Int. J. Wireless and Mobile Computing, Vol. 5, No. 2, 2012 191

Copyright © 2012 Inderscience Enterprises Ltd.

Lightweight key management scheme to enhance the security of internet of things

Dong Chen*, Guiran Chang, Dawei Sun, Jie Jia and Xingwei Wang School of Information Science and Engineering, Northeastern University, Shenyang 110819, China Email: chend.2008@gmail.com Email: chang@neu.edu.cn Email: sundaweicn@163.com Email: jiajie@ise.neu.edu.cn Email: wangxw@mail.neu.edu.cn *Corresponding author

Abstract: Trillions things of Internet of Things (IOT) or Cyber-Physical Systems (CPS) employ a unique global addressing scheme to interact to each other and corporate with others to provide intelligent services. However, people may resist the IOT as long as there is no public confidence that it will not cause any serious threats to their privacy. An effective secure key management for things authentication is the prerequisite of the security operations. Studying on the characteristics of things in the IOT deeply, this paper proposes a lightweight security key management scheme for Things to Things (T2T) communication in wireless networks of IOT which are usually composed of heterogeneous sensors/actuators or smart sensor-embedded things. Eventually, we evaluate the proposed scheme on storage overhead, communication overhead, computation overhead and resilience against nodes compromise attack, respectively.

Keywords: TOT; internet of things; T2T; 6LoWPAN; key management; CPS; cyber-physical systems; RFID sensor network.

Reference to this paper should be made as follows: Chen, D., Chang, G., Sun, D., Jia, J. and Wang, X. (2012) ‘Lightweight key management scheme to enhance the security of internet of things’, Int. J. Wireless and Mobile Computing, Vol. 5, No. 2, pp.191–198.

Biographical notes: Dong Chen is a PhD candidate at the School of Information Science and Engineering, Northeastern University, Shenyang, China. He received his MSc in Computer Science from Northeastern University in 2010. His current researches interests include internet of things, cyber physical system.

Guiran Chang is a Professor at the Computing Centre of Northeastern University, Shenyang, China. He received his PhD degree in Electrical Engineering from the University of Tennessee, Knoxville, Tennessee in 1991. His current research interests include computer networks, multimedia technology, and information security.

Dawei Sun is a PhD candidate at the School of Information Science and Engineering, Northeastern University, Shenyang, China. He received his MSc in Computer Science from Northeastern University in 2009. His current researches interests include cloud computing, trusted computing, virtualization technology and information security.

Jie Jia is an Associate Professor at the School of Information Science and Engineering, Northeastern University, China. She received her PhD degree in Computer Science from Northeastern University, China. Her research interests are mainly on RFID systems, wireless sensor network, cyber-physical systems and mesh network.

Xingwei Wang is a Professor at the School of Information Science and Engineering, Northeastern University, China. He received his PhD degree in Computer Science from Northeastern University, China in 1998. His research interests are mainly on routing algorithms and protocols, mobility management and resource assignment methods in NGI.

192 D. Chen et al.

1 Introduction

The Internet of Things (IOT) and Cyber-Physical Systems (CPS) are novel paradigms that are rapidly gaining ground in the scenario of modern wireless telecommunications. As a novel global communication infrastructure, the IOT is expected as an extension of internet or Next Generation internet and can provide transparent data exchange between heterogeneous things across the world. The core idea of the concept is the pervasive presence of trillions of things around us, including sensors, Radio-Frequency Identification (RFID) tags, actuators, 3G mobile phones, sensor embedded devices, etc. (Giusto et al., 2010). The IOT should have the ability to connect loosely defined smart objects and enable them to interact with other objects, the environment, or more complex and legacy computer devices (Medaglia and Serbanati, 2010).

As shown in Figure 1, IOT/CPS is a network of internet/NGI-enabled objects, together with web services that interact with these objects. Underlying the IOT are technologies such as RFID, sensors and smart phones. The communications vary from those in internet: from anytime, anywhere (nearby PC, somewhere else indoor, outdoor, while moving) connectivity for anyone, to anything, e.g. between PCs, Human to Human (H2H), Human to Things (H2T) and Things to Things (T2T) (Chris, 2011; Debasis and Jaydip, 2011). Multiple connections create an entirely new dynamic network of networks – an IOT, which is based on solid technological advances and visions of network ubiquity, computing, communications and dynamic technical innovation in a number of domains, ranging from wireless sensors to nanotechnology. Things of the IOT employ a unique global addressing scheme to interact to each other and corporate with others to provide intelligent services. The key technologies supporting IOT are RFID and Wireless Sensor Network (WSN). RFID tags and sensors are integrated into smart objects, buildings, vehicles, mobile device, even environment to communicate with other things in the IOT locally and remotely in order to provide integrated intelligent services for end users. Recently, RFID Sensor Networks (RSNs) (Buettner et al., 2008) appear to accelerate the developing of the IOT, which consist of RFID readers and RFID sensor nodes (WISPs), extend RFID to include sensing and bring the advantages of small, inexpensive and long-lived RFID tags to WSNs.

However, people may resist the IOT as long as there is no public confidence that it will not cause any serious threats to their privacy. The concept of privacy is deeply rooted into our civilisations and recognised in all legislations of civilised countries. The ways in which data collection, mining and provisioning will be accomplished in the IOT are completely different from those that we now know and there will be an amazing number of occasions for personal data to be collected (Djamel and Nadjib, 2010; Luigi et al., 2010; Medaglia and Serbanati, 2010).

Furthermore, the IOT is extremely vulnerable to attacks. Since most communications are wireless, including Wi-Fi, ZigBee, 3G, WiMax and Bluetooth, eavesdropping becomes so extremely simply in the IOT. Due to the low energy, storage and computing resources of things involved in the IOT, they cannot implement common complex schemes

to support security. The major problems related to securing communications of the IOT concern authentication, authorisation and data integrity. Effective secure key management for things authentication is the prerequisite of these security operations.

Figure 1 Communications in IOT/CPS (see online version for colours)

The remainder of the paper is organised as follows. We give an overview of related influential works in Section 2. In Section 3, a lightweight secure key management scheme is proposed and further discussed in detail in wireless networks of IOT. In Section 4, we present the performance evaluation of the proposed lightweight secure key management scheme including storage overhead, communication overhead, computation overhead and resilience against nodes compromise attack, respectively. The proposed lightweight secure key management scheme can promote the T2T communication security in wireless networks, and improve QoS performance of intelligent service in IOT, followed by the conclusion and future work of the paper in Section 5.

2 Related works

So far, the research on the secure key issues of the IOT is focused on homogenous and heterogeneous WSNs (Du et al., 2004; Liekenbrock, 2009).

Eschenauer and Gligor (2002) firstly proposed a pre-distribution based key management scheme, which required considerable memory to store keys. Liu et al. (2005) enhanced the pre-distribution based key management scheme by allowing pair-wise keys to be created after deployment if the nodes in the network shared information from the same key space. Obviously, these methods require knowledge prior to sensors deployment.

Zhu et al. (2006) designed a key management scheme – LEAP, which assumes that the network is secure for a short period after sensor deployment, and then a preloaded global key is used to bootstrap key management. Liu et al. (2008) proposed SBK, a self-configuring framework for bootstrapping keys in sensor networks. SBK preloads each

Lightweight key management scheme 193

sensor node with a set of parameters to be used after deployment to establish pair-wise keys between neighbouring nodes. SBK does not require any prior deployment knowledge but still achieves high connectivity between neighbouring nodes. However, these existing schemes are designed for homogeneous sensor networks in which the sensor nodes have similar capabilities or resource.

Loree et al. (2009) proposed an efficient post-deployment key establishment scheme for heterogeneous sensor networks based on SBK (Liu et al., 2008). The scheme takes advantage of a few powerful high-end sensor nodes to achieve efficient and effective key establishment in a heterogeneous sensor network. Sun et al. (2004) proposed a method for designing multicast key management trees that match the network topology in order to localise the transmission of keying information and reduce communication burden of rekeying significantly.

Various studies have focused on key establishment schemes in homogeneous WSNs. Azarderskhsh and Reyhani-Masoleh (2011) addressed security issues in the heterogeneous WSNs, a secure clustering scheme along with a deterministic pair-wise key management scheme based on public key cryptography is presented. The proposed security mechanism guarantees that any two sensor nodes located in the same cluster and routing path can directly establish a pair-wise key without disclosing any information to other nodes. Sensor nodes are inherently limited by insufficient hardware resources such as memory capacity and battery lifetime. As a result, few current key management schemes are appropriate for WSNs. Huang et al. (2011) proposed a new key management method that uses dynamic key management schemes for heterogeneous sensor networks, which loads a hash function into the base station, cluster heads and sensor nodes. The cluster heads and sensor nodes then generate their own keychains to provide forward authentication in case of key changes, security breaches; and key changes due to security breaches. The cluster heads and sensor nodes establish pair-wise keys to ensure transmission secrecy.

However, most of the recent research has shown that achieving survivability in WSNs requires a hierarchy and heterogeneous infrastructure. Studying on the characteristics of things in the IOT, we propose a novel lightweight security key management scheme for the T2T communication in the network composed of sensors and smart sensor-embedded things based on the studies of Sun et al. (2004), Liu et al. (2008), Loree et al. (2009), Azarderskhsh and Reyhani-Masoleh (2011) and Huang et al. (2011).

3 A lightweight secure key management scheme for internet of things

The proposed lightweight secure key management scheme is composed of three phrases referring to the SBK scheme (Liu et al., 2008). First, each node is elected to be a service node, alternative service node or worker node through running self-configuration algorithms. Right after electing process, service nodes will generate key spaces for the corresponding worker nodes. Second, a secure communication channel will be

established between a worker node and its associated service node. Through secure channels, worker nodes acquire keying information from the corresponding service nodes. Third, two worker nodes will derive a shared key if they are associated with a same service node for secure T2T communication in future.

3.1 Preloaded system parameters As is known to all that IOT is composed of heterogeneous networks (Mattern and Floerkemeier, 2010). Sensors play a fundamental and indispensable role for IOT to sense the physical world and collect data from surroundings.

Therefore, in this paper, we consider a large wireless network composed of heterogeneous sensors and smart sensor-embedded things. In the heterogeneous wireless network of IOT, a large number of things are distributed randomly in the network topology, as shown in Figure 2. Note that, each node is a sensor or sensor-embedded object.

Figure 2 A heterogeneous wireless network of IOT (see online version for colours)

Several preconfigured parameters are uploaded to each node before deployment, as listed in Table 1.

Table 1 Reloaded system parameters

Parameters Illustration/Description

Ts The time for one round for service node election

p,q Two large enough primes for generating key space using as private key in Rabin’s cryptosystem

λ Maximum number of nodes served by a service node

H The forwarding bound of a key space advertisement

Ps The probability to be elected as a service node

UID Unique Node ID identifier employing 6LowPAN

Ttotal Maximum time for key bootstrapping

Resource and computation capabilities of heterogeneous things in the network may have significantly differences. We use the value of Ps to describe the differences across trillion nodes. H is the forwarding bound which indicates the maximum hops distance in which the existence of a key space can be broadcast in the network.

194 D. Chen et al.

Each node is also preloaded with a maximum waiting time limit Ttotal for key bootstrapping, a time limit Ts of one round for service node election and a maximum number limit λ which indicates how many worker nodes can be served if it becomes a service node. In addition, each node randomly picks up two large primes number, p and q, before deployment used as the private key of Rabin’s cryptosystem. Rabin’s public cryptosystem can be applied to establish a secure channel for keying information dissemination.

In order to identify a node, we assume that each node also owns an IPv6 address as a unique UID employing 6LoWPAN (Hui and Culler, 2008) technology.

3.2 Key space generation

Pair-wise key establishment is a fundamental security service in the wireless network; it enables T2T communication securely using cryptographic technology. However, due to the resource constraints on the heterogeneous smart things in IOT, it is infeasible to use traditional key management techniques such as public key cryptography and Key Distribution Center (KDC). So far, there are two classical key space models of establishing pair-wise keys – one is polynomial based (Blundo et al., 1992) and the other is matrix based (Blom, 1984).

The polynomial-based key space utilises a bivariate symmetric λ-degree polynomial such that

( ) ( ), 0

, , i jij

i jf x y f y x a x y

λ

=

= = ∑ (1)

Over a finite field Fq, where q is a prime that is large enough to be used in a cryptographic key. By plugging the UID (IPv6 address using 6LowPAN) of a node in the wireless network of IOT, we can obtain the keying information which is allocated to the node. As presented by Blundo et al. (1992), for example, a thing i receives f (i, j).

Therefore, two things can compute a shared key from their keying information as ( ) ( ), ,f x y f y x= . In this paper, the generation of a polynomial-based key space f (x, y) employs the scheme described by Blundo et al. (1992).

The matrix-based key space generation model utilises a ( ) ( )1 1λ λ+ × + public matrix G and ( ) ( )1 1λ λ+ × + private matrix D also over a finite GF (q), where q is a prime number which is large enough to be applied to a cryptographic key. These matrixes are used to generate another matrix A:

( )TA D G= ⋅ (2)

If the matrix D is symmetric, then the matrix K is also symmetric which is computed by

K A G= ⋅ (3)

From equation (3), we can get ij jik k= , where kij the element at the i-th row and the j-th column of the matrix K, , 1, 2,3, , 1.i j λ= +L If a node knows about a row of A, say,

row i, and a column of G, say, column j, then the node can compute the corresponding kij. If a node I allocated a keying share containing the i-th row of A and the i-th column of G such that two nodes i and j can compute their shred key kij by exchanging the columns of G. Additionally, if the matrix G is properly well designed (using Vander Monde Matrix), then only a seed needs to be transmitted between nodes instead of the whole column (Loree et al., 2009).

Note that our lightweight secure key management scheme for bootstrapping keys can work with both key space generating models.

3.3 Node self-configuration and key space computation

Each node will bootstrap and elect itself to be a service node, an alternative worker node or a common worker node after deployed in the heterogeneous wireless network. The electing and self-configure procedure is described in Algorithm 1.

Algorithm 1: Node self-configuration 1 FUNCTION Ri = Elect Config (Ts, t, p, q, λ, H, Ps),

eligible = true 2 WHILE eligible and t > 0 DO 3 TTL = Ts 4 RET = Elect Service Node (Ps) 5 IF RET == SUCCESS then 6 Ri becomes a candidate Service Node 7 Generate the corresponding key space KPi

8 IF Broadcast Message Heard 9 Ri becomes a Worker Node and Alternative

Service Node 10 Request AS KeyInfor from Service Node 11 ELSE 12 KeyInforDistribution(λ, H, KP, p, q, UID) 13 eligible = false 14 t = t – 1 15 ENDIF 16 ELSE 17 IF Elect as Worker Node ((H-1) hops, (1-Ps)) 18 Ri only becomes a Worker Node 19 Request KeyInfor from Service Node 20 eligible = false 21 t = t -1 22 ENDIF 23 WHILE (TTL > 0) DO 24 ELAPSE (TTL) 25 ENDWHILE 26 INCREASE Ps 27 ENDIF 28 ENDWHILE 29 RETURN Ri

30 ENDFUNCTION

Lightweight key management scheme 195

A node Ri bootstraps and starts its election right after deployment. On line 2, the node Ri will firstly check whether it is eligible to elect itself as a service node, alternative service node or worker node in each election round. For simplicity, we assume that total sT T t= ⋅ , where t is the total numbers of rounds for node election and self-configuration. On line 4, right after the eligible checking, the node Ri will try to elect itself to be a service node with the probability Ps. If the election gains a success, the node Ri then becomes a candidate service node, and then generates corresponding key space KPi. On line 8, before the node Ri becomes a service node from a candidate service node, the node Ri has to check that whether a broadcast message is heard. If the node Ri gets a broadcast message, it means that there is a service node in (H-1) hops range. On line 9, in order to make full use of the scare storage and computation resource of the node, we elect the node Ri as an alternative service node rather erasing the primes and key space generating information in other existing election or self-configuration algorithms. Note that an alternative service node is not a real service node just a worker node which is eligible to elect itself as a service node and has generated its own key space. On line 12, if there are no broadcast messages heard from any neighbours in range, the node Ri will become a service node, announce its status to H-hop neighbours after a random delay and then quit the election procedure. If the node Ri does not succeed in the self-election to be a service node, then it enters the worker node election procedure. On line 17, the node Ri will check whether there has been a service node already existing in (H-1)-hop range. If no service node within (H-1)-hop range is detected in the current round, then the node Ri will participate the next round. On line 26, at the end of each self-election

round, we increase the probability Ps in order to avoid the existing of lots of zombie nodes. The details of the whole node election and self-configuration are given in Algorithm 1.

3.4 Secure channel establishment

Before the worker nodes request the keying information from their corresponding service node, a secure communication channel to the associate service node has to be established (Liu et al., 2008; Shawn et al., 2010). As shown in Figure 3, a service node firstly broadcasts its UID and public key n to its corresponding worker nodes neighbours in range. Then the worker node can pick up a random number k and encrypt the request message leveraging Rabin’s public key cryptosystem (Rabin, 1979; Du et al., 2004; Mark and Ahmad-Reza, 2010).

( ) ( )2 modnE k B k B n= (4)

After the computation using equation (4), ( )nE k B B is sent to the service node contained in a unicast package. Eventually, the service node decrypts the request keying information by computing ( )( ),p a nD E k B . Therefore, k

can be used as the secret key of a secure channel between a worker node and its corresponding service node.

Figure 4 illustrates messages format which are used in the message exchanging process between a worker node and its associated service node in order to establish a secure communication channel for the dissemination of keying information. From the bandwidth-saving point of view, the advertisement message is designed shorter than the unicast message.

Figure 3 Message exchanges between a service node and its corresponding worker node (see online version for colours)

,Broadcast n p q=

Distribute Keying Information

Request Keying InformationService Node Worker Node

Figure 4 The message format of keying information

UID n p q= ⋅ TTL

UIDEncrypted

Data CtrlFlag TTL

Advertisement Broadcast , 1 service node : m worker nodes

Unicast, 1 service node : 1 worker node

196 D. Chen et al.

3.5 Keying information acquisition and distribution We describe the key dissemination function in Algorithm 2. The disseination procedure KeyInforDistribution is also loaded into each node in the heterogeneous wireless network.

Algorithm 2: Key information distribution algorithm

1 FUNCTION {KeysInfor} = KeyInforDistribution (λ, H, KP, p, q, UID)

2 {KeysInfor} = φ 3 Broadcast (UID, n = p*q) to H-hop Neighbours 4 WHILE |{KeysInfor}| < λ DO 5 IF Recv (Request, (UID, En (k||B) ||B) THEN 6 k = Dp,q(En(k ||B)) 7 Find a unsigned keyshare KeyingInfor for the

Request from Worker Node 8 Send (UID, Ek(KeyingInfor)) 9 {KeysInfor} = {KeysInfor} * {KeyingInfor} 10 ENDIF 11 IF Recv (Request AS, (UID, En (k||B) ||B) THEN 12 k = Dp,q(En(k||B)) 13 Find a unsigned keyshare KeyingInfor for the

Request from Alternative Service Node 14 IF |Buffer| < Alternative Service Node List Buffer

size ASList.size THEN 15 Insert UID into Alternative Service Node List 16 CtrlFlag = True 17 ELSE 18 CtrlFlag = Flase 19 ENDIF 20 Send (UID, Ek(KeyingInfor), CtrlFlag) 21 {KeysInfor} = {KeysInfor} �{KeyingInfor} 22 ENDIF 23 ENDWHILE 24 RETURN {KeysInfor}

25 ENDFUNCTION

On line 3, when a service node calls the function to distribute the keying information, it will broadcast a message containing its UID and n to all nodes in range. Then the service node will be a periodical channel listener for receiving the request message sent by the corresponding worker nodes or alternative service nodes until the requesters number is no more than λ. On line 6, if the request message is sent from a worker node, then the service node will decrypt the message and then find an unsigned key share for the request to send a unicast message to the corresponding worker node. If the request message is sent from an alternative service node, the service node will also insert UID into Alternative Service Node List-ASList when the buffer size is no more than ASList.size, as shown on line 14. This can deal with the single point failure of a service node and save the limit storage and computation resource of the nodes which have been elected as alternative

service nodes without broadcasting its status to its neighbours in range successfully. On line 20, in order to save bandwidth in the wireless channels, the relaying message for the requests from alternative service nodes is also a unicast package.

4 Evaluation of the proposed scheme

In this section, we present the performance evaluation of the proposed lightweight secure key management scheme including storage overhead, communication overhead, computation overhead and resilience against nodes compromise attack, respectively. The proposed lightweight secure key management scheme can promote the T2T communication security in wireless networks, and improve QoS performance of intelligent service in IOT.

4.1 Storage overhead

In the proposed scheme in this paper, each worker node can obtain a piece of keying information from its associate service node. Nodes in the wireless network are divided into three categories: service node, worker node and alternative service node. Assume that N nodes are distributed randomly in the network, the number of service nodes generated in the i-th round election is (Liu et al., 2008; Ei and Susumu, 2011; Huang et al., 2011),

( )( )( ) 111

11

Hi Dii jservice service s s

jN N N P P

−−−

=

⎛ ⎞= − − ⋅⎜ ⎟⎝ ⎠

∑ (5)

Here, we denote the numbers of nodes within H-1 hops range in the neighbours by DH-1. As is discussed before, there are t rounds for node election and self-configuration. In order to compute the average number of keys stored in each worker node, we denote the buffer size for alternative service key by L. And then the number of worker nodes is

( )1

1t

iw service

iN L N Nλ

=

⎛ ⎞= − ⋅ −⎜ ⎟⎝ ⎠

∑ (6)

Hence, the average number of keying information which has to be stored in each worker node can be estimated by

( )1 1

11

t ti iservice service

i ikeys t

iwservice

i

N NNum

N L N N

λ λ

λ

= =

=

⋅ ⋅= =

⎛ ⎞− ⋅ −⎜ ⎟⎝ ⎠

∑ ∑

∑ (7)

4.2 Communication overhead

The total possible network-wide communication overhead in our scheme is computed by

( )1 1

t ti iservice service

i iN B L H N N Dλ λ

= =

⎛ ⎞⋅ + + + ⋅ − ⋅ +⎜ ⎟

⎝ ⎠∑ ∑ (8)

Lightweight key management scheme 197

In equation (8), B is the number of messages broadcast by a service node, L is the number alternative service nodes stored by a service node. Hence, the first factor is the communication overhead of the whole service nodes.

Here, we denote the average forwarding hops from worker nodes to corresponding service nodes by H . And then the communication cost of messages exchanged between alternative service nodes or worker nodes and the associate service nodes can be computed by the second factor. D is the average node degree which equals the average number of neighbouring nodes and indicates the communication cost produced by each worker node to establish the pair-wise keys with D neighbours nodes.

4.3 Computation overhead The computation overhead of a worker node in our scheme is same as that of SBK scheme. The cost mainly comes from three sources (Liu et al., 2008; Huang et al., 2011; Tashkova et al., 2011; Takanori and Akira, 2011): encrypting a shared key k between the worker node and the corresponding service node to establish secure channel; decoding the keying information obtained from the associated service node in the phase of keying information acquisition; and calculating the pair-wise keys shared with its neighbours in the phase of shared key derivation. The first involves one modular squaring, while the second requires a symmetric decryption computation. On the average, a worker node completes the operation described in equation (7).

4.4 Resilience against the compromise attack As mentioned before, both the two key space models hold the property of being n-collusion resistant. It means that only no less than (n+1) nodes have to be captured in order to compromise the pair-wise keys established in the network. Since each service node generates the key space randomly and independently, links protected by a shared key based on our scheme remain security. Thus, if one or more worker nodes in range of the same associate service node are not captured, the key space is secure and resilient against the compromise attack. Furthermore, we can select λ value which is less than the key space size n to deal with the more serious node compromise attack.

5 Conclusion and future works

The IOT/CPS is a novel paradigm rapidly gaining ground in the scenario of WSN and RFID. Heterogeneous things employ a unique global addressing scheme to interact to each other and corporate with others to provide intelligent services for us. However, people may resist the IOT since there is no public confidence that it will not cause any serious threats to their privacy.

Based on the characteristics of things in the IOT, this paper proposes a lightweight security key management scheme for the heterogeneous T2T wireless communication

of the IOT. In the proposed scheme, each node is elected to be a service node, alternative service node or worker node through running self-configuration algorithms. Right after electing process service nodes will generate key spaces for the corresponding worker nodes. Then a secure communication channel will be established between a worker node and its associate service node. Through secure channels, worker nodes acquire keying information from the corresponding service nodes. Furthermore, two worker nodes will derive a shared key if they are associated with a same service node for secure T2T communication in future. Eventually, we evaluate the proposed scheme on storage overhead, communication overhead, computation overhead and resilience against nodes compromise attack, respectively.

Future works will focus on the following: (a) improving the optimisation and fairness of node election algorithm; (b) testing the performance of the proposed scheme on the real IOT/CPS nodes (i.e. heterogeneous sensors/actuators networks); (c) developing a complete IOT application based on the proposed lightweight secure key management scheme as a core part of secure framework.

Acknowledgements

This work is supported by the National Natural Science Foundation of China under Grant No. 60903159, No. 61070162, No. 71071028, No. 60802023 and No. 70931001.

References Azarderskhsh, R. and Reyhani-Masoleh, A. (2011) ‘Secure

clustering and symmetric key establishment in heterogeneous wireless sensor networks’, EURASIP Journal on Wireless Communications and Networking, pp.1–12.

Blom, R. (1984) ‘An optimal class of symmetric key generation systems’, Proceeding of Workshop Theory and Application of Cryptographic Techniques, pp.335–338.

Blundo, C., Santis, A.D., Herzberg, A., Kutten, S., Vaccaro, U. and Yung, M. (1992) ‘Perfectly-secure key distribution for dynamic conferences’, Proceeding of 12th Annual International Cryptology Conference, pp.471–486.

Buettner, M., Greenstein, B., Sample, A., Smith, J.and Wetherall, D. (2008) ‘Revisiting smart dust with RFID sensor networks’, Proceeding of 7th ACM Workshop on Hot Topics in Networks (HotNets-VII), Alberta, Canada.

Chris, S. (2011) ‘An internet of things that do not exist’, Interactions, Vol. 18, No. 3, pp.18–21.

Debasis, B. and Jaydip, D. (2011) ‘Internet of things: applications and challenges in technology and standardization’, Wireless Personal Communications: An International Journal, Vol. 58, No. 1, pp.46–49.

Djamel, D. and Nadjib, B. (2010) ‘A gradual solution to detect selfish nodes in mobile ad hoc networks’, International Journal of Wireless and Mobile Computing, Vol. 4, No. 4 pp.264–274.

Du, W., Deng, J., Han, Y.S., Chen, S.G. and Varshney, P.K. (2004) ‘A key management scheme for wireless sensor networks using deployment knowledge’, IEEE INFOCOM‘04, pp.586–597.

198 D. Chen et al.

Ei, T. and Susumu, S. (2011) ‘A study of the relationship between scale-freeness and evolution of cooperation’, International Journal of Bio-Inspired Computation, Vol. 3, No. 3, pp.142–150.

Eschenauer, L. and Gligor, V.D. (2002) ‘A key-management scheme for distributed sensor networks’, Proceedings of the 9th ACM Conference on Computer and Communication Security, pp.41–47.

Giusto, D., Iera, A., Morabito, G. and Atzori, L. (Eds) (2010) The Internet of Things, Springer, Berlin.

Huang, J.Y., Liao, I.E. and Tang, H.W. (2011) ‘A forward authentication key management scheme for heterogeneous sensor networks’, EURASIP Journal on Wireless Communications and Networking, pp.1–10.

Hui, J.W. and Culler, D.E. (2008) ‘Extending IP to low-power wireless personal area networks’, IEEE Internet Computing, Vol. 12, No .4, pp.37–45.

Liekenbrock, D. (2009) ‘The internet of things state-of-the-art and perspectives for future research’, Communications in Computer and Information Science, Vol. 32, pp.10–15.

Liu, D., Ning, P. and Li, R.F. (2005) ‘Establishing pair-wise keys in distributed sensor networks’, ACM Transactions on Information and Systems Security, Vol. 8, No. 1, pp.41–77.

Liu, F., Cheng, X., Ma, L. and Xing, K. (2008) ‘SBK: a self-configuring framework for bootstrapping keys in sensor network’, IEEE Transactions on Mobile Computing, Vol. 7, No. 7, pp.858–868.

Loree, P., Nygard, K. and Du, X.J. (2009) ‘An efficient post-deployment key establishment scheme for heterogeneous sensor networks’, Proceedings of 2009 Global Telecommunications Conference, GLOBECOM 2009, pp.1–6.

Luigi, A., Antonio, I. and Giacomo, M. (2010) ‘The internet of things: a survey’, Computer Networks, Vol. 54, No. 15, pp.2787–2805.

Mark, M. and Ahmad-Reza, S. (2010) ‘Key agreement for heterogeneous mobile ad-hoc groups’, International Journal of Wireless and Mobile Computing, Vol. 4, No. 1, pp.17–30.

Mattern, F. and Floerkemeier, C. (2010) ‘From the internet of computers to the internet of things’, Lecture Notes in Computer Science, Vol. 6462, pp.242–259.

Medaglia, C.M. and Serbanati, A. (2010) ‘An overview of privacy and security issues in the internet of things’, Proceedings of 20th Tyrrhenian Workshop on Digital Communications, Italy, pp.389–395.

Rabin, M. (1979) Digitalized Signatures And Public-Key Functions as Intractable as Factorization, MIT Laboratory for Computer Science, Cambridge, MA.

Shawn, A.B., Bradley, H., Mohamed, E. and Denis, G. (2010) ‘Agents in service-oriented wireless sensor networks’, International Journal of Wireless and Mobile Computing, Vol. 4, No. 3, pp.218–227.

Sun, Y., Trappe, W. and Liu, K.J.R. (2004) ‘A scalable multicast key management scheme for heterogeneous wireless networks’, IEEE/ACM Transactions on Networking, Vol. 12, No. 4, pp.653–666.

Tashkova, K., Korosec, P. and Silc, J. (2011) A distributed multilevel ant-colony algorithm for the multi-way graph partitioning’, International Journal of Bio-Inspired Computation, Vol. 3, No. 5, pp.286–296.

Takanori, K. and Akira, N. (2011) ‘Dynamic diffusion in evolutionary optimised networks’, International Journal of Bio-Inspired Computation, Vol. 3, No. 6, pp.384–392.

Zhu, S., Seia, S. and Jajodia, S. (2006) ‘LEAP+: efficient security mechanisms for large-scale distributed sensor networks’, ACM Transactions on Sensor Networks, Vol. 2, No. 4, pp.500–528.