27-08-2014, 02:08 PM
A Dynamic Cryptographic Algorithm To Provide
Nodal Level Security In Wireless Sensor Network
A Dynamic.pdf (Size: 153.04 KB / Downloads: 12)
Abstract
—Wireless sensor networks (WSNs) continue to evolve
as one of the most exciting and challenging research areas. There
are many applications of wireless sensor networks that collect and
disseminate sensitive and important information. For successful
operation of many of the sensor node applications, it is necessary
to maintain the privacy and security of the data stored in the
sensor nodes and of the transmitted data. The security models
and protocols used in the wired and other networks such as
ad-hoc networks are not suitable for WSNs due to their severe
resource constrictions. Thus there is a lack of an agreeable and
most effective way of securing the information. In this paper a
unique, dynamic cryptographic algorithm to provide security to
the wireless sensor network by securing the individual nodes of
the network, has been proposed.
I. INTRODUCTION
One of the greatest challenges in WSNs is secure
communication which is characterized by the following
characteristics:-
• Authentication: Receiver node should be able to
verify the ID of the sender node and thus be able to
verify the validity and genuineness of the received data.
• Integrity:- Integrity means that no data falsefication
takes place during transmission.
• Confidentiality:- Data must be protected from being
captured by adversaries.
Due to the stringent resource and performance
constrictions none of the currently available security
protocols are completely agreeable. So a scheme
which uses a unique dynamic encryption-decryption
cycle, allowing the use of lightweight mathematics to
prevent the individual nodes from being compromised
by adversaries, is proposed. The use of lightweight
mathematics for performing encryption-decryption saves
energy. This scheme also allows the use of a single
or a small set of network-wide shared keys, which are
embedded into the nodes before their deployment so
that the extra transmission cost incurred in setting up
shared keys in the network after the deployment of the
nodes can be avoided as opposed to the most of the
currently available security protocols. Transmission of
data in WSNs take up 80% of the total power used in
the network. Thus this scheme can save a substantial
amount of power.
The rest of the paper is organized as follows. In section
two we discuss the related works done so far in securing
wireless sensor networks. Section three describes the proposed
scheme in detail accompanied with calculations. Section four
describes the details associated with implementation of the
scheme. Section five shows simulation details.In section six
an analysis of the algorithm of this scheme has been shown.
In section seven conclusion of the paper is given and in
section eight the future scope of this scheme is highlighted.
II. RELATED WORK
Security in WSN has not been researched extensively. The
currently available security protocols use the key management
techniques to establish secure communication between two or
more sensor nodes and also between the sensor node and the
base-station. A brief review of the popular key-management
schemes used in WSNs [1] and their drawbacks is given in
this section.
• Single network − wide key : This scheme uses a
single network-wide key for data transmission. It is the
simplest technique from the point of view of energy
and memory consumption and avoidance of complex
protocols.
Main drawback is that if a single node gets compromised,
the entire network also gets compromised.
• Pairwise key establishment scheme : This
scheme requires each of the nodes to establish unique
keys with all the other nodes which puts an additional
communication overhead on the nodes. Also the nodes
are required to maintain all the keys in their memory
which is expensive from the memory point of view.
These overheads limit the sensor nodes mobility as well
as scalability.
• Trusted base − station : This scheme uses the
centralized key distribution centre (KDC) approach. The
drawbacks are that it is not scalable and the base station thus the entire network gets compromised since K1 is the
only network-wide shared key used
for message transmission among the different nodes and
also among a node and a base station. So to address this
security threat K2 is made dynamic
by changing its value periodically. So that by the time
the attacker comes close to guessing the value of K2, it
gets changes as a result rendering
K2 unsure for the attacker. But before changing the value
of K2 the data and K1 are decrypted, both of which were
encrypted by the old value of K2, and
again are encrypted with the new value of K2 after
changing it. To ensure that the data and K1 are safe
during th period for which they are
left exposed i.e the time required to decrypt and reancryptham
B. Time period calcualation
Let K2 be a 32-bit value.
Number of possible values of K2 = N = 232*(1 ÷ 2) =
4.29*109*(1 ÷ 2)
N also denotes the number of guesses required by the attacker
to guess the value of K1 using brute force method.
Therefore the probability that the attacker guesses K2 = G =
1 ÷ (4.29 ∗ 109 ∗ (1 ÷ 2)). Thus it is seen that the probability
of guessing the value of K2 is very small.
Hence, if the attacker takes time ’t’ to perform one guess
operation, then the time ’T’ required to perform N guesses
= 4.29*109*(1 ÷ 2)*t.
Thus, the ideal time period after which K2 should be changed
is T. But to maintain the safe gap as mentioned in the
pervious section to keep the data and K1 safe during the
negligible period when K2 is changed and the data and
K1 are re-encrypted, over which it if left un-encrypted, the
time period of changing K2 will practically be T-Δ, where
Δ is the time taken to change K2 and re-encrypt data and K1.
C. Energy consumption calculation
The simulation was done on a theoretical basis. Since
the entire simulation was done on a Unix system running
on Intel’s Core Duo, a 32-bit architecture, the assembly
language generated by the simulation was converted to Atmel
ATMEGA 128L’s[23] instruction set.
IV. DETAILS OF IMPLEMENTATION
As stated earlier, energy is a major concern in WSNs. The
sensor nodes are generally powered by Nickel-Cadmium or
Lithim-ion betteries. So care must be taken that the operations
performed at the nodes are not computationally heavy thereby
consuming more energy of the nodes.Else the nodes will
not last for a substantial amount of time. This is the main
reason that the conventional cryptographic methods such as
RSA and other asymmetric cryptographic techniques cannot
be used for data security at the nodes or for transmission of
messages.
So keeping this in mind the algorithm and some of its vital
components have been designed to be energy efficient. The
implementation details are shown below.
A. Algorithm for encrypting the sensed data and K1
The K2 which is generated using an RNG designed using
the system time,shown in the algorithm within the while
loop, is used to encrypt the sensed data and the network-wide
shared key K1 using a simple XOR operation. XOR is also
used in the simulation as the encryption algorithm for data
transmission in the network. So the data is encrypted by K1
using XOR operation.
Since one of the goals of this cryptographic method is to keep
the computation as minimum as possible and also since an
easily invertible operation is needed, XOR has been chosen as
the encryption operation. Though a single XOR operation by
itself is not cryptographically secure but with the periodically
changing K2 it becomes cryptographically robust.
The algorithm used for encrypting the data and K1 using K2
is shown below.
long k2 = 25, data = 1768212, k1 = 74589231;
Encrypt By Network Key() {
data=data∧data;
VII. CONCLUSION
Based upon the thorough theoretical analysis it can be
concluded that the proposed scheme is efficient both in terms
of energy and memory. It provides a high degree of security
against brute force attack which is the most common type
of cryptanalytic attack.Also it reduces the overall energy
consumption in the wireless sensor network by making the
nodes secure enough to use a single ( or small pool of)
network-wide shared key(s) by ensuring that the nodes cannot
be compromised by a remote attacker by simply decrypting
the vital information present in a node using brute force
attack. Thus it greately reduces the communication required
in the complex keying schemes used in key-management
techniques as discussed in section I and as 80% of the
overall energy of a node is used up in communication, this
scheme can help in prolonging the longevity of the nodes in
a sensor network. Also by reducing the mutual dependency
for security amongst the nodes(contrary to many popular
key-management schemes), it allows greater mobility and
also reduces the problem of mutual re-keying relevant in the
pairwise keying schemes due to the deactivation of the power
constrained sensor nodes.Thus it allows greater scalability.