security routing in wireless sensor networks
TRANSCRIPT
-
8/2/2019 Security Routing in Wireless Sensor Networks
1/4
Secure-EEDR: Dynamic key exchange protocol based on Diffie-Hellman
algorithm with NOVSF code-hopping technique for wireless sensor networks
Vishnu Kumar, Yunjung Park, Dugki MinSchool of Information and Communication Engineering
Konkuk UniversitySeoul, Korea
{vishnu, sm6280p, dkmin}@konkuk.ac.kr
Eunmi ChoiSchool of Business ITKookmin University
Seoul, [email protected]
Abstract Secure data transmission and data routing are
critical in designing cluster based sensor network. This
paper presents a secure energy efficient dynamic routing
scheme (SEEDR) for wireless sensor networks. SEEDR uses
a symmetric cryptography algorithm to support security.
The dynamic key exchange protocol based on DH (Diffie-
Hellman) algorithm is proposed, with non blocking OVSF
codes. Our analytical model and the security analysis provethat SEEDR increase data communication security and
consume less communication energy.
Keywords-Diffie-Hellman algorithm, NOVSF codes,
mobile robot, clustered wireless sensor networks
I. INTRODUCTIONWireless sensor network consist hundreds of small
sensor node [1], each node has the sensing ability with lesscomputational and communication power [2]. Even thoughSensor node has a basic hardware and software formanipulating the given task [3], the limitations for
processing power is still exist. Research efforts on powerlimitations are the top priority in sensor networkdevelopment. Such sensor nodes are applied in the vastvariety of environments for public safety, trafficmanagement, home security application and Military [4],[5], [6]. These application areas need certain amount ofsecurity. Since sensor networks are power constrains,
providing security is critical compared to conventionalnetworks. Very few researches have been reported insensor network security so far. Among them few popularsecurity protocols are [7], [8], [9].
Asymmetric cryptography algorithms are not suitablefor sensor network due to its computational power,
storage, and energy constrains. Symmetric cryptographicalgorithm is well suited for sensor networks, because of itsless computation and memory usage [10]. But thesealgorithms provide less security when compared toAsymmetric cryptography algorithms, both security andenergy become a trade off in development.
In this paper, we compromise both security and energy by using non-blocking OVSF [11] with DH (Diffie-Hellman) algorithm. We implemented DH-NOVSF baseddynamic key exchange protocol for sensor networks. Atfirst we use the DH algorithm to generate the public keyand then transferred to the network, based on the publickey the nodes generate their own private key. Using thegenerated private key the node used to encrypting the data.
Along with the frame packet the node append its generatedpublic key and transfer to the base station. This makes highsecurity as well as less energy consumption. Conceptual
process of the algorithm is illustrated in figure.1 (a).Attackers cannot decrypt the information unless the privatekey is known. Using the public key the attackers cannotgenerate the private key.
(a) (b)
Figure 1. (a) Conceptual flow of the SEEDR algorithm, (b) Examplemodel [12] of our network where U-robot is used as the agent to collect
the data and balance the energy consumption.
II. EEDRPROTOCOLEnergy efficient dynamic routing protocol (EEDR)
[12] has four stages namely: cluster setup stage, routingstage, data aggregation stage, and localization andnavigation stage. This paper is based on EEDR protocol;nodes are formed as clusters randomly based on the
probability. The set of nodes S= {s1,s2,s3,.sn} which hasnot been selected as a cluster head for (1/p) round, will beselected as the cluster head for the current round, the
threshold value [13] T(n) is calculated as
, (1)
Where G is the set of nodes that are involved in thecluster heads election.
Once the cluster head is selected, the entire memberwill join to the particular cluster head to transmit the datafrom the environment. The cluster head transfers the datato the U-robot via single-hop or multi-hop manner.Figure.2 shows an example how the EEDR protocol workswith the U-robot. It starts by announcing the message from
U-robot to the cluster head; once the cluster head receivesthe member node data it forwards the data to U-Robot. Theuniqueness of our protocol lies in its simplicity and energy
2010 International Conference on Innovative Computing and Communication and 2010 Asia-Pacific Conference on Information Technology and Ocean Engineering
978-0-7695-3942-3/10 $26.00 2010 IEEE
DOI 10.1109/CICC-ITOE.2010.34
102
-
8/2/2019 Security Routing in Wireless Sensor Networks
2/4
efficiency. The member node blindly sends the data to thecluster head without any computation.
(a) (b)
Figure 2. Data aggregation in EEDR protocol where the U-robotcollects the information from the cluster head.
Therefore wastage of energy at member node is veryless compare to landmark algorithms. Furthermore eachnode only knows about its cluster heads, so it reduces thememory usage.
III. SEEDRPROTOCOLA.Assumption
We assume that the communication architecture asfigure.1 (b). The mobile U-robot deployed without any
prior knowledge of the network. All the other sensor nodesare stationary. The U-robot has more power whencompared with the sensor node, and has more coveragearea than sensor node. It has enough memory to store andmanipulate the encrypted data. At the deployment stage itis assumed that all nodes have Mba and P.
B.Details of secure-EEDR protocolThe communication between the networks is divided inthree categories: sensor node to cluster head
communication; cluster head to U-robot communication;mobile base station to all cluster head communication. Thesecurity is achieved for sensor network by implementingthe following phases.
Broadcast the public key (SKa) from U-Robot. Generate the private key (Ssb) based on SKa in
sensor node, performed in algorithm. Encrypt the data using generated private key (Ssb)
and transmit the data from sensor node to U-Robotvia cluster head using NOVSF code hopingtechnique.
Append the public key SKb
along with the data andthen send to the cluster head along with the nodeID#.
Generate authentication code (AC) using the publickey SKb and decrypt the data at U-Robot.
The U-robot, periodically broadcast a new public keywhen it moves to new location, this maintain the datafreshness. Sensor node receives broadcasted public key(SKa) and computes private key (Ssb) as of equation.4.Using the private key the sensor node encrypts the dataand forwards it along with the ID# and time stamp toverify data freshness. More over the security of ouralgorithm is ensured by sending the encrypted data using
NOVSF code-hoping technique. Each cluster head appendtheir ID# and energy level before it forwards the data to U-
robot. This helps U-robot to trace out the node which is notcapable to be a cluster head at next round.
IV. SEEDRALGORITHMStep1: U-robot Generates ephemeral key SKa with (Mba,Pra). Where Pra is pseudorandom number with the interval
(1, n-1) and perform modulo with P to generate ephemeralpublic key SKa (2). The SKa broadcasted to the entire nodewhich is under the coverage of the U-robot.
2Step2: Sensor node generates ephemeral key SKb with(Mnb, ) where Mba= Mnb. The Cluster member uses (4) to encrypt the data. The public key SKb (3) isappend with data before it sends to cluster head.
3
4
Step3: Sensor node i encrypt the data with generatedprivate key and appends ID# along with time stamp tothe encrypted data which is send to Cluster head.
Step4: Cluster head receives the data, append its ID# andsends the data via NOVSF code hoping technique to thehigher-level cluster head or U-robot.
Step5: Checks if there is any data coming to the U-robot,then compute the authentication key AC (5). U-robot thenuses to decrypt the data.
5In the above case we need to transfer only one
ephemeral public key SKa from U-Robot to member node.In general this key is appended with the beacon signal.Using the SKa the member node generates the private keyas mentioned above. The private key is used to encrypt thevaluable data. Therefore the attacker only knows the publickey SKa, SKb .Using both of the public key the attackercannot generate or compute the private key.
Behind that we use NOVSF code hoping technique[11] to transfer the data from source to base station. Bothof the algorithms allow the network to be more secure and
energy efficient.
V. NOVSFTECHNIQUESensor network are highly sensitive for energy
resource. Considering resource as a main concern,developing the secured protocol is highly challenging. To
provide more secure communication with less energyconsumption we use NOVSF code-hopping technique.This technique provides complete security withoututilizing additional power for implementation. In this
paper we use NOVSF codes to transmit the valuable datafrom the cluster member node to U-robot, which improvesthe security and spectral efficiency of the networks.
The NOVSF code has 64time slots, any number of timeslot can be assigned to a channel. Figure.4 illustrates anexample model of slot assignment with two channels. The
103
-
8/2/2019 Security Routing in Wireless Sensor Networks
3/4
proposed NOVSF method takes advantage by data frame block to time slots with two channels using different permutations in every session. U-robot sends differentmapping permutations to cluster heads when it moves tonew location.
Each node in the network transmits the encrypted datausing aforementioned method, and then applies the
NOVSF code-hoping technique. The advantage of thistechnique is it gives two levels of securities to network.The first once is by using the secured channel and secondone is by slot mapping.
Figure 3. NOVSF mapping with two channels where data frames aretransmitted in the following order in time: S2C1, S1C1, S2C2, S1C5,
S1C4, S2C7, S2C5, S1C8.
The advantage of using DH-NOVSF technique is evenif the malicious user finds NOVSF mapping the datacannot be decrypted with the public keys. Another keyadvantage of this method is that it increases security atnetwork layer without any additional energy.
VI. ANALYSIS AND EVALUATIONA. Security Analysis
In S-EEDR protocol we generate SKa and SKb to sharethe secret key among the U-robot and sensor node. Theauthentication code (AC) can be generated only using theephemeral public key SKb which is encapsulated with thedata frame packet. This method reduces one message
between sensor node and U-robot. In classical key sharingmethods, the keys are shared using individual messages,
but in our case the sensor node will encapsulate the keywith data message itself, this reduces the energy fortransmitting one message packet. By using the NOVSFcode-hopping technique we setup more secure channels
between the cluster member, cluster head and U-robot.The U-robot changes its public key when it moves to
another location for data collection and balance the energy
to increase the network life time. By changing the publickey in the interval of (1, n-1) the data freshness is alwaysensured. By assigning the NOVSF time slot it makes thenetwork to be more secured.
B.Evaluations1) Storage: Each sensor node store parameter P and
the private key Mnb, using these two values the sensornode and the U-robot generates public key SKa, SKb. The
parameter p, Mnb stored in EPROM of sensor node andSKa stored in temp accumulators for computation, it maychange at round (r-1). In our analysis we assume a keylength of 100bits, then Mnb, p each will cost100bitsx2=200bits, so the total storage of each entity weneed is only 2x100+ 1028 = 1228bits. As mentioned1028bits is used for cryptographic algorithms, like
blowfish [14], so the total amount of memory we spendfor security measures is 1228bits. This makes thedifference of our approach to be unique and simpler. Ouralgorithm reduces code size with its simple logic and also
be applied in smart-dust [15] project.2) Computation:The computation cost can be
analyzed only at the sensor node, based on cryptographicand arithmetic operations performed. Due to the abundantenergy at the U-robot, its computation cost is consideredas infinite. The details of the computation are illustrated intable1.
TABLE I. COMPUTATIONAL ANALYSIS
Operations Sensor node U-robot
Pseudorandomnumber generation
1-
Data decryption - 1K
Data encryption 1 1k
3) Communication: Sensor node need to transmit SKb,along with the data frame. Each sensor need toauthenticate the incoming public key SKa, which will cost100bitsX2=200bits added to the transceiver power costcalculation. So the average communication complexity isvery less for our scheme.
VII. CONCLUSION AND FUTURE WORKSIn this paper, we mainly present the design of Secure-
EEDR, a secure energy efficient dynamic routing protocol.The core idea of our protocol is derived by using Diffie-Hellman algorithm with NOVSF code-Hopping techniquewhich not only provides a variety of security features, but
also increase the efficiency of the entire network in termsof energy. It has been proved by simple analysis that ouralgorithm needs less storage, communication cost andcomputation power which makes the network more stableand secured. In future, we implement the algorithm
practically and validate our conclusion. We believe thatour security protocol increase the network security as wellas communication security for sensor network.
ACKNOWLEDGMENT
This Research was supported by MKE, Korea,under ITRC supported program supervised by NationalIT Industry Promotion Agency (NIPA-2009-C1090-
0902-0026).This paper was supported by MKE (The Ministryof knowledge Economy), Korea, under the developmentof Integrated Control SW Platform for AutomotiveElectronics Project (2008-S-007-02).
REFERENCES
[1] Akyildiz.I.F, Su.W, Sankarasubramaniam.Y, Cayirci.E, WirelessSensor Net-works:A Survey, Computer Networks 38, 393422(2002) .
[2] A. Sinha and A. Chandrakasan,Dynamic power management inwireless sensor networks, IEEE Design and Test of Computers,pp. 62-74, March-April 2001.
[3] P. Yanbin, W. Xiangyu and W. Youcha, The sensor network based on LONWORKS Technology, SICE 1999, Pr0001-3/99/0000-0897.
104
-
8/2/2019 Security Routing in Wireless Sensor Networks
4/4
[4] A. Mainwaring, J. Polastre, R. Szewczyk, D. Culler, and J.Anderson, Wireless sensor networks for habitat monitoring, inProceedings of ACM Workshop on Wireless Sensor Networks andApplications, Sep.2002, pp. 88-97.
[5] W. Chen, J. C. Hou, and L. Sha, Dynamic clustering for acoustictarget tracking in wireless sensor networks, IEEE Trans. MobileComput.,vol. 3, pp. 258-271, Jul.2004.
[6]
Yang Wang, Liusheng Huang, Junmin Wu, Hongli Xu, WirelessSensor Networks for intensive irrigated agriculture, IEEE Trans,pp. 197-201, Jun.2007.
[7] David J. Malan, Matt Welsh, Michael D. Smith, A Public-KeyInfrastructure for Key Distribution in TinyOS Based on EllipticCurve Cryptography, IEEE Trans.,pp71-80, 2004.
[8] Shengbao Wang1, Zhenfu Cao1, Maurizio Adriano Strangio andLihua Wang, Cryptanalysis and Improvement of an Elliptic CurveDiffie-Hellman Key Agreement Protocol, IEEE Communications,Dec 2007.
[9] Tony Chung and Utz Roedig, Poster Abstract: DHB-KEY - ADiffie-Hellman Key Distribution Protocol for Wireless SensorNetworks, IEEE Trans.
[10] A. Perrig, R. Szewczyk, J.D. Tygar, V. Wen, and D.E. Culler,SPINS: Security protocols for sensor networks, Wirelessnetworks 8,521-534, 2002, Kluwer Academic Publications.
[11] H. Cam, Nonblocking OVSF Codes and Enhancing NetworkCapacity for 3G Wireless and Beyond Systems, Special Issue ofComputer Communications on "3G Wireless and Beyond ForComputer Communications", Spring 2003.
[12]
Donghoon Lee, Vishnu Kumar Kaliappan, Duckwon Chung, DugkiMin, An Energy Efficient Dynamic Routing Scheme for ClusteredSensor Network Using a Ubiquitous Robot IEEE Trans., 198-203,Dec 2008.
[13] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan,Energy efficient communication protocol forwireless microsensornetworks, in Proceedings of the 33rd Hawaii InternationalConference on System Sciences, 2000.
[14] Hasan am, Suat zdemir, Devasenapathy Muthuavinashiappan,and Prashant Nair, Energy Efficient Security Protocol forWireless Sensor Networks, 2003 IEEE.
[15] K.S.J. Pister, J.M. Kahn and B.E. Boser, Smart dust: Wirelessnetworks of millimeter-scale sensor nodes (1999).
105