Multi-user broadcast authentication in wireless sensor networks

Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetric-key-based solutions such as μ TESLA and multilevel μTESLA have been proposed, they all suffer from severe energy-depletion attacks resulting from the nature of delayed message authentication. This paper presents several efficient public-key-based schemes to achieve immediate broadcast authentication and thus avoid the security vulnerability that is intrinsic to μTESLA-like schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message-recovery signature scheme, and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication.