This paper presents a secure energy efficient dynamic routing scheme (SEEDR) for wireless sensor networks. SEEDR uses a symmetric cryptography algorithm to support security. The dynamic key exchange protocol based on DH (Diffie-hellman) algorithm is proposed, with non blocking OVSF codes.
This paper presents a secure energy efficient dynamic routing scheme (SEEDR) for wireless sensor networks. SEEDR uses a symmetric cryptography algorithm to support security. The dynamic key exchange protocol based on DH (Diffie-hellman) algorithm is proposed, with non blocking OVSF codes.
This paper presents a secure energy efficient dynamic routing scheme (SEEDR) for wireless sensor networks. SEEDR uses a symmetric cryptography algorithm to support security. The dynamic key exchange protocol based on DH (Diffie-hellman) algorithm is proposed, with non blocking OVSF codes.
Secure-EEDR: Dynamic key exchange protocol based on Diffie-Hellman
algorithm with NOVSF code-hopping technique for wireless sensor networks
Vishnu Kumar, Yunjung Park, Dugki Min School of Information and Communication Engineering Konkuk University Seoul, Korea {vishnu, sm6280p, dkmin}@konkuk.ac.kr Eunmi Choi School of Business IT Kookmin University Seoul, Korea emchoi@kookmin.ac.kr
AbstractSecure data transmission and data routing are critical in designing cluster based sensor network. This paper presents a secure energy efficient dynamic routing scheme (SEEDR) for wireless sensor networks. SEEDR uses a symmetric cryptography algorithm to support security. The dynamic key exchange protocol based on DH (Diffie- Hellman) algorithm is proposed, with non blocking OVSF codes. Our analytical model and the security analysis prove that SEEDR increase data communication security and consume less communication energy. Keywords-Diffie-Hellman algorithm, NOVSF codes, mobile robot, clustered wireless sensor networks I. INTRODUCTION
Wireless sensor network consist hundreds of small sensor node [1], each node has the sensing ability with less computational and communication power [2]. Even though Sensor node has a basic hardware and software for manipulating the given task [3], the limitations for processing power is still exist. Research efforts on power limitations are the top priority in sensor network development. Such sensor nodes are applied in the vast variety of environments for public safety, traffic management, home security application and Military [4], [5], [6]. These application areas need certain amount of security. Since sensor networks are power constrains, providing security is critical compared to conventional networks. Very few researches have been reported in sensor network security so far. Among them few popular security protocols are [7], [8], [9]. Asymmetric cryptography algorithms are not suitable for sensor network due to its computational power, storage, and energy constrains. Symmetric cryptographic algorithm is well suited for sensor networks, because of its less computation and memory usage [10]. But these algorithms provide less security when compared to Asymmetric cryptography algorithms, both security and energy become a trade off in development. In this paper, we compromise both security and energy by using non-blocking OVSF [11] with DH (Diffie- Hellman) algorithm. We implemented DH-NOVSF based dynamic key exchange protocol for sensor networks. At first we use the DH algorithm to generate the public key and then transferred to the network, based on the public key the nodes generate their own private key. Using the generated private key the node used to encrypting the data. Along with the frame packet the node append its generated public key and transfer to the base station. This makes high security as well as less energy consumption. Conceptual process of the algorithm is illustrated in figure.1 (a). Attackers cannot decrypt the information unless the private key is known. Using the public key the attackers cannot generate the private key.
(a) (b)
Figure 1. (a) Conceptual flow of the SEEDR algorithm, (b) Example model [12] of our network where U-robot is used as the agent to collect the data and balance the energy consumption. II. EEDR PROTOCOL Energy efficient dynamic routing protocol (EEDR) [12] has four stages namely: cluster setup stage, routing stage, data aggregation stage, and localization and navigation stage. This paper is based on EEDR protocol; nodes are formed as clusters randomly based on the probability. The set of nodes S= {s 1, s 2 ,s 3, .s n } which has not been selected as a cluster head for (1/p) round, will be selected as the cluster head for the current round, the threshold value [13] T(n) is calculated as
I(n) = P 1-p__mod[ 1 p __ , i n e 0 (1)
Where G is the set of nodes that are involved in the cluster heads election. Once the cluster head is selected, the entire member will join to the particular cluster head to transmit the data from the environment. The cluster head transfers the data to the U-robot via single-hop or multi-hop manner. Figure.2 shows an example how the EEDR protocol works with the U-robot. It starts by announcing the message from U-robot to the cluster head; once the cluster head receives the member node data it forwards the data to U-Robot. The uniqueness of our protocol lies in its simplicity and energy 2010 International Conference on Innovative Computing and Communication and 2010 Asia-Pacific Conference on Information Technology and Ocean Engineering 978-0-7695-3942-3/10 $26.00 2010 IEEE DOI 10.1109/CICC-ITOE.2010.34 102 Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply. efficiency. The member node blindly sends the data to the cluster head without any computation.
(a) (b)
Figure 2. Data aggregation in EEDR protocol where the U-robot collects the information from the cluster head. Therefore wastage of energy at member node is very less compare to landmark algorithms. Furthermore each node only knows about its cluster heads, so it reduces the memory usage. III. SEEDR PROTOCOL A. Assumption We assume that the communication architecture as figure.1 (b). The mobile U-robot deployed without any prior knowledge of the network. All the other sensor nodes are stationary. The U-robot has more power when compared with the sensor node, and has more coverage area than sensor node. It has enough memory to store and manipulate the encrypted data. At the deployment stage it is assumed that all nodes have Mb a and P. B. Details of secure-EEDR protocol The communication between the networks is divided in three categories: sensor node to cluster head communication; cluster head to U-robot communication; mobile base station to all cluster head communication. The security is achieved for sensor network by implementing the following phases. Broadcast the public key (SK a ) from U-Robot. Generate the private key (Ss b ) based on SK a in sensor node, performed in algorithm. Encrypt the data using generated private key (Ss b ) and transmit the data from sensor node to U-Robot via cluster head using NOVSF code hoping technique. Append the public key SK b along with the data and then send to the cluster head along with the node ID#. Generate authentication code (AC) using the public key SK b and decrypt the data at U-Robot.
The U-robot, periodically broadcast a new public key when it moves to new location, this maintain the data freshness. Sensor node receives broadcasted public key (SK a ) and computes private key (Ss b ) as of equation.4. Using the private key the sensor node encrypts the data and forwards it along with the ID# and time stamp to verify data freshness. More over the security of our algorithm is ensured by sending the encrypted data using NOVSF code-hoping technique. Each cluster head append their ID# and energy level before it forwards the data to U- robot. This helps U-robot to trace out the node which is not capable to be a cluster head at next round. IV. SEEDR ALGORITHM Step1: U-robot Generates ephemeral key SK a with (Mb a , Pr a ). Where Pr a is pseudorandom number with the interval (1, n-1) and perform modulo with P to generate ephemeral public key SK a (2). The SK a broadcasted to the entire node which is under the coverage of the U-robot.
Sk u = ((Hb u ) P c ) moJ P (2)
Step2: Sensor node generates ephemeral key SK b with (Mn b , Pr u o) where Mb a = Mn b . The Cluster member uses Ss b (4) to encrypt the data. The public key SK b (3) is append with data before it sends to cluster head.
Sk b = ((Hn b ) P c o ) moJ P (S)
Ss b = ((Sk u ) P c o ) moJ P (4)
Step3: Sensor node i encrypt the data with generated private key Ss b and appends ID# along with time stamp to the encrypted data which is send to Cluster head.
Step4: Cluster head receives the data, append its ID# and sends the data via NOVSF code hoping technique to the higher-level cluster head or U-robot.
Step5: Checks if there is any data coming to the U-robot, then compute the authentication key AC (5). U-robot then uses Ss u to decrypt the data.
AC = Ss u = ((Sk b ) P c ) moJ P (S)
In the above case we need to transfer only one ephemeral public key SK a from U-Robot to member node. In general this key is appended with the beacon signal. Using the SK a the member node generates the private key as mentioned above. The private key is used to encrypt the valuable data. Therefore the attacker only knows the public key SK a , SK b .Using both of the public key the attacker cannot generate or compute the private key. Behind that we use NOVSF code hoping technique [11] to transfer the data from source to base station. Both of the algorithms allow the network to be more secure and energy efficient. V. NOVSF TECHNIQUE Sensor network are highly sensitive for energy resource. Considering resource as a main concern, developing the secured protocol is highly challenging. To provide more secure communication with less energy consumption we use NOVSF code-hopping technique. This technique provides complete security without utilizing additional power for implementation. In this paper we use NOVSF codes to transmit the valuable data from the cluster member node to U-robot, which improves the security and spectral efficiency of the networks. The NOVSF code has 64time slots, any number of time slot can be assigned to a channel. Figure.4 illustrates an example model of slot assignment with two channels. The 103 Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply. proposed NOVSF method takes advantage by data frame block to time slots with two channels using different permutations in every session. U-robot sends different mapping permutations to cluster heads when it moves to new location. Each node in the network transmits the encrypted data using aforementioned method, and then applies the NOVSF code-hoping technique. The advantage of this technique is it gives two levels of securities to network. The first once is by using the secured channel and second one is by slot mapping.
Figure 3. NOVSF mapping with two channels where data frames are transmitted in the following order in time: S2C1, S1C1, S2C2, S1C5, S1C4, S2C7, S2C5, S1C8. The advantage of using DH-NOVSF technique is even if the malicious user finds NOVSF mapping the data cannot be decrypted with the public keys. Another key advantage of this method is that it increases security at network layer without any additional energy. VI. ANALYSIS AND EVALUATION A. Security Analysis In S-EEDR protocol we generate SK a and SK b to share the secret key among the U-robot and sensor node. The authentication code (AC) can be generated only using the ephemeral public key SK b which is encapsulated with the data frame packet. This method reduces one message between sensor node and U-robot. In classical key sharing methods, the keys are shared using individual messages, but in our case the sensor node will encapsulate the key with data message itself, this reduces the energy for transmitting one message packet. By using the NOVSF code-hopping technique we setup more secure channels between the cluster member, cluster head and U-robot. The U-robot changes its public key when it moves to another location for data collection and balance the energy to increase the network life time. By changing the public key in the interval of (1, n-1) the data freshness is always ensured. By assigning the NOVSF time slot it makes the network to be more secured. B. Evaluations 1) Storage: Each sensor node store parameter P and the private key Mn b , using these two values the sensor node and the U-robot generates public key SK a , SK b . The parameter p, Mn b stored in EPROM of sensor node and SK a stored in temp accumulators for computation, it may change at round (r-1). In our analysis we assume a key length of 100bits, then Mn b , p each will cost 100bitsx2=200bits, so the total storage of each entity we need is only 2x100+ 1028 = 1228bits. As mentioned 1028bits is used for cryptographic algorithms, like blowfish [14], so the total amount of memory we spend for security measures is 1228bits. This makes the difference of our approach to be unique and simpler. Our algorithm reduces code size with its simple logic and also be applied in smart-dust [15] project. 2) Computation:The computation cost can be analyzed only at the sensor node, based on cryptographic and arithmetic operations performed. Due to the abundant energy at the U-robot, its computation cost is considered as infinite. The details of the computation are illustrated in table1. TABLE I. COMPUTATIONAL ANALYSIS Operations Sensor node U-robot Pseudorandom number generation 1 - Data decryption
- 1K Data encryption
1 1k
3) Communication: Sensor node need to transmit SK b , along with the data frame. Each sensor need to authenticate the incoming public key SK a , which will cost 100bitsX2=200bits added to the transceiver power cost calculation. So the average communication complexity is very less for our scheme. VII. CONCLUSION AND FUTURE WORKS In this paper, we mainly present the design of Secure- EEDR, a secure energy efficient dynamic routing protocol. The core idea of our protocol is derived by using Diffie- Hellman algorithm with NOVSF code-Hopping technique which not only provides a variety of security features, but also increase the efficiency of the entire network in terms of energy. It has been proved by simple analysis that our algorithm needs less storage, communication cost and computation power which makes the network more stable and secured. In future, we implement the algorithm practically and validate our conclusion. We believe that our security protocol increase the network security as well as communication security for sensor network. ACKNOWLEDGMENT This Research was supported by MKE, Korea, under ITRC supported program supervised by National IT Industry Promotion Agency (NIPA-2009-C1090- 0902-0026). This paper was supported by MKE (The Ministry of knowledge Economy), Korea, under the development of Integrated Control SW Platform for Automotive Electronics Project (2008-S-007-02). REFERENCES [1] Akyildiz.I.F, Su.W, Sankarasubramaniam.Y, Cayirci.E, Wireless Sensor Net-works:A Survey, Computer Networks 38, 393422 (2002) . [2] A. Sinha and A. Chandrakasan,Dynamic power management in wireless sensor networks, IEEE Design and Test of Computers, pp. 62-74, March-April 2001. [3] P. Yanbin, W. Xiangyu and W. Youcha, The sensor network based on LONWORKS Technology, SICE 1999, Pr0001- 3/99/0000-0897. 104 Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply. [4] A. Mainwaring, J. Polastre, R. Szewczyk, D. Culler, and J. Anderson, Wireless sensor networks for habitat monitoring, in Proceedings of ACM Workshop on Wireless Sensor Networks and Applications, Sep.2002, pp. 88-97. [5] W. Chen, J. C. Hou, and L. Sha, Dynamic clustering for acoustic target tracking in wireless sensor networks, IEEE Trans. Mobile Comput.,vol. 3, pp. 258-271, Jul.2004. [6] Yang Wang, Liusheng Huang, Junmin Wu, Hongli Xu, Wireless Sensor Networks for intensive irrigated agriculture, IEEE Trans, pp. 197-201, Jun.2007. [7] David J. Malan, Matt Welsh, Michael D. Smith, A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography, IEEE Trans.,pp71-80, 2004. [8] Shengbao Wang1, Zhenfu Cao1, Maurizio Adriano Strangio and Lihua Wang, Cryptanalysis and Improvement of an Elliptic Curve Die-Hellman Key Agreement Protocol, IEEE Communications, Dec 2007. [9] Tony Chung and Utz Roedig, Poster Abstract: DHB-KEY - A Dife-Hellman Key Distribution Protocol for Wireless Sensor Networks, IEEE Trans. [10] A. Perrig, R. Szewczyk, J.D. Tygar, V. Wen, and D.E. Culler, SPINS: Security protocols for sensor networks, Wireless networks 8,521-534, 2002, Kluwer Academic Publications. [11] H. Cam, Nonblocking OVSF Codes and Enhancing Network Capacity for 3G Wireless and Beyond Systems, Special Issue of Computer Communications on "3G Wireless and Beyond For Computer Communications", Spring 2003. [12] Donghoon Lee, Vishnu Kumar Kaliappan, Duckwon Chung, Dugki Min, An Energy Efcient Dynamic Routing Scheme for Clustered Sensor Network Using a Ubiquitous Robot IEEE Trans., 198-203, Dec 2008. [13] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan, Energy efcient communication protocol forwireless microsensor networks, in Proceedings of the 33rd Hawaii International Conference on System Sciences, 2000. [14] Hasan am, Suat zdemir, Devasenapathy Muthuavinashiappan, and Prashant Nair, Energy Efficient Security Protocol for Wireless Sensor Networks, 2003 IEEE. [15] K.S.J. Pister, J.M. Kahn and B.E. Boser, Smart dust: Wireless networks of millimeter-scale sensor nodes (1999).
105 Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply.