the presented scheme offers a comparatively better resilience without any additional constraints in the presence of increasing number of compromised nodes and even when the nodes are compromised during the initialization phase.