Sage Journals: Discover world-class research

Abstract

How to improve both security and energy efficiency is one of the most prominent issues in wireless sensor networks (WSNs). In this paper, we present a trusted and energy efficient approach for cluster-based WSNs. The approach offers (i) trusted hardware module design; (ii) energy-efficient clustering algorithm; and (iii) network operation. In the cluster-based WSNs, every cluster head is equipped with a designed trusted hardware module (TM) to improve security. Then, for improving the energy efficiency of the network, a trusted hardware based energy efficient clustering (TEEC) algorithm is proposed to select appropriate cluster heads. In the network operation, we use TEEC algorithm to perform clustering and apply TMs to achieve security functions. The analysis shows that our approach does well in resisting the attacks such as data confidentiality attack, data integrity attack, and compromise node attack. In addition, experimental results show that the TEEC algorithm makes more balanced clusters with the variance value of loads around 50% and prolongs the life cycle of the network at least 10% compared to traditional methods.

1. Introduction

Wireless sensor networks (WSNs) have been applied to a variety of applications, such as healthcare, smart home, agriculture, and military. A wireless sensor network is a network system comprised of spatially distributed devices using wireless sensor nodes to collaboratively collect, process, and transmit physical or environmental conditions [1].

Security is very important especially when WSNs are used to collect some sensitive and important information. However, due to dynamic topology and openness of wireless channels, sensor nodes are vulnerable to various attacks such as eavesdropping attack, tamper attack, replay attack, and compromise attack. Most researches in security issue are based on software. But software-based methods [2–18] are easy to be attacked when there are some compromised nodes. To solve this problem, trusted computing [19] has been adopted to detect the attacked nodes in WSNs. The main idea of trusted computing is to establish a trusted root to ensure integrity and security of the system. If a node is compromised, the trusted root of the node is also tampered. So the trusted root can be used to measure the integrity of nodes so that the compromised node can be detected. However, trusted computing based methods [20,21] just adopt the traditional Trusted Platform Modules (TPMs) [22–25] to finish some security functions without designing their own trusted computing modules. Traditional TPMs are mainly applied in computer platform other than wireless sensor networks. TPMs have a complex Trusted Computing Group (TCG) software stack and numerous different password mechanisms, which increase the complexity of computation. Thus, a new trusted computing module with a lighter logical structure and optimized functions should be designed to apply in wireless sensor networks.

At the same time, the sensor nodes have limited energy for computing, storage, and communication. Clustering algorithms can improve energy efficiency because they partition sensor nodes into a number of clusters and enable cluster heads to discard redundant and uncorrelated data [26]. Traditional clustering algorithms [27–32] are energy efficient, but they choose different nodes as the cluster heads in different rounds. However, based on the assumption in [21], in TPM approach the cluster-head should be fixed. Therefore, traditional clustering algorithms are not suitable.

So in this paper, we propose a trusted and energy efficient approach for cluster-based WSNs. We first design a trusted hardware module TM (Trusted Module), which adopts the trusted computing idea. Then, we present a clustering algorithm TEEC (Trusted hardware based Energy Efficient Clustering), which has two steps: initial clustering and final clustering. The contributions of our work are as follows: (i)

This approach adopts the hierarchical network architecture, which solves the scalability problem. The introduction of powerful high-end cluster heads simplifies the management of low-end sensor nodes.

(ii)

The approach also has a trusted hardware based energy efficient clustering algorithm TEEC. Simulation results show that when compared with traditional clustering algorithms, its clusters have more balanced number of nodes because the value of the variance of loads is very small. It also prolongs the life cycle at least 10% compared to traditional algorithms.

(iii)

The network operation in this paper applies our designed TM to do node authentication, key establishment, and data transmission. The analysis shows that our approach guarantees information confidentiality, strong and flexible key establishment and management, nodes authentication, and replay protection and resists node compromise.

The remainder of the paper is structured as follows. Section2 introduces the previous work of other experts and shows the advantages of our proposed approach. Section3 describes the trusted network architecture and energy consumption model. Section4 introduces the proposed trusted and energy efficient approach, which contains the trusted hardware module design, the clustering algorithm, and the network operation. Section5 shows the security analysis and the simulation results. Section6 presents the conclusions.

2. Related Work

Security is one of the most critical challenges in WSNs. Numerous efforts have been dedicated to security techniques, which include software-based security technique and hardware-based security technique [20,21,33,34].

The software-based security technique consists of intrusion detection [2–4], secure routing [5–10], key establishment, and management [11–18]. Coppolino et al. [2] have proposed a special intrusion detection system called IDS (Intrusion Detection System), which detects malicious activities accurately and ultimately make a strong protection. Shashikala and Kavitha [10] have summarized some secure routing solutions, described the basic principles of these cases, and then analyzed their advantages and disadvantages. Castillejo et al. [15] have proposed a trustworthy domain model, which is used to deploy security services. The model can not only accept and control sensor nodes in a domain, but also define different effective security policies. Perrig et al. [16] have proposed a suite of security protocols called SPINS (Security Protocols for Sensor Networks), which has two security building blocks: SNEP (Secure Network Encryption Protocol) and μTESLA (the “micro” version of TESLA [35]). SNEP is a symmetric encryption system, which can guarantee data confidentiality, two-party data authentication, and data freshness. Based on the authenticated streaming broadcast protocol TESLA (Timed Efficient Stream Loss-Tolerant Authentication), μTESLA provides authenticated broadcast for severely resource-constrained environments. However, these software-based methods use the software way to realize some basic cryptographic functions, such as encryption, decryption, and hash. It is easy to be attacked when there are some compromised nodes.

The hardware-based security technique is a good way to guarantee the security of wireless sensor networks. Yang et al. [21] have introduced a hardware-based trusted computing technology into WSNs and proposed a heterogeneous network architecture. In the architecture, a WSN is partitioned into clusters and each cluster head is equipped with a trusted hardware module. This architecture solves the scalability problem and amortizes the workload of security enforcement, but the method lacks some detailed descriptions about the trusted hardware module design. In addition, the method has not considered adopting efficient clustering algorithms to choose appropriate nodes as cluster heads for improving energy efficiency.

Energy conservation is another important topic in WSNs. Clustering algorithms are the key techniques to improve energy efficiency. Heinzelman et al. [28] have proposed a clustering hierarchy protocol called LEACH (Low-Energy Adaptive Clustering Hierarchy), which selects the cluster heads randomly in each round and balances the load of network. The DEEC (Distributed Energy-Efficient Clustering) protocol [30] selects the cluster heads by a probability, which is based on the ratio between the residual energy and the average energy. Nodes with higher residual energy have more chances to be the cluster heads. Then the energy efficiency of the network is improved. Gupta and Jana [26] have presented a genetic algorithm based clustering approach called GACR (Genetic Algorithm based Clustering and Routing), which is also applied in heterogeneous WSNs. The clustering is based on residual energy of the cluster head and distance from sensor nodes to their corresponding cluster head. These traditional clustering algorithms are energy efficient. However, they are not suitable for the hardware-based WSNs, where the hardware modules are only embedded into the cluster heads. Once the heads are determined, the network will never change its cluster heads in the network life cycle.

3. Preliminaries

In this section, we introduce the trusted WSN architecture and some hypotheses. Then the energy consumption model which is used in our work is described.

3.1. Trusted Network Architecture

We adopt the clustering structure [21] as the network architecture. There is a base station and multiple clusters in a wireless sensor network. The base station has strong data processing and communication capabilities, and it is responsible for monitoring and managing the entire wireless sensor network. The base station needs to communicate with the cluster heads and at the same time act as the gateway to exchange information with external networks.

Each cluster contains a head node and several member nodes. The cluster head node is responsible for managing and controlling its cluster. It collects information from the cluster members and does data aggregation and then transmits the processed data to the base station. In this paper, the cluster head is equipped with a TM, which is introduced in the next section.

Here are some hypotheses about the wireless sensor networks of this paper: (i)

The base station is at the center of the network and has a constant supply of energy. Because the base station needs to finish the complex calculation and data communication, it requires enough supply of energy to guarantee the normal operation of the network.

(ii)

Cluster head nodes are equipped with permanent energy supply. Cluster heads need to do data communication and data aggregation. In addition, the cluster head which is equipped with a TM also requires extra energy to improve network security.

(iii)

The coordinates of all nodes in the network are known and fixed.

(iv)

All cluster member nodes have limited and equal initial energy.

3.2. Energy Consumption Model

Wireless sensor network life cycle depends on the residual energy of each node. So energy plays an important role in the construction and operation of the network. In this paper, all the cluster member nodes have limited energy, which will be consumed when the nodes send or receive data. The first-order radio model [28] is used as the energy consumption model. The amount of energy consumption in transmitting l-bit packet from node i to node j can be represented by

\begin{matrix} E_{T x} (l, d_{i j}) = E_{e l e c} \times l + E_{a m p} (d_{i j}) = \{\begin{cases} E_{e l e c} \times l + ε_{f s} \times l \times {d_{i j}}^{2} & if d_{i, j} < d_{0} \\ E_{e l e c} \times l + ε_{m p} \times l \times {d_{i j}}^{4} & if d_{i, j} \geq d_{0} . \end{cases} \end{matrix}

(1)

Here $E_{e l e c}$ is the energy required for driving and controlling electronic components. $E_{a m p}$ depends on the radio frequency (RF) amplifier's consumed energy for free space $ε_{f s}$ and multipath fading channel models $ε_{m p}$ . And $d_{i j}$ represents the Euclidean distance between node i and node j. The threshold, $d_{0}$ , is calculated as follows:

\begin{matrix} d_{0} = \sqrt{\frac{ε_{f s}}{ε_{m p}}} . \end{matrix}

(2)

The node consumes the following amount of energy in receiving l-bit packet:

\begin{matrix} E_{R x} (l) = E_{e l e c} \times l . \end{matrix}

(3)

In this paper, network operation is divided into rounds. In each round, the cluster member nodes need to consume energy when communicating with the cluster head nodes. The amount of energy consumption $E_{T x}$ is calculated by (1) when a cluster member node sends the collected data to its cluster head node. And the amount of $E_{T x}$ mainly depends on the distance between the transmitter and receiver. The amount of energy consumption $E_{R x}$ is calculated by (3) when a cluster member node receives some data from its cluster head node.

Network life cycle can be defined as the time until the first node dies or the time until the last node dies or until a desired percentage of nodes die [32]. We use life cycle in terms of round from the beginning of the network operation until any one cluster member node depletes its energy.

4. Trusted and Energy Efficient Approach

In this section, we present a trusted and energy efficient approach for cluster-based WSNs. The structure of the proposed approach is shown in Figure1. First, we design a TM (Trusted Module), which is applied to improve the security of the network. The detailed design of TM is shown in Section4.1. However, TM needs to consume extra energy. So we just choose the cluster heads to install the TMs. Second, we propose a clustering algorithm named TEEC (see Section4.2), which is used to select appropriate nodes as the cluster heads for improving the energy efficiency of the network. Then, we describe the network operation, which shows how the network runs from nodes deployment to nodes death. The network operation contains the following steps: clustering, TM-based CHs authentication, TM-based CMs authentication, and TM-based key establishment, data collection, and transmission. The detailed process of network operation is shown in Steps 1–5 of Section4.3.

Figure 1

Structure of proposed approach.

4.1. Trusted Module Design and Functions

In this section, we first introduce the logical structure design of TM. Then, we apply the TM to authenticate the identity of a CH (cluster head node) and the identity of a CM (cluster member node).

4.1.1. TM Design

Traditional Trusted Platform Modules (TPMs) are not suitable for wireless sensor networks. The reason is mainly manifested in the following aspect. A wireless sensor network has hundreds of nodes. The sensor node needs low cost and simple coprocessor. However, traditional TPMs have a complex TCG software stack and numerous different password mechanisms, which increase the complexity of computation. Aimed at actual characteristics of wireless sensor networks, we design a trusted hardware module named TM, which adopts the trusted computing idea. The module has a specific logical structure, as shown in Figure2.

Figure 2

Logical structure design of TM.

The logical structure of TM contains the following components.

(i) Root of Trust. It is used to get the object's initial hardware and software information. Traditional TPMs use BIOS (Basic Input Output System) solidified in CPU as the root of trust. In this paper, the cluster head's operating system code is adopted as the root of trust, which is used to authenticate the identity of TM's corresponding cluster head node.

(ii) General Information. It is responsible for getting some input information, which includes authentication information, key establishment information, and sensor information. The authentication information is used to verify the identity of each cluster member node. Key establishment information is used to establish session keys between a cluster head and its cluster member nodes. Sensor information is encrypted sensor data, which needs to be decrypted and verified the integrity.

(iii) Cryptographic Engine. This component contains four hardware-realized functions: RNG (Random Number Generator), encryption, hash, and key management. RNG function is used to generate real random number. Encryption function provides the hardware encryption and decryption functions. Hash function is used to generate hash values. And key management function manages all the keys used in the corresponding cluster head.

(iv) Measurement. It is used to get the hash measurement from the Cryptographic Engine component.

(v) Standard Measurements. It stores the standard measurements ( $W P C R [0], W P C R [1], \dots, W P C R [n]$ ). The variable n represents the number of cluster member nodes in the corresponding cluster.

(vi) Computing Engine. It needs to compare the measurement with the standard measurement. It also needs to verify the integrity of sensor information.

(vii) Result. This component gets results from the Computing Engine component and returns results to the corresponding cluster head.

(viii) Measurement Description. It collects some information about a cluster node when the node is authenticated by TM. The information ranges from the cluster head's identity, the member node's identity, the measurement, the standard measurement, result, and the moment.

(ix) Storage Measurement Logs. This component stores all information from Measurement Description component. The corresponding cluster head can read this component and regularly report to the base station.

4.1.2. TM-Based CH Authentication

We adopt integrity measurement to finish cluster head authentication. Traditional TPMs use platform configuration registers (PCRs) to realize integrity measurement. TPM measures the platform from BIOS program, OS loader, and operating system to applications and records the measurements. Then it determines the security of the system through comparing the calculated PCRs with the standard PCRs. The PCR values are calculated as follows:

\begin{matrix} P C R [i] = S H A 1 (P C R [i - 1] ∥ x) . \end{matrix}

(4)

Here x represents a measurement of ith part of the platform. $P C R [i - 1]$ contains all measurements of previous parts. $P C R [i]$ is a 160-bit SHA1 [36] hash digest of i parts. The symbol ∥ represents the concatenation function. In our method, the sensor node has not such a long trust chain, which contains BIOS (Basic Input Output System) program, OS (Operating System) loader, OS and system applications. This iterative trust chain method increases the difficulty of maintenance and management and reduces credibility because of increasing the trust chain length.

In the cluster head authentication part of our method, we only measure the operating system [37] and store cluster head's standard measurement value in $W P C R [0]$ of TM's Standard Measurement component. The $W P C R [0]$ value is calculated as follows:

\begin{matrix} W P C R [0] = S H A 1 (C H (O S)) . \end{matrix}

(5)

Here $C H (O S)$ represents the standard operating system of a cluster head. Once a TM needs to authenticate its cluster head's identity, the Root of Trust component in Figure2 gets the current operating system of a cluster head and sends the operating system to the Cryptographic Engine component. In the component, the current measurement value will be calculated by

\begin{matrix} c u r r e n t_m e a s u r e m e n t = S H A 1 (C H (c u r r e n t_O S)) . \end{matrix}

(6)

The current measurement value is transferred to TM's Measurement component, which needs to send the value to Computing component and Measurement Description component. The Computing component compares the current measurement value with the standard $W P C R [0]$ and sends the computing result to TM's Result component. If the two values are equal, the cluster head node is secure. Otherwise, the node is not secure. In addition, the Measurement Description component of TM needs to record some information, which includes the cluster head's identity, the measurement, the standard measurement, the measurement result, and the moment. Then it sends the information to TM's Storage Measurement Logs component.

4.1.3. TM-Based CM Authentication

We apply the efficient signature in the cluster member authentication part. The signature is described below: let p and q be two big primes ( $q ∣ p - 1, q \geq 2^{140}, p \geq 2^{512}$ ), let α be a primitive element in $G F (p)$ with order q, and let t be a security parameter which meets $q > 2^{t}$ . In addition, there is an asymmetric public-private key pair of each CM. The public key $P U_{C M_{j}}$ is stored in the key management part of TM. The private key $P R_{C M_{j}}$ is disclosed into the CM. Here ${I D}_{{C M}_{j}}$ represents the identity of the CM, which is the jth cluster member of CH. Following are the steps of the identity authentication of a CM.

Step 1.

The node CM generates a random number $k (0 ⩽ k ⩽ q - 1)$ . Then it computes $γ = α^{k} \mod p$ and sends the encrypted message ( ${I D}_{{C M}_{j}} ∥ γ ∥ N_{1}$ ) to its CH. The number $N_{1}$ is a random nonce to keep data freshness.

Step 2.

Once the message is received from CM, the CH sends this message to its TM's General Information component. This component transfers the message to the Cryptographic Engine component, which is responsible for decrypting and resolving the encrypted message and getting the identity of CM, the value γ, and the nonce $N_{1}$ . Then the TM stores ${I D}_{{C M}_{j}}$ in the Measurement Description component and stores γ value in $W P C R [j]$ of TM's Standard Measurement component.

Step 3.

The TM generates two random numbers r ( $1 \leq r \leq 2^{t}$ ) and $N_{2}$ by the RNG function of its Cryptographic Engine component. Then it compounds and encrypts the message $(r ∥ N_{1} ∥ N_{2})$ and sends it to its CH, which needs to transmit this message to the CM.

Step 4.

The node CM decrypts the received message and gets r, $N_{1}$ , and $N_{2}$ . After verifying the correctness of $N_{1}$ , CM computes $y = k + {P R}_{{C M}_{j}} \cdot r (m o d q)$ through its private key ${P R}_{{C M}_{j}}$ , which has been written into CM before network deployment. Then the CM sends encrypted y and $N_{2}$ ( $y ∥ N_{2}$ ) to its CH.

Step 5.

The General Information component of TM gets the transmitted message from CH and transfers this message to TM's Cryptographic Engine component, which needs to decrypt the message and verifies the correctness of $N_{2}$ . Then the Computing Engine component computes $γ^{'} = α^{y} {P U}_{{C M}_{i}}^{r} (m o d p)$ and compares this value with the standard $W P C R [j]$ value of TM's Standard Measurements component. If the result is right, CH considers CM a trusted member node.

The authentication flow is shown in Figure3. All the messages need to be encrypted. And $E \{m e s s a g e\} K$ represents the encryption of message by the session key K. In the figure, MAC represents the message authentication code of the encrypted message. All MACs are used to verify the integrity of the encrypted messages.

Figure 3

Message flow of cluster member authentication.

After each cluster member authentication, the Measurement Description component of TM needs to record some information, which includes the cluster head's identity $I D_{C H}$ , the cluster member node's identity ${I D}_{{C M}_{j}}$ , the value $γ^{'}$ , the standard value $W P C R [j]$ , the authentication result, and the moment. Then it sends the information to the Storage Measurement Logs component.

4.2. Clustering Algorithm

The wireless sensor network is divided into multiple clusters. Each cluster head is equipped with a TM. Selecting appropriate nodes as cluster heads and making clustering efficiently can prolong network life cycle. We propose a trusted hardware based energy efficient clustering (TEEC) algorithm. The algorithm contains two steps: initial clustering and final clustering.

4.2.1. Initial Clustering

Choosing the nearest nodes from base station as cluster heads is the simplest clustering method. We name this method NEAREST. However, the selected heads are all gathered near base station. Some nodes far from base station will spend a lot of energy when sending messages to cluster heads. Choosing random nodes as cluster heads is another clustering method, which is named RAND.

In this paper, cluster heads have continuous energy supply. The long distance from cluster heads to base station will increase a lot of costs. So we need to select appropriate threshold for this distance x. The wireless sensor network is set to be a square which is $L * L$ . The range of x is ( $a, b$ ). Here, a and b represent the shortest distance and the longest distance from cluster heads to base station, respectively. a is defined as basic distance, while b is named edge distance. Figure4 is a medium scale WSN. The center is the base station or sink node, and the rest of nodes are all sensor nodes. The nodes which have black marks are cluster head nodes. Their scope is the subtraction region of two concentric circles whose center is the base station and the radius is b and a, separately. From this figure we can know that the radius b should be smaller than the distance, which is from sink to the edge of the square. So it is obvious that $b < L / 2$ and $0 < a < b$ . In addition, if a remote node from the sink node is selected as the cluster node, it is difficult to power it. Thus, in order to save costs, b should not be too large. So we set $b < L / 2 - a$ .

Figure 4

Initial clustering.

4.2.2. Final Clustering

Choosing optimal nodes from initial cluster heads is our target. The selection needs to be on the basis of three aspects. First, the total distance from member nodes to heads is short. Second, cluster heads are decentralized. Third, the number of the member nodes in each cluster is balanced. So we designed the TEEC algorithm, which includes the following steps.

Step 1.

Set the wireless sensor network to be a square which is $L * L$ . Select out all initial cluster heads whose distance to base station meets $a < x < b$ . Store these nodes' IDs into a set $S_{i n i t}$ ( $S_{i n i t} = \{x ∣ x = {i d}_{1}, {i d}_{2}, \dots, {{i d}_{i}, \dots, i d}_{m}, 1 \leq i \leq m\}$ ). The variable m represents the number of initial cluster heads and ${i d}_{i}$ is the ID of ith initial cluster head.

Step 2.

Create m sets ( $S_{1}, S_{2}, \dots, S_{i}, \dots, S_{m}$ ). The elements of $S_{i}$ are the IDs of the nodes, which belong to the ith initial head's cluster. The first element of $S_{i}$ is ${i d}_{i}$ .

Step 3.

The number of all nodes in the network is n. Create an $n - n$ matrix D. The elements of matrix D are expressed as $d_{a b}$ , which represents the Euclidean distance from node a to node b. The coordinates of node a and node b are $(X_{a}, Y_{a})$ and $(X_{b}, Y_{b})$ , respectively. The value of $d_{a b}$ is calculated as follows:

\begin{matrix} d_{a b} = \infty, a = b, \\ d_{a b} = \sqrt{({X_{a}}^{2} - {X_{b}}^{2}) + ({Y_{a}}^{2} - {Y_{b}}^{2})}, a \neq b . \end{matrix}

(7)

Step 4.

Set the values of all the ordinary nodes' rows to ∞:

\begin{matrix} d_{a b} = \infty, a \notin S_{i n i t}, b = 1,2, 3, \dots, n, \end{matrix}

(8)

Step 5.

Calculate the minimum value in the ordinary nodes columns. The minimum value row represents the nearest initial cluster head i from the ordinary node j. Add the node j to the set $S_{i}$ .

Step 6.

Set the minimum number of each cluster to c. Merge k sets whose number is less than c into a new set marked with $S_{l a s t}$ .

Step 7.

The network is divided into $m - k + 1$ clusters. Each cluster's ( $S_{1}, S_{2}, \dots, S_{m - k}$ ) first element is its head node. The remaining elements are member nodes.

Step 8.

The $m - k + 1 t h$ cluster is the set $S_{l a s t}$ . Calculate the node whose total distance to other nodes is shortest. The shortest distance $d_{m i n}$ is calculated as follows:

\begin{matrix} d_{m i n} = \min (\sum_{j = 1}^{n u m (S_{l a s t})} \sqrt{({X_{i}}^{2} - {X_{j}}^{2}) + ({Y_{i}}^{2} - {Y_{j}}^{2})}), i = 1,2, \dots, n u m b e r (S_{l a s t}) . \end{matrix}

(9) Set

d_{m i n}

's corresponding node to the cluster

S_{l a s t}

's head node, and set the remaining nodes to member nodes.

4.3. Network Operation

The network operation shows how the wireless sensor network runs from nodes deployment to nodes death. It uses TEEC algorithm to perform clustering and applies TMs to achieve security functions. During the network operation, time is divided into multiple rounds as shown in Figure5. Each round consists of a set-up phase and a steady-state phase. At the set-up phase, the nodes need to be authenticated and assigned session keys. The steady-state phase has several frames and its time is much longer than the set-up phase. In this phase, the nodes are responsible for collecting and transmitting data.

Figure 5

Network operation.

Before nodes deployment, the BS (base station) has known the geographical location information of each node. The steps of network operation are shown as follows.

Step 1 ( $B S (T E E C) \to C l u s t e r s (S_{1}, S_{2}, \dots, S_{m - k}, S_{l a s t})$ ).

Before network deployment, the base station determines the clusters by running the proposed trusted hardware based energy efficient clustering (TEEC) algorithm. Equip each computed cluster head with a trusted hardware module (TM). At the moment, the network goes to the set-up phase of first round.

Set-Up Phase

Step 2 (TM-based CHs authentication).

Each TM verifies the security of its cluster head through the cluster head authentication method (see Section4.1.2). If a TM detects an untrusted cluster head, it will power off its cluster head. Then the trusted cluster heads each broadcast their identity.

Step 3 (TM-based CMs authentication).

If a cluster member node receives the broadcast message from its assigned cluster head, it will send a request to its head and finish CM authentication. Otherwise, it will send a request to its nearest cluster head and do CM authentication. If a cluster head treats a cluster member as an untrusted node, it will remove the cluster member from its cluster. The detailed process of CM authentication is shown in Section4.1.3.

Step 4 (TM-based key establishment).

First round is

$C H \to C M$ : $E \{K ∥ N_{2} ∥ N_{3}\} {PU}_{CM} ∥ MAC$

$C M \to C H$ : $E {N_{3}} K ∥ M A C$ .

Other rounds are

$C H \to C M$ : $E \{K ∥ N_{2} ∥ N_{3}\} Old_K ∥ MAC$

$C M \to C H$ : $E {N_{3}} K ∥ M A C$ .

After authentication of CHs and CMs, secret session keys need to be established. The Cryptographic Engine component of TM generates the symmetric secret key K. The nonce $N_{2}$ is generated in Step 3. And $N_{3}$ is a new freshness nonce, which is also generated by the Cryptographic Engine component of TM. In the first round, the public key ${P U}_{C M}$ is used to encrypt the message. To reduce energy consumption, the other rounds use the last round's secret key $O l d_K$ . After receiving encrypted $N_{3}$ , the cluster head transmits the message to its TM. The TM decrypts and gets $N_{3}$ . If $N_{3}$ is valid, the shared secret key K has been successfully established.

Steady-State Phase

Step 5 (data collection and transmission).

Consider

$C M \to C H$ : $E \{D a t a\} K ∥ M A C$ ,

$C H \to B S$ : $E \{A g g r e g a t e d_D a t a\} K_{C H_B S} ∥ M A C$ .

Cluster member nodes collect information and send encrypted data to the cluster heads. Each TM's General Information component gets the data and transfers it to the Cryptographic Engine component, which needs to decrypt the encrypted data and get Data. Then some data aggregation algorithms can be performed in TM's Computing Engine component to produce Aggregated_Data. After that, this data needs to be sent back to the Cryptographic Engine component and encrypted. Then the cluster heads get the encrypted Aggregated_Data and send it to the base station. After steady-state phase finishes, the network goes to Step 2.

5. Approach Evaluation

In this section, we first analyze the security of the wireless sensor network using our approach. Then we simulate the proposed TEEC algorithm and compare it with other traditional clustering algorithms about the network life cycle.

5.1. Security Analysis

We assume that an attacker is active from the beginning of the network. The wireless channels can be attacked by many attacks, which include eavesdropping, forging, replying and modifying messages. Further, the adversary can deploy malicious nodes into the network terrain. The malicious nodes can disrupt the network functionality. Besides, the adversary can capture a node and access the secret information in the node. Based on the attacks, we analyze the proposed approach.

Information Confidentiality. As the sensor nodes communicate over a wireless channel, an attacker can easily eavesdrop on the network's radio frequency range to capture useful information. In the proposed approach, all the useful information is encrypted throughout the network life cycle, which is divided into multiple rounds. Each round contains a set-up phase and a steady-state phase. In the set-up phase, useful communication information includes the cluster member authentication messages and session keys. The two kinds of information are all encrypted. Useful information in the steady-state phase is collected sensor data, which is also encrypted (i.e., $E {D a t a} K$ , $E \{A g g r e g a t e d_D a t a\} K_{C H_B S}$ ). Therefore, the adversary cannot get any useful information from the obtained encrypted messages over the wireless channel.

Strong and Flexible Key Establishment and Management. The references [12,14,15] use a group key to achieve security. In the case, if an adversary captures a node and gets its group key, all the nodes in the group will be attacked. Our approach uses a trusted heterogeneous architecture, which divides the network into multiple clusters. The attack of one cluster will not affect other clusters. In a cluster, the powerful cluster head is equipped with a TM. The TM can generate strong keys and store them in its protected storage. The adversary cannot intercept the keys from the cluster heads.

Suppose the session key between a member node and its cluster head is K. The K is only known to these two nodes. Because the strong session key (K) is encrypted in message (i.e., $E \{K ∥ N_{2} ∥ N_{3}\} O l d_K$ ), an adversary cannot decrypt K. In addition, the keys generated by TMs are dynamic. We adopt the round network operation, in which different rounds have different session keys. The session key (K) in a round will be invalid when the network goes to the next round.

Nodes Authentication. Nodes authentication can prove sensor nodes' credibility and establish trust relationships between a cluster head and its cluster members. Some references [21,38] just do authentication after network deployment. It is not secure enough when an attacker captures a cluster head. In this case, all the cluster's members will be dangerous if there is no authentication any more. In our proposed approach, the network needs to finish nodes authentication at the set-up phase of each round. The authenticated nodes are cluster heads and cluster members.

Cluster head authentication adopts integrity measurement through TM. It measures the operating system and stores cluster head's standard measurement value in $W P C R [0]$ ( $W P C R [0] = S H A 1 ({C H}_{i} (O S))$ ). If the measured value is illegal, the corresponding cluster head power will be off. In cluster member authentication, we adopt an efficient signature. In a cluster, ith cluster member first computes $γ = α^{k} \mod p$ and sends the value γ to the cluster head, which stores γ in $W P C R [i]$ and responds to a random number r. Then the cluster member generates its signature y ( $y = k + {P R}_{C M_{i}} \cdot r (m o d q)$ ) and sends it to its head. The cluster head compares $γ^{'}$ ( $γ^{'} = α^{y} {P U}_{C M_{i}}^{r} (m o d p)$ ) with $W P C R [i]$ to authenticate the identity of the cluster member.

Replay Protection. If an attacker replays captured messages to cheat the target nodes, the network will be dangerous. The replay attack mainly happens in the set-up phase. In the cluster member authentication step, we generate the random number $N_{1}$ and $N_{2}$ to guarantee message freshness. In the key establishment step, the random number $N_{3}$ is generated to resist replay attack.

Message Integrity. If an attacker tampers with the transmitted message, the integrity of message will not be guaranteed. We use MAC to defend against this attack. All the messages need to be added to the MAC (i.e., $E ({I D}_{{C M}_{i}} ∥ γ ∥ N_{1}) K ∥ M A C$ , $E \{K ∥ N_{2} ∥ N_{3}\} O l d_K ∥ M A C$ ).

Resist Node Compromise. Node compromise is an important security issue in wireless sensor networks. In our trusted network architecture, a cluster node is responsible for managing all its cluster's nodes and communicating with the base station. Therefore, the cluster head node is the main target of the adversary. The TM detects the compromise node by verifying the corresponding cluster head's code integrity. In the set-up phase of each round, the TM reads the corresponding cluster head's operating system (OS) code, computes the OS measurement, and compares the measurement with the standard measurement $W P C R [0]$ . If the two measurements are different, the TM will judge the cluster head node to be a compromised node and power the cluster head off.

5.2. Simulation Results for TEEC

Since we have analyzed the security of our proposed approach, we also need to evaluate its energy efficiency. We simulate the TEEC algorithm and compare it with different clustering algorithms for evaluating its energy efficiency.

5.2.1. Simulation Settings

We use MATLAB R2014a and C programming language to simulate TEEC with the same parameters (the amount of the driving the electronics' energy consumption $E_{e l e c}$ , the radio frequency amplifier's consumed energy for free space $ε_{f s}$ , and multipath fading channel models $ε_{m p}$ ) in [26,30] as shown in Table1. In the simulation experiments, there are two wireless sensor networks (WSN #1 and WSN #2) with different area, base station location, and number of nodes. The sensor nodes are randomly distributed in the network areas. The base station is located in the network center. In the proposed TEEC algorithm, we set all cluster member nodes' initial energy $E_{0}$ to be 0.5 J. Each member node sends 4000 bit data to its cluster head each round.

Table 1

Experiment parameter.

Parameter	WSN #1	WSN #2
Area ( $L * L$ )	$50 * 50$ (m²)	$100 * 100$ (m²)
Base station	(25, 25)	(50, 50)
Number of nodes	50	100
$E_{0}$	0.5 J	0.5 J
Length of data (l)	4000 (bits)	4000 (bits)
$E_{e l e c}$	50 (nJ/bit)	50 (nJ/bit)
$ε_{f s}$	10 (pJ/bit/m²)	10 (pJ/bit/m²)
$ε_{m p}$	0.0013 (pJ/bit/m⁴)	0.0013 (pJ/bit/m⁴)

5.2.2. Simulation Results for Different Parameter Intervals of TEEC

In the initial clustering stage of TEEC algorithm, there are two variables: basic distance a and edge distance b. When the interval [ $a, b$ ] changes, the simulation results change. We select three intervals $A 1$ , $A 2$ , and $A 3$ , as shown in Table2. From Table2 and Figure6, we can find that $A 2$ and $A 3$ have longer life cycle and more living nodes than $A 1$ . However, $A 3$ has a weakness. It needs much more cluster heads than $A 2$ especially in WSN #2, as shown in Table2. Cluster heads need to have continuous energy supply. Having more cluster heads means the increasing of the cost. So $A 3$ may not be suitable for practical application.

Table 2

The number of initial cluster heads, the number of final selected cluster heads, and the network life cycle in different intervals.

Parameter	WSN #1: [a, b]			WSN #2: [ $a, b$ ]
Parameter	$A 1 = [3.75$ , $10]$	$A 2 = [6.25$ , $12.5]$	$A 3 = [8.75$ , $15]$	$A 1 = [7.5$ , $20]$	$A 2 = [12.5$ , $25]$	$A 3 = [17.5$ , $30]$
Initial cluster	5	7	8	15	19	22
Cluster	5	6	7	7	9	16
Life cycle	2155	2274	2274	1716	1716	1929

Figure 6

Comparison of the number of living nodes in different intervals.

5.2.3. Simulation Results for Different Trusted Hardware Based Clustering Algorithms

Form Table3 and Figure7, we can find that NEAREST is worst because it has the shortest life cycle and the least number of living nodes before about 2500th round. As for TEEC and RAND, the simulation result of TEEC is better. The detailed reasons are as follows. First, it has longer life cycle than RAND in WSN #1 from Table3 and has more number of living nodes than RAND from about 2100th round to 2500th round in Figure7(a). In WSN #2, although TEEC has slightly shorter life cycle, it always has more number of living nodes from about 1800th round to 2500th round in Figure7(b). Second, TEEC has much less “variance” than RAND in Table3. The “variance” is calculated to measure the balance of load. It is the variance of an array, which contains the number of nodes in each cluster. So TEEC with lower number of “variances” are more balanced than RAND.

Table 3

The selected interval [a, b], the number of clusters, the first node dead time, the network life cycle, and variance in different algorithms.

Parameter	WSN #1			WSN #2
Parameter	RAND	NEAREST	TEEC	RAND	NEAREST	TEEC
[a, b]	N/A	N/A	[6.25, 12.5]	N/A	N/A	[12.5, 25]
Cluster	6	6	6	9	9	9
Life cycle	2163	2155	2274	1754	1621	1716
Variance	27.8667	11.4667	13.4667	33.6111	71.8611	17.6111

Figure 7

Comparison of the number of living nodes in three different trusted hardware based clustering algorithms.

5.2.4. Simulation Results for Different Clustering Algorithms

The proposed approach uses the clustering network topology and deploys the designed TM in the selected cluster heads. However, both of the TM and security operation need to consume energy. An efficient clustering algorithm can reduce energy consumption and prolong network life cycle. So we design the trusted hardware based energy efficient clustering (TEEC) algorithm when cluster heads are equipped with TMs. In order to validate TEEC algorithm, the experiments compare our proposed TEEC algorithm with the traditional clustering algorithms LEACH, DEEC, and GACR. Table4 and Figure8 illustrate the comparison results. First, as shown in Table4, the life cycle of TEEC is longest. Second, from Figure8, we can find that the number of living nodes of TEEC is always highest before 2400th round. So our proposed algorithm is competitive when compared with others.

Table 4

The selected interval [a, b], the number of clusters, and the network life cycle in different clustering algorithms.

Parameter	WSN #1				WSN #2
Parameter	LEACH	DEEC	GACR	TEEC	LEACH	DEEC	GACR	TEEC
[a, b]	N/A	N/A	N/A	[6.25, 12.5]	N/A	N/A	N/A	[12.5, 25]
Cluster	Varying	Varying	18	6	Varying	Varying	29	9
Life cycle	868	1669	1966	2274	833	1406	1149	1716

Figure 8

Comparison of the number of living nodes in different clustering algorithms.

5.3. Discussions about Proposed Approach

This paper is our first step to apply a trusted hardware module TM in wireless sensor networks. And we choose the relative small-scale networks as the research object. These kinds of networks have research value for the following reasons: (1) some important applications in the society are suitable to be implemented by small-scale WSNs such as health-monitoring systems or social surveillance. These applications are very vulnerable to security-attacks, for example, forging. Therefore, our TM based approach can assure the reliability of sensor nodes. (2) In large-scale wireless sensor networks, some nodes are too far from the sink node and in most of the applications the environment is extremely harsh. Thus, it is difficult to employ the TMs in the sensor nodes. Even if the TMs are employed in some remote sensor nodes, the security mechanisms need to consume extra energy.

6. Conclusion

The sensor nodes in wireless sensor networks have limited computation, storage, and communication abilities. Traditional security mechanisms are not suitable to protect the network. The proposed approach uses the trusted computing theory and hierarchical topology structure and deploys the designed TMs in the cluster head nodes to improve network security. At the same time, we put forward a trusted hardware based energy efficient clustering (TEEC) algorithm. This algorithm divides the network into several clusters. The nodes do data communication through the clustering structure, thus improving the energy efficiency of the network. Therefore, the proposed approach improves the network security and energy efficiency at the same time.

In our future work, we will extend the trusted hardware module in the large-scale wireless sensor networks. Although it is difficult to employ TM in large-scale networks, where most WSNs are large scale, it is necessary to apply TM in these networks. For this kind of network, the messages sent from member nodes need to be transferred by several cluster heads so that the messages can get to the sink node. However, our proposed approach is not suitable for this situation; we need to propose new clustering routing protocols. If the network is large scale, the cluster heads cannot have sufficient energy supply. In the new clustering routing protocols, the energy of cluster heads also needs to be considered. We plan to employ fuzzy clustering or genetic algorithm to compute the next hop of sensor nodes. And the objective function contains the remaining energy of all sensor nodes and the distance between sensor nodes.

Footnotes

Competing Interests

The authors declare no conflict of interests.

Authors' Contributions

Tianshu Wang conceived and designed the experiments. Xichen Yang performed experiments. Tianshu Wang, Gongxuan Zhang, Xichen Yang, and Ahmadreza Vajdi wrote and reviewed the paper. Tianshu Wang, Gongxuan Zhang, Xichen Yang, and Ahmadreza Vajdi approved the final version of the paper.

Acknowledgments

This paper has been supported by the National Natural Science Foundation funded Project no. 61272420.

References

Guizani

Secure and efficient data transmission for cluster-based wireless sensor networks

IEEE Transactions on Parallel and Distributed Systems 2014 25 3 750 761

10.1109/TPDS.2013.43

2-s2.0-84894526330

Coppolino

D'antonio

Romano

Spagnuolo

An intrusion detection system for critical information infrastructures using wireless sensor network technologies

Proceedings of the 5th International Conference on Critical Infrastructure (CRIS '10)

September 2010

Beijing, China

IEEE

1 8

10.1109/cris.2010.5617547

2-s2.0-78649951433

Huang

J.-Y.

Liao

I.-E.

Chung

Y.-F.

Chen

K.-T.

Shielding wireless sensor network using Markovian intrusion detection system with attack pattern mining

Information Sciences 2013 231 32 44

10.1016/j.ins.2011.03.014

MR3028811

2-s2.0-84874117071

Wang

Agrawal

D. P.

Gaussian versus uniform distribution for intrusion detection in wireless sensor networks

IEEE Transactions on Parallel and Distributed Systems 2013 24 2 342 355

10.1109/tpds.2012.105

2-s2.0-84871730536

Alrajeh

N. A.

Khan

Lloret

Loo

Secure routing protocol using cross-layer design and energy harvesting in wireless sensor networks

International Journal of Distributed Sensor Networks 2013 2013 11

374796

10.1155/2013/374796

2-s2.0-84873338686

Chen

An improved secure routing protocol based on clustering for wireless sensor networks

Mechatronics and Automatic Control Systems 2014 237

Berlin, Germany

Springer

995 1001 Lecture Notes in Electrical Engineering

10.1007/978-3-319-01273-5_112

Kamat

Zhang

Trappe

Ozturk

Enhancing source-location privacy in sensor network routing

Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS '05)

June 2005

Columbus, Ohio, USA

599 608

10.1109/ICDCS.2005.31

Khan

Loo

Cross layer secure and resource-aware on-demand routing protocol for hybrid wireless mesh networks

Wireless Personal Communications 2012 62 1 201 214

10.1007/s11277-010-0048-y

2-s2.0-84856717994

Roopashree

H. R.

Kanavalli

SABR: secure authentication-based routing in large scale wireless sensor network

Emerging Research in Computing, Information, Communication and Applications: ERCICA 2015, Volume 1 2015

Berlin, Germany

Springer

223 229

10.1007/978-81-322-2550-8_21

10.

Shashikala Kavitha

A survey on secured routing protocols for wireless sensor network

Proceedings of the 3rd International Conference on Computing, Communication & Networking Technologies (ICCCNT '12)

July 2012

Coimbatore, India

IEEE

1 8

10.1109/icccnt.2012.6395931

2-s2.0-84873317969

11.

Bala

Sharma

Verma

A. K.

An improved forward secure elliptic curve signcryption key management scheme for wireless sensor networks

Lecture Notes in Electrical Engineering 2013 215 141 149

10.1007/978-94-007-5860-5_17

2-s2.0-84874148363

12.

Dutta

Chang

E.-C.

Mukhopadhyay

Efficient self-healing key distribution with revocation for wireless sensor networks using one way key chains

Applied Cryptography and Network Security 2007 4521

Springer

385 400

10.1007/978-3-540-72738-5_25

13.

Gong

Zuo

Mei

Zhao

Enhanced key management scheme based on random key pre-distribution for wireless sensor networks

Future Information Technology 2014 309 343 348 Lecture Notes in Electrical Engineering

10.1007/978-3-642-55038-6_52

14.

Jaiswal

Kumar

Tripathi

Design of secure group key agreement protocol using elliptic curve cryptography

Proceedings of the International Conference on High Performance Computing and Applications (ICHPCA '14)

December 2014

Bhubaneswar, India

IEEE

1 6

10.1109/ichpca.2014.7045305

2-s2.0-84925424563

15.

Castillejo

Martínez-Ortega

J.-F.

López

Alcón

J. A. S.

SensoTrust: trustworthy domains in wireless sensor networks

International Journal of Distributed Sensor Networks 2015 2015 10

484820

10.1155/2015/484820

2-s2.0-84936991168

16.

Perrig

Szewczyk

Tygar

J. D.

Wen

Culler

D. E.

SPINS: security protocols for sensor networks

Wireless Networks 2002 8 5 521 534

10.1023/a:1016598314198

2-s2.0-0036738266

17.

Tan

Zic

Jha

S. K.

Ostry

Secure multihop network programming with multiple one-way key chains

IEEE Transactions on Mobile Computing 2011 10 1 16 31

10.1109/TMC.2010.140

2-s2.0-84879075682

18.

Zhang

Varadharajan

Wireless sensor network key management survey and taxonomy

Journal of Network and Computer Applications 2010 33 2 63 75

10.1016/j.jnca.2009.10.001

2-s2.0-75149127612

19.

Challener

Yoder

Catherman

A Practical Guide to Trusted Computing 2007

Pearson Education

20.

Wen

Corke

Wen

C. S.

Overs

secFleck: a public key technology platform for wireless sensor networks

Wireless Sensor Networks: 6th European Conference, EWSN 2009, Cork, Ireland, February 11–13, 2009. Proceedings 2009 5432

Berlin, Germany

Springer

296 311 Lecture Notes in Computer Science

10.1007/978-3-642-00224-3_19

21.

Yang

Zhou

Deng

R. H.

Bao

Better security enforcement in trusted computing enabled heterogeneous wireless sensor networks

Security and Communication Networks 2011 4 1 11 22

10.1002/sec.179

2-s2.0-79951805456

22.

Kolhe

Dhage

Trusted platform for support services in cloud computing environment

Proceedings of the International Conference on System Engineering and Technology (ICSET '12)

September 2012

Bandung, Indonesia

IEEE

10.1109/icsengt.2012.6339296

2-s2.0-84871112351

23.

Santos

Gummadi

K. P.

Rodrigues

Towards trusted cloud computing

Proceedings of the Conference on Hot Topics in Cloud Computing (HotCloud '09)

2009

San Diego, Calif, USA

24.

Shen

Yan

Cloud computing system based on trusted computing platform

Proceedings of the International Conference on Intelligent Computation Technology and Automation (ICICTA '10)

May 2010

Changsha, China

942 945

10.1109/ICICTA.2010.724

25.

Shen

The protection for private keys in distributed computing system enabled by trusted computing platform

Proceedings of the International Conference on Computer Design and Applications (ICCDA '10)

June 2010

Qinhuangdao, China

IEEE

V5-576 V5-580

10.1109/iccda.2010.5541169

2-s2.0-77955865090

26.

Gupta

S. K.

Jana

P. K.

Energy efficient clustering and routing algorithms for wireless sensor networks: GA based approach

Wireless Personal Communications 2015 83 3 2403 2423

10.1007/s11277-015-2535-7

2-s2.0-84938292473

27.

Azharuddin

Jana

P. K.

A distributed algorithm for energy efficient and fault tolerant routing in wireless sensor networks

Wireless Networks 2015 21 1 251 267

10.1007/s11276-014-0782-2

2-s2.0-84927804535

28.

Heinzelman

W. R.

Chandrakasan

Balakrishnan

Energy-efficient communication protocol for wireless microsensor networks

Proceedings of the IEEE 33rd Annual Hawaii International Conference on System Sciences

January 2000

Maui, Hawaii, USA

10.1109/HICSS.2000.926982

29.

Madhav

T. V.

Sarma

Energy efficient cluster routing protocol for heterogeneous wireless sensor networks

Advances in Communication, Network, and Computing: Third International Conference, CNC 2012, Chennai, India, February 24-25, 2012, Revised Selected Papers 2012 108

Berlin, Germany

Springer

452 455 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

10.1007/978-3-642-35615-5_74

30.

Qing

Zhu

Wang

Design of a distributed energy-efficient clustering algorithm for heterogeneous wireless sensor networks

Computer Communications 2006 29 12 2230 2237

10.1016/j.comcom.2006.02.017

2-s2.0-33745914280

31.

Smaragdakis

Matta

Bestavros

SEP: a stable election protocol for clustered heterogeneous wireless sensor networks

Proceedings of the Second International Workshop on Sensor and Actor Network Protocols and Applications (SANPA '04)

2004

32.

Younis

Fahmy

HEED: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks

IEEE Transactions on Mobile Computing 2004 3 4 366 379

10.1109/tmc.2004.41

2-s2.0-10944266504

33.

Research of trusted network architecture in wireless sensor networks

Journal of Convergence Information Technology 2011 6 7 252 259

10.4156/jcit.vol6.issue7.31

2-s2.0-79961076082

34.

Yussoff

Y. M.

Hashim

Trusted wireless sensor node platform

Proceedings of the World Congress on Engineering (WCE '10)

June 2010

London, UK

6 Memory

35.

Perrig

Canetti

Tygar

J. D.

Song

Efficient authentication and signing of multicast streams over lossy channels

Proceedings of the IEEE Symposium on Security and Privacy

May 2000

Berkeley, Calif, USA

56 73

2-s2.0-0033690336

36.

Eastlake

III Jones

US Secure Hash Algorithm 1 (SHA1) 2001

37.

Levis

Madden

Polastre

TinyOS: an operating system for sensor networks

Ambient Intelligence 2005

Berlin, Germany

Springer

115 148

38.

Kumar

Ylianttila

Gurtov

Lee

S.-G.

Lee

H.-J.

An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications

Sensors 2014 14 2 2732 2755

10.3390/s140202732

2-s2.0-84893906839

A Trusted and Energy Efficient Approach for Cluster-Based Wireless Sensor Networks

Abstract

1. Introduction

2. Related Work

3. Preliminaries

3.1. Trusted Network Architecture

3.2. Energy Consumption Model

4. Trusted and Energy Efficient Approach

4.1. Trusted Module Design and Functions

4.1.1. TM Design

4.1.2. TM-Based CH Authentication

4.1.3. TM-Based CM Authentication

Step 1.

Step 2.

Step 3.

Step 4.

Step 5.

4.2. Clustering Algorithm

4.2.1. Initial Clustering

4.2.2. Final Clustering

Step 1.

Step 2.

Step 3.

Step 4.

Step 5.

Step 6.

Step 7.

Step 8.

4.3. Network Operation

Step 1 ( B S ( T E E C ) → C l u s t e r s ( S 1 , S 2 , … , S m - k , S l a s t ) ).

Step 2 (TM-based CHs authentication).

Step 3 (TM-based CMs authentication).

Step 4 (TM-based key establishment).

Step 5 (data collection and transmission).

5. Approach Evaluation

5.1. Security Analysis

5.2. Simulation Results for TEEC

5.2.1. Simulation Settings

5.2.2. Simulation Results for Different Parameter Intervals of TEEC

5.2.3. Simulation Results for Different Trusted Hardware Based Clustering Algorithms

5.2.4. Simulation Results for Different Clustering Algorithms

5.3. Discussions about Proposed Approach

6. Conclusion

Footnotes

Competing Interests

Authors' Contributions

Acknowledgments

References

Step 1 ( $B S (T E E C) \to C l u s t e r s (S_{1}, S_{2}, \dots, S_{m - k}, S_{l a s t})$ ).