A Review on Security of Wireless Sensor Networks using Elliptic Curve Cryptography Mamta Tewari1 and Kunwar Singh Vaisla2 1
M.Tech Student, 2Associate Professor, Department of Computer Science & Engineering BT Kumaon Institute of Technology, Dwarahat, District–Almora, Uttarakhand, India e-mail:
[email protected],
[email protected] 1,2
Abstract—Wireless sensor networks (WSNs) consist of low cost and small sensor nodes distributed widely across a particular region. WSNs are deployed for wide fields like for military, health, check disaster areas and analyze product quality and so on. As the WSNs are emerging but the security part is still need to be enhanced so as to build more confidence on them. The limitations associated with them like low memory, low power, processing complexity is confining them to use only symmetric cryptographic operations instead of public key cryptography which has its own benefits. In this paper we have analyzed the importance of Elliptic curve cryptography (ECC) for WSN providing more security with fewer complexities for these resource constrained networks then other public key cryptosystems like RSA Keyword: WSNs, Resource Constrained Device, Security, Public Key Cryptography, ECC
I. INTRODUCTION A sensor network is build of small sensor nodes that are deployed in a large amount either inside the application area or in proximity of it. Sensor nodes are ad hoc in nature and can be altered accordingly. It will enable them to manage them on their own.
Fig. 1: Components of Sensor Node
The sensor nodes are responsible for sensing the data, process it with in-built microcontroller and transmit the results to the base station through the transceivers. The base station is more powerful node linked with central station via satellite or internet communication. The constraints of a sensor node [1][7]. A. Small Size The amount of memory and storage space of a sensor device is small for the code size of security algorithms.
B. Power The sensor nodes are battery operated so energy is the biggest limitation to wireless sensor working. C. Memory Sensors have small memory space, so the sizes of the keys that need to be stored are also kept at a minimum length. TABLE I: SENSOR N ODES AND THEIR MEMORY SPACES Sensor Node
IMote 2.0 Mica2 TelosB Ubimote2
Microcontroller
Marvell PXA271 ATMEGA 128L TI MSP430 TI's MSP430F2618
Program and Data Memory 32 MB SRAM 4K RAM 10k RAM 8k RAM
External Memory 32 MB Flash 128k Flash 48k Flash 116k Flash
D. Communication Bandwidth On comparison with other wireless networks, WSN has lower bandwidth and hence the amount of data sent and received by the sensor nodes is less. E. Unreliable Communication The sensor nodes communicate through connectionless protocol which in fact brings many threats to sensor nodes. This paper discusses the significance of Public key cryptosystem for WSN and main focus is on Elliptic Curve Cryptography. The paper is organized as follows: Section II shows the utility of cryptography in WSN, importance of ECC over other PKC (RSA, ElGamal) and provides a basic knowledge of Elliptic Curve Cryptography (ECC), Section III gives some security techniques based on ECC for WSN. Section IV concludes the review of security issues and discusses efficiency of ECC over other PKC like RSA for WSN.
II. UTILITY OF CRYPTOGRAPHY IN WSNS Security is the most important aspect of the sensor networks. The requirement of security in sensor networks emerges to provide authentication, integrity, confidentiality during the communication in sensor network. As the WSN popularity is rising so do the need of tight security measures for it. Cryptography is a widely used technique to provide security. There are following ways to apply cryptographic operations–Symmetric key techniques, Asymmetric key techniques. Since WSN
A Review on Security of Wireless Sensor Networks using Elliptic Curve Cryptography u 93
are resource constrained devices, a light weight cryptographic algorithm is required for the security of WSN. A. Cryptographic Techniques The security involves the use of relevant cryptographic approach to WSN which should be applicable in spite of the constraints associated with WSN. As stated earlier, sensor nodes are limited in their computational capacity and memory capabilities, so the classical cryptographic techniques cannot be simply applied to WSNs. 1) Symmetric cryptographic techniques In symmetric cryptographic techniques, a unique secret key is shared between two communicating nodes for encryption and decryption both. The shared key is required to be kept secret in the communication network, which is a daunting task in WSN environment which is exposed to external threats. 2) Asymmetric cryptographic techniques Asymmetric cryptography is also called as Public key cryptography (PKS). Stallings [8] describes that public key algorithms depends on mathematical functions, instead of permutation and substitution. In PKS, two types of keys play important role, a private key known to its owner and a public key publically known. A private key can be used to decrypt and sign data whereas a public key can be used to encrypt and verify data. Public key cryptography is known to be computationally complex as it involves large integer arithmetic.
Cryptography (ECC) are the most widely used public-key cryptography systems nowadays. Though Public key cryptosystems need lot of resources but still are capable of curbing the drawbacks of symmetric key systems. Due to the smaller key size ECC comes out as a better option for the limited resource devices for practical implementation. C. Elliptic Curve Cryptography In 1985, Neal Koblitz [3] and Victor Miller [4] independently proposed elliptic curves to design public key cryptographic systems. Nowadays, resource constrained networks are adopting Elliptic Curve Cryptography (ECC) because ECC offer equal security for a very small key size, thus minimizing the processing overhead. ECC is a public key cryptography system, in which the entities participating to communicate has a pair of keys known as public and private key and a set of operations associated with the keys for performing cryptographic operations. ECC is based on elliptic curves in which the variables and coefficients are confined to elements of a finite field. Cryptography use the following two families of elliptic curves: prime curves defined over Qp and binary curves defined over F(2p). Prime curves are profoundly used due to their easy implementation in software and simple arithmetic. A finite field Qp, where p is an odd prime number, is defined as a set of all integers between 0 and p–1. The elliptic curves over a finite field are defined by y2 mod p = (x3 + ax + b) mod p, It can be represented as Ep (a, b). A point on the elliptic curve can be represented as P = (x, y), where x, y ∈ Qp [10].
B. Public key Cryptosystem over Symmetric key Cryptosystem Security is critical issue for a variety of sensor network applications like military which deals with the highly confidential information, enemy tries to attack the vulnerability exists in the WSNs. For securing the system a high level of security is required. Although Symmetric key systems are efficient for the resource constrained networks as it involves less computational efforts, memory requirement than PKC. And also the key length in case of symmetric cryptosystem is less as compared to PKC. Due to resource constrained nature of sensing devices implementation of symmetric key algorithms is thought to be ideal WSN. But there are certain issues like scalability [14], key distribution and key management problem with the symmetric key algorithms. For symmetric schemes there is a requirement of pre-distribution of keys whereas the key distribution and management schemes for PKC are flexible. For sensitive applications like military surveillance, PKC systems provide a more secure communication over exposed channels without exchanging a secret key unlike symmetric key systems. RSA and Elliptic Curve
Fig. 2: Example of Elliptic Curve [8]
Elliptic curves over finite fields have various important properties such as additive identity, negation of a point, point addition, point doubling, and point multiplication [8]. 1) Elliptic Curve Discrete Logarithm Problem (ECDLP) Suppose, two points on an elliptic curve R and S such that S = r*R, where r is a scalar. It is called as point multiplication and is computed by repeatedly adding point P k times. The hardness of ECC depends on the computation of k when Q and P are known and is
94 u First International Conference on Advances in Computing & Communication Engineering (ICACCE-2014)
called as the Elliptic Curve Discrete Logarithm Problem (ECDLP) [8]. D. ECC Better than RSA for WSN The PKC is thought to be computationally costly for the resource constrained devices but in [12] authors, with the help of their new algorithm which minimizes the memory access implemented ECC without using any supplementary hardware, thus supports the fact that ECC is feasible for such devices. They implement ECC in an Atmel ATmega128 at 8 MHz and compute time for 160-bit ECC point multiplication as 0.81s. TABLE II: COMPARISON OF KEY SIZES FOR RSA & DH AND ECC [10] RSA and Diffie Hellman 1024 2048 3072 7680 15360
Elliptic Curves Cryptography 160 224 256 384 512
The table compares the key sizes of cryptography techniques. It can be seen that RSA with 1024 bit keys provides the same level of security as provided with ECC with 160 bit keys. The beauty of ECC lies on the hardness of ECDLP as the best known algorithm takes exponential time to solve this problem and therefore is efficient over RSA which takes sub- exponential time.
III. SECURITY ALGORITHMS UTILIZING ECC FOR WSN Elliptic Curve Cryptography was first projected by victor Miller and independently by Neal Koblitz in the mid-1980s and has fostered into a strong public-key cryptosystem. Compared to its traditional counterparts, ECC offers the equal level of security using much smaller keys. This result in faster computations and reserves in memory, power and bandwidth those are especially important in constrained environments. In 2008 Liu and Ning [9], presented the design, implementation, and evaluation of Tiny ECC, a configurable library for ECC operations in wireless sensor networks. The primary task of Tiny ECC is to provide a ready-made, publicly available software package for ECC-based PKC operations that can be flexibly configured and integrated into sensor network applications. A key exchange protocol (ECDH), a digital signature scheme(ECDSA), and a public encryption scheme(ECIES) are given by Tiny ECC on platform of MICAz, TelosB, Tmote Sky, and Imote2. To make it computation and storage efficient Tiny ECC uses many established optimizations for ECC algorithms which can be turned on or off based on the need of designer. Encryption and digital signature are two important cryptographic operations which ensure confidentiality and authentication respectively. Till 1997 they were considered as two separate operations. However, in 1997 Zheng [5] gives a new cryptographic technique
called ‘‘Signcryption’’ which amalgamate the functionalities of both encryption and digital algorithm in one logical operation. In this scheme the sender extract the secret key used for symmetric encryption from the recipient’s public key. The recipient after getting the cipher text and digital signature uses his private key to extract the secret key and verifies. Another Signcryption scheme introduced by Zheng [6] is based on elliptic curve, saves around 58% computational cost and 40% communication cost than signature-then-encryption scheme. Kishore Rajendiran et al. [10] proposed a secure key predistribution scheme for WSN using ECC. The role of Key management in achieving security in WSNs is quite important. In the proposed method, each sensor node is given, a “seed key” (a unique point in an elliptic curve) before its deployment. By using the point doubling operation on the seed key private key for each sensor node is generated. A link is established between two nodes which share same private key. The probability of two nodes sharing the same private key could be increased by appropriately choosing the value of the prime field and key ring size. The WSN formed using this scheme has higher connectivity. In [11], a Public-key based false Data Filtering scheme is proposed influenced by Shamir’s [2] secret sharing theory threshold cryptography and Elliptic Curve Cryptography (ECC). Scheme potentially rejects 100% of false data packets and it is practically implemented on MICAz motes. Authors in [13] give a protocol with the benefit of having low computation time on comparison with other protocols to generate shared session keys between two communicating parties. This protocol leverages the curve discrete logarithm problem (ECDLP) and based on the hardness of ECDLP and MQV protocol and is quite efficient for key agreement in limited resource devices.
IV. CONCLUSION While analyzing Public key cryptosystem for WSN it is found that RSA is not an efficient security mechanism for the resource constrained networks like WSN but ECC can be thought as a convenient option. For smaller key size like 160 bit ECC provides same level of security as provided by 1024 bit RSA. The smaller key size leads to reduced processing and communication cost. In short, security algorithms depends on ECC can be efficiently deployed for networks with limited resources hence giving a new and improved dimension to the security of WSN.
REFERENCES [1]
[2]
John Paul Walters, Zhengqiang Liang, Weisong Shi and Vipin Chaudhary, (2006) Security in Distributed, Grid, and Pervasive Computing, Yang Xiao, (Eds.) Chapter-17, Auerbach Publications, CRC Press Adi Shamir, “How to share a secret”, proceedings in Communications of the ACM, v.22 n.11, p.612-613, 1979
A Review on Security of Wireless Sensor Networks using Elliptic Curve Cryptography u 95 [3]
[4] [5]
[6]
[7]
[8] [9]
Miller, V.: Uses of elliptic curves in cryptography, advances in cryptology. In: Crypto’85, Lecture Notes in Computer Science. Volume 218., Springer-Verlag (1986) 417–426 Koblitz, N.: Elliptic curve cryptosystems. Mathematics of computation 48 (1987)203–209 Y. Zheng, "Digital signcryption or how to achieve Cost (Signature & Encryption)
