An Enhanced Hierarchical Key Management Scheme ... - Springer Link

Wireless Pers Commun (2013) 72:1783–1800 DOI 10.1007/s11277-012-0910-1

An Enhanced Hierarchical Key Management Scheme for MANETs Mohamed A. Elaskily · Hamdy M. Kelash · Hala S. El-sayed · Osama S. Faragallah

Published online: 3 September 2013 © Springer Science+Business Media New York 2013

Abstract Security is one of the major issues in Mobile Ad-hoc Networks (MANETs). Their natural characteristics make them vulnerable to numerous severe attacks. In this paper, we present an enhanced hierarchical key management scheme for secure group communications in MANETs. The proposed approach primarily aims at improving security and complexity, especially complexity in the level of ordinary members for joining or leaving processes to achieve the most possible dynamic characteristic of MANETs without neglecting network security. The proposal scheme is designed with the potential of developing an efficient model interested in keying applied on hierarchical structure to increase the security and make no need to apply rekeying of all group members in different sub-levels as made by hierarchical key management scheme (HKMS). Also, it reduces complexity of processing load, memory usage and improves resources. In the proposed model, each communication between two nodes have a unique key to make it more secure with encrypting messages by different keys for more than one time and support node flexibility. Experiments are carried out on the proposed scheme to show the effect of complexity on each node in different grades and results are compared with traditional HKMS. Keywords

Group communication · Mobile ad-hoc network · Network security

1 Introduction MANET is a collection of autonomous nodes or terminals which communicate with each others by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. MANETs have been identified as having tremendous potential for military communications, but securing these networks remains an on-going challenge. Hierarchical mobile M. A. Elaskily · H. M. Kelash · O. S. Faragallah (B) Faculty of Electronic Engineering, Menoufia University, Menouf 32952, Egypt e-mail: [email protected] H. S. El-sayed Faculty of Engineering, Menoufia University, Shebin El-kom, Egypt

123

1784

M. A. Elaskily et al.

ad-hoc network (HMANET) architecture is formed by multiple groups in a hierarchical network structure in which each group consists of multiple mobile nodes [1–3]. In a MANET, a group can hasten message delivery and prevent bandwidth waste effectively. But if a message is sent out through a general tunnel without encryption, it may suffer from malicious attacks [4]. In this paper, we focus on security aspects of the hierarchical MANET architecture, especially on developing an enhanced secure key management scheme. It may be noted that wireless mobile devices usually have limited energy capacity, which restricts their communication abilities [5]. A critical issue in key management in the HMANET framework is whether a scheme allows movement of mobile nodes from one group to another without increasing overhead, which impacts power consumption cost. In real-time application environment, a device that is visiting another group should be able to communicate without heavy key establishment cost, so we have to maximize security in manner of decreasing network complexity. We will discuss the steps of constructing the hierarchical model and explain the key management scheme that allows a node to communicate with other nodes whether in the same group or other groups. Also, we will focus on key generation operation in different cases of model construction, leaving of different nodes and calculate the complexity in each case and compare results with HKMS [12]. Complexity definition on the proposed scheme is the computational complexities that refer to memory usage complexity, bandwidth sharing complexity and number of communications establishment complexity and all of these parameters reflects on processing or computational power complexity. The work presented in this paper contributes to: (1) Improve the security level of the proposed (EHKMS) in ad-hoc networks by make secure identification between each node and its head that guarantee difficulty to be attacked from an intruder and if this is made, other members in the same group are not affected. (2) Decrease the complexity of the proposed (EHKMS) model in the level of ordinary nodes, fixed complexity in level of sub-heads and development of responsibility of rekeying operation on the master head that do not changes much. (3) Protect the model from too much change on end-nodes that cause rebuilding of the hierarchical again which may increase costs in processing, memory usages and other resources. The rest of the paper is organized as follows. In Sect. 2, we give the related works. We show the problem statement and how the proposed model develops a new enhancement for HKMS in Sect. 3. Section 4 discusses the security analysis and time complexity analysis. Section 5 presents the performance evaluation. Finally, conclusions are given in Sect. 6.

2 Related Works Key management is a basic part of any secure communication. Most cryptosystems rely on some underlying secure, robust, and enhanced key management system. Group key establishment means that multiple parties want to create a common secret to be used to exchange information securely. The diversity of key management schemes offer different goals vary from scheme to scheme depends on target of each scheme, these goals can be summarized as 1) security: ensure that unauthorized nodes con not receive any key messages that can to use it to prove that it is a member of the group by falsification and hacking this group, 2) robustness: the key management scheme must be discovering the denial of service attack, 3) scalability: this aim may intercept with aim of complexity improvement because

123

Enhanced Hierarchical Key Management Scheme

1785

Fig. 1 Key management schemes classifications

the scheme must know the densities of nodes in the subgroup in order to handle them, 4) simplicity: this is a critical factor in any key management scheme because scheme must allow rekeying or key updates in a simple manner and when a node cannot apply update, it should be revoked to ensure that security system does not confused [6]. Key management schemes can be classified into contributory and distributed schemes [6]. Distributed schemes may be centralized in key generation but also distributed on different nodes as shown in Fig. 1. In the proposed scheme, we try to develop a new type of distributed schemes but using asymmetric keys (different keys) distributed on different nodes, The previous work can be broadly classified into distributed schemes and centralized schemes [6]. Recently, key agreement protocols for dynamic peer network (DPNs) were proposed [7–9]. In the traditional digital envelope approach, a session key is generated at one side encrypted by the public-key algorithm, and then delivered and recovered at the other end. In the Diffie-Hellman (DH) scheme, the communication parties at both sides exchange some public information and generate a common session key. Several enhanced DH schemes have been proposed to counter the man-in-the-middle attack. Many complicated key exchange or distribution protocols and frameworks have been designed and built. However, in mobile ad hoc networks; the computational load and complexity of the key agreement protocol are strongly restricted by the node’s available resources, the dynamic network topology, and network synchronization difficulty [10,11]. Other models applies a new techniques known as forward and backward secrecy that distributed keys will regenerated if any change occurred in the topology [12]. This model is based on shared key solution for key management in large scale ad hoc networks, its idea assumes that each mobile node is a good node and behaves properly and a shared key is updated among all nodes [13]. HMANET have presented secure group key management architecture, they create two levels of groups on for cell group (ordinary nodes) located in the bottom of the hierarchal and control group by nodes located in the top and one key is used to manage each subgroup [14]. According to this scheme, we will modify and enhances some basics to obtain a new model that can maximize the security and minimize the complexity by developing multi-level secure message system.

123

1786 Table 1 Notation

M. A. Elaskily et al. Symbol

Meaning

K c(i, j)

Hi

Communication key between two nodes i and j in different subgroups Private key that generated by L1-head using Encryption and Decryption algorithms used between source and destination only Level 1 cluster head in subgroup i

K E/D

Hi j

Level 2 Jth cluster head in subgroup i

L 1-nG K i

Level 1 subgroup key in subgroup i

L 2-n -mG K i j

Level 2 subgroup Jth subgroup key in subgroup i

3 Problem Statement In this section, we will present the key management concept and describe the key maintenance in enhanced hierarchal key management scheme. Table 1 summarizes the notation used. 3.1 Nodes and Grouping Because of frequently changes of topology in MANETs, it caused very complexity load in rekeying all members, so the question now is how to create and maintain a unique key for each node in the subgroup to improve security and complexity. The process of creating the subgroup is made by selecting L2-head in L2-level of the subgroup and secondly selecting L1-head in L1-level of the subgroup. Selecting process of L2-head is performed by electing the largest weighted node in ordinary nodes in each L2- subgroup by sending “hello messages” to all other members (L2-subgroups created from members that the largest hop count between them is one hop), this weight estimation is based on the following assumptions for communication entities that may be computer nodes or switches. 1) for computer nodes, each node have NIC card that contains a unique 6 byte MAC address that cannot be repeated as show in Fig. 2a. We can use it to indicate the largest weight between them by sending “hello message” between each two nodes, compare the value of MAC address and the largest MAC in these two nodes is compared with other MAC address owned by third node and this operation repeated to achieve the largest weight to be the head, Fig. 2b shows that MAC 1 is the largest MAC address in the sub-group. 2) For switches that running STP protocol, exchange information with what are called Bridge Protocol Data Units (BPDU) that detected on frame format in layer 2 frames. BPDUs send configuration information using multicast frames. BPDUs are also used to send the node ID of each device to other devices as shown in Fig. 2c. The node ID is used to determine the root device in the network and to determine the root port. The node ID is 8 bytes long, includes priority and MAC address. The default priority of devices using IEEE STP is 32,768 (215 ). To determine the root device, the priority and the MAC addresses are combined, if priority is the same, the MAC address is used to determine who has the lowest ID, which determines who will be the root node, and the largest weighted node in its L2-subgroup will be L2-head of this L2-subgroup. After selecting of L2-heads, they used to select L1-head that have largest weighted between L2-heads by the same way. The procedures of the L2-head and L1-head selecting are described in Procedure 1 and Procedure 2.

123

Enhanced Hierarchical Key Management Scheme

1787

(a)

(b)

(c) Fig. 2 Head elections a MAC addresses construction. b Comparison between MAC addresses indicates that node N1 is the L2-head of that sub-group. c Bridge ID in nodes that apply STP and have BPDU

(a) Procedure 1: L2-head selecting Step 1: In the level of ordinary nodes, all nodes that the maximum hop count between them is one hop can construct L2-subgroup. Step 2: Each node sends a multi-cast frame containing the MAC address that represents node ID to its neighbours.

123

1788

M. A. Elaskily et al.

H1 L1-1GK L2-3-3GK

L1-2GK H1,

Kc(i,j)

L2-1-1GK L2-1-3GK

H1, 2

Kc(i,j)

L2-3-2GK L2-3-

L2-2-3GK

L2-2-1GK

L2-1-2GK

H1,

L2-2-2GK

L1-head L2-heads Ordinary nodes Subgroup key transmission Fig. 3 Hierarchical and key transmission between each two nodes

Step 3: Each node compares its ID with other nodes IDs which receives and stores the highest priority ID as a head of this L2-subgroup; the L2-head manages L2-subgroup and communicates with L1-head or other L2-subgroups. (b) Procedure 2: L1-head selecting. Step 1: After L2-heads are selected, the next election is between L2-heads to select L1-head. Step 2: Each L2-head sends a multi-cast frame containing the MAC address that represents node ID to other L2-heads. Step 3: Step 3 in procedure1 will repeated to select L1-head that will be responsible for key generation and key encryption. The hierarchical and key transmissions between each two nodes are shown in Fig. 3. 3.2 Key Generation After constructing of the sub-group, each node sends a registration packet to the L1head and L1-head classify all these nodes, who is L2-head and who is ordinary member under which L2-head after that L1-head begin to generate a unique key for each communication in the established hierarchical and sending it to L2-heads to take own key and distribute other keys on its members. Keys between L1-head and L2-heads are called L 1-nG K (L 1-1G K , L 1-2G K , . . ., L 1-nG K ). Keys between L2-head and members are called L 2-n -mG K and divided as: for the first L2-subgroup (L 2-1-1G K , L 2-1-2G K , . . .. . ..., L 2-1-mG K ), for the second L2-subgroup (L 2-2-1G K , L 2-2-2G K , . . .. . ..., L 2-2-mG K ). For the last L2-subgroup (L 2-n -1G K , L 2-n -2G K , . . .. . ..., L 2-n -mG K ).

123

Enhanced Hierarchical Key Management Scheme

1789

Subgroup 1

Subgroup 2

Kc (1,2) Subgroup 3

Kc

Kc Subgroup 4

Kc

L1-head

Kc

Kc Subgroup 5

L2-head Ordinary member Communication node Communication between different subgroup

Fig. 4 The communications of mobile nodes in different subgroups

For transmission between sub-groups, we use encryption/decryption algorithm to achieve a secure transmission. First, connect the nodes that are neighboured but in different subgroups, these nodes are called communication nodes. We generate a key for this communication called K C to encrypt and decrypt messages between two nodes in different subgroups. This key K C is generated by L1-head and distributed it to L2-heads that gives this key to nodes that send a communication request to communicate with other node in different sub-group. The use of K C between subgroup is shown in Fig. 4. L1-head also uses encryption/decryption algorithms to generate a private key K E/D which only belongs to the source and destination nodes. In the source side, the original packet will be encrypted with K E/D at source node firstly and with L 2-n -mG K i j secondly during sending from node to other node and with key K C during transmission from L2-subgroup to other one. In the destination side, the packet will be decrypted using K C firstly and L 2-n -mG K i j secondly and K E/D in the destination node before to obtain the original packet.

123

1790

M. A. Elaskily et al.

H (m) = h, which h is the returned hash value.

0

Not stored

HashCode(“MAC 1”) = 1 it means stored, can join.

1

MAC 1

HashCode(“MAC 2”) = 2 it means stored, can join.

2

MAC 2

HashCode(“MAC 9”) = 0 it means not stored, blocked.

3

MAC 3

HashCode(“MAC 4”) = 5 it means stored, can join.

5

MAC 4

HashCode(“MAC 8”) = 0 it means not stored, blocked. Fig. 5 Node permission database

3.3 Key Maintenance In this section, we will obtain, how each node in different levels (L1-head–L2-head–ordinary nodes) deals with topological changes caused by MANETs properties. (a) New node joining a subgroup: To proof the node authentication in a new join, a hash function is applied using the MAC address of each node as a digital signature; this signature is compared with the signature of each node that has a permission to attach the network. A hash function H is a transformation that takes a variable-size input m and returns a fixed-size string, which is called the hash value h (h = H(m)). After applying the hash function to the MAC address stored in join request, it produces a number, this number refers to the numbers of MAC addresses that have permission to join the network or other number that refers to unsorted MAC address that do not have permission to join the network. This mechanism is shown in Fig. 5. To reach to the feature of flexibility on ad-hoc networks, it must be easy to apply joining and leaving process in a dynamic manner. In joining a new node, we only generate a new unique key for this node to communicate with L2-head. Figure 6 gives the scenario of a new node joining a subgroup. We suppose that a new node (C) wants to join the sub-group. It will send a join message to its neighbouring nodes. When node A and node B receive the request, The L1-head generate a unique new key for this node only by sending it to competent L2-head. The detailed process of new node joining a subgroup is described below. Step 1: A new node sends a join request message to the neighbouring nodes (A) & (B). Step 2: After receiving the join request message, the neighbouring nodes send it to the L2-head. Step 3: The L2-head sends this request message to the L1-head. Step 4: L1-head generates a new unique key for this node and sends it to its L2-head. Step 5: L2-head sends a replay to new node containing the permission and the new key. When L1-head generates the key specified to the new node (C), L1-head stored MAC address of new node in its own database and if it receives a new join request from the same node by a way of other L2-head, it does not accept until it makes sure that this node leaves the old L2-subgroup by sending a survival message to the old sub-group to avoid the problem of repetition. (b) Node leaving a subgroup: We will discuss three cases of different types of nodes leaving a subgroup: the leaving of ordinary nodes, the leaving of L2-heads, and the leaving of L1-head.

123

Enhanced Hierarchical Key Management Scheme

1791

L1-head L2-head Ordinary member New node Request Reply Fig. 6 New node joining a subgroup

Case 1 The leaving of ordinary nodes. When an ordinary node leaves a subgroup, it sends only leave request to its L2-subgroup and steps made as follow: Step 1: When an ordinary node wants to leave the subgroup, it will send a leave message to its L2-head. Step 2: When L2-head receives the message, it will send a reply message to the leaving node and leave information to L1-head to delete this node from its database. Case 2 The leaving of L2-heads. Before L2-head leaves the subgroup, it sends a leaving message to its under ordinary nodes and a leaving message to L1-head, the ordinary nodes make election process between them based on each node weight and the largest weighted one will be the new L2-head and other ordinary nodes register under this new L2-head and L1-head sends update message to the new L2-head containing the keys K C , L 2-n -mG K i j , L 1-nG K . The detailed process of the leaving of L2-heads in a subgroup is described as follow: Step 1: Before old L2-head leaves the subgroup, it will send a leave message to the ordinary nodes and the L1-head. After receiving the leave message, the ordinary nodes and the L1-head will send a reply message to the leaving L2-head. If the L2-head does not receive the reply message in the period, it will send the leave message again to its ordinary nodes. Step 2: The L2-subgroup managed by the leaved L2-head will select a new L2-head that contains the largest weight value by comparing the weight values of the ordinary nodes. Step 3: The new L2-head will send the updated L2-subgroup information to the L1-head node. Step 4: After receiving the updated information from the new L2-head, the L1-head will generate a new key for communication between it and L2-head called L1-nGK and then generates a unique key for each member called L2-n-mGK in this new L2-subgroup distributed by new L2-head.

123

1792

M. A. Elaskily et al.

Case 3 The leaving of L1-head. We first select L2-head with the largest weight (according to priority and MAC address of each L2-head) value of the L2-heads in the subgroup to be the new L1-head. The remaining L2-heads will register to the new L1-head and send the information of all the nodes under them to the new L1-head. The nodes under the L2-head that has been selected to be the new L1-head will repeat the actions as described in Case 2. The detailed process of the leaving of L1-heads in a subgroup is described as follow: Step 1: Before leaving the subgroup, the L1-head will send a leave message to L2-heads. After receiving the leave message, the L2-heads will send a reply message to the L1-head. If the L1-head does not receive the reply message in the period, it will send the leave message again to the L2-heads. Step 2: After receiving the leave message from the L1-head, the L2-heads of the same subgroup will compare their weight values and select the largest weighted one to be the new L1-head node. Step 3: Simultaneously, the ordinary nodes of L2-subgroup previously managed by the new L1-head compare their weight values and select the largest one to be the new L2-head node. Step 4: New L2-head will send a message to all ordinary nodes in its sub-group indicating them that it be the new L2-head of this subgroup. Step 5: All L2-heads of the subgroup have to send their L2-subgroup information to the new L1-head and register them. Step 6: After receiving the information from the L2-heads, the new L1-head will generate new key for each layer as in previous cases from the beginning and distributes them to each layer with the help of L2-subgroups. (c) Node leaving suddenly: In the ad hoc group, mobile nodes will move frequently, or even disappear suddenly. It causes that it is unable to maintain subgroup nodes. In order to prevent these situations, we will discuss some specific cases: Case 1 The leaving node leaves directly without sending the leaving message. The L1-head sends a hello message in the fixed time to obtain the connections with the L2-heads and the L2-head also repeats the same process to obtain the connections with the ordinary nodes. If some nodes leave, the subgroup will be rearranged and (1) If ordinary node leaves, there is no problem and all we need is to only remove this connection from L1-head and L2-head databases. (2) If L2-head leave, we will apply the case of leaving of L2-heads without needing to regenerate the keys of other L2-subgroups. (3) If L1-head leave, we will apply the case of leaving of L1-head. Case 2 Mobile nodes move frequently in every subgroup. Because the movement of mobile node will make complexity in HKMS, the proposed scheme does not make any problems in move between different L2-subgroups because we do not need to regenerate all the L2subgroup keys if one ordinary node joins or leaves a subgroup. (d) Communication node selecting: to select node to be a communication node between different subgroups, it is selected based on its site close to the desired subgroup, The detailed process of selecting communication node is described as follow: Step 1: When a subgroup needs to communicate with another one, it first detects the node which it is nearest one to that subgroup (let call it node A).

123

Enhanced Hierarchical Key Management Scheme

1793

Step 2: This detected node (A) sends a communication request containing the details of its subgroup to the nearest node to it in the other subgroup (let call it node B). Step 3: The node (B) sends this received request to its head to take permission to build the communication or block it. Step 4: When node (B) receives the permission from its head to establish the communication with node (A), it sends back a notification or acknowledgment to node (A) to confirm that this connection is established and communication between the two subgroups occurs by node A and B.

4 EHKMS Analysis and Time Complexity In the enhanced hierarchical key management scheme (EHKMS), it should to be noted that L1-head will generate keys (L 1-1G K , L 1-2G K , . . ., L 1-nG K ) and sends them to all L2-heads. 4.1 Security Analysis The proposed EHKMS allows each node in the subgroup to communicate with its head by a unique key to ensure that each relationship between two nodes is non-overlapping with any other members. This idea solves the problem of rekeying when any change happened in hierarchical structure. The proposed EHKMS deals with joining or leaving of nodes with the following techniques according to each case. Case 1 when a new node joins to a subgroup, it only takes a new unique key to communicate with its head; there is no need to rekey all subgroup members. Case 2 when an ordinary member leaves a subgroup, L1-head deletes this membership from its database and also there is no need to rekey all subgroup members. Case 3 when L2-head leaves a subgroup, the subgroup members will not only select a new L2-head but also L1-head will generate one unique key and sends it to the new L2-head without regenerate keys for other L2-heads and then the new L2-head will distribute unique key for each member in its subgroup. Case 4 when L1-head leaves the subgroup, a new L1-head is selected by L2-heads and then L1-head repeats case 3 to complete rekeying process. 4.2 Time Complexity Analysis In this part of paper, we will compare between the proposed model EHKMS and HKMS with two aspects: (A) Number of keys in each node in different cases. (B) Complexity of communications (How many times each L2 or L1 heads must communicate with each other or with other nodes to perform rekeying process). We give comparisons of time complexity in Table 2. We first define three parameters as HKMS taken: (1) m is the number of nodes in L2subgroup (ordinary members); (2) k is the branching factor of hierarchical structure or the number of L2-head; (3) p is the subgroup size or the number of total nodes in the subgroup. We suppose that each L2-subgroup has the same number of members. Therefore, p = mk+1.

123

1794

M. A. Elaskily et al.

Table 2 Time complexity comparison Compare to

Proposal model (Enhanced HKMS)

Hierarchical key management scheme

1. Number of keys stored in L1-head

O(mk+k)

O(k)

2. Number of keys stored in L2-head

O(m)

O(1)

3. Number of keys stored in each member

O(1)

O(1)

4. Number of rekey cost in join process

O(1)

O(m)

5. Number of rekey cost in leave process

O(1) for ordinary member leave. O(P) = O(mk) for L1-head leave. O(m+1) = O(m) for L2-head leave.

6. Number of retrieving a subgroup key

O(1) for retrieving of one L2_subgroup only. O(K) for retrieving of all L2_subgroups. O(mk)

O(m) for ordinary member leave. O(P) = O(mk) for L1-head leave. O(P) = O(mk) for L2-head leave O(1)

7. Communication between nodes in same subgroup 8. When one member leaving from L1-1 subgroup and dynamically of ad-hoc travel to L1-2 subgroup the complexity cost is 9. When one member leaves his group suddenly without permission from his head

O(mk)

O(1) for leaving from L1-1 subgroup. +O(1) for joining L1-2 subgroup

O(m) for leaving L1-1 subgroup. +O(m) for join L1-2 subgroup

NO problems (Each node has its own key no effect on other members)

There are problems (because if this node returns to subgroup it can to decrypt old messages that not have permission to decrypt it)

(a) Number of keys stored in L1-head: We use two level constructions to generate keys. Firstly, the L1-head generates keys L1-nGK and sends each key to its L2-head. Secondly, the L1-head generates keys L2-n-mGK and sends them to L2-head that distributes each key to its member. The number of keys stored in L1-head is mk+k and the time complexity is O(mk+k), however in HKMS, all keys stored in L1-head is k+1 and the time complexity is O(k). The proposed EHKMS gives more complexity in L1-head but it gives more security and more flexibility and the problem of complexity is solved in the next levels with the process of rekeying in joining and leaving and this is what we need more to support dynamic features ad-hoc models. (b) Number of keys stored in an L2-head: L2-head stores m+1 keys; m refers to one key for each member and one key between L2-head and L1-head, So the time complexity is O(m). However, time complexity in HKMS is O(1) because only one key is shared for all members. (c) Number of keys stored in each member: Only one key stored in each member to communicate with its L2-head. So, the time complexity is O(1) and it is equivalent to time complexity on HKMS. (d) Node joining process: The proposed EHKMS model is designed with each node has its own key that is not shared with any other node. When a new node joins the subgroup,

123

Enhanced Hierarchical Key Management Scheme

1795

Table 3 Time complexity analysis in different special cases Case

EHKMS

HKMS

Complexity cost on L1-head when L2-head leave Complexity cost on L1-head when L1-head leave Complexity cost on L2-head when L2-head leave

O(m + 1)

O(p) = O(mk)

O(p)

O(p)

O(m) effect on this L2-head only without interrupt others O(mk)

O(m) but there is an interrupt on other L2-heads cost more complexity O(mk)

Complexity cost on L2-head when L1-head leave

we just generate a new key for this member without need to regenerate all L2-subgroup keys as in HKMS, which will regenerate the L2-subgroup key and will resend it to all its members. This yields large cost, more complexity and interrupts other members in the L2-subgroup. So, the time complexity in The proposed EHKMS model is O(1) however, the time complexity in HKMS is O(m) that makes the proposed EHKMS more secure and less complicated with respect to HKMS. (e) Node leaving process: In this case, we have three cases for leaving process; one case for each level. Case 1: leaving of ordinary nodes. We discard this membership and send a request to L1-head indicating that this member leaves and delete its key from L1-head and L2-head. So, the time complexity in the proposed EHKMS model is O(1). But in HKMS, the time complexity is O(m). Case 2: leaving of L2-head. We have to select new L2-head by L2-subgroup members and generate a key for each member and a new key for communication between L1-head and new L2-head. There is no need to regenerate all L1-nGk as in HKMS that will regenerate L2-subgroup key L2GK and regenerates L1GK key and sends it to all other L2-subgroups that will take more complexity and will interrupt other L2-subgroups. So, the time complexity in the proposed EHKMS is O(m+1)=O(m). But in HKMS, the time complexity is O(p)=O(mk). Case 3: leaving of L1-head. We reach the case of rebuilding the hierarchical again by selecting L1-head from L2-heads and repeat Case 2. So, the time complexity is O(p). Tables 3 indicate the time complexity analysis for special cases in the leaving process. (f) Time taken to retrieving a subgroup key: In the proposed EHKMS, we entrust L1-head to generate L1-nGK and send it to the L2-heads. So, the complexity of retrieving a subgroup key is O(1) if retrieving to only one L2-subgroup and O(k) if retrieving to all L2-subgroups because there is no need to retrieve all keys when any changes occur. (g) Communication between nodes in the same subgroup: this is the time of encryption and decryption operations during data transmission. In the proposed EHKMS, the data transmitted in different L2-subgroups is encrypted and decrypted twice. This makes the two models equal. But the proposed EHKMS is more secure because it utilizes different keys between different levels in the same subgroup.

5 Performance Evaluation In this section, we will derive the mathematical model for the proposed EHKMS and compare it with HKMS.

123

1796

M. A. Elaskily et al.

Table 4 Basic model parameters Nmember

Number of members to be joined, leaved or updated

Cupdate

Updating information cost

Cr ekey

Rekeying cost

Hleader

Hop count from member to leader

Mleader

Size of updating message to leader

Hmember

Hop count from member to its leader L2

member Mupdate

Update size from L2-head to updated member

Hr egion C non -leader

Hop count from L2-head to L1-head

leader - L2 Cleave C leader - L1

Cost of leaving of L2-head node

Pleader - L1

Number of all nodes under leading of L1-head

Pleader - L2

Number of all nodes under leading of L2-head

Cost of leaving of ordinary node

leave

Cost of leaving of L1-head node

leave

change Cleader - L1 change Cleader - L2

Cost of selecting the new L-1head Cost of selecting the new L-2head

N L1

Number of total node in L1

L1 Nmember

Number of members in L1

L2 Nmember

Number of members in L2

5.1 Model Mathematical Analysis In this section, we will focus on the mathematical analysis of the proposed EHKMS by calculating the overall cost in different cases (join or leave) and in different level in a sub-group. The communication cost between different nodes and the key management will represent the overall cost. The total communication cost is represented with two parameters: (1) Cost of Group joins (Cjoin): The costs of group join process and also the cost of changes caused by topology changes (connection and disconnection) by members. (2) Cost of Group leave (Cleave): The costs of group leave process and also the cost of changes caused by topology changes (connection and disconnection) by members. We give the basic model parameters of the proposed EHKMS in Table 4. The total communication cost Ctotal : Ctotal = C join + Cleave

(1)

C join = Nmember × C G

(2)

C G = Cupdate + Cr ekey



member Cupdate = (Hleader × Mleader ) + Hmember × Nmember × Mupdate



(3) (4)

where (Hleader × Mleader ) is cost of update from ordinary member to L2-head and the other term is the cost of update from L2-head to L1-head. In the proposed EHKMS, we update only one key. So, when one member joins, Nmember = 1. member Cr ekey = Hr egion × Nmember × Mupdate

123

(5)

Enhanced Hierarchical Key Management Scheme

1797

Also, we can rekey only one key for one member. So, Nmember = 1, member member Cr ekey = Hr egion × Mupdate = Hleader × Mupdate for rekeying one member (6) non -leader leader - L2 leader - L1 Cleave = Cleave + Cleave + Cleave (7) non -leader =N ×H (8) C leave

member

r egion

In the case of one member will leave, Nmember = 1. non -leader = Hr egion = Hleader Cleave   change leader - L1 = Pleader - L1 × C G + Cleader - L1 Cleave

(9) (10)

leader - L2 Cleave = Pleader - L2 × Cleader - L2 change

(11)

There is no C G in this equation because there is no need to rekey all sub-groups when L2-head will leave. L1 L2 Pleader - L1 = N L1 /N L1 + Nmember + Nmember

Pleader - L2 =

L1 Nmember /N L1

+

L1 Nmember

+

(12)

L2 Nmember

(13)

where C G given earlier in Eq. (3) 5.2 Performance Analysis The proposed EHKMS is simulated with Matlab and we get the results that use it to make comparison with HKMS’s results. The comparison between the proposed EHKMS and HKMS is made with respect to cost in changes of ordinary members, cost in changes of L2-heads and for cost with mobility speed in both ordinary members and L2-heads. For changes in ordinary nodes in same L2-subgroup, these changes only occur in these nodes and other nodes in the same subgroup are not affected. Figure 7a shows the effect of changes (join/leave) of ordinary nodes in the same Level 2 sub-groups on the overall cost with the proposed EHKMS and HKMS. The results reveal that the proposed EHKMS has less complexity with changes than HKMS. This will improve rekeying process, memory load and other resources usage. Figure 7b shows the effect of number of nodes on the overall cost with the proposed EHKMS and HKMS. It is clear from obtained results that the cost with the proposed EHKMS is less than the cost with HKMS in level of changes in L2-heads that reflects the efficiency

(a)

(b)

Fig. 7 Effects of overall cost with number of nodes changes a Overall cost versus number of ordinary nodes changes b Overall cost versus number of total nodes

123

1798

M. A. Elaskily et al.

(a)

(b)

Fig. 8 Effects of overall cost with mobility a Overall cost versus Mobility speed with ordinary members change. b Overall cost versus Mobility speed with L2-heads change

of the proposed EHKMS over HKMS. Mobility is the quality of a node to move freely from sub-group to another. Figure 8a shows a comparison for the cost versus mobility between proposed EHKMS and HKMS in the case of ordinary members change (moving). So, we can see that increasing of node mobility does not affect network complexity and this offer a solution for wireless node mobility. Figure 8b shows a comparison for the cost versus mobility between proposed EHKMS and HKMS in the case of L2-heads change. The proposed EHKMS reduces the cost under different speed of the nodes.

6 Conclusions This paper presents a secure enhanced hierarchical key management scheme (EHKMS) for MANETs. The proposed EHKMS is interested in keying applied on hierarchical structure that lead to increase the security and make no need to apply rekeying for all group members or rekeying of nodes in different sub-levels as made by hierarchical key management scheme. We explained the steps of constructing the proposed EHKMS and presented the key management scheme that allows a node to communicate with other nodes whether in same group or other groups. The complexity of the proposed EHKMS is estimated in different cases for model construction and compared with hierarchical key management scheme. The obtained results show the superiority of the proposed EHKMS over hierarchical key management scheme in terms of security, complexity and performance.

References 1. Iwata, A., Chiang, C. C., Pei, G., Gerla, M., & Chen, T. W. (1999). Scalable routing strategies for ad hoc wireless networks. IEEE Journal on Selected Areas in Communications, 17(8), 1369–1379. 2. Pei, G., Gerla, M., Hong, X., & Chi, C. C. (1999). A wireless hierarchical routing protocol with group mobility. In Proceedings of the IEEE wireless communications and networking conference (WCNC), pp. 1538–1542. 3. Ramanathan, R., & Steenstrup, M. (1998). Hierarchically-organized, multi-hop mobile wireless networks for quality-of-service support. Mobile Networks and Applications, 3(1), 101–119. 4. Mirkovic, J., Prier, G., & Reiher, P. (2002). Attack DDoS at the source. In Proceedings of the IEEE international conference on network protocol, pp. 312–321, Paris, France, November 12–15. 5. Jones, C. E., Sivalingam, K. M., Agrawal, P., & Chen, J. C. (2001). A survey of energy enhanced network protocols for wireless networks. Wireless Network, 7(4), 343–358.

123

Enhanced Hierarchical Key Management Scheme

1799

6. Hegland, A. M., Winjum, E., Mjolsness, S. F., Rong, C., Kure, O., & Spiling, P. (2006). A survey of key management in ad hoc networks. IEEE Communication Surveys, 8(3), 48–66. 7. Huang, D., & Medhi, D. (2008). A secure group key management scheme for hierarchical mobile ad hoc networks. Ad Hoc Networks, 6(4), 560–577. 8. Pieprzyk, J., & Li, C. H. (2000). Multiparty key agreement protocols. IEEE Proceedings Computers and Digital Techniques (July), 229–236. 9. Steiner, M., Tsudik, G., & Waidner, M. (1998). A new approach to group key agreement. In Proceedings of the 18th IEEE international conference on distributed computing system, Amsterdam, The Netherlands, May 26–29, pp. 380–387. 10. Wu, B., Wu, J., & Fernandez, E. B. (2007). Secure and enhanced key management in mobile ad hoc networks. Journal of Network and Computer Applications, 30, 937–954. 11. Tseng, Y. M., Yang, C. C., & Liao, D. R. (2008). A secure group communication protocol for ad hoc wireless networks. Advances in Wireless Ad Hoc and Sensor Networks, Signals and Communication Technology, pp. 102–130. 12. Wang, N., & Fang, S. (2007). A hierarchical key management scheme for secure group communications in mobile ad hoc networks. Journal of Systems and Software, 80(10), 1667–1677. 13. Basagni, S., Herrin, K., Bruschi, D., & Rosti, E. (2001). Secure pebblenets. In Proceedings of the 2nd ACM international symposium on mobile ad hoc networking & computing, ACM Press New York, pp. 156–163. 14. Rhee, K., Park, Y., & Tsudik, G. (2004). An architecture for key management in hierarchical mobile ad-hoc networks. Journal of Communications and Networks, 6(2), 156–162.

Author Biographies Mohamed A. Elaskily received the B.Sc. in computer science and engineering from Menoufia University, Menouf, Egypt, in 2008. He registered for Master of Science study in October 2008. In September 2009 he was working in the Egyptian Universities Network project as a network administrator engineer.

Hamdy M. Kelash received the Eng. Degree from the Institute of Electronic Engineering, Egypt in 1971, MSc degree from Faculty of Engineering Technology, Helwan University, Egypt, in 1979 and the Ph.D. degree from Institute National Polytechnique (INP), France in 1984. He has been lecturer in 1984 at the Electronic Industry department, Faculty of Electronic Engineering, also a lecturer in 1987 at the Computer Sciences and Engineering department, and an Assistant Professor in 1993 and the Head of Computer Sciences and Engineering department, Faculty of Electronic Engineering, Menoufia University from 2001 to 2007. His main research interests include optical computing, artificial intelligence, network security, image processing, digital systems and parallel computing.

123

1800

M. A. Elaskily et al. Hala S. El-sayed received the B.Sc., M.Sc., and Ph.D. degrees in electrical engineering from Menoufia University, Shebin El-kom, Egypt, in 2000, 2004, and 2010, respectively. She is currently with the Department of Electrical Engineering, Faculty of Engineering, Menoufia University, where she was a Demonstrator from 2002 to 2004 and has been a Lecturer since 2010. Her research interests cover Network security, Wireless sensor network, Secure building automation systems, and Biometrics.

Osama S. Faragallah received the B.Sc., M.Sc., and Ph.D. degrees in computer science and engineering from Menoufia University, Menouf, Egypt, in 1997, 2002, and 2007, respectively. He is currently with the Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University, where he was a Demonstrator from 1997 to 2002 and has been a Lecturer since 2007. His research interests cover Image processing, Network security, Cryptography, Internet security, Multimedia security, Image encryption, Watermarking, Steganography, Data hiding, and Chaos theory, Ad-hoc security.

123