Application of Modulo Key-Predistribution Protocol

The aim of the study is to analyze the application of the Modulo Key Pre-Distribution (MKPD) protocol which is developed for Wireless sensor network (WSN). WSN is a collection of a large number of sensor nodes with limited resources. Bootstrapping secure communication among sensor nodes deployed in hostile environment is an important and challenging problem. An adversary may physically capture some sensors to compromise their stored sensitive data and secret keys which are used to attain confidentiality of the sensitive data. A common approach to solve problem is to use a key pre-distribution scheme in which each sensor node is assigned a subset of keys (key chain), selected from key pool prior to deployment. The keys are carefully selected that have high key sharing probability and resistance against node capture. We use deterministic key distribution scheme based on modulo function to establish the pair-wise keys among the sensor nodes. This study focuses on the application of this Modulo Key Pre-Distribution (MKPD) protocol to a group communication. It provides good key connectivity between the sensor nodes belongs to that group. And also opportunity available to increase the scalability in MKPD protocol by complementary design is also explained.


INTRODUCTION
A Wireless Sensor Network (WSN) is a collection of spatially distributed autonomous sensors to cooperatively monitor physical or environmental condition.Each sensor node is a small, inexpensive wireless device with limited battery power, memory storage, data processing capacity and short radio transmission range (Akyildiz et al., 2002;Pottie and Kaiser, 2000).The sensor networks are used in many applications, like military and civilian services like battlefield surveillance, flood detection and various home applications; are often deployed in hostile environments.Establishing secure communication among sensor nodes deployed in hostile environment is an important and challenging problem (Lee et al., 2007).To secure the communication among the nodes, a general approach is to use a cryptographic algorithm.When considering the constraints of the node and network, asymmetric cryptography is more expensive compared to symmetric key cryptography.So, symmetric key cryptography is preferred.Strength of the any cryptographic algorithm relies on the efficient key management techniques.The main task of key management technique is the safe distribution of secret key to communicating nodes before deployment (key pre distribution) or safe agreement of keys between communicating nodes after deployment.
Environments, where sensor nodes are deployed, can be controlled or uncontrolled such as hostile or disaster areas, toxic regions.If the environment is known under control, deployment may be achieved manually to establish an infrastructure.However, manual deployments become infeasible or even impossible as the number of the nodes increases.If the environment is uncontrolled or the WSN is very large, deployment has to be performed by randomly scattering the sensor nodes to target area.It may be possible to provide denser sensor deployment at certain spots, but exact positions of the sensor nodes cannot be controlled.Thus, network topology cannot be known precisely prior to the deployment.Thus the key distribution technique loads keys to sensor nodes before deployment i.e., key pre distribution is employed in sensor network.
One way of pre-distribution is to load all the nodes with a single master key.This results in an optimal storage.However if one node is compromised, then the entire network becomes insecure.At the other extreme, each pair of nodes can share a unique key called pairwise key which increases resiliency at the same time memory requirement also increases.In order to overcome this problem, key pre-distribution is employed.It consists of three phases: Key pre-distribution: In this offline step, subset of key are preloaded in to the sensor nodes from the key pool prior to deployment.Subset selection from the key pool can be random or deterministic method.
Shared key discovery process: After deployment, the sensors need to find if they share a common key with their neighbours.
Path key establishment: If shared key discovery process fails, node has to discover a path using intermediate nodes between the two terminal nodes.The detailed classification of key distribution schemes were discussed by Kavitha and Sridharan (2013a).
Here we use a deterministic key pre-distribution scheme using modulo function for the distributed homogeneous network group communication.And we prove that modulo trades provides good connectivity and resilience among the sensor nodes belongs to that group compared to the combinatorial trades.And also this study explains the opportunity available to increase the scalability in MKPD protocol by complementary design.

LITERATURE REVIEW
First key pre-distribution scheme using probabilistic model is proposed in Eschenauer and Gligor (2002) which is enhanced by having q common keys to establish a link key (Pietro et al., 2003); it increases the resiliency.With probabilistic model, deployment knowledge is combined by grid based deployment method (Mehta et al., 2005) which increases the local connectivity.Pseudo random function is utilized by Kausar et al. (2008) which eliminate the communication overhead that reduces the energy consumption of node.Node ID using hash chain based key distribution algorithm is introduced in Mehta et al. (2005) and Kausar et al. (2008) in contrast to Po-Jen et al. (2005 scheme where the group ID is used.Ren et al. (2006) and Shan and Liu (2008) combines probabilistic approach with hash chain technique which increases the scalability.Key mapping technique using expected resident point of a node according to PDF is proposed by Zeen et al. (2007).Reusable key pool based probabilistic key distribution scheme is proposed by Levi et al. (2010) which increases the scalability.Bechkit et al. (2010) proposed a scheme which uses the tree based probabilistic key distribution scheme and hash function; it increases the resiliency.Trade property of combinatorial design is used in Ruj et al. (2011), provides the pair-wise key for a pair of node uniquely, which decreases the connectivity and increases the resiliency.Kavitha and Sridharan (2011) first proposed a Modulo Key Pre-distribution Protocol for WSN and their connectivity, resilience, sclability are analyzed using analytical results.But the problem is when the PRP set size increases, the number of terms also increases linearly and the expression for each term also increases.So, the expression for connectivity and resilience grows linearly with PRP set size dynamically which increases the complexity in implementing such a dynamic expression.So in order to reduce the expression, probabilistic method is used to derive the expression for connectivity and resilience by Kavitha and Sridharan (2013b).

METHOD-MODULO KEY PRE-DISTRIBUTION PROTOCOL
The concept behind this modulo scheme is explained as follows.The modulo set m i of (n+1) elements are selected where i= 0, 1, 2,…., n. such that all are relatively prime numbers, i.e.: (1) The elements of m i (Z mi ) is formed from the key pool P i.The elements can be given as: In that, there is a unique integer id (William, 2013) where ˩ˤ ∈ I and . For any integer id in Z M represented by a unique (n+1) tuble whose elements are in Z mi using the correspondence: ˩ˤ↔{I " , I # … I … I { where I ∈ I IJˤ I = ˩ˤ ˭Jˤ ˭ ˦JJ 0 ≤ ˩ ≤ J. (3) Example 1: Let the PRP numbers be (m 0 , m 1 , m 2 ) = (2, 3, 5) and the residues be (r 0 , r 1 , r 2 ) = (1, 2, 4).Then the congruence equations become (x ≡ 1 mod 2), (x ≡ 2 mod 3) and (x ≡ 4 mod 5).The value of x = 29 can be found by CRT as prescribed by the above formulas.

( )( ) ( )
where, a i = id mod m i for 0 ≤ i ≤ n.The last step is to assign the key chain with key identifier to sensor node specified by the id.

Key pool arrangement:
Here the number of PRPs taken is three.So there are three key pools, which are arranged as follows: P 0 → (0, 0) (0, 1) (0, 2) KC generation: Generate the key chain by using the Eq. ( 5).Here, id varies from 0 to 104.So, totally 105 key chains can be generated.Since PRP numbers are three, key chain size is also three.The set of key chains {I ) are given in Table 1.
Then, the KC id is assigned to sensor node id: Kavitha and Sridharan (2013a) calculate the probability of sharing at-least one key for any pair of key chain and fraction of links compromised when N c number of nodes compromised.They have shown that basic modulo scheme supports large network with small key pool and connectivity increases with network size but decreases the resiliency and memory requirement increases linearly with logarithmic increase in network.

Application of MKPD protocol to group communication:
A KPD scheme can be mapped to a mathematical set system as explained below.Let (X, A) be the set system with a set of X elements mapped to a pool of key identifiers and the set of subsets A formed from the elements of X.Each subset belonging to A is called a block, which can be mapped to a key chain of a sensor node.In a BIBD, also known as 2-design, the parameters of the design are v (the number of elements of X), b (the number of blocks), r (the number of blocks containing a given element), k (the number of elements in a block) and λ (the number of blocks containing a given pair of elements).For a combinatorial t-design, every t-subset (trade) of X occurs in λ blocks.The combinatorial designs with t = 2 and t = 3 can be used to establish unique pair-wise keys and triple keys respectively between the sensor nodes.The scenario where three nodes want to communicate securely is called as the triple key distribution (Ruj et al., 2011).It is a special type of group key distribution where the group size is three.

Modulo trade:
Similarly, modulo trade is the trade in MKPDP applied to the group key distribution by using the trade.Trade t is the subset of the key pools, where each element is taken from different key pools.The trade of length q is t q , having q number of elements, where 1 ≤ J ≤ J.The number of ways the trade t q chosen from the key pool set is {J + 1{∁ .The number of groups G n for trade t q is the product of the size of the key pools from which each j th element of the trade t q is taken.
The number of key chains having t q is derived from the set of key pools I ∉ˮ .The number of key chains having t q , decides the group size |G|.
In order to generate the set of key chains having t q , consider a reference key chain identifier KC r which has t q .With respect to the reference key chain identifier KC r , the set of key chain identifiers KC id having t q can be given as follows: where, 0≤ ˩ˤ ≤ H − 1.
For the inter-group communication, t q ∩KC id keys will be used.The number of keys available for the inter-group communication depends on the length of the trade chosen.
Let PRP set of size four be taken in general as {m 0 , m 1 , m 2 , m 3 }.The corresponding key pools are {P 0 , P 1 , P 2 , P 3 }, respectively.Then, for a possible trade length q, the number of ways the key pool sets chosen for the trade of length q and its corresponding key pool chosen with its associated number of groups G n of group size |G|, are given in Table 2.
Figure 1 depicts the group size for each possible key pool chosen for the PRP sets of size four.It is observed that when the trade length q increases, the size of groups decreases and the number of groups increases.Group key distribution scheme: The algorithm for the applicability of MKPDP to the group communication is discussed so far and it is given in Table 3: Example 3: Inputs: Parameter selection Consider the parameters chosen as specified in example 1.The PRP numbers be m 0 = 3, m 1 = 5, m 2 = 7 and M = 105.
• Key chain generated in example 1 is shown in Table 1.• The number of groups G n and their corresponding group size as given in Table 4 • Divide the key chain given in Table 1 into groups as given in Table 5.
Table 6: Key chain and its complement key chain id (0,a0) two, the number of common keys that exists among the members of a group is two.
Complementary design: Given a MKPDP with a parameter of n+1 PRP numbers m i of modulo M such that ˚≤ H/2, where M= ˭ (" . The Key Chain set (I ) is derived from the node identifier id as stated in Eq. ( 5).
Then, the Complementary design has the complementary Modulo Key Chain set (I ′ ), which is derived from the key chain set {I ) by using the Eq. ( 9) and ( 10): If {I {follows the Modulo KPD, then (I ) is also follows the Modulo KPD.This complementary property of the Modulo KPD leads to following findings listed as below.
Corollary 1: If M is even, tuples generated from 0 to M/2-1 are complement of M/2 to M-1 and vice versa.
Corollary 2: If M is odd, tuples generated from 0 to M/2 are complement of M/2 to M-1 and vice versa.
Corollary 3: Key connectivity of the M tuples is equivalent to M/2 tuples if M is even and M/2+1 tuples if M is odd.
This complementary property opens a door to increase the scalability of the network.Select the PRP numbers such that (M/2>network size).Then this M/2 tuples are loaded in to the sensor nodes and remaining M/2 tuples can be used for future sensor nodes, which belong to the network.
Here, the Table 6 shows the key chain and its complement key chain of example 2.

CONCLUSION
The pair wise key pre-distribution is used to provide secure communication among sensor nodes deployed in hostile environment.In this study, we have given the overview of the basic modulo scheme.Here we have presented an objective for maximizing the key connectivity among the sensor nodes by enhancing the basic modulo scheme.Modulo function is used here for generating the key chains and for link establishment, modulo function trade is utilized which uses the key overlapping concept.The trade property of modulo function provides a special case of group key pre distribution scheme where different ways of groupings are possible.This modulo function trade achieves full key connectivity among the sensor nodes of each sub group.This trade property of MKPDP is used to apply for the group communication is explained.This MKPDP comprises a complementary property, which leads to high scalability for the network is also explained.Since this MKPDP makes use of small key pool size, it provides low resilience when the number of nodes captured is increased.

Fig. 1 :
Fig. 1: Combination of key pools for the PRP sets of size four vs group size

Table 2 :
Group key distribution