As sensor networks become one of the key technologies to realize ubiquitous computing, promising to revolutionize our ability to sense and control the physical environment, security remains a growing concern. The resource-constrained characteristics of sensor nodes, the ad-hoc nature of their deployment, and the vulnerability of wireless media, pose a need for unique solutions. A fundamental requisite for achieving security is the ability to provide for data confidentiality and sensor node authentication. The advantages of public key cryptography (PKC) for sensor networks security are widely acknowledged and include resilience, scalability and decentralized management. However, the scarce resources of sensor networks have traditionally rendered the direct applicability of existing public key methodologies impractical. Elliptic Curve Cryptography (ECC) has emerged as a suitable public key cryptographic foundation for constrained environments, providing strong security for relatively small key sizes. Recent results indicate that the execution of ECC operations in sensor nodes is feasible. Our work aims to transform PKC into the prevailing security solution for sensor networks, by developing a comprehensive technology that encompasses complete security applications not treated thus far, while accommodating the distinctive attributes of resource-constrained sensor networks.
By exploiting a novel ECC-based framework, specifically designed for constrained embedded systems, this research effort is expected to yield fundamental advancements in the field of security for sensor networks. The primary goals of this research are: (1) to develop resource-aware, self-certified public key generation methodologies that eliminate the need for certificate handling and reduce communication and processing overheads, (2) to design and analyze resource-efficient algorithms and protocols for group key generation, which facilitate the integration of cryptographic procedures in data fusion and the dynamic formation of ad-hoc clusters, (3) to introduce computational methods for efficient execution of protocols pertaining to multiple-user security applications, including group signature and distributed certification, (4) to analyze threat models and derive robust data protection and denial-of-service (DoS) prevention mechanisms that are uniquely designed for sensor networks, and (5) to evaluate the developed methodologies on multiple sensor network platforms to help validate and demonstrate the technology as well as ensure its long-term impact.