Page 1

Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

A Routing-Driven Public key Crypto system based key management scheme for a Sensor Network Lepakshi Goud.T1 Computer Science and Engineering, Department of P.G Studies, Visvesvaraya Technological University, Belgaum, Karnataka, India E-mail:lepakshigoudt@gmail.com1

T

In this research, we also studied the number of communication neighbours (denoted as c) for ensuring a certain routing reliability, and we obtained the lower and upper bounds of c. In addition, we designed a simple yet efficient distributed shortest path algorithm for sensor routing. The algorithm has low communication and time complexities, and is very suitable for resource-constrained small sensor nodes. A. Purpose of the paper This paper proposes a novel routing-driven RSA algorithm based key management scheme for a sensor network. This establishes shared keys only for those neighboring sensors that communicate with each other rather establishing shared keys for all pairs of neighboring sensors .This paper also proposed how user authentication and session key verification can be done in a single step process at the receiving end.

ES

Abstract--In homogeneous sensor networks, many-to-one traffic pattern dominates and hence a sensor may only communicate with a small portion of its neighbours. So, the homogeneous sensor networks have poor performance and scalability. Most existing key management schemes try to establish shared keys for all pairs of neighbour sensors, no matter whether these will communicate with each other or not, and this causes large overhead. This paper proposes a novel routing-driven key management scheme, which establishes shared keys only for those neighbouring sensors that communicate with each other by using RSA public-key algorithm along with Quantum Key Distribution Protocols (QKDPs). Quantum cryptography easily resists replay and passive attacks. Classical cryptography enables efficient key verification and user authentication. This work integrates the advantages of these two techniques along with QKDPs so that the eavesdroppers can be detected, replay attacks can be easily avoided. This paper also proposes how user authentication and session key verification can be done in a single step process at the receiving end. Keywords--Cryptography, Key generation and distribution, Sensor network, RSA, QKDP

IJ

A

I.INTRODUCATION Previous research on sensor network security mainly considers homogeneous sensor networks, where all sensor nodes have the same capabilities. Research has shown that homogeneous ad hoc networks have poor performance and scalability. The many-to-one traffic pattern dominates in sensor networks, and hence a sensor may only communicate with a small portion of its neighbours. Key management is a fundamental security operation. Most existing key management schemes try to establish shared keys for all pairs of neighbour sensors, no matter whether these nodes communicate with each other or not, and this causes large overhead. In this paper, we adopt a Heterogeneous Sensor Network (HSN) model for better performance and security. We propose a novel routing-driven key management scheme, which only establishes shared keys for neighbor sensors that communicate with each other. We utilize Elliptic Curve Cryptography in the design of an efficient key management scheme for sensor nodes. The performance evaluation and security analysis show that our key management scheme can provide better security with significant reductions on communication overhead, storage space and energy consumption than other key management schemes.

ISSN: 2230-7818

B. Motivation As the wireless technologies has become the need of an hour, Securing sensor networks has received much attention in the last few years and as so many research works are going on in order to achieve stronger security and to reduce overhead to the maximum possible extent on wireless networks created a strong interest in me to do some work concerning security issues on wireless sensor networks. C. Existing Techniques 

Previous research on sensor network security mainly considers homogeneous sensor networks [1],[2]and [4], where all sensor nodes have the same capabilities.

An Existing key management schemes require a large storage space for key pre-distribution [4] and are not suitable for small sensor nodes.

Most existing key management schemes try to establish shared keys for all pairs of neighbor sensors, no matter whether these nodes communicate with each other or not, and this causes large overhead.

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 246


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

Sensor key management schemes are designed to set up shared keys for all pairs of neighbor sensors, without considering the actual communication pattern.

C.1 Disadvantage of an existing system  Homogeneous ad hoc networks performance and scalability.  It needs a large storage space [4].

have

poor

IJ

A

ES

II.RELATED WORK Many key management schemes have been investigated in literatures. Random key pre-distribution scheme [1] was first proposed by Eschenauer and Gligor. The basic idea of their scheme was randomly selecting a subset of communication keys from a very large size key pool, and storing into each sensor‟s memory before deployment. L. Eschenauer and V.D.Gligor, “A key management scheme for distributed sensor networks”-In this paper, a Dynamic Combinatorial Key management scheme(DCK) was implemented to provide efficient, scalable, and survivable dynamic keying in a clustered sensor network with a large number of sensor nodes[1]. Chan et al presented q-composite scheme[21] which required two neighbor nodes share at least q (q>1) common keys to establish a secure link.Du et al. and Liu et al extended the basic random key pre-distribution scheme to pair wise key pre-distribution scheme. In their scheme[21], the resilience against node capture was significantly improved.H. Chan, A. Perrig, and D. Song, “Random key pre-distribution schemes for sensor networks”,They presented three new mechanisms for key establishment using the framework of pre-distributing a random set of keys to each node because asymmetric key cryptosystems are unsuitable for use in resource constrained sensor nodes and the nodes could be physically compromised by an adversary [2].Liu et al. presented pair-wise key establishment scheme using pre-deployment knowledge and Rabin‟s scheme to achieve high degree of connectivity and strong resilience against nodes capture [22]. In this, an effective pair-wise key establishment scheme was implemented based on Rabin‟s scheme without the knowledge of pre-deployment. He proposed a framework for key management schemes in distributed wireless sensor networks with heterogeneous sensor nodes. David J. Malan, “Toward PKI for Sensor Networks”, He made implementations on the evaluation of elliptic curve cryptography (ECC) with 163-bit keys, which ultimately reduce space for distribution of keys[3].Arjan Durresi, Vijay Bulusu, Vamsi Paruchuri, Mimoza Durresi, Raj Jain, “Key Distribution in Mobile Heterogeneous Sensor Networks” In this paper, two schemes were proposed namely; key pre-distribution using separate key pool and key pre-distribution using segmented key pool. They allow the mobile nodes to interact with the stationary nodes of different networks [4]. Jeremy Brown, Xiaojiang Du, Kendall Nygard, “An Efficient Public-Key-Based Heterogeneous Sensor Network Key Distribution Scheme”,An idea of key-distribution scheme

for a heterogeneous sensor network was described in this paper. The scheme can guarantee that arbitrary nodes will be able to connect with each other, and all messages are cryptographically secure. This scheme provides facilities for in-network processing, which will help in optimizing usage of sensor resources [5]. Yong Ma, Siddharth Dala1, Majd Alwan, James Aylor, “ROP: A Resource Oriented Protocol for Heterogeneous Sensor Networks” They described a network model that was adaptively formed according to the resources of its members. A protocol named Resource Oriented Protocol (ROP) was developed to create the network model [6]. Venkata Krishna Ravi, Bo Sun, Xiaojiang Du, Fei Hu, Michael Galloway, Yang Xiao, “A survey of key management schemes in wireless sensor networks”Sensor nodes used to form Wireless sensor networks are resource-constrained, which make security applications a challenging problem. Efficient key distribution and management mechanisms are needed besides lightweight ciphers [7]. Xiaojiang Du, Hsiao-Hwa Chen, Yang Xiao, Mohsen Guizani, “A Pseudo-Random Function Based Key Management Scheme for Heterogeneous Sensor Networks” They presented an efficient Pseudo Random Function based key management scheme for heterogeneous sensor networks[8]. Sk. Md. Mizanur Rahman, Nidal Nasser, Kassem Saleh, “Identity and Pairing-based Secure Key Management Scheme for Heterogeneous Sensor Networks” Key management poses a main concern for security operation in sensor network[10]. F. Amin, A. H. Jahangir, and H. Rasifard, “Analysis of Public-Key Cryptography for Wireless Sensor Networks Security”-With the wide spread growth of applications of Wireless Sensor Networks (WSNs), the need for reliable security mechanisms over networks has increased manifold[11] S.Poornima, B.B.Amberker, “Tree-based Key Management Scheme for Heterogeneous Sensor Networks”-(2008) To achieve security in WSN, it is important to be able to encrypt the messages sent between sensor nodes[12]. T.Kavitha, D.Sridharan, “Security vulnerabilities in Wireless Sensor Networks: A Survey”-The significant advances of hardware manufacturing technology and the development of efficient software algorithms make technically and economically feasible a network composed of numerous, small, low-cost sensors using wireless communications, that is, a wireless sensor network(WSN)[13].

T

ISSN: 2230-7818

III.BASIC CONCEPTS OF PAPER A. Network A network is a series of points or nodes interconnected by communication paths. Networks can interconnect with other networks and contain sub-networks. A computer connected to a non computing device (e.g., networked to a printer via an Ethernet link) may also represent a computer network. In order for a network to function, it must meet three basic requirements,it must provide connections, communications and services. „Connections‟ refers to the hardware. „Communications‟ is the way in which the devices talk to each

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 247


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

B. Sensor Network A sensor network comprises of sensor nodes and a base station. Each sensor node is battery powered and equipped with integrated sensors, data processing capabilities and shortrange radio communications Due to their limited power and shorter communication range, sensor nodes perform innetworkdatafusion: A data fusion node collects the results from multiple nodes. It fuses the results with its own based on a decision criterion. Sends the fused data to another node/base station Advantages:  Reduces the traffic load  Conserves energy of the sensors

Security: Security is mainly of three types, namely;  Computer Security  Information Security  Network Security

IJ

A

Security attacks  Passive attacks Passive attack attempt to learn or make use of information from the system but does not affect system resources.  Active attacks An active attack attempts to alter system resources or affect their operation. Methods to achieve security goals:  Access control  Authentication  Encryption  Intrusion detection

D. Introduction to Cryptography In the era of information technology, the possibility that the information stored in a person‟s computer or the information that are being transferred through network of computers or internet being read by other people is very high. This causes a major concern for privacy, identity theft, electronic payments,

ISSN: 2230-7818

D.1 Basic idea of Cryptography Basic idea of cryptography is to mumble-jumble the original message into something that is unreadable or to something that is readable but makes no sense of what the original message is. To retrieve the original message again, we have to transform the mumble-jumbled message back into the original message again. D.2 Basic Terminologies used in Cryptography Cryptography is an important tool in securing information transactions for thousands of years. It was originally intended to disguise messages so that adversaries could not acquire or alter sensitive information. It is the science of mathematics to “Encrypt” and “Decrypt” data. Cryptography enables us to store sensitive information or transmit it across insecure networks like Internet so that no one else other than the intended recipient can read it. Data that can be read and understood without any special measures is called plain text or clear text. This is the message or data that has to be secured. The method of disguising plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext results in unreadable gibberish called cipher text. We use encryption to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of reverting cipher text to its original plaintext is called decryption. Cryptanalysis is the art of breaking Ciphers that is retrieving the original message without knowing the proper key. Cryptography deals with all aspects of secure messaging, authentication, digital signatures, electronic money, and other applications. Cryptography has also been expanded to provide the following information security requirements [24]:  Non-repudiation: Preventing an entity from denying previous commitments or actions.  Integrity: Ensuring no unauthorized alteration of data.  Authentication: Verifying an entity‟s identity  Confidentiality: Protecting the data from all but the intended receiver.

ES

C .Cryptography All aspects such as security and integrity of information have been aided by rapid advances in communication technology and networking. Hackers can utilize both active and passive methods to overload networks and alter data. To provide Security and integrity for information/data Cryptography came into existence. Definition: Writing the messages in secret way is called cryptography [24].

corporate security, military communications and many others. We need an efficient and simple way of securing the electronic documents from being read or used by people other than who are authorized to do it. Cryptography is a standard way of securing the electronic documents.

T

other. Services‟ are the things which are shared with the rest of the network

E. Public Key Crypto-System This paper is based on the Public-Key cryptosystem. The proposal of public key cryptosystems in 1976 by Whitfield Diffie and Martin Hellman introduced a revolutionary way to address modern security issues such as key management, authentication, non-repudiation, and signatures [14] in a digital environment. All cryptosystems are secure only if the difficulty of the mathematical problem that they are based on should be determined to be hard. Public-key cryptosystems are based on the intractability of one of three problems. These problems and the cryptosystems based on them are:

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 248


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

The Integer Factorization Problem; RSA The Discrete Logarithm Problem; DSA, DiffieHellman The Elliptic Curve Discrete Logarithm Problem; ECDSA, ECDH

E.1 Overview of Public Key Cryptography Public Key cryptography uses two keys Private key (known only by the recipient) and a Public key (known to everyone). The public key is used to encrypt the message and then it is sent to the recipient who can decrypt the message using the private key. The message encrypted with the public key cannot be decrypted with any other key except for its corresponding private key.

Encryption Algorithm

Public key Known to Everyone

Encrypted Message/Cipher text

.E.2 RSA – Public Key Cryptography Algorithm Introduction to RSA Algorithm RSA is one of the most popular and successful public-key cryptography algorithms. The algorithm has been implemented in many commercial applications. It is named after its inventor‟s Ronald L. Rivest, Adi Shamir, and Leonard Adleman. They invented this algorithm in the year 1977. They utilized the fact that when prime numbers are chosen as a modulus, operations behave “conveniently”. They found that if we use a prime for the modulus, then raising a number to the power (prime 1) is 1.RSA algorithm and its security simply capitalize on the fact that there is no efficient way to factor very large integers. If someone comes up with an easy way of factoring a large number, then that‟s the end of the RSA algorithm [16]. Then any message encrypted with the RSA algorithm is no more secure. The RSA scheme is a block cipher. Each plaintext block is an integer between 0 and n − 1 for some n, which leads to a block size ≤ log2 (n). The typical block size for RSA is 1024 bits. The details of the

ES

Message to be encrypted

128 bits long, such a search requires performing as many tests as there are particles in the universe

T

 

RSA algorithm is described as follows. • Key generation

Fig: 1 Encryption process in the public-key cryptography

1) Pick two large prime numbers p and q, p 6= q; 2) Calculate n = p × q;

Decryption Algorithm

Decrypted Message /Plain text

A

Message to be decrypted/Cip her text

IJ

Private key known only to receiver

Fig: 2 Decryption process in the public-key cryptography

The public-key algorithm uses a one-way function to translate plain text to cipher text. Then, without the private key, it is very difficult for anyone (including the sender) to reverse the process (i.e., translate the cipher text back to plain text). A one-way function is a function that is easy to apply, but extremely difficult to invert. The most common one-way function used in public-key cryptography involves factoring very large numbers. The idea is that it is relatively easy to multiply numbers even large ones, with a computer; however, it is very difficult to factor large numbers. The only known algorithms basically have to do a sort of exhaustive search (Does 2 go in to? Does 3? 4? 5? 6? and so on). With numbers

ISSN: 2230-7818

3) Calculate -(n) = (p − 1)(q − 1); 4) Pick e, so that gcd(e, -(n)) = 1, 1 < e < -(n); 5) Calculate d, so that d · e mod -(n) = 1, i.e., d is the multiplicative inverse of e in mod -(n); 6) Get public key as KU = {e, n}; 7) Get private key as KR = {d, n}. • Encryption For plaintext block P < n, its cipher text C = Pe mod n. • Decryption For cipher text block C, its plaintext is P = Cd mod n. E.3 Importance of RSA RSA algorithm had been in use for the past 25 years and it‟s been one of the most successful cryptography algorithms that the security world ever had. This is still widely used in many applications even after hundreds of public key cryptographic algorithms emerged after the invention of RSA algorithm.

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 249


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

ES

If we consider RSA vis-à-vis ECC, ECC is very much faster than RSA, but actually ECC is significantly faster than RSA only when used with pre-computed values. That is, if we can store ECC key in a small space and if we want to get the performance advantage, we have to store some tables of precomputed values. These tables can be as many as 20,000 bytes. But if we don‟t have 20,000 bytes of storage space lying around (say your smart card), we may not be able to use the pre-computed tables. Then the ECC is not that much faster than RSA. With ECC you can sign fast or save storage space, but you can‟t do both. Of course, saving storage space and transmission size may be reason enough. Currently in the industry, RSA is winning. The key size, transmission size and signature performance issues concern makers of small devices. But they often find that RSA is fast and small enough. Sure, it‟s not the fastest signer or the smallest key, but it still works just fine. And RSA has a well-developed certificate infrastructure.

sifting, where Bob sends a list of photons detected and their basis, but not their value, back to Alice over the classical channel. Basis refers to how the photons were measured. Photons can be encoded in one of two bases e.g., horizontal/vertical or diagonal polarization)

T

This algorithm is still in use because of its security and easy implementation. RSA strengths make it most suitable for resource-constrained systems. RSA provides greater security for a given key size and can be efficiently and compactly implemented. These attributes make it well suited for systems with constraints on processor speed, security, power consumption, bandwidth, and memory. The RSA algorithm has been implemented in many applications and it is currently one of the most popularly used encryption algorithm. The security of the RSA algorithm lies in the fact that there is no good way of factoring numbers. No one till now knows a way to factorize a number into its prime factors. As long as no one finds a way RSA will be safe and will be one of the best encryption algorithms in use. If someone comes up with a way to factorize algorithms, then that‟s the end of RSA.

A

F Quantum Authenticated Key Distribution (QAKD) protocols

IJ

In this section, Quantum Authenticated Key Distribution (QAKD) protocols are introduced. First, the QAKD with a. fully trusted-third party (TTP) is presented. Then, it will be extended to be a QAKD with a partially TTP. Our protocol uses a classical channel to transmit user identifiers between a participant and a trusted-third party, since such information cannot be hidden in any way from adversaries who can observe all channel traffic even if these identifiers are encrypted. However, secure communications are implemented only by using quantum channels. The BB84 [26] protocol and its variants are the only known provably secure QKD protocols. Other QKD protocols e.g., differential phase shift keying [8]), although promising, have yet to be proven secure. The BB84 protocol consists of four stages (See Fig 3). The first stage is the transmission of the randomly encoded single photon stream over the quantum channel from Alice (the sender) to Bob (the receiver) to establish the initial raw key. Alice maintains a temporary database of the state of each photon sent. The second stage is

ISSN: 2230-7818

Fig: 3 QKD protocol flow

There is only one photon and it can only be measured once, so only one basis can be applied. If it‟s measured in the correct basis the value measured will be correct. If it‟s measured in the wrong basis, the value will be random. Alice retains, from its database, only those entries received by Bob in the correct basis and sends this revised list back to Bob over the classical channel. Bob retains only those entries on this revised list. Alice and Bob now have a list of sifted keys. These lists are of the same length but may have some errors between them. This is the quantum bit error rate and it is an indication of eavesdropping. The third stage is reconciliation to correct these errors. Cascade [27, 28] and its variants are the predominant reconciliation algorithm that exchange parity and error correcting codes to reconcile errors without exposing the key values. This process requires a number of communications between Bob and Alice, over the classical channel, and results in a list smaller than the sifted list. The fourth stage is privacy amplification, which computes a new (smaller) set of bits from the reconciled set of bits using a hashing algorithm and requires no communication between Alice and Bob. Since the reconciled sets of bits were random, the resulting privacy amplified set will also be random. Unless the eavesdropper knows all or most of the original bits, she will not be able to compute the new set. The benefits of QKD are that it can generate and distribute provably secure keys over unsecured channels and that potential eavesdropping can be detected. QKD is not subject to threats from quantum computers or break through algorithms that can defeat the current

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 250


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

IV THE PROPOSED SCHEME The proposed key management scheme is implemented in a sensor network (SN) model for better performance and security. A public key algorithm–RSA is used to further improve the key management scheme. This paper proposed a routing-driven key management scheme, which establishes shared keys only for those neighboring sensors that communicate with each other by using RSA public-key algorithm along with Quantum Key Distribution Protocols (QKDPs). The paper mainly has been divided in to four modules. Cluster Formation

Routing in Sensor Networks (SNs)

Key Generation and distribution of keys

Encryption & Decryption

A. The Cluster Formation

Fig: 4 Cluster formation in a Sensor Networks (SN)

B. Routing in SNs

In a SN, the sink, H-sensors and L-sensors form hierarchical network architecture. Clusters are formed in the network and H-sensors serve as cluster heads. All H-sensors form a communication backbone in the network. Powerful H-sensors have sufficient energy supply, long transmission range, high date rate, and thus provide many advantages for designing more efficient routing protocols [6]. Routing in a SN consists of two phases: 1) Intra-cluster routing – each L-sensor sends data to its cluster head via multi-hops of other L-sensors; and 2) Inter-cluster routing - a cluster head (an H-sensor) aggregates data from multiple L-sensors and then sends the data to the sink via the H-sensor backbone. The routing structure in an SN is illustrated in Fig 4. An intra-cluster routing scheme determines how to route packets from an Lsensor to its cluster head. The basic idea is to let all L-sensors (in a cluster) form a tree rooted at the cluster head H. (1) If complete data fusion is conducted at intermediate nodes, (i.e., two k-bit packets come in, and one k-bit packet goes out after data fusion) then a minimum spanning tree (MST) consumes the least total energy in the cluster. (2) If there is no data fusion within the cluster, then a shortest-path tree (SPT) can be constructed using either a centralized or distributed algorithm. It consumes the least total energy.

ES

T

computationally complex key exchange methods. Because QKD generates random strings for shared secrets, attaining a QKD system and reverse engineering its theory of operation would yield no mechanism to defeat QKD. QKD can use existing optical media infrastructure for both quantum and classical channels, but the quantum channel photons cannot pass through amplifiers or routers. Optically transparent switches are okay and thus switched networks of QKD systems are possible and have been demonstrated

IJ

A

After sensor deployment, clusters are formed in an SN(Sensor Network) and designed an efficient clustering scheme for SNs [9]. For the simplicity of discussion, assume that each H-sensor can communicate directly with its neighbour H-sensors (if not, then relay via L-sensors). All Hsensors form a backbone in an SN. After cluster formation, a SN is divided into multiple clusters, where H-sensors serve as the cluster heads. An illustration of the cluster formation is shown in Fig 4, where the small squares are L-sensors, large rectangular nodes are H-sensors, and the large square at the bottom-left corner is the sink. For the ease of execution, I considered all H-sensor, L-sensors in a single host machine and confined all nodes to communicate in a single cluster where each H-sensor can directly communicate with any of its L-sensors(if the node is not a neighbour, then it can relay via other L-sensors).

C. Key Generation and Key Distribution This project makes use of RSA public-key Cryptosystem for key generation and integrated QKDP‟s for key distribution. C.1 Key Generation The first step in RSA encryption is to generate a key pair. Two keys are generated of which one is used as the public key and the other is used as the private key. The keys are

ISSN: 2230-7818

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 251


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

generated with the help of two large prime numbers. The keys are generated as follows: 1. Generate two large random primes p and q. 2. Compute n which is equal to product of those two prime numbers, n = pq

Key Management Scheme: This technique involves encoding information in quantum states(Qu-bits) as opposed to classical communications use of bits. Usually, photons are used for these quantum states. QKD divided into two main categories depending on which property they exploit. 

Prepare and measure protocols (Calculate the amount of information that has been intercepted).

Entanglement based protocols (Two quantum states of two(or more) separate objects can become linked together in such a way that they must be described by a combined quantum states, not as individual objects).

Performing a measurement on one object affects the other. If an entangled pair of objects is shared between two parties(sensors), any one intercepting either object alters the overall system revealing the presence of the third party and amount of information they have gained.

3. Compute φ(n) = (p-1)(q-1). 4. Choose an integer e, 1 < e < φ(n), such that gcd(e, φ(n)) = 1.

6. The public key is (n, e) and the private key is (n, d). The values of p, q, and φ(n) should also be kept secret. n is known as the modulus.

e is known as the public exponent or encryption exponent.

d is known as the secret exponent or decryption exponent.

C.2 Key Distribution

For key distribution process, QKDP‟s were used with RSA in order to distribute the keys to neighbouring nodes by the cluster header (which acts as a Trusted Centre). Quantum Cryptography:

Quantum cryptography is only used to produce and distribute a key, not to transmit any message data.

With the use of Quantum cryptography, the two communicating parties can be able to detect the presence of any third party trying to gain knowledge of the key.

A

TC (Trusted Centre)-Cluster header and participant synchronize their polarization basis according to pre-shared secret key. During session key distribution, the pre-shared secret keys together with random string are used to produce another encryption key to encipher the session key. By this, a receiver will not receive the same polarization Qu-bits even if identical session key is retransmitted in Fig 6. Hence, the secrecy of pre-shared secret key can be preserved and thus this secret key can be long term and repeatedly used between TC and participant. Due to combined use of classical cryptographic techniques over quantum channel, a receiver can authenticate user identity, verify the correctness and freshness of the session key and detect the presence of eavesdroppers. Level 0:

For secure communications, Quantum key distribution protocols (QKDP‟s) are used in Fig 5. It enables two parties (sensors) to produce a shared random bit string known only to them, which can be used as key to encrypt and decrypt the messages.

IJ

D. Design Aspects

ES

T

5. Compute the secret exponent d, 1 < d < φ(n), such that ed ≡ 1 (mod φ(n)).

Quantum cryptography easily resists replay and passive attacks.

An unique property of quantum cryptography is providing the ability to the both communicating users to detect the presence of any third party trying to gain knowledge of the key by using quantum super positions or quantum entanglement and transmitting information in quantum states, by this eavesdroppers can be detected.

ISSN: 2230-7818

Trusted centre

Key Generation

Secret Key

Secret Key

Sender

Level1

Session Key

Encrypted Massage by Session Key

Receive r

Fig: 5 Distribution of Session Key with Quantum Cryptography

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 252


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

Level 1: Random String generation

Security Key

Quantum bit generation

Session key generation

Session key

Encryption is done by taking an exponentiation of the message m with the public key e and then taking a modulus of it.The following steps are done in encryption: 

Obtain the recipient‟s public key (n,e)

Represent the plain text message as a positive integer m<n

Compute the cipher text c = m^e mod n.

Send the cipher text c to the recipient.

To encrypt a message M the sender:

E .Encryption and Decryption

Start

obtains public key of recipient KU={e,N}

computes: C=M^e mod N, where 0≤M<N

E.2 Decryption

Decryption is done using the Private key. The node which is receiving the encrypted message uses its own private key to decrypt the message inn Fig 8. Decryption is similar to the encryption except that the keys used are different.

ES

E.1 Encryption Encryption is done using the public key component e and the modulus n in Fig 7. To whichever the particular node want to send the message, it encrypt the message with its public key (e,n).

T

Fig: 6 Generation of Session key with Quantum Cryptography

1. Recipient uses his private key (n,d) to compute m = c^d mod n.

n

Get the original data and public key for encryption

A

Perform Encryption

2. Extract the plaintext from the integer representative m. NOTE: The message M must be smaller than the modulus N (block if needed)

No

If Encrypted

Start

Get Cipher text and private key

Exit

IJ

Yes

Decrypt the encrypted data

Get Encrypted data

Retrieve original data

Stop

Stop Fig: 7 Data Encryption process Fig: 8 Data Decryption process

ISSN: 2230-7818

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 253


Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

A. Conclusion In this project, a model was implemented which provides internal security in a network and also an efficient key management scheme has been proposed for a sensor network. This scheme utilizes the fact that a node communicates with only a small portion of its neighbours and thus greatly reduces the communication and computation overheads of key setup. A public-key algorithm RSA is used along with QKDP‟s to further improve the key management scheme for generation and distribution of secret keys. These keys were used to encrypt, transmit and decrypt sensitive data being shared among nodes within a network.

Venkata Krishna Ravi, Bo Sun, Xiaojiang Du, Fei Hu, Michael Galloway, Yang Xiao, “A survey of key management schemes in wireless sensor networks” Proceedings of the 2007 international conference on Wireless communications ,Vol 30,in 2007.

[8]

Xiaojiang Du, Hsiao-Hwa Chen, Yang Xiao, Mohsen Guizani, “A Pseudo-Random Function based Key Management Scheme for Heterogeneous Sensor Networks” Global Telecommunications Conference, GLOBECOM '07. IEEE Nov 2007.

[9]

Qing Yang, Qiaoliang Li, Sujun Li, “An Efficient Key Management Scheme for Heterogeneous Sensor Networks” Networks, ICON 2008. 16th IEEE International Conference on Dec 2008.

[10]

Sk. Md. Mizanur Rahman, Nidal Nasser, Kassem Saleh, “Identity and Pairing-based Secure Key Management Scheme for Heterogeneous Sensor Networks”. IEEE International Conference on Wireless and Mobile Computing, Oct. 2008.

[11]

F. Amin, A. H. Jahangir, and H. Rasifard, “Analysis of Public-Key Cryptography for Wireless Sensor Networks Security” Embedded End-to-End Wireless Security with ECDH Key Exchange, the 46th IEEE in 2008.

ES

B Future Scope of the work This work can be extended in real world heterogeneous sensor networks by making use of Elliptic Curve Cryptography (ECC) algorithm to achieve stronger information security. Authentication would be still provided in an easier manner by making use of ECC algorithm on wireless sensor networks. By making use of ECC, further reduction in storage space, computational overheads, power consumption could be achieved because of its shorter key length.

[7]

T

V. CONCLUSION AND FUTURE SCOPE

REFERENCES [1] L. Eschenauer and V.D.Gligor, “A key management scheme for distributed sensor networks,” Ninth ACM Conference on Computer and Communication Security, November 2002

A

[2] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes for sensor networks,” Carnegie Mellon University, Proceedings of the 2003 IEEE Symposium on Security and Privacy (SP‟03)-(2003).

[3] David J. Malan, “Toward PKI for Sensor Networks” Division of Engineering and Applied Sciences. Harvard University malan@eecs.harvard.edu. 8 November 2004.

IJ

[4] Arjan Durresi, Vijay Bulusu, Vamsi Paruchuri, Mimoza Durresi, Raj Jain, “Key Distribution in Mobile Heterogeneous Sensor Networks” direction of IEEE Communications Society subject matter experts for publication in the IEEE GLOBECOM 2006 proceedings(2006). [5] Jeremy Brown, Xiaojiang Du, Kendall Nygard, “An Efficient Public-Key-Based Heterogeneous Sensor Network Key Distribution Scheme” Nygard, “Global Telecommunications Conference, GLOBECOM '07. IEEE 26 December 2007. [6] Yong Ma, Siddharth Dala1, Majd Alwan, James Aylor, “ROP: A Resource Oriented Protocol for Heterogeneous Sensor Networks” Wireless Communications, vol. 6, no. 9, pp. 3395–3401, in 2007.

ISSN: 2230-7818

[12]

A.S.Poornima, B.B.Amberker, “Tree-based Key Management Scheme for Heterogeneous Sensor Networks” This paper appears in: Networks, 2008. ICON 2008. 16th IEEE International Conference Dec. 2008.

[13]

T.Kavitha, D.Sridharan, “Security vulnerabilities in Wireless Sensor Networks: A Survey” Mobile Wireless Communications, Security Management in 2009.

[14]

Jeremy S. Nightingale, “Comparative Analysis of Java Cryptographic Libraries for Public Key Cryptography”, ECE 746. P. Mackenzie, “More efficient password authenticated key exchange” CT-RSA, pages 361 – 377, 2001.// RSA Laboratories. “Frequently Asked Questions About Today‟s Cryptography”. 4 Apr. 2005. Bedford: RSA Laboratories. < http://www.rsasecurity.com/rsalabs/ node.asp?id=2152> X. Du and F. Lin, “Maintaining differentiated coverage in heterogeneous sensor networks,” EURASIP J. Wireless Commun. and Networking, no. 4, pp. 565-572, 2005. WATRO R, et al. TinyPK: secuting sensor networks with public key technology. Proceedings of the 2nd ACM Workshop on Secutity of Ad hoc and Sensor Networks. New York, 2005. 135-142.

[15] [16] [17] [18]

[19]

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 254


G. Frey and H. Ruck, “A remark concerning mdivisibility and the discrete logarithm in the divisor class group of curves”. Mathematics of Computation, vol 62, pages 865 – 874, 1994.

[21]

N. Koblitz, “Elliptic curve cryptosystems”, Mathematics of Computation, vol 48., pages 203 – 209, 1987.

[22]

Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, Jonathan Katz, Aram Khalili, “A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks”, ACM Journal Name, Vol. V, No. N, Month 20YY, 2005.

[23]

Fang Liu, Maiou Jose “Manny” Rivera, Xiuzhen Cheng. “Location aware Key Establishment in Wireless Sensor Networks”, IWCMC’06, 2006.

[24]

Li, Sujun, Li, Qiaoliang, Zhou, Boqin, “A New Efficient Pair-wise Key Establishment Scheme for Wireless Sensor Networks”, Wicom’07, pp.2495– 2498, 2007.

[25]

William Stallings, “Network Security Essentials and Standards”, Person Education, 2000.

[26]

Atul Kahate, Cryptography and Network Security, TMH.

[27]

C. H. Bennet and G. Brassard, “Quantum cryptography: Public key distribution and coin tossing,” in Proc IEEE Intern‟l Conf on Computers, Systems and Signal Processing, Bangalore,India, 1984, pp. 175-179.

[28]

Gilles Brassard and Louis Salvail, “Secret-Key Reconciliation by Public Discussion”, proceedings of Eurocrypt’94, Lecture notes in computer Science, 765, Spriger Verlag, 410-423.

[29]

Nakassis, J. Bienfang, and C. Williams, “Expeditious reconciliation for practical quantum key distribution,” Proce of SPIE Quantum Information and Computation II, Volume 5436, Orlando Florida, 12-14 Apr 2004, pp 28-35.

IJ

A

ES

[20]

T

Lepakshi Goud.T* / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES Vol No. 6, Issue No. 2, 246 - 255

ISSN: 2230-7818

@ 2011 http://www.ijaest.iserp.org. All rights Reserved.

Page 255

13.IJAEST-Vol-No-6-Issue-No-2-A-Routing-Driven-Public-key-Crypto-system-based-key-management-scheme-  

In this research, we also studied the number of communication neighbours (denoted as c) for ensuring a certain routing reliability, and we o...

Read more
Read more
Similar to
Popular now
Just for you