無線感知網路(wireless sensor network)是由許多低成本的感知器(sensor node)所組成，每一個都含有有限的計算、記憶與能量資源，並具有感知能力。感知器最主要是藉由感知環境來收集資料、在該位置進行處理，並將資訊回送至基地台(base station)。鑑於感知器有限的資源，非對稱式的加密演算法，與高成本的運算方式如模組指數型運算，皆無法適當的提供安全性。
許多無線感知網路的應用，如環境監控，是建立在群組式通訊模式上，基地台必須安全地傳送訊息至一組數量眾多的、負責處理的感知器。因此，建立一個用以加密群組通訊的群組金鑰，用以防範攻擊者竊聽無線感知網路上的通訊，是相當重要的議題。
為了在有限資源的無線感知網路上能安全低群組通訊，本研究提出一個具有效性及擴充性的金鑰管理協定。我們的方法只使用了對稱式加密演算法與低成本運算模式，並可滿足current、forward與backward secrecy等安全性質，即使當攻擊者控制了一個感知器或叢集管理者(cluster head)，仍可避免整個群組被進一步地控制。另外，就擴充性而言，當群組數目改變，每一個元件在更新群組金鑰所花費的通訊與運算成本，亦得以獨立於群組大小。與目前現有的群組金鑰管理協定相比，本研究所提出的協定，不僅具有較佳的效率，並且更能適合於無線感知網路上。

Wireless sensor networks consist of many low-cost sensor nodes which have sensing capability with limited computation, memory and energy resources. Sensor nodes are mainly used to collect data by sensing the environment, process it locally, and send information back to a more powerful base station. Due to the limited resources on sensor nodes, asymmetric cryptographic algorithms and high cost operations like the modular exponentiation operation are not appropriate for providing security.
Many applications of wireless sensor networks, e.g. environmental monitoring, are based upon a group communication model. The base station needs to securely deliver messages to a large number of authorized sensor nodes. The establishment of a group key for encrypting group communication is therefore becoming an important concern to prevent an attacker from eavesdropping communications in wireless sensor networks.
To support secure group communications in resource constrained wireless sensor networks, we propose an efficient and scalable key management protocol which only uses symmetric cryptographic algorithms and low cost operations. Our protocol can achieve current, forward and backward secrecy, and even if an attacker compromises a sensor node and a cluster head, it can still not cause the compromise of the entire group. Furthermore, for scalability, the communication and computation cost of each component for group key renewing can be kept independent of the group size when the group membership changes. Our protocol provides better efficiency and is more suitable than the previous group key management protocols for wireless sensor networks.

[1] Y. Amir, Y. Kim, C. Nita-Rotaru, J. L. Schultz, J. Stanton, and G. Tsudik. Secure group communication using robust contributory key agreement. IEEE Transactions on Parallel and Distributed Systems, volume: 15, issue: 5, pages: 468 – 480, 2004.
[2] D. Carman, P. Kruus, and B. Matt. Constraints and approaches for distributed sensor network security. NAI Labs Tech. Rep. #00-010, 2000.
[3] T. C. Chiang and Y. M. Huang. Group keys and the multicast security in ad hoc networks. In Proc. of IEEE International Conference on Parallel Processing Workshops, Oct. 2003, pages: 385 – 390.
[4] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, volume: 22, issue: 6, pages: 644 – 654, 1976.
[5] M. Eltoweissy, M. Younis, and K. Ghumman. Lightweight key management for wireless sensor networks. 2004 IEEE International Conference on Performance, Computing, and Communications, April 2004, pages: 813 – 818.
[6] S. M. Ghanem and Hussein A. W. A simple XOR-based technique for distributing group key in secure multicasting. In Proc. of IEEE Symposium on Computers and Communications, July 2000, pages: 166 – 171.
[7] M. Handy, J. Blumenthal, and D. Timmerman. Energy-efficient data collection for Bluetooth-based sensor networks. In Proc. 21st IEEE Conf. Instrumentation and Measurement Technology, volume: 1, pages: 76–81, May 2004.
[8] H. Harney and E. Harder. Logical key hierarchy protocol. Internet Draft, IETF, April 1999.
[9] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture directions for networked sensors. In Architectural Support for Programming Languages and Operating Systems, 2000, pages: 93 – 104.
[10] P. Juang, H. Oki, Y. Wang, M. Martonosi, L. Peh, and D. Rubenstein. Energy-efficient computing for wildlife tracking: Design tradeoffs and early experience with zebranet. ASPLOS-X conference, Oct. 2002.
[11] Y. Kim, A. Perrig, and G. Tsudik. Group key agreement efficient in communication. IEEE Transactions on Computers, volume: 53, issue: 7, pages: 905 – 921, 2004.
[12] F. Y. Lee and S. P. Shieh. Scalable and lightweight key distribution for secure group communications. International Journal of Network Management, volume: 14, issue: 3, pages: 167 – 176, 2004.
[13] J. Liu, J. E. Riech, and F. Zhao. Collaborative in-network processing for target tracking. EURASIP, Journal on Applied Signal Processing, March, 2003.
[14] A. Mainwaring, J. Polastre, R. Szewczyk, D. Culler, and J. Anderson. Wireless sensor networks for habitat monitoring. First ACM Workshop on Wireless Sensor Networks and Applications (WSNA), pages: 88 – 97,2002.
[15] F. Martin, B. Mikhak, and B. Silverman. MetaCricket: A designer's kit for making computational devices. IBM Systems Journal, vol. 39, 2000.
[16] D. A. McGrew and A. T. Sherman. Key establishment in large dynamic groups using one-way function trees. IEEE Transactions on Software Engineering, volume: 29, issue: 5, pages: 444 – 458, 2003.
[17] S. Mittra. Iolus: A framework for scalable secure multicasting. ACM SIGCOMM Computer Communication Review, volume: 27, issue: 4. pages: 277 – 288, 1997.
[18] L. Morales, I. H. Sudborough, M. Eltoweissy, and M. H. Heydari. Combinatorial optimization of multicast key management. In Proc. 36th Annual Hawaii Int. Conf. System Sciences, Jan. 2003.
[19] M. J. Moyer, J. R. Rao, and P. Rohatgi. A survey of security issues in multicast communications. IEEE Network, volume: 13, issue: 6. pages: 12 – 23, 1999.
[20] C. S. Park and D. H. Lee. Secure and efficient key management for dynamic multicast groups. ACM SIGOPS Operating Systems Review, volume: 35, issue: 4. pages: 32 – 38, 2001.
[21] T. Park and K. Shin. LiSP: A lightweight security protocol for wireless sensor networks. In ACM Transaction on Embedded Computing Systems, volume. 3, No. 3, August 2004, pages: 634 – 660.
[22] A. Penrig, D. Song, and D. Tygar. ELK, a new protocol for efficient large-group key distribution. In Proc. of 2001 IEEE Symposium on Security and Privacy, pages: 247 – 262, 2001.
[23] A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. Culler. SPINS: Security protocols for sensor networks. Wireless Networks, volume: 8, issue: 5, pages: 521 – 534, 2002.
[24] K. Pister, J. Kahn, and B. Boser. SmartDust: Wireless networks of millimeter-scale sensor nodes, 1999.
[25] R. D. Prieto, L. V. Mancini, Y. W. Law, S. Etalle, and P. Havinga. LKHW: A directed diffusion-based secure multicast scheme for wireless sensor networks. In Proc. of 2003 International Conference on Parallel Processing Workshops, pages: 397 – 406, 2003.
[26] S. Rafaeli and D. Hutchison. A survey of key management for secure group communication. ACM Computing Surveys (CSUR), volume: 35, issue: 3, pages: 309 – 329, 2003.
[27] R. Rivest. The MD5 message-digest algorithm. Request for Comments (RFC) 1321, MIT Laboratory for Computer Science and RSA Data Security, Inc., 1992.
[28] M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman key distribution extended to group communication. In Proc. of the 3rd ACM Conference on Computer and Communications Security, pages: 31–37. January 1996.
[29] Y. M. Tseng, C. C. Yang, and D. R. Liao. A secure group communication protocol for ad hoc wireless networks. Advances in Wireless Networks and Mobile Computing, 2005.
[30] M. Tubaishat, J. Yin, B. Panja, and S. Madria. A secure hierarchical model for sensor network. ACM SIGMOD Record, volume: 33, March 2004.
[31] A. Wadaa, S. Olariu, and L. Wilson. Scalable cryptographic key management in wireless sensor networks. In Proc. 24th Int. Conf. Distributed Computing Systems Workshops, pp. 796–802, Mar. 2004.
[32] D. Wallner, E. Harder, and R. Agee. Key management for multicast: Issues and architecture. RFC 2627, June 1999.
[33] H. Wang, J. Elson, L. Girod, D. Estrin, and K. Yao. Target classification and localization in habitat monitoring. In Proc. of IEEE international Conference on Acoustics, Speech, and Signal Processing (ICASSP 2003), Hong Kong, China, April 2003.
[34] C. Wong, M. Gouda, and S. Lam. Secure group communications using key graphs. IEEE/ACM Transactions on Networking, volume: 8, issue: 1, pages: 16 – 30, 2000.
[35] W. H. Yang, K. W. Fan, and S. P. Shieh. A secure multicast protocol for the internet's multicast backbone. International Journal of Network Management, volume: 11, pages: 129 – 136, 2001.
[36] National Institute of Standards and Technology (NIST). Secure hash standard. Federal Information Processing Standards Publication 180-1, 1995.
[37] ARGUS Advanced Remote Ground Unattended Sensor Systems, Department of Defense, U.S. Air Force. http://www.globalsecurity.org/intell/systems/arguss.htm.