Figure 1.
Pre-distribution Key Management Schemes_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| Eschenauer-Gligor Scheme | 2002 | Randomly pre-distribute keys to nodes from a key pool to establish common keys post-deployment. | Simple, scalable for small networks. | Vulnerable to node capture. | [23] |
| Q-Composite Scheme | 2009 | Improves Eschenauer-Gligor by requiring multiple shared keys to establish communication. | Higher resilience against node capture. | Increased memory usage. | [24] |
| Enhanced Random Key Distribution | 2018 | Adds redundancy and hashing to random pre-distribution for better resilience. | Stronger security, low overhead. | Increased computational costs. | [25] |
| Multiple Key Pools | 2020 | Nodes are preloaded with keys from region-specific key pools to improve localization security. | Reduces key exposure. | Limited adaptability for mobility. | [26] |
| Hybrid Key Pre-distribution | 2022 | Combines deterministic and random methods to ensure both security and scalability. | Balances security and efficiency. | Implementation complexity. | [27] |
Challenges in key management in WSNs_
| Challenge | Description | References |
|---|---|---|
| Resource Constraints | SNs have limited computational power, memory, and energy, making it challenging to implement complex cryptographic algorithms. | [10,11] |
| Scalability | Large networks with thousands of SNs require scalability but key distribution and maintenance increase the complexity. | [12,13] |
| Dynamic Topology | SNs join or leave frequently due to mobility, failures, or environmental changes that require real-time key updates. | [14,15] |
| Physical Vulnerability | SNs in hostile environments are prone to tampering and physical capture that can risk key exposure and network compromise. | [16,17] |
| Adversarial Threats | WSNs face eavesdropping, spoofing, and man-in-the-middle attacks which necessitate the need for robust key management protocols. | [18,19] |
| Energy Efficiency | Cryptographic operations consume significant energy, affecting the lifespan of battery-powered SNs. | [20,21,22] |
Public Key Cryptography (PKC) Approaches in WSN_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| RSA-Based Encryption | 2010 | Uses large prime factorization for key generation in resource-constrained networks. | High security; well-established protocol. | High computational requirements. | [43] |
| ECC-Based Key Management | 2015 | Utilizes elliptic curve cryptography for secure communication with smaller keys. | High security with low resource usage. | Computationally expensive for real-time updates. | [44] |
| Hybrid PKC-Symmetric Schemes | 2019 | Combines PKC for initial key exchange with symmetric encryption for ongoing communication. | Efficient after initial exchange; scalable. | Vulnerable during the key negotiation phase. | [45] |
| Lightweight ECC | 2020 | Optimizes ECC for WSNs by reducing algorithm complexity. | Suitable for resource-limited nodes; strong encryption. | Still more complex than symmetric methods. | [46] |
| Quantum-Resilient PKC | 2022 | Adapts public key schemes to counter quantum computing attacks. | Future-proof against quantum threats. | Not yet standardized; higher energy consumption. | [47] |
| Blockchain-Based Key Management | 2023 | Uses blockchain to manage and distribute public keys securely. | Decentralized and tamper resistant. | High storage and energy requirements. | [48] |
| ECC with Energy-Aware Protocol | 2023 | Integrates ECC with energy-aware protocols to minimize power consumption. | Balances security and energy usage. | Limited testing in large networks. | [49] |
| Post-Quantum ECC | 2024 | Enhances ECC with post-quantum algorithms to future-proof against advanced attacks. | High security and forward compatibility. | Computationally heavy for small nodes. | [50] |
Research Solutions and description to Key Management in WSN_
| Research Solution | Description | Reference |
|---|---|---|
| Hybrid Cryptographic Solutions | Combining lightweight cryptographic techniques with quantum-resistant algorithms for efficient security in WSNs. | [66,67] |
| Adaptive Key Management | Dynamically adjusting key parameters based on factors like network conditions, traffic, and energy usage. | [68,69] |
| Machine Learning for Optimization | Using AI to optimize energy usage, predict threats, and adjust cryptographic techniques in WSNs. | [70,71,72] |
Matrix-based key management schemes in WSN_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| Blom’s Scheme | 2012 | An asymmetric matrix-based scheme that generates unique pairwise keys using a shared secret matrix. | High resilience to node capture. | Memory and computation overhead increase with network size. Not scalable for large networks. | [39] |
| Efficient for small to medium networks. | |||||
| Triple Key Matrix Scheme | 2017 | Extends matrix-based schemes to provide triple key distribution for enhanced communication security. | High resilience to single-node capture. | Increased memory requirements. | [40] |
| Supports multi-tier security. | Computationally intensive for large networks. | ||||
| Attack Matrix Scheme | 2018 | Uses dominance key sets in a cost-effective matrix design to secure communication. | Cost-effective design. | Limited applicability in highly dynamic networks. | [52] |
| Resistant to various attacks. | Requires careful dominance set design. | ||||
| Suitable for clustered WSNs. | |||||
| Polynomial and Matrix-Based Scheme | 2019 | Combines polynomial-based key pre-distribution with matrix design for enhanced security. | Combines benefits of polynomial and matrix methods. | Higher computational overhead due to polynomial calculations. | [53] |
| Strong security against node capture. | Complex setup for large networks. |
Dynamic Key Management Schemes in WSNs_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| LEAP (Localized Encryption and Authentication Protocol) | 2013 | Uses cluster heads for efficient key distribution in dynamic networks. | Scalable and efficient. | Cluster head compromise risk. | [28] |
| Diffie-Hellman Protocol | 2013 | Dynamically establishes keys post-deployment through public-private key exchanges. | No pre-shared keys are required. | High computational overhead. | [29] |
| Lightweight Key Update | 2019 | Reduces the cost of key updates in dynamic networks through periodic rekeying. | Energy-efficient updates. | Vulnerable to synchronization issues. | [30] |
| Cluster Key Negotiation | 2021 | Dynamic key management within clusters for better adaptability in mobile WSNs. | Better adaptability. | Increased cluster head workload. | [31] |
| An Efficient Secure Key Establishment Method in Cluster-Based WSNss | 2022 | Proposes lightweight key establishment using shared keys managed by cluster heads. | Low energy consumption and high efficiency. | Limited adaptability for heterogeneous networks. | [32] |
| Adaptive Key Management | 2023 | Adjusts key update intervals based on network topology changes and threats. | Dynamic and threat adaptive. | Complexity in threat assessment. | [33] |
| IHKM: An Improved Hierarchical Key Management Scheme | 2024 | An enhancement of hierarchical schemes, optimizing key distribution and security in cluster-based WSNs. | Better scalability and resilience to attacks. | Increased computational complexity. | [34] |
Research Directions, Proposed Solutions, and Optimisation Methods Related to Key Management in WSN_
| Research Direction | Proposed Solutions | Optimization Methods |
|---|---|---|
| Energy Efficiency | Lightweight cryptography | Energy-aware cryptographic protocols and duty-cycling techniques aim to reduce energy consumption while maintaining security levels. |
| Symmetric encryption replacement | Replacing computationally expensive public-key cryptography with more energy-efficient symmetric algorithms. | |
| Energy-efficient key distribution | Use of localized or hierarchical key distribution techniques to reduce communication overhead. | |
| Resilience to Node Capture | Dynamic key revocation | Adaptive protocols that revoke keys once a node is compromised, minimizing the impact on the overall network. |
| Distributed trust models | Employing decentralized approaches to ensure that compromised nodes do not breach the entire network’s security. | |
| Physical-layer security | Incorporation of techniques such as secret sharing and random key pre-distribution to make key extraction harder. | |
| Scalability | Cluster-based key management | Using a cluster-head model to divide responsibilities, minimize communication overhead, and enhance scalability in large networks. |
| Hierarchical key management | Multi-tiered architecture that efficiently distributes keys among different levels of the network. | |
| Hierarchical revocation strategies | Improving scalability by implementing efficient key revocation and update mechanisms that can scale with the network size. | |
| Post-Quantum Security | Lattice-based cryptography | Exploring quantum-resistant algorithms, such as lattice-based encryption, that can be applied in WSNs. |
| Hash-based signatures | Use of quantum-secure hash-based schemes for signing messages and managing key distributions. | |
| Hybrid cryptosystems | Developing hybrid cryptographic schemes that combine classical and quantum-resistant algorithms for backward compatibility. |
Pairwise Key Establishment in WSN_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| Blom’s Scheme | 2012 | Uses a matrix-based approach for generating unique pairwise keys between nodes. | High resilience to node capture. | Computationally intensive. | [39] |
| Polynomial-Based Scheme | 2017 | Employs polynomial functions for establishing secure pairwise keys among nodes. | Efficient for small groups. | Vulnerable to node tampering. | [40] |
| ECC-Based Pairing | 2019 | Utilizes elliptic curve cryptography for pairwise key establishment in resource-constrained WSNs. | Strong security. | High computational overhead. | [41] |
| ID-Based Key Agreement | 2019 | Leverages node identifiers for key establishment to reduce memory overhead. | Efficient and memory-saving. | Less flexible for dynamic networks. | [42] |
Combinatorial-based key management schemes in WSN_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| Scalable and Storage-Efficient Dynamic Key Management | 2021 | Proposes a scalable key management scheme that optimizes storage efficiency while ensuring secure key distribution in WSNs. | Reduces storage overhead, supports large-scale WSNs, and enhances security resilience. | Requires additional computational resources for key updates. | [54] |
| Key Updating for Combinatorial Design-Based Key Management | 2014 | Introduces efficient key update methods for combinatorial-based key management schemes to enhance security. | Improves resilience against key compromise and reduces overhead for rekeying. | May introduce synchronization delays in large networks. | [55] |
| Combinatorial Design-Based Key Pre-Distribution | 2019 | Develops a key pre-distribution scheme using combinatorial designs to optimize key sharing and security. | Enhances scalability, ensures deterministic key assignment, reduces storage requirements. | Requires careful parameter selection to balance security and connectivity. | [56] |
| Survey of Combinatorial Key Pre-Distribution in IoT | 2021 | Provides a comprehensive review of combinatorial design-based key management schemes for IoT and WSNs. | Identifies strengths and weaknesses of various combinatorial approaches, highlights emerging trends. | Some reviewed schemes may not be adaptable to dynamic network environments. | [57] |
Comparison of Key Pool and Key Size in Key Management Schemes in WSN_
| Criteria | Large Key Pool | Small Key Pool | Long Key Size | Short Key Size |
|---|---|---|---|---|
| Security | High (low key-sharing probability) | Moderate (higher key-sharing probability) | High (strong encryption) | Low (vulnerable to brute force) |
| Storage Needs | High (requires more memory) | Low (minimal memory requirements) | High (large memory usage) | Low (minimal memory usage) |
| Energy Efficiency | Low (more keys to process) | High (fewer keys to process) | Low (computationally intensive) | High (less computational demand) |
| Scalability | Suitable for large networks | Suitable for small networks | Suitable for critical applications | Suitable for low-security setups |
Comparative Analysis of Key Management Schemes in WSN
| Scheme | Advantages | Disadvantages | Ideal Scenarios |
|---|---|---|---|
| Random Key Pre-distribution | Simple to implement | Vulnerable to node capture | Small networks with low-security needs, where simplicity and cost-effectiveness are more important than high-security |
| Minimal computation required | Limited security against node compromise | ||
| Dynamic Key Management | Flexible | High computational overhead | Suitable for dynamic networks where nodes frequently join or leave, such as mobile sensor networks or networks with changing topologies |
| Adaptable to changes in the network | Requires communication for key exchange | ||
| Cluster-based Management | Scalable | Vulnerability of cluster head | Large-scale networks or hierarchical setups, where SNs are grouped into clusters and a cluster head controls key management |
| Efficient key management due to centralized control by the cluster head | Single point of failure if the cluster head is compromised | ||
| Hierarchical Management | Efficient distribution and revocation of keys | Requires a central authority | Multi-tier networks, such as military surveillance or critical infrastructure, where different levels of security are required. |
| Easy to scale in large networks | Single point of failure at higher tiers | ||
| Pairwise Key Establishment | High security | Complex setup | High-security applications such as military and defense where confidentiality between specific node pairs is critical. |
| Resilient to node capture, as each pair has a unique key | Scalability issues with large networks | ||
| Public Key Cryptography (PKC) | Strong security with asymmetric encryption | High computational and memory overhead | Critical infrastructure and applications requiring high security, such as IoT networks in healthcare and finance. |
| Can support digital signatures for authenticity | Not ideal for resource-constrained devices | ||
| Matrix-Based Key Management | High resilience to node capture | Computationally intensive Scalability challenges for very large networks | Small to medium-sized networks requiring high security, such as industrial IoT, military networks, or healthcare sensor systems. |
| Enables secure pairwise communication | |||
| Scalable with small to medium networks | Higher memory requirements for matrix storage | ||
| Combinatorial-Based Key Management | High scalability, resilience to node capture | Complex key distribution | Large-scale WSNs with high-security requirements and limited storage capacity |
| Efficient key discovery | The trade-off between security and connectivity | ||
| Reduced memory overhead | Limited adaptability |
Hierarchical Key Management Schemes in WSNs_
| Scheme Name | Year | Description | Advantages | Disadvantages | References |
|---|---|---|---|---|---|
| Logical Key Hierarchy (LKH) | 2010 | Uses a tree structure where higher-level nodes manage key distribution to lower-level nodes. | Efficient key revocation. | Requires central authority. | [35] |
| Multi-Tier Key Management | 2015 | Divides the network into multiple tiers with different keys for different levels. | Scalable and secure. | Management complexity. | [36] |
| Role-Based Key Distribution | 2017 | Assigns keys based on node roles within the network (e.g., sensors, aggregators). | Efficient and role aware. | Static role assignment challenges. | [37] |
| Hybrid Hierarchical Scheme | 2022 | Combines LKH with cluster-based management to optimize scalability and security. | Balances hierarchy and efficiency. | Increased resource usage. | [38] |