無線感測網路 (Wireless Sensor Network; WSN) 是透過具有無線通信能力的感測裝置所佈建置網路感測系統。主要應用於數據的收集、分析、與整合。WSN在軍事、工業、商業環境上已有極廣泛與實際的應用。由於大量重要領域的使用，因此感測裝置間通訊的安全性就成為非常重要的議題，為了確保WSN的安全通訊，我們需要一個有效率的金鑰分配與管理機制。WSN的金鑰的分配機制分為兩大類: 一個是決定式的金鑰分配機制 (Deterministic Key Distribution Scheme; DKDS)，另一個是機率式的金鑰分配機制 (Probabilistic Key Distribution Scheme; PKDS)。所謂的DKDS是WSN任兩個網路節點均能共享一個祕密金鑰。反之，PKDS 是WSN任兩個網路節點共享一個祕密金鑰是機率式的，若這兩節點無法共享密鑰，就需透過其他路徑。以分享密鑰的成員方式分類，可以分為會議金鑰分配機制 (Conference Key Distribution Scheme; CKDS)，以及成對金鑰分配機制 (Pair-wise Key Distribution Scheme; PKDS)。
本論文研究的是機率式的成對金鑰分配機制。最常使用的一種機制是，金鑰預分配機制 (Key Pre-distribution; KP)。每個節點儲存的金鑰數目愈多，兩個節點間的連通率就愈高，但是節點被捕獲攻擊 (Node-capture Attack; NA)的危險也就愈大。爾後，有使用雜湊鏈提高金鑰預分配安全的HCKP (Hash Chain KP)，隨之Ehdaie等人基於HCKP，更設計了二維的HCKP (Two-dimensional HCKP; 2D-HCKP) 改善傳統HCKP的節點攻擊抵抗能力。本論文只使用2D-HCKP二維圖形中的對角線節點，更進一步的增強NA攻擊的抵抗性。因為只使用對角線 (Diagonal Layer)，我們的機制簡稱為DL-HCKP (Diagonal Layer-HCKP)。相較於之前植基於雜湊鏈的HCKP、與2D-HCKP機制，我們的DL-HCKP還可以抵抗加強型的節點被捕獲攻擊 (Advanced NA; ANA)。所謂的ANA是攻擊者能夠知道節點的ID，所以攻擊者會捕獲標ID儘可能小的節點已達到更廣泛的攻擊。由於我們的DL-HCKP只使用二維圖形中的對角線節點，我們可以理論證明能夠有效地克服ANA攻擊。

Wireless Sensor Network (WSN) is deployed by wireless sensor nodes for data collection, analysis, and integration via wireless communication technology. The WSN has already been widely used in military, industrial, and commercial areas. Because of widely using WSN, the security issue in WSN is very important. To achieve secure communication, an effective and efficient key distribution and management scheme in WSN is necessarily required. WSN key management is subdivided into two categories. One is deterministic key distribution scheme (DKDS) and the other is probabilistic key distribution scheme (PKDS). Sensor nodes in DKDS can definitely share a common key. On the contrary, sharing secret key among sensor nodes is probabilistic way when using PKDS. If two sensor nodes cannot share a common secret key, the sensor node should try sharing a common key from other paths. From the involved sensor nodes, key distribution in WSN has two types: one is conference key distribution scheme (CKDS), and the other is pair-wise key distribution scheme (PKDS).
The propose scheme in this thesis is the PKDS. The most commonly used scheme is key pre-distribution (KP). The more keys in a sensor node, the higher link connectivity between two sensor nodes is achieved. However, for the case, there exists a higher risk of node-capture attack (NA). Accordingly, some KP schemes adopt hash chains to improve the security, and are referred to as hash chain KP (HCKP). Subsequently, Ehdaie et al. enhance HCKP by using two-dimensional hash chains, to design a two-dimensional HCKP (2D-HCKP) for further increasing the resilience on NA. In the thesis, we only adopt the diagonal layer in this two-dimensional hash chains to further improve resilience of NA. When compared with hash chain based KP, HCKP and 2D-HCKP, our diagonal layer-HCKP (DL-HCKP) can resist the advanced NA (ANA). The so-called ANA is that attacker can know the ID of nodes, such that attacker may capture the sensor with the small ID to achieve more effective attack.

Chapter 1 Introduction 1
1.1 Background 1
1.2 Contribution of the Thesis 4
1.3 Organization of the Thesis 4
Chapter 2 Previous Works 5
2.1 1DHC and Commutative 2DHC 5
2.2 Bechkit et al.’s 1D-HCKP 6
2.3 Ehdaie et al.’s 2D-HCKP 8
Chapter 3 The Proposed DL-HCKP 10
3.1 Resilience of Node-Capture Attack 11
3.2 Number of Required Hash Operation 17
3.3 Critical Problem in Node-Capture Attack 18
Chapter 4 Comparison 22
Chapter5 Conclusion 25

[Auma09] J.P. Aumasson, W. Meier, and F. Mendel, “Preimage attacks on 3-Pass HAVAL and step-reduced MD5,” The 15th Workshop on Selected Areas in Cryptography, LNCS 2453, pp. 120-135, 2009.
[Bech13]W. Bechkit, Y. Challal, and A. Bouabdallah, “A new class of hash-chain based key pre-distribution scheme for WSN,” Computer Communications, vol. 36, pp. 243-255, Jan., 2013.
[Cabr17]J. Cabra, D. Castro, J. Colorado, D. Mendez and L. Trujillo, “An IoT approach for wireless sensor networks applied to e-Health environmental monitoring,” IEEE International Conference on Internet of Things, pp. 578-583, 2017.
[Chan03]H. Chan, A. Perrig, and D. Song, “Random key redistribution schemes for sensor networks,” IEEE Symp. Security Privacy, May 2003, pp. 197-213.
[Chen17]Y.R. Chen and W.G. Tzeng, “Group key management with efficient rekey mechanism: a semi-stateful approach for out-of-synchronized members,” Computer Communications, vol. 98, pp. 31-42, Jan., 2017.
[Dini15]G. Dini and L. Lopriore, “Distributed storage protection in wireless sensor networks,” Journal of Systems Architecture, vol. 61, pp. 256-266, 2015.
[Esch02]L. Eschenauer and V.D. Gligor, “A key-management scheme for distributed sensor networks,” The 9th ACM conference on Computer and communications security, pp. 41-47, 2002.
[Ehda16]Ehdaiea et al., “2D hash chain robust random key distribution scheme,” Information Processing Letters, vol. 16, pp. 367-372, 2016.
[Gu05]L. Gu et al., “Lightweight detection and classification for wireless sensor networks in realistic environments,” Proc. 3rd ACM Confs,” The 3rd ACM Conf. Embedded Netw. Sensor Syst., pp. 205-217, 2005.
[Gao06]T. Gao, D. Greenspan, M. Welsh, R. Juang, and A. Alm, “Vital signs monitoring and patient tracking over a wireless network,” The 27th Annu. Int. Conf. Eng. Med. Biol. Soc., pp. 102-105, 2006.
[Gand17]F. Gandino, R. Ferrero, and M. Rebaudengo, “A key distribution scheme for mobile wireless sensor networks: q-s-Composite,” IEEE Transactions on Information Forensics and Security, vol. 12, pp. 34-47, 2017.
[Harn15]L. Harn and C.F. Hsu, “Predistribution scheme for establishing group keys in wireless sensor networks,” IEEE Sensors Journal, vol.15, pp. 5103-5108, 2015
[Hu05]Y.C. Hu, M. Jakobsson, and A. Perrig, “Efficient constructions for one-way hash chains,” The 3rd international conf. on Applied Cryptography and Network Security, LNCS 3531, pp. 423-441, 2005.
[Hern19]N.J. Hernandez Marcano, J.H. Lauritsen, K.K. Jacobsen and R.H. Jacobsen, “Enabling secure multicast group communications in IP wireless networks for the Internet of Things,” The 25th European Wireless Conference, pp. 1-7, 2019.
[Li13]F. Li and P. Xiong, “Practical secure communication for integrating wireless sensor networks into the Internet of Things,” IEEE Sensors J., vol. 13, pp. 3677-3684, 2013.
[Levi17]A. Levi and S. Sarimurt, “Utilizing hash graphs for key distribution for mobile and replaceable interconnected sensors in the IoT context," Ad Hoc Networks, vol. 57, pp. 3-18, 2017.
[Mehm17]A. Mehmood, M. M. Umar, and H. Song, “ICMDS: Secure inter-cluster multiple-key distribution scheme for wireless sensor networks,” Ad Hoc Networks, vol. 55, pp. 97-106, Feb., 2017.
[Nadi16]I. Nadir, W. K. Zegeye, F. Moazzami and Y. Astatke, “Establishing symmetric pairwise-keys using public-key cryptography in Wireless Sensor Networks (WSN),” IEEE 7th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference, pp. 1-6, 2016.
[Rash11]A. Rasheed and R. N. Mahapatra, “Key predistribution schemes for establishing pairwise keys with a mobile sink in sensor networks,” IEEE Trans. Parallel Distrib. Syst., vol. 22, pp. 176-184, 2011.
[Yavu15]F. Yavuz, J. Zhao, O. Yağan, and V. Gligor, “Designing secure and reliable wireless sensor networks under a pairwise key predistribution scheme,” IEEE International Conference on Communications, pp. 6277-6283, 2015.
[Yang17]C.N. Yang, J.M. Li, and Y.S. Chou, “On the analysis of k-Secure t-conference key distribution scheme,” ICCNS 2017 Proceedings of the 2017 the 7th International Conference on Communication and Network Security, pp. 91-95, ACM Proc. ISBN 978-1-4503-5349-6, Tokyo, Japan, Nov., 2017.
[Zemr19]H. Zemrane, Y. Baddi, and A. Hasbi, “Ehealth smart application of WSN on WWAN,” The 2nd International Conference on Networking, Information Systems & Security, 2019.
[Zhao14]J. Zhao, O. Yağan and V. Gligor, “On topological properties of wireless sensor networks under the q-composite key predistribution scheme with on/off channels,” IEEE International Symposium on Information Theory, pp. 1131-1135, 2014.
[Zhao17]J. Zhao, “Topological properties of secure wireless sensor networks under the q-composite key predistribution scheme with unreliable links,” IEEE/ACM Transactions on Networking, vol. 25, pp. 1789-1802, 2017.