Sensor Networks Can they be totally secured (and how) ?

position paper Andrei Agapi

Abstract: In this paper we aim to analyze the issues and requirements pertaining the security of sensor networks. We will briefly overview the state of the art in sensor networks hardware, software and security systems. We will then discuss the security requirements related to most sensor networks applications as well as the attacks that these systems are vulnerable to. We will then ask ourselves the question: What technologies available today can we use to meet these requirements ? Can we easily adapt existing technologies to these quite pretentious and poorly-equipped systems ? Can we use classic defense mechanisms based on symmetric key or public key cryptography or should we look for alternative solutions ? If we plan to use SKC or PKC, which approach would be better ? Or does the chosen approach depend on the class of applications and/or the size of the system ? We will briefly overview some existent approaches trying to adapt either symmetric key or asymmetric key algorithms for securing sensor networks. Finally, we will try to answer the question posed the title: Can we build a totally secure sensor network ? If so, how, by what technology (symmetric keys, asymmetric keys, Merkle trees, Elliptic Curve Cryptography, or should we avoid using cryptography altogether ?) And what are the costs we have to pay ? Is it worth it or even possible in relation to the other restriction pertaining to sensor networks such as energy consumption limitations or the need for low cost systems (both implying restricted processing power and bandwidth) ?

1) Introduction Sensor networks are quite a new and heavily researched topic today. Empowered by latest advances in electronics, such as MEMS (Micro Electro-Mechanical Systems) and wireless communication systems, this field promises to empower new applications in many areas that could have a huge impact on our everyday life in the future. Application areas include: health (patient monitoring), a plethora of military applications, disaster prevention and phenomenon monitoring, organization logistic, building security, inventory management, "intelligent home" applications to name just a few. Quite a heavily researched area lately, it yields issues not only pertaining security, but also many problems targeted by systems research. In this paper we will try to set the general framework of this research field and then analyze the issues related to security and also try to predict if properly securing wireless sensor networks is an achievable goal in the near future. The remainder of this paper is organized as follows: the next section will set the general background of the research problem, by very quickly overviewing the state of the art in sensor networks: existent node platforms, software for these platforms as well as networking models for sensor networks. Sections 3 and 4 will overview the issues and requirements in WSN security, as well as some classes of attacks that these systems are vulnerable to. Section 5 will describe some possible solutions and existent attempts made to address the quite high requirements and challenges pertaining to WSN security. We will try to evaluate the strengths and weaknesses of the existing systems and see how well they meet the requirements identified by us. Finally, we will draw our conclusions and state our position in Section 6. 2) Sensor network systems an overview

Sensor network systems typically consist of a large number of small sensor nodes (also called motes sometimes), that are deployed in a certain environment as to measure some phenomenon. Since the motes have, for many applications, small sensing ranges (for typical applications could be as small as 1 meter [1]) and also taking into account the nature of many phenomena to be measured as well as issues like fault tolerance and survivability, SNs are very often dense networks, with many

motes deployed close to each other. In a typical application, and taking into account currently available technology, [1] shows that with a sensing range of 1 meter (therefore a coverage area of r2 = 3.141 square meters), a radio range of 15 meters to communicate with neighboring motes (and thus a single hop area of coverage of 706 square meters), as many as 224 sensors would be required to cover a one hop area. For a more precise formula giving the density of SNs as a function of deployed nodes, covered area and radio transmission range please see [2]. Therefore sensor networks typically consist of a large number of nodes. To keep this solution cost effective, the cost of a single node should be as low as possible. A targeted price for the future would be 1$/mote, however the current state of the art in Bluetooth radio technology allows the cheapest radio transceiver to be around 10$ [3]. Since we have such low cost requirements, the resources attached to a mote are very limited. As shown in [1], the typical structure of such a node consists of a sensing unit (a sensor + Analog-Digital Converters - ADCs), a processing unit (processor and storage), a radio transceiver and a power unit. Additional components, depending on the application may include location finder systems, power generators (such as power scavengers such as solar cells) or so-called mobilizers (i.e. systems allowing the sensors to move). Research to develop smaller and cheaper motes is undergoing, but an interesting observation, also made in [4], is that users of WSNs will probably tend to ride the curve given by the Moores law downwards, in the sense that they will try to keep a minimum performance and lower the price instead of keeping the current price and improve performance. Therefore, we should not expect richer resources on sensor network nodes to be available too soon in the future. Examples of currently available mote platforms are the Mica mote (used in [4]) (4 MHz 8-bit Atmel ATMEGA103 processor, 128 KB of instruction, 4 KB RAM, and 512 KB of flash memory, 916 MHz RFM 40 Kbps low-power radio) or the WinSNG 1.0 platform [5], but the field is under rapid development. Appropriate operating systems for WSNs are also a hot research topic, with emerging de-facto standard candidates such as Tiny OS [6] from Berkeley or Windows CE, used by WinSNG, available. An example of available stripped-down C compiler (for Tiny OS) is nesC. Since in the deployment phase of sensor networks, their position cannot be, in many cases, engineered or pre-determined, WSNs fall into the category of ad-hoc networks. Communication algorithms for these systems must be self-organizing. Since the one-hop range of these wireless devices is quite limited, as in many ad-hoc networks, nodes communicate through multi-hop routing, i.e. nodes act as routers for messages between other nodes While they exhibit many similarities with generic ad-hoc networks, WSNs have many particularities that differentiate them from these. These differences have, as we will see, a serious impact on the security issues raised by these systems. Many papers [1] [7] [4] notice particularities of WSNs that make them quite unique ad-hoc systems. Here are some of these particularities which we think have a great impact on the security issues to be presented in section 3: As we have mentioned before, the number of nodes is generally considerably higher than in a typical ad-hoc network and the nodes are more densely deployed, therefore each node has many neighbors (This raises important scalability concerns, posing serious limits on the use of some existing security technologies such as keeping pair-wise symmetric keys between any 2 neighbors). In addition to being ad-hoc, the topologies can also be dynamic, as motes might be mobile, or groups of nodes might be monitorizing mobile objects (such as moving vehicles), therefore the membership of the group can be dynamic, as nodes join and leave such a group (this can require algorithms for secure dynamic group communication, such as the ones presented in [8]) A very important difference is in the above-mentioned cost limitations, which imply very drastic processing power, memory and network bandwidth limitations; [4] notes a difference of 3 orders of magnitude between sensor network resources and the resources of other typical embedded systems, used so far as nodes in ad-hoc networks. Since technologies like asymmetric key cryptography were already hard to implement efficiently on these embedded systems, the

problem becomes more acute on sensor networks, and many papers [4][9][10] even dismiss the possibility of using PKC for motes as impractical Perhaps the most drastic limitation when implementing just about anything over WSNs is that of power consumption. WSNs are typically deployed in places where it is not convenient nor easy to attend or access them after deployment (such as inside buildings for detection of earthquake effects or behind enemy lines), and therefore batteries cannot be easily renewed; this puts a very serious and strong constraint on energy consumption, requiring the design of energy-aware algorithms for most tasks to be run on motes, including security related ones. Sensor networks platforms and network topologies tend to be much more application specific then generic ad-hoc networks. This also applies to security requirements, which can vary greatly from one application to another The characteristics of data traffic in WSNs characteristics are different and quite unique compared to any other systems: traffic rates are very low over time (motes communicate about 0.01% of the time), but they exhibit periods with very high bursts. This is relevant to some classes of DOS attacks, for instance those targeting battery depletion The communication model in WSNs is largely data centric: focused on the measured data, not on some individual node or on providing communication capabilities between 2 exact nodes. While in generic networks, even in ad-hoc ones, the traffic model is many-to-many, for sensor networks it is generally one-to-many (for instance a source requiring a measurement) or manyto-one (more motes sending data to a sink). This has a great impact on multi-hop routing algorithms (such as [11]) designed for WSNs (for an overview please see [1]) and also on some security threats, specific to WSN networks (discussed in [4] and in the next section) As many surveys or papers observe, for instance [12], the network architecture for WSNs can be either totally distributed (i.e. all sensors are equal), or hierarchical (i.e. there are so-called base stations, which are more resource-rich nodes, possibly also having a powerful connection with the outside world, where measured data is generally collected used as sinks) and/or cluster heads, which are generally normal sensor nodes where data is aggregated from a group of nodes (called a cluster), for instance for the purpose of eliminating duplicate measurements to save energy. Such a network topology also has a serious impact on the security of WSNs, as base stations can be generally used as distribution points for keys (for instance in [13]) or to execute resource-consuming computations. We can say that the main problem throughout sensor network application design is that of reducing power consumption. Moreover, when designing algorithms for sensor networks, including security algorithms, we should keep in mind that, as noted in [4], power consumption for motes is dominated by communication costs, as each bit transmitted consumes as much power as executing 8001000 instructions, therefore it is very important to minimize both the number of messages exchanged, as well as (more importantly) the number of additional bits transmitted in each package. For instance, the data link layer security as implemented in TinySec [10], manages to achieve a very good performance, energy-wise, using a symmetric key approach (the SKIPJACK cipher) by having only 5-10% overhead. 3) Issues in sensor network security, vulnerabilities and possible attacks We might start by noting that most of the issues pertinent to wireless network security are have their roots, in our opinion, in 3 causes: 1. Firstly, as we have seen, to make sensor networks economically viable, the cost of a single node has to be very low, therefore limited processing power, memory and network bandwidth and range are available. This seriously limits our options in implementing security mechanisms

2. In addition, since they are deployed in places where it is not convenient nor easy to attend or access them after deployment, power consumption is critical; implementation of algorithms should definitely be energy-aware 3. Moreover, since sensor networks are many times deployed in possibly hostile places, where they will function unattended, they can be captured, disassembled, modified or replaced with rogue nodes by adversaries, therefore ensuring security for such networks becomes very challenging These issues add to the general issues linked to wireless transmission medium, and the ad-hoc structure of the network. There are quite a number of papers [1][12][4][14] identifying vulnerabilities of WSNs (there are very many, indeed) and possible attacks. [12] for instance categorizes these attacks as passive (for example eavesdropping) and active (such as man-in-the middle, session hijacking, masquerading as legitimate nodes). These are indeed some classic types of attack that WSNs, being wireless networks, are inherently vulnerable to. More specific to the nature of sensor networks are attacks that assume capture & disassembly nodes to obtain credentials or keying material or inserting rogue nodes in the network. In this context, [4] classifies attackers as mote attackers, that have at their disposal devices similar resource-wise to legitimate motes, and laptop attackers, that have more powerful devices and/or high-bandwidth and low-latency connections. We will see that these tools can enable them to mount some interesting classes of attacks. Another class of attacks that WSNs are very vulnerable to are various types of DOS attacks. For instance communication can be jammed either at physical level, by broadcasting a high-energy signal on the frequency used by motes or at the MAC layer, for instance by sending a Request To Send signal repeatedly and thus overwhelming nodes. These attacks are especially efficient against WSNs, since they cause battery-depletion (we have seen that the cost of communication is very high. For instance, according to [4], a Mica mote can function only for about a week in full energy mode, i.e. with radio on). Solution to mitigate these attacks exist. A classic solution to jamming at physical layer is spread spectrum communication, but unfortunately hardware for this is not yet available for motes at low enough costs. Other solutions employ energy-aware routing (nodes do not forward messages for routing to nodes that announce to have low battery), or energy-efficient MAC-layer protocols, which is a very large topic of research on WSNs, also on the systems side, not only for securityrelated research. A very interesting solution to DOS over WSNs is presented in [15], based on detection of the jammed region and routing around it. Besides these attacks, which are generally possible in most wireless systems (except for node capture, rogue nodes and battery depletion attacks), there are a series of attacks possible because of the multi-hoped nature of communication in WSNs. In this direction, let us note that traffic in WSNs can generally be classified in: many-to-one over the network (e.g. multiple sensor nodes send sensor readings to a sink), one-to-many over the network (e.g. a base station broadcasts a command to several sensors), and local (in general broadcast) communication (for instance nodes forwarding messages or sending discovery or management commands). [4] presents such a class of attacks, which target message routing in WSNs. The issue of prevention of these attacks is called secure routing. Moreover, [4] overviews most routing protocols currently used in sensor and ad-hoc networks (including for instance the one in [11]) and shows that all are vulnerable to at least some of these attacks. Moreover, not even secure authentication, as could be achieved by PKC or SKC technologies can solve all of these types of attacks, therefore totally securing WSNs remains an open issue. Such attacks are: 1. Spoofing, altering, or replaying routing information. The attacker can fake control messages advertising routing information, as to manipulate the routing structure of the ad-hoc network (e.g. to create routing loops, attract or repel network traffic, partition the network, etc.) This attack could be solved by secure node-to-node authentication.

2. Selective forwarding: If she managed to insert herself on a routing path, the attacker can simply drop some messages, preventing them from reaching their destination. To prevent detection, he can do this selectively, only for some packages. This attack is possible only once the attacker has managed to join the network and insert herself in the path 3. Sinkhole attacks. The attacker advertises very attractive path characteristics low latency etc to determine nodes to insert him in their routing tables, and thus be part of paths, as to enable for instance a selective forwarding attack. The attractive characteristics advertised might even be true, for instance for a laptop attacker who actually has access to an off-band high performance connection. After this attack, the intruder becomes a sink for many nodes in the network 4. Sybil attacks[16]. The attacker assumes multiple identities, as to circumvent ad-hoc routing systems that try to set up redundant routes as to prevent sinkhole attacks. He can therefore even isolate certain nodes, making all their outgoing connections to pass through him 5. Wormholes. The attacker possesses an off-band high performance connection between 2 distant points in the network. Using this connection, he is able to forward messages much faster than legitimate nodes, therefore he will be preferred as a forwarding node by many nodes in the network, inserting himself in their outgoing paths. This is a very hard to detect and effective attack, since it circumvents possible checks made by the ad-hoc routing protocol as to the veridicity of the advertised characteristics 6. HELLO flood attacks. Many protocols use HELLO messages to let neighbor nodes know about their proximity. By broadcasting HELLO messages to all the nodes in the network, even distant ones, the attacker introduces confusing information in the routing tables, degrading the performance of the network or inserting herself in routing paths 7. Acknowledgement spoofing. The attacker falsely acknowledges packages on behalf of the receiver, taking advantage of the broadcast medium, as to convince the sender that a weak link in the network is strong or that a node that is down is actually working 4) Security requirements for sensor networks applications

Depending on the application domain there might be stricter or more relaxed requirements for the security of WSNs. For instance, in a fire alarm system placed in the woods, data confidentiality might not be an issue, while authenticity will. Requirements include: 1. Authentication all or some of the following: user/base station-to-nodes, nodes-to-base station, nodes-to-nodes. For instance, we can see that some PKC-based systems, such as [10], only provide mutual authentication between a base station and nodes in the sensor network. However, when node-to-node authentication is lacking, we have see that the system becomes vulnerable to routing attacks such that the ones mentioned in the previous section 2. Confidentiality This is needed for some applications e.g. to prevent eavesdropping. The classic solution is cryptography, and achieving this requirement boils down to managing to efficiently implement cryptographic schemes in the context of sensor networks. Main obstacles, as we have seen, are scarce resources, large scale of networks and the need for power-efficient algorithms 3. Integrity Needed to prevent e.g. replay attacks, masquerading, traffic injection or faking sensed data, classic solution is again in cryptography. 4. Non-repudiation Not always necessary, can be a tool to securely detect rogue nodes trying attacks such as selective forwarding for instance 5. Efficiency in power consumption This is a main requirement for all WSN applications 6. Scalability 7. Reliability, fault tolerance and/or survivability are generally required by critical applications. A security aspect of this more generic issue is that of key connectivity i.e. a node should be able to talk to a large enough number of other nodes such that we obtain a totally and well-connected network

Other requirements, specific to only some applications, can include: 8. Resilience to node capture This problem is specific to sensor networks and one of the main challenges in the moment 9. Robustness to DOS attacks 10. Secure group management 11. Secure data aggregation 12. Intrusion detection 5) Overview of solutions and possible future directions for WSN security

Research on WSN security, quite a hot topic today, has yielded many proposed solutions to the problems mentioned in the previous sections. We have seen that one of the main problems is that of secure authentication. Solving this problem efficiently would solve many other problems, such as secure routing for instance. Like many of the other requirements, solutions for authentication are linked to cryptography. However, cryptography as it is implemented in other systems is not suitable for WSNs. This is because WSN have many characteristics that directly conflict with the requirements of cryptography and sometimes with each other, therefore no solutions exist that dont require (quite heavy) trade-offs. The most serious limitations of WSN that influence security are: need for power efficiency, the need to cope with poor resources, scalability in number of nodes (required by the inherent large size and high density of WSNs) and high vulnerability of nodes to physical attacks, such as capture and disassemble. One of the main problems with applying cryptography to WSNs is key distribution. Having an unique key for all nodes would expose the entire network in the advent of the capture of a single node. As noted in [17], having a single key which would be then used to generate pair-wise keys between nodes and then deleted would have the disadvantage that adding new nodes later would be impossible. Using classic Diffie-Hellman is too expensive and it is vulnerable too MiM attacks, while using the authenticated version of Diffie-Hellman would be even more expensive, as shown in [18] and we would need to keep pair-wise shared keys, just as with SKC, which does not scale. Let us analyze our alternatives: PK cryptography is scalable, but, at least in the form used for more classic systems and networks is too expensive, both computationally and energy-wise to be used in these resource-limited devices. While computation time may not be such an issue for many applications, energy awareness is, and work has to be done in this direction. SK cryptography, albeit sometimes considered faster and less resource-greedy than PK cryptography has a very big disadvantage in lack of scalability. As we have seen, SNs typically have a large number of densely-deployed nodes; in this context, keeping many pair-wise keys to secure communication channels with possibly many neighbors is obviously unpractical, since again we conflict with the poor storage capabilities of the nodes. The question of which of these solution is better therefore results in another question, i.e. is it better and/or easier to adapt PK-algorithms to be more energy-aware and computationally (and storage-wise) economic or should we rather make SK-based schemes more scalable ? Efforts have been placed in both directions. Solutions based on symmetric keys have been proposed. These include bootstrapping keys with a base-station [19]. However, this constitutes a single point of failure. Tamper-resistant hardware could be used only for the base station but this would still be vulnerable to a DoS attack then, when the base station is simply destroyed. Moreover, we have seen that the communication costs dominate the energy consumption, therefore these should be minimized, an dthe solution Is not as scalable a PKCbased ones. An interesting alternative, also SKC-based are random key predistribution protocols [20]. Here, only a small fraction of keys from a large pre-generated key pool is distributed on the nodes,

such that nodes can securely communicate to a random set of the sensor network. If a large enough degree of key connectivity is provided, a totally connected network can be achieved. Disadvantages are high communication costs due to forwarding by more hops and the fact that if attackers have compromised sufficiently many nodes, they can reconstruct a significant portion of the pool of keys and thus compromise the network. A survey of results in the direction of SKC adaptation of WSNs is included in [12]. However, previous experience has shown that PK-based schemes are indeed inherently much more scalable than SK-based ones. Therefore, we believe that indeed, if the problem of high costs could be solved for PK-based algorithms, this would indeed provide a better solution for the future. Especially that additional modifications applied to SK-based schemes as to improve their scalability add further costs to their implementation, making them less and less viable. Attempts to make PK-based algorithms implementable on sensor networks exist. For instance [21] attempts to provide a stripped-down version of a CA and a modified authentication algorithm (based on Diffie-Hellman) - to mitigate the fact that private key operations on the embedded platform was too slow and achieves end-to-end mutual authentication between a user and the sensor network. We have seen that this is not enough, as we need node-to-node authentication too. Obviously, there are also some advantages to WSN networks: compared to the Internet, for instance, where we have to authenticate nodes that have never met before (for instance by having trusted Certification Authorities), with sensor networks, nodes have met before, in a save environment, i.e. before they are deployed. Therefore, the need of a CA can be lifted. Such a solution is presented in [22], where the keys of other nodes are kept directly on the nodes instead of a CA key. To cope with large key sizes, only hashes of these keys are actually maintained and actually a Merkle tree is used to further reduce the size of the key material kept on the nodes. The Merkle tree is further optimized by using data locality. A very promising alternative to PKC is Elliptic Curve Cryptography. An efficient solution based on ECC and implemented over TinyOS is presented in [18]. Besides efficient software implementations, researchers have tried to find efficient (energyaware) algorithms for PKC, suitable for hardware implementations. Two such algorithms (albeit of a very different nature from one another) Rabins scheme (based on prime numbers arithmetic, much like RSA) and NtruEncrypt (based on arithmetic over a polynomial ring) are presented in [23], together with their low-power design hardware implementations. Tests show very good results, the best from all PKC-based algorithms referenced so far. The problem of resilience to node capture and reinsertion is still an open one. Solutions for it generally have included byzantine-like techniques, redundancy, quorum voting or solutions like onetime sensors [13]. Solutions to DOS attacks have been referenced in section 3 and are closely related to systems research on sensor networks such as general low-power design. 6) Discussion and conclusions

As a conclusion, it is clear that securing WSNs is a very challenging task. The very strict requirements of this platform as well as some applications that use them and the setting in which they are used make securing them a very hard task. At least with todays technology, and probably for long in the future as well, there is no bullet-proof solution to WSN security. Securing WSN systems can only be achieved by serious trade-offs (e.g. scalability for memory storage, memory storage for communication, thus energy consumption) by relaxing certain requirements (using one-time sensors or authenticating nodes end-to-end instead of per-hop). Although quite publicly available energy and time-efficient implementations exist, generally based on SKC so far, for instance [10], they are far from being bullet-proof, as proved by tests like those done in [4]. Moreover, it is doubtable that bullet-proof implementations can be achieved in the future, without making some trade-offs, if nothing else at least in the cost of nodes (for instance including tamper-resistent hardware in nodes).

References: [1] Security for Sensor Networks, Jeffery Undercoffer, Sasikanth Avancha, Anupam Joshi and

John Pinkston
[2] Bulusu et al., Scalable Coordination for Wireless Sensor Networks: Self-Configuring Localization Systems,ISCTA 2001, Ambleside, U.K., July 2001 [3] J. M. Rabaey et al., PicoRadio Supports Ad Hoc Ultra- Low Power Wireless Networking, IEEE Comp. Mag., 2000, pp. 4248 [4] Secure Routing in Wireless Sensor Networks Attacks and Countermeasures, Chris Karlof David

Wagner
[5] G. J. Pottie and W. J. Kaiser. Embedding the internet: wireless integrated network sensors. Communications of the ACM, 43(5):5158, May 2000 [6] Tiny OS website - www.tinyos.net [7] Short Survey Sensor Networks, Holger Karl, Andreas Willig [8] "Key Establishment in Large Dynamic Groups Using One-Way Function Trees", Alan T. Sherman, David A. McGrew. IEEE Trans. Software Eng. 2003 [9] SPINS - Security Protocols for Sensor Networks, A. Perrig, R. Szewczyk, J.D. Tygar, V. Wen and D. E. Culler [10] "TinySec: A Link Layer Security Architecture for Wireless Sensor Networks",. Chris Karlof, Naveen Sastry, and David Wagner. Proceedings of the Second ACM Conference on Embedded Networked Sensor Systems (SenSys 2004). November 2004. [11] Building Efficient Wireless Sensor Networks with Low Level Naming, Heidemann et. al [12] "Key Distribution Mechanisms for Wireless Sensor Networks: a Survey", Seyit A. amtepe, Blent Yener, March 2005 [13] "One-Time Sensors: A Novel Concept to Mitigate Node-Capture Attacks" K. Bicakci, C. Gamage, B. Crispo and A.S. Tanenbaum, to be presented at ESAS 2005: 2nd European Workshop on Security and Privacy in Ad-Hoc and Sensors Networks, Visegrad, Hungary, July 2005 [14] Security and Privacy in wireless Sensor Networks, Haowen Chan and Adrian Perrig [15] Wood, A., Stankovic, J., and Son, S. JAM: A mapping service for jammed regions in sensor networks. In Proceedings of the IEEE Real-Time Systems Symposium (Cancun, Mexico, Dec. 35, 2003) [16] John R. Douceur, The Sybil Attack, in 1st International Workshop on Peer-to-Peer Systems (IPTPS 02), March 2002 [17] Security in Wireless Sensor Networks, A.Perrig et. al [18] "A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography", Malan D.J.; Welsh, M.; Smith, M.D., IEEE SECON 2004, October 2004 [19] Perrig, A., Szewczyk, R., Wen, V., Culler, D., and Tygar, J. SPINS: Security protocols for sensor networks. J. Wireless Nets. 8, 5 (Sept. 2002), 521534 [20] Eschenauer, L. and Gligor, V. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communication Security (Washington, D.C., Nov.). ACM Press, New York, 2002, 4147 [21] "TinyPK: Securing Sensor Networks with Public Key Technology", Ronald Watro, Derrick Kong, Sue-fen Cuti, Charles Gardiner, Charles Lynn and Peter Kruus [22] "An Efficient Scheme for Authenticating Public Keys in Sensor Networks", Wenliang Du, Ronghua Wang, and Peng Ning. . In Proceedings of the 6th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), May 2005 [23] "Public Keys Cryptography in Sensor Networks -- Rivisited", Sunar G. Gaubatz, J. Kaps, B. , Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004)