BlocKP: Key-Predistribution-Based Secure Data Transfer

Key predistribution schemes are promising lightweight solutions to be placed as the cornerstone of key management systems in multihop wireless networks. The intermediate decryption-encryption problem, however, is considered as the security threat of such schemes. Multipath algorithms have been proposed to face such a shortcoming. Alas, these solutions are vulnerable against the node capture attack, where the attacker compromises a fraction of network nodes. In this article, we propose BlocKP, a Blockchain-based solution to increase the resistance of the network against the node capture attack. BlocKP utilizes disjoint key paths for a key-exchange process, where the keying materials form a block at the source side. Each key path step generates the next block of the Blockchain until the keying materials reach the destination. BlocKP is a general framework applicable to any key predistribution schemes. We propose BlocKP in two versions BlocKP-I and BlocKP-II, where the latter enhances the resistance of BlocKP-I using erasure codes at the cost of negligible control traffic. We analytically show that BlocKP improves the resistance of the network against the node capture attack to almost perfect resistance, using just a small number of paths. We evaluate our solution by performing extensive simulations, considering three baseline key predistribution schemes, including probabilistic asymmetric key predistribution (PAKP), strong Steiner trade (SST), and unital key predistribution (UKP). We equipped these schemes with a compatible multipath algorithm to offer end-to-end security. Results show that BlocKP improves the throughput up to 5% and decreases the flow completion time into 20% compared to baseline schemes. It has comparable routing traffic, latency, and throughput with augmented solutions but up to 60% improvement in the resistance against the node capture attack.