International Journal of Computer Networks & Communications (IJCNC)


Symmetric Key Management Scheme for Hierarchical Wireless Sensor Networks

Mohammed A. Al-taha1 and Ra’ad A. Muhajjar2

1Department of Computer Science, College of Science, Basrah University, Iraq

2Department of Computer Science, College of Computer Science and

Information Technology, Basrah University, Iraq


Wireless Sensor Networks (WSNs) are critical component in many applications that used for data collection. Since sensors have limited resource, Wireless Sensor Networks are more vulnerable to attacks than other wireless networks. It is necessary to design a powerful key management scheme for WSNs and take in consideration the limited characteristics of sensors.    To achieve security of communicated data in the network and to extend the WSNs lifetime; this paper proposes a new scheme called Symmetric Key Management Scheme (SKMS). SKMS used Symmetric Key Cryptography that depends only on a Hash function and XOR operation for securing homogeneous and heterogeneous hierarchical WSNs. Symmetric Key Cryptography is less computation than Asymmetric Key Cryptography. Simulation results show that the proposed scheme provides security, save the energy of sensors with low computation overhead.


Wireless sensor Networks, Key Management, Symmetric Cryptography, hash function, XOR

1. Introduction

Wireless sensor networks (WSNs) consist of hundreds, even thousands of low-cost devices called sensor nodes. These sensors have resource constraints such as limited power resource and low memory. Sensors are randomly deployed in open and harsh environments to collect different types of data such as pressure, temperature, soil makeup, humidity, noise levels etc. Sensors in WSNs can communicate with each other by radio channel to transmit the data to the centric node known as the sink node (Base Station). WSNs has formed the basics for covering a different range of applications such as health care, military, environmental monitoring and other fields [1].

WSNs can be classified as flat networks and hierarchical networks. In flat networks, every sensor in the network has the same characteristics (battery lifetime, storage capacity, processor and transmitted power) and perform the same task. In flat networks sensor nodes can transmit data to its neighbor one by one to the sink. In hierarchical networks, the network divided in to several groups called clusters (each cluster has a head called cluster  head and the other nodes  called cluster members). Hierarchical WSNs can be implemented as homogeneous and heterogeneous. All sensor nodes have the same capabilities in homogeneous WSNs. In heterogeneous  WSNs incorporate  different  types  of  sensor  nodes  that  have  different  capabilities  (small  number  of sensors  with  powerful   characteristics  elects  as  Cluster  head  and  a  large  number  of  low characteristics sensors elects as Cluster members).Most applications  that  use  WSNs  [2]  have  sensitive  data  as in  military  applications.  Due to limitation resource of sensor node and the hostile environment make it a big challenge to secure the network. Key management  is the first requirements to secure communication  in WSNs. Key management  includes  generation,  distribution  and  installation  the  keys  inside  sensors  and  it should support the node addition and deletion with revocation and update the keys [3].Symmetric and  Asymmetric  cryptography  are  being  used  to  achieve  security  (authentication,  integrity, privacy) in WSNs. In Symmetric, each node (sender and receiver) shared the same secret key that used for encryption and decryption the data communicated in the network. In Asymmetric  key, each node, the sender and receiver,  have two keys which are the public key that known to all nodes  in  the  network  and  secret  key  which  is  private  [5].  Symmetric cryptography is less computation and consuming less energy than Asymmetric Key [4].

In this paper, Symmetric Key Management Scheme (SKMS) for securing heterogeneous and homogeneous hierarchical WSNs has been proposed. SKMS used symmetric key cryptography depends only on a hash function and XOR operation to establish a session keys between any two nodes.


Many  key  management  schemes  have  been  proposed  to  protect  the  communication  among sensors in the WSNs. In [6] proposed a hierarchical key management scheme (HKMS) to enhance the security hierarchical WSNs. In this scheme, the keys are established and distributed according to the hop count by using one way function. To protect the network from the compromised nodes, different keys were generated based on the hop counts. After particular period of time, the used keys were changed over time.. The authors in [7], used Hybrid key management for heterogeneous  WSN, they used Symmetric and Asymmetric  cryptographic  technique  in three levels,  first  level  used signature  encryption algorithm based on Elliptic Curve Cryptography (ECC) to secure the communication between the sink and the cluster head. In second level, Diffie-Hellman key exchange algorithm based on ECC is used to generate shared key between  the cluster  head and sensor  nodes. finally, Symmetric session key is used between two sensor nodes because the limited resource of the sensor nodes. Each cluster head selects random value r and broadcast it to all cluster members.

The scheme used shared value based on r when two nodes want to communicated. The authors of [8] proposed a key management scheme for hierarchical WSN by using Power aware routing protocol and track – sector clustering, the track sector clustering scheme is used for minimizing the transmission data redundant by means of reducing the connection between the sink node and the cluster head. Hybrid Elliptic Curve Cryptography (HECC) technique is implementing that used 80 bits key size for securing the routing. In [9] the authors proposed a new scheme used three types of keys:  Network key, group key and pairwise key.  The network key is used for encrypting  the broadcast  message  and for authenticate  the new node,  group  key is used  as a shared key between all the sensor nodes in the same cluster, and the last key, the pairwise key is shared  between  specific  pair  of  nodes.  In the proposed scheme, they used assistant node to improve the security and reduce resource cost when cluster head is compromised.  In [10], The authors proposed  key management  for hierarchical  WSN using  UAV  to establish  session  key between two nodes. The proposed method used symmetric cryptographic key management which is depended on XOR operation and hash function. UAV used as center unit to reduce the storage. Two nodes can’t establish session key only with the help of UAV. In [11], proposed a hierarchical key management scheme for heterogeneous WSNs that used symmetric cryptographic algorithms with low cost operations such as modular multiplication and bitwise XOR operation. This scheme has two parts: key generation scheme and key updating scheme. The first part used four types of keys: individual key, pairwise key, cluster key and master key. Individual key used to secure the communication between sensor node and base station. Pairwise key is use to secure the communication between two neighbor nodes. Cluster key is used to secure the communication between all cluster member. Master key is shared with all senor node in the network which use when the base station securely broadcast information to all sensor node in the network. The update part used to update the cluster key and the master.

3. The Proposed Method

3.1 Network Model

The proposed scheme adopts the hierarchical WSN as shown in the Figure 1.

Figure 1. Network Model

The proposed scheme assumes that network has the following properties:

1-   The sink node has unlimited storage and sufficient energy with trusted place.

2-   All sensor nodes are static.

3-   If sensor node is captured by attacker, sensors can extract all information from it.

The notation of our scheme is summarized in table 1:

Table 1 Notation



After the deployment, each cluster head broadcasts HELLO message which include its ID. Each sensor node may receive messages that coming from more than one cluster head. Sensor node chose a cluster head that have best signal strength. Sensors are storing one more parameter which is the cluster head identity. Now each sensor node has three parameters: initial key, its identity and cluster head identity.



Suppose that two sensor nodes A and B are neighbors and want to be communicated, session key process is presented as bellow:

1- First node A send its ID to node B

4. Security Analysis

The security analysis of the proposed scheme can be discussed as following: 

4.1 Key updating

In the proposed scheme, each session used key different from the others. Every session key depends on shared value between two nodes. For more security, the shared value between two nodes should be updated periodically.  After certain period, the update phase is started.

First, each node updates the initial key by tack hash value for the current initial key.

Now node B computes:


The sensor nodes have limited energy and after some time the node will die, for that, the died node should be replaced with new node. For more security, after period each node update the initial key by take hash value of the current key as follows:

Before deployment the new node, the sink node is known the current value of the initial key. So, sink node pre-loaded the new node with its ID and the current value of initial key  . After deployment the new node, first the node joined a cluster and it start the discovery phase with its neighbors to calculate the shared values with them and the neighbor nodes continued with the update phase.


When a node captured, all the security information stored on it will become compromised. Each node that have shared value with the compromised node will delete it and then the nodes in the same cluster that compromised node belong to it will enter the discovery phase and calculate new shared value among them.


In this section, we evaluate the proposed scheme and analyzed the storage overhead, energy consumption and time which compared with other related work. The proposed scheme compared with scheme “Lightweight Multilevel Key Management Scheme for Large Scale Wireless Sensor Network” (MKMLS) [10] under the same circumstance. In our simulation environment, we used 500 sensors that randomly deploy with area 200m*200m, 25 sensors as cluster head and 475 as sensor nodes. The transmission range of cluster head is 40m and the sensor nodes is 20m with initial energy 5J and 15J respectively


The key length of the proposed scheme is 128-bit as in MKMLS. In SKMS before the deployment, each sensor node is preloaded with its ID and the initial key, after deployment, each node in the same cluster enter in the discovery phase with its neighbors and calculate shared value with each neighbor that differ from other. This value will use to establish session keys. In MKMLS, before the deployment, each node is preloaded with its ID and a secret key. Afterdeployment, each sensor node need to store one more shared value . The total number of this value is fixed by its neighbors, i.e. each sensor node need to store a shared value with each neighbor in its memory and will used it when they want to establish session keys. Compared with MKMLS scheme, SKMS have the same storage overhead.


The energy consumption of our SKMS to send 1000 packets is less from the MKMLS scheme; figure 2 shows the energy consumption of sending 1000 packets of both SKMS and MKMLS

Figure 2. Energy Consumption for transmit 1000 packets


The proposed scheme takes less time to generate session keys and transmit the sensed data. Figure 3 shows the time for transmit 1000 packets and compared with MKMLS.

Figure 3. Time Consumption for transmit 1000 packets


In this paper, a Symmetric Key Management Scheme (SKMS) for hierarchical Wireless Sensor Networks was presented. The proposed scheme used symmetric cryptography depends only on a hash function and XOR operation to establish a session keys between any two nodes. Through performance evaluation, we extend the network lifetime by consuming less energy and take less time to establish secure communication among the nodes.

SKMS use shared value between nodes to establish symmetric session keys and update that value at regular interval to avoid node capture attack and to assure that only legal nodes can be communicated. SKMS is suitable for different types of WSNs, it works in both flat and hierarchical WSNs and for homogeneous and heterogeneous WSNs. The shared value between nodes is calculated after the deployment in the discovery phase which requires three steps and the key establishment phase needs five steps to generate the session key and because of that SKMS take less time to calculate the shared value and to generate the session keys. However, in MKMLS, it used UAV as a key management center. If two nodes want to be communicated for the first time, the two nodes cannot establish session key only with the help of UAV. MKMLS needs eight steps just to calculate the shared value between nodes and five more for establish the session key.         Each step requires negotiation between nodes and each step consuming time and energy. Comparing with MKMLS, SKMS needs fewer steps to calculate the shared value and to establish the session key and as a result, consuming less time and consuming less energy.

Simulation and analysis shows that SKMS has good energy efficient, less time consuming than other similar schemes


[1]     Ahmed A. Alkadhmawee  and Songfeng Lu, “Prolonging  the Network Lifetime Based on LPA-Star Algorithm and Fuzzy Logic in Wireless Sensor Network,” World Congress on Intelligent Control and Automation (WCICA), IEEE, 2016

[2]     Pawgasame, W., “A  survey  in adaptive  hybrid  wireless  Sensor  Network  for  military operations”. IEEE, in Second Asian Conference Defence Technology (ACDT), pp. 78-83, 2016

[3]     J. Zhang and V. Varadharajan, “Wireless sensor network key management survey and taxonomy”, Journal of Network and Computer Applications, vol. 33, pp. 63-75, 2010.

[4]     Omer K.  Jasim,  Safia  Abbas  and  El-Sayed  M.  Horbaty, “Evolution of  an  Emerging  Symmetric Quantum Cryptographic Algorithm”, Journal of Information Security, Vol. 6, pp. 82-92, 2015

[5]     Ayman T., Ayman  K.  and Ali C.,  “Authentication   Schemes  for  Wireless  Sensor  Networks,”  in Mediterranean Electrotechnical Conference (MELECON), IEEE, pp. 367-372, 2014

[6]     Y. Zhang, X. Li, J. Liu, J. Yang, and B. Cui, “A secure hierarchical key management scheme in wireless sensor network,” International Journal of Distributed Sensor Networks, 2012.

[7]     Ying, Z. and Pengfei, J. “An Efficient and  Hybrid  Key Management  for Heterogeneous Wireless Sensor Networks” ,Control And Decision Conference (2014 CCDC),The 26th Chinese , ,IEEE, 2014

[8]     V Vijayalakshmi, R Sharmila, and  R Shalini.  “Hierarchical key management scheme using hyper elliptic curve cryptography  in wireless sensor networks”.  In Signal Processing,  Communication  and Networking (ICSCN), 2015 3rd International Conference on. IEEE, 2015

[9]     Zhang, X., and Wsn, A. C. “An Efficient Key Management Scheme in Hierarchical  Wireless Sensor Networks”.  2015 International  Conference  on Computing,  Communication  And Security  (ICCCS), IEEE,doi:10.1109/CCCS.2015.7374122, 2015

[10]   Akansha  Singh,  Amit  K.  Awasthi and Karan  Singh,”  Lightweight  Multilevel  KeyManagement Scheme for Large Scale Wireless Sensor Network”,IEEE 2016

[11]   C. M. Chen, X. Zheng, and T. Y. Wu, “A Complete Hierarchical Key Management Scheme for Heterogeneous Wireless Sensor Networks,” The Scientific World Journal, vol. 2014, article ID 816549, 2014.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


This entry was posted on June 4, 2018 by .
%d bloggers like this: