|dc.description.abstract||The term sensor network is used to refer to a broad class of networks where several small devices, called sensors, are deployed in order to gather data and report back to one or more base stations. Traditionally, sensors are assumed to be small, low-cost, battery-powered, wireless, computationally constrained, and memory constrained devices equipped with some sort of specialized sensing equipment. In many settings, these sensors must be resilient to individual node failure and malicious attacks by an adversary, despite their constrained nature.
This thesis is concerned with security during all phases of a sensor network's lifetime: pre-deployment, deployment, operation, and maintenance. This is accomplished by pre-loading nodes with symmetric keys according to a new family of combinatorial key pre-distribution schemes to facilitate secure communication between nodes using minimal storage overhead, and without requiring expensive public-key operations. This key pre-distribution technique is then utilized to construct a secure network discovery protocol, which allows a node to correctly learn the local network topology, even in the presence of active malicious nodes. Finally, a family of secure aggregation protocols are presented that allow for data to be efficiently collected from the entire network at a much lower cost than collecting readings individually, even if an active adversary is present.
The key pre-distribution schemes are built from a family of combinatorial designs that allow for a concise mathematical analysis of their performance, but unlike previous approaches, do not suffer from strict constraints on the network size or number of keys per node. The network discovery protocol is focused on providing nodes with an accurate view of the complete topology so that multiple node-disjoint paths can be established to a destination, even if an adversary is present at the time of deployment. This property allows for the use of many existing multi-path protocols that rely on the existence of such node-disjoint paths. The aggregation protocols are the first designed for simple linear networks, but generalize naturally to other classes of networks. Proofs of security are provided for all protocols.||en