[IEEE 2013 Fourth International Conference on Computing, Communications and Networking Technologies...
Click here to load reader
Transcript of [IEEE 2013 Fourth International Conference on Computing, Communications and Networking Technologies...
Security for Wireless Sensor Networks in Military
Operations
Rajat Gupta
Student, B.Tech IT
VIT University
Vellore , India
Pallavi Singh Student, B.Tech IT
VIT University
Vellore,India
Kaushal Sultania Archit Gupta
Student, B.Tech IT Student, B.Tech CSE
VIT University VIT University
Vellore , India Vellore, India
[email protected] [email protected]
Abstract:- The communication in military is vital for distribution
of commands, logistical information and proper functionality of
all units. It is must to have a secure channel through which
critical information is exchanged in real time and privacy of
information is maintained. Wireless sensor network can be used
in military application for monitoring militant activities like
tracking enemies and force protection. Wireless sensor network
has set of distributes sensors nodes which are connected to each
other. These sensor nodes are low powered, low cost, small in size
and can do limited amount of computation. But wireless sensor
network is vulnerable to various kinds of attacks like node
capturing, eavesdropping in communication links and man in the
middle or reply to a message. To ensure security, messages from
wireless sensor networks must be encrypted. Many key
agreement schemes have been proposed to ensure security but
most of them are quite complex. In this paper we are proposing
pre key distribution scheme for public key cryptography in
military communication by establishing secure key arrangement
between set of nodes in sensor network. This will improve
performance in term of memory usage, resource consumption,
resiliency against node capturing, scalability, resistant against
node replication and security in information sharing.
Keywords—Wireless sensor network; public key cryptosystem;
Elliptical Curve Cryptography; Military; Security.
I. INTRODUCTION
Enormous amount of research is going on in the field of
wireless sensors network these days. The significant amount
of development has been achieved over years and more is yet
to be achieved. Its involvement is growing in the field of
military services where communication is inevitable. But
wireless sensors are prone to various kinds of node capturing,
reply attacks and DOS attacks. If attacked node is not declared
dead and exchange of information is continued then
information is compromised. Therefore, there is more security
challenges involved where transmission of information takes
place through wireless medium.
Military communication should be resistant to
jamming, direction finding and other type of threats involved
during transmission of information. It should have medium
which must deliver message end-to-end securely. But
transmitting information over wireless sensor need encryption
so that data authentication, data confidentiality and data
integrity is achieved and maintained throughout the
transmission. Secure key agreement and distribution of key is
major issue regarding key management. It requires trusted
third party, KDC or a master station, which assure key
agreement between two nodes. An open research problem in
wireless sensor security is to design a bootstrapping
protocol[4] that establishes a secure communication
infrastructure for sensors where the nodes are pre-initialized
with secret keys without any prior direct contact with other
participating nodes. The complexity of the bootstrapping
problem statement complexity arises from various hardware
restrictions in the deployment of wireless sensor networks.
Since sensor nodes are resource constrained devices, they
can’t work using traditional key management techniques.
Even though public key cryptography is widely believed to
require high computational power, high memory several
recent researches have demonstrated an acceptable
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India
performance using public key architecture [6], [7], [8], [9].
Considering the resource limitations, elliptic curve based
cryptography is considered to be most suitable public key
algorithm for deployment in sensor network [10].
The focus of this paper is to propose a secure pre key
distribution scheme for wireless sensor network in military by using public key cryptography. In the proposed scheme all the
nodes are initialized with master public key and a set of
corresponding public and private key before their deployment.
Since every node has limited communication range, they
broadcast an empty message (ping protocol) and collects reply
from the nodes which are in their communication range and
later communicate using session keys (private key
cryptography) which is unique and private to them. But before
communication between any two nodes starts they must get
authenticated by the base station.
A sensor network is military is shown in figure. It has
a hierarchical network with three layers. Sensor Network
layer, coordination network layer and back end network layer.
Sensor Network Layer - This layer is used to monitor
environmental and physical conditions, such as pressure,
temperature etc. This layer co-operatively passes their data
through the network to a required location. These sensors
make use of ZigBee or Bluetooth technology and so they have
a short communication range. Therefore their power must be
enhanced in order to deliver sensed data to military personnel.
This can be done by connecting more powerful devices in
coordination network layer.
Coordination network layer – As the sensor network layer
does not have support for data storage over a long period so
coordination network layer is used to collect and analyze data
from it. A number of devices such as PDA, mobile phones,
laptops etc are connected to fixed or remote station using ad
hoc network or infrastructure based network.
Back end network layer – this layer consist of a number of
station which are fixed and servers which are structured on the
internet to provide application level services. The physical
records from the sensor layer are stored in the server side
database for long term period. The key distribution centre
(KDC) or the master station can be trusted to have access to
military camps, weapons storage centre or support centre for
the military services. The job of KDC/master station is to
issue certificates and keys to valid sensor network and
coordination network nodes.
This paper is organized as follow: Section II deals with
background knowledge required to understand the RSA
algorithm , Section III discusses related work done regarding
efficient encryption , decryption and factoring of Public key N,
Section IV describes our implemented algorithm, Section V do
a performance analysis of our method with the brute force one.
Section VI gives conclusion and Section VII describes Future
work.
II. PROBLEM STATEMENT
Key distribution refers to the problem of establishing
shared secrets on sensors nodes such that secret symmetric
keys for communication, privacy, integrity and
authentication can be generated. Due to bootstraping
problem, the difficulty level is raised higher due to various
limitations of sensor nodes. The following issues must be
addressed for the security of sensor networks.
1. A secure communication must be established after the
deployment of sensor nodes.
2. The establishment of connection by unauthorized
nodes should be prohibited.
3. When a new node is added to the existing nodes, it
should form a secure connection.
4. The method should be functional for all conditions
without any prior knowledge of communication range
of nodes which will communicate with each other.
5. The resource requirement such as storage and
computational power should be low and the method
should be protected against denial of service (DOS)
attack.
These issues are to be dealt in detail to overcome security
problems and design robust security mechanisms for sensor
networks. Sensor network have the limitation of
computational, storage and energy resources. But due to
many other additional limitations, it is very complicated to
design new security protocol. These problems are as
follows.
Environment-Sensor node can be deployed in remote
hostile environment, such as battle field. Hence, sensor
nodes are exposed to physical attacks by an adversary. So,
node replication attack and node capturing is and easy
attack.
Medium-Sensor network communicates through radio
Waves where everybody has an access. An attacker can
easily listen to the data being transferred and hence, the
network is exposed to active and passive attacks.
Resources- Sensor nodes always have limited resources.
They have low storage, processing, communication, energy
capabilities due to which the costly key management
infrastructure cannot be used. Sensor nodes are battery-
driven and it is infeasible to visit every node and replace
their batteries. Communication absorbs the most of the
energy in sensor nodes.
Topology- Sensor network do not have any prior
knowledge of post deployment network of nodes. In
military, sensor nodes are deployed in the hostile
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India
environment using random methods like dropping from
airplane etc.[5]. Therefore, in these situations, storing
encryption keys on nodes to establish secure link among
neighbours is difficult and insecure.
III. PROPOSED SECURITY SCHEME
Following is our proposed security scheme for deployment of
sensor nodes in military.
Key establishment phase: The foremost requirement is to
establish keys between the nodes. For this purpose, we choose
Elliptical Curve Cryptography method which is one of the
methods of Public key cryptosystem. Elliptical curve
cryptography is more scalable and requires less storage space
when compared to symmetric key cryptography or other
public key cryptography methods. It requires less key length
when compared to other public key cryptosystem. Elliptical
curve cryptography with 160 bit key length has equivalent
security level when compared to RSA with 1024 bit key
length. It has low communication overhead, requires less cost
and is easily deployable.
The first phase starts with initialization and is
performed offline before deploying the sensor nodes in the
physical environment. First, a Master public key and
corresponding private key is generated. Master station selects
an elliptical curve over a finite field GF(P) and release a base
point P of large order Q.Q must be a prime number. Next, it
selects a random number r as its private key.
PR ∈ GF(P)
Master public key
PU= r * P
These keys will be used for secure communication by
all the sensor nodes with base station. The master public key
will be stored in node’s memory and only base station has
knowledge about the corresponding private key.
It then generates a random number ri ∈ GF(P) which act as
private key for sensor Si and generate a corresponding public
key PUi = ri *P. The key pair (ri, PUi) is then loaded to the
sensor si. Now,each node in the network has an elliptical key
pair and the master public key PU ,which serves to establish
secret(symmetric) key for secure communication.
Neighbour discovery phase: In this phase, handshake protocol
is followed. Each sensor node performs a neighbour discovery
operation in the network. Since the sensor nodes have limited
communication range, we assume that sensor nodes will be
able to communicate only with the nodes in range. This
operation can be performed using ping protocol. The sensor
node broadcast a HELLO message for eg, Node 1 broadcast a
HELLO message. Those nodes which are in communication
range of Node 1 will receive this HELLO message. Suppose
Node 2 is a neighbour node, i.e, in communication range of
Node 1 and receives a HELLO message sent from node
1.Since the HELLO message from node 1 doesn’t have the
address of Node 2, after receiving this message node 2 will
register node 1 as its asymmetric neighbour and then send a
Hello message back to Node 1 declaring Node 1 as its
neighbour. Since, This Hello Message contains address of
Node 1, Node 1 registers Node 2 as its symmetric neighbour.
It then sends a Hello message to Node 2 declaring it as its
symmetric neighbour. Upon receiving this message, this time
node 2 will register Node 1 as a symmetric neighbour.
Hence neighbour discovery operation is complete and now
each node has knowledge about the nodes which are in its
communication range. Now the sensor nodes will send their
respective public keys to all the nodes which are their
symmetric neighbours. This public key will be used by the
nodes to encrypt a message. This ciphertext can only be
decrypted by the node which in intended since only that node
will be knowing about its private key used to decrypt the
ciphertext.
Secure communication phase:- In this phase, a secure
symmetric communication link is established between sensor
nodes in the entire network. In sensor network communication
occurs between the neighbouring nodes only rather than all the
nodes in the network.
Let’s understand this phase using an example
Alice requests for access list from the master station.
Master station checks for the authentication of Alice and
based on her privileges, issues her a proper access control list
Per(Alice). Per(Alice) comprises of Id and user access list.
Master station generates a certificate of the Alice’s access list
and public key by signing with its private key ( lice =
MS(Per( lice) || PU lice) where Per(Alice) is the access
list, PUAlice is the public key of Alice and MS the
signature of Master Station.
Bob requests for access list from the master station.
Master station checks for the authentication of Bob and based
on his priviledges, issues him a proper access control list
Per(Bob). Per(Bob) comprises of Id and user access list.
Master station generates a certificate of the Bob’s access list
and public key by signing with its private key ( Bob =
MS(Per(Bob) || PUBob) where Per(Bob) is the access list,
PUBob is the public key of Alice and MS the signature of
Master Station.
Both, Alice and Bob will send their own id and the id of the
corresponding communicating node to the base station. For
sending the Ids, the message will be encrypted using master
station’s public key PU. On receiving, master station will
verify both the node’s id and certificate and ensure that these
nodes are authorized member of the network and that they are
allowed to communicate with each other.
This authentication by the master station provides resiliency
against node replication and node capturing attacks.
After receiving the approval from the base station, Alice
selects a random number x∈ (P). x will be used as a session
key for
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India
communication with neighboring node Bob. It then creates a
secret key =ℎ(r liceBob⊕ ) (where is the current
timestamp generated by Alice), and encrypts the session key x
with the key (i.e. (x) ). Alice then signs this encrypted value
along with its certificate (i.e. lice= lice( (x) ||
lice)), encrypts lice with the public key of Bob PUBob
and sends the af combination x, , , to the node Bob. The
encryption with the private key of Alice provides
authentication (Digital Signature) and encrypting the message
with public key of Bob ensures the confidentiality of the
session key.
After receiving this, Bob will first decrypt the session key
using its own private key rBob which will result in signed
session key. Bob will then checks if the timestamp TAlice is
valid(i.e by verifying if TAlice < Tnow, where Tnow is the
current timestamp). Then it verifies Alice’s signature lice .
If valid, the Alice is authentic to C. Alice’s certificate
lice is also verified to check the validity of the access
list Per(Alice) which was assigned to her. Alice is authorized
if lice is valid. Now bob will compute the secret key
=ℎ( liceBob⊕ ), and decrypts (x) to get x. now, both of
the nodes have established a session key, x, and now they can
proceed for further communication using this symmetric
session key.
IV. SECURITY ANALYSIS
Wireless sensor networks are more prone to attacks in
comparison to other traditional networks.
So, in the scope of this paper, we focus on the possible
vulnerabilities to the proposed method.
1. Node Capture – The network is said to be perfectly
resilient against node capture if a compromised node do
not reveal any information about the links it is not
directly involved with
The weakest point for sensor nodes are that mostly
they are physically available. Hence, it is possible for an
attacker to mount an attack by capturing any node
physically. Resilience of a node is defined as how much
extra information is revealed if a node is
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India
compromised.in our proposed architecture, each node
communicates by establishing a session key and session
key is established only between the nodes which are
first authorized by the base station. Also, the
communication between two nodes is done using
session key which is first encrypted using the intended
node’s public key. Since, only the related node can has
the knowledge of the corresponding private key, only it
can decrypt the message. The proposed security
architecture provides perfect secrecy against node
capturing since even if the node is captured, no
additional information about the node which is not
involved is released. Capturing a node will only reveal
information about the links which are directly involved
with the node being captured.
2. Node Replication:- Node capturing means whether or
not an attacker can put additional hostile nodes in the
network after attaining some secret information
through node capture. The proposed scheme provides
resistance against replication of node through the use
of base station. In order to ensure security in the
network, the node replicated should be detected as soon
as possible and should be declared dead immediately.
In node replication attack, an attacker can use keys of
the compromised node to form communication with all
the other nodes in the network. But, in our proposed
method, each nodes needs to get authentication from
the master station before communicating and sharing
session key with the other node. Also, each node must
get the certificate from the base station to know all the
nodes with which they are allowed to communicate.
So, if a node is replicated and another node detects that
some node is compromised, it could immediately
inform the same to the master station. Also, since
master station monitors the communication between
the nodes all the time, any node which is compromised
will be having unusual amount of traffic to gain the
most from the compromised node, the base station can
immediately revoke the node assuming it is a
compromised node. Since before deployment base
station generates keys for all the nodes, it has
knowledge about all the node’s identity in the network.
Before approving any node for communication, base
station check for the identity of the node if it belongs to
the same network or not, i.e., the communicating node
is authentic or not. Hence, we can say that even if in
some way, a node is replicated, there is more than
likely chances that base station will catch the replicated
node and immediately revoke it.
3. Remove the compromised node: Since base station
monitors all the communication between all the nodes,
any compromised node can be easily detected by the
base station and can be immediately revoked.
4. Consumption of resources:- Sensor nodes are limited in
terms of resources. They have less memory, less
computational ability, less bandwidth etc. In the
proposed method, the public key cryptography scheme
used is Elliptical Curve cryptography which is widely
believed to be fast and has smaller key length than
RSA and provides the same security as provided by
RSA. Hence, memory requirements are satisfied using
the Elliptical curve cryptography. In the proposed
method, the keys are generated before the deployment
of nodes in the network. Hence, the computation is
reduced once the nodes are deployed in the network
since there is no involvement of computation for large
keys. Although, in comparison to symmetric key
algorithm, public key cryptography requires more
computation power. But since the computation for keys
is being done before the deployment of nodes, we need
not worry about the computation power of the nodes
much. Once the keys are distributed, the nodes can
achieve symmetric link which further reduces the
computational power. Also, for satisfying the memory
requirements of sensor nodes, the nodes are
communicating only with the nodes which are in range
of the communicating nodes. Hence every node just
needs to store master station public key, its own private
key and all the neighboring nodes public key. Suppose
there are n nodes in the communicating range of a
node, a maximum of n+2 keys needs to be saved in any
node. Comparing to the pair-wise key scheme which
requires N-1 keys to store where N is the size of the
network, the proposed method uses n+2 keys which is
<<N. Hence memory consumption is significantly
improved.
5. Scalability: The proposed method is fully scalable
since no part of the algorithm depends on the size of
the network.
6. Mutual Authentication:- Since, communicating nodes
are sent their certificates from the master station, the
master station sent the certificating when both the
communicating nodes are allowed to communicate
with each other and are present in each other’s
certificate.
7. Replay Attacks:- The nodes check the timestamps
before communicating with each other and encrypt the
timestamp while sending a message to other node. The
receiving node can check the time stamp. If the
received timestamp is older than the threshold
timestamp (a particular value, maximum number of
seconds, will be decided after which a message will be
declared void), the proposed method provides total
prevention against replay attacks.
V. CONCLUSION
Secrecy of information in military is vital. But using
wireless sensor network can lead to different kind of attacks
which can compromise our information. Therefore In this
paper we have demonstrated pre distribution of key for
military communication using public key cryptography.
Here communication is taking place between nodes only
after verifying authentication by master station. Therefore it
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India
is resilience to node capturing because communication
between nodes are encrypted using session key which is
secret between both the nodes. It prevents node replication
as base station detect replicated node and block it. Various
other attacks are also eliminated. It also helps us develop
scalable network as security of the method doesn’t depend
on network size.
ACKNOWLEDGMENT
We would like to express our sincere gratitude towards Prof
Vincent PM, IT dept., VIT University who guided us
throughout this project. I would like to thank our each team
members for their support, hard work and equal contribution
to make this project a success.
.
REFERENCES
[1] Hung-Min Sun, Mu-En Wu,Wei-Chi-Ting and M.Jason Hinek,
“Dual RSA and its Security Analysis” , IEEE Transaction on
Information Theory , Vol.53 , No.8, Aug 2007.
[2] Joao Carlos Leandro da Silva , “Factorizing semi primes and
possible implications” , IEEE in Israel, 26th convention , pp.182-
183, Nov.2010
[3] Sattar J Aboud, “An efficient method for attack RSA scheme”,
IEEE 2009.
[4] L.Scripcariu, M.D. Frunza, “A New character encryption
algorithim”, Proceeding of the Intern. Conference on
Microelectronics and Computer Science, Chisinau, (Republica
Moldova), ICMCS 2005, pp. 83-86, Sept, 2005.
[5] B. Schneier, Applied cryptography, second edition, NY: John
Wiley & Sons, Inc.1996.
[6] R. L. Rivest, A. Shami, and L. Adleman. “A method for
obtaining digital signature and public key cryptosystems”,
communication of the ACM , 21(2):120{126,February 1978}.
[7] J. D. Lipson.Elements of Algebra and Algebraic Computing,
Reading, a:Addison-Wesley , 1981.
[8] S. Yen, S. Kim, S. Lim and S. Moon, “RSA Speedup with
Chinese Remainder Theorem Immune against Hardware Fault
Cryptanalysis”, IEEE Transaction on Computers, Vol. XX, No.
Y, pp. 461-472, 2003.
[9] E.F. Brickell, “A Survey of Hardware Implementation of RSA”,
Advances in Cryptology, Proc. CRYPTO ’89, pp. 368-
370,1990.
[10] Da-Zhi Sun, Zhen-Fu Cao, Yu Sun, “How to Compute
Modular Exponentiation With large Operators based on The
Right-to-Left binary algorithm”, Applied Mathematic and
Computation, Volume 176, Issue 1, 1 May 2006, Pages 280-
292.
[11] Keon-Jil Lee, Kee-Young Yoo, “Linear Systolic
Multiplier/Squerer for fast Exponentiation Information”,
Processing Letters, Volume 76, Issue 3, 15 December 2000,
pages 105-111.
[12] C. N. Zhang, “An improved binary algorithm for RSA”,
Computer & Mathematics With Applications, Volume 25,
Issue 6, March 1993, pages 15-24.
IEEE - 31661
4th ICCCNT - 2013 July 4 - 6, 2013, Tiruchengode, India