A key loss recovery scheme for secure broadcasts in wireless sensor networks

Authenticity and secrecy of broadcast message content is important in wireless sensor networks deployed for battlefield control, emergency response, and natural resource management. Encryption of broadcast data requires the key to vary in time, typically via a key chain, so that a key compromised at a receiver does not compromise broadcast security for the entire network. An unfortunate consequence of time-varying keys is that a receiver that misses (due to packet loss) one or more keys from the chain cannot decrypt subsequent messages, thereby getting excluded from all broadcasts. In this paper we develop a scheme that allows receivers to recover from one or a few lost keys by having the transmitter probabilistically reuse old keys from the chain. Our scheme makes the broadcast system more robust to packet loss, at the expense of increasing vulnerability to compromised old keys. Analysis of our scheme shows how the trade-off can be controlled by tuning parameters, and a prototype implementation on a MicaZ mote testbed demonstrates the feasibility of our scheme in real sensor network platforms.