Providing security using Signature-Based Broadcast Authentication in Sensor Networks

B. chakradhar


As per recent studies  it is feasible to perform public key cryptographic operations on resource-constrained sensor platforms. But the problem is energy consumption introduced by public key operations makes any public key-based protocol an easy target of Denial-of-Service attacks. For example, if digital signature schemes like Elliptic Curve Digital Signature Algorithm are used directly for broadcast authentication without further protection, an attacker can simply broadcast fake messages and force the receiving nodes to perform a huge number of unnecessary signature verifications, and can consume  their battery power. This paper shows how to mitigate such Denial-of-Service attacks  when digital signatures are used for broadcast authentication in sensor networks. Specifically, this paper first presents two filtering techniques, the group-based filter and the key chain-based filter, to handle the Denial-of-Service  attacks against signature verification. Both methods can  reduce the number of unnecessary signature verifications when a sensor node is under Denial-of-Service attack. This paper then combines these two filters and proposes a hybrid solution to further improve the performance.

Keywords: Sensor networks, security, broadcast authentication, Denial-of-Service attacks, digital signature.

Full Text:



AKYILDIZ, I., SU, W., SANKARASUBRAMANIAM, Y., AND CAYIRCI, E. 2002. Wireless sensor networks: A survey. Computer Networks 38, 4, 393–422.

BLUNDO, C., DE SANTIS, A., HERZBERG, A., KUTTEN, S., VACCARO, U., AND YUNG, M. 1993. Perfectly-secure key

distribution for dynamic conferences. In Advances in Cryptology – CRYPTO ’92, LNCS 740. 471–486. CHAN, H., PERRIG, A., AND SONG, D. 2003. Random key predistribution schemes for sensor networks.

In Proceedings of the IEEE Symposium on Security and Privacy (S&P). 197–213.

CROSSBOW TECHNOLOGY INC. 2008. MICAz 2.4GHz Wireless Module. productdetails.aspx?sid=164. Accessed in January 2008.


  • There are currently no refbacks.