Re keying re keying of expired keys Key establishment latency reducing the

Re-keying – re-keying of expired keys Key-establishment latency – reducing the latency resulted from communication and power consumption. The core problem we realize in wireless sensor network security is to initialize the secure communication between sensor nodes by setting up secret keys between communicating nodes. In general we call this key establishment . There are three types of key establishment techniques [5, 6]: trusted-server scheme, self enforcing scheme, and key pre-distribution scheme. The trusted server scheme depends on a trusted server e.g., Kerberos [11]. Since there is no trusted infrastructure in sensor networks, therefore trusted-server scheme is not suitable in this case. The self-enforcing scheme depends on asymmetric cryptography using public keys. However, limited computation resources in sensor nodes make this scheme less desirable. Public key algorithms such as Diffe-Hellman [12] and RSA [13] as pointed out in [6, 7] require high computations resources which tiny sensors does not provide. The key pre-distribution scheme, where key information is embedded in sensor nodes before the nodes are deployed is more desirable solution for resource starved sensor nodes. A simple solution is to store a master secret key in all the nodes and obtain a new pairwise key. In this case capture of one node will compromise the whole network. Storing the master key in tamper resistant sensor nodes increases the cost and energy consumption of sensors. Another key pre- distribution scheme [5] is to let each sensor carry N – 1 secret pairwise keys, each of which is known only to this sensor and one of the other N – 1 sensors ( N is the total number of sensors). Extending the network makes this technique impossible as existing nodes will not have the new nodes keys. In our security framework we introduce a secure hierarchical key management scheme where we use three keys: two pre-deployed keys in all nodes and one in network generated cluster key for a cluster to address the hierarchical nature of sensor network. K n (network key) – Generated by the base station, pre- deployed in each sensor node, and shared by the entire sensor network. Nodes use this key to encrypt the data and pass onto next hop. K s (sensor key) – Generated by the base station, pre- deployed in each sensor node, and shared by the entire sensor network. Base station uses this key to decrypt and process the data and cluster leader uses this key to decrypt the data and send to base station. K c (cluster key) – Generated by the cluster leader, and shared by the nodes in that particular cluster. Nodes from a cluster use this key to decrypt the data and forward to the Cluster Leader. By providing this key management scheme we make our security framework resilient against possible attacks on the sensor network. In this key management scheme base station uses K n to encrypt and broadcast data. When a sensor node receives the message, it decrypts it by using its K s . In this key calculation, base station uses K n1..nn to broadcast the message. This process follows as: Base station encrypts its own ID, a current time stamp TS and its K n as a private key.