“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
INTRODUCTION
1.1 Purpose of the project:
This project proposes a novel routing-driven RSA algorithm based key management
scheme for a sensor network. This establishes shared keys only for those neighboring
sensors that communicate with each other rather establishing shared keys for all pairs of
neighboring sensors .This project also proposed how user authentication and session key
verification can be done in a single step process at the receiving end.
1.2 Motivation:
As the wireless technologies has become the need of an hour, Securing sensor networks
has received much attention in the last few years and as so many research works are
going on in order to achieve stronger security and to reduce overhead to the maximum
possible extent on wireless networks created a strong interest in me to do some work
concerning security issues on wireless sensor networks.
1.3 Existing Techniques:
Previous research on sensor network security mainly considers homogeneous
sensor networks [1],[2]and [4], where all sensor nodes have the same capabilities.
An Existing key management schemes require a large storage space for key pre-
distribution [4] and are not suitable for small sensor nodes.
Most existing key management schemes try to establish shared keys for all pairs
of neighbor sensors, no matter whether these nodes communicate with each other
or not, and this causes large overhead.
Sensor key management schemes are designed to set up shared keys for all pairs
of neighbor sensors, without considering the actual communication pattern.
Dept. of P.G Studies,VTU Belgaum Page 1
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
1.3.1 Disadvantage of an existing system:
Homogeneous ad hoc networks have poor performance and scalability.
It needs a large storage space [4].
1.4 Related Work:
Many key management schemes have been investigated in literatures. Random key pre-
distribution scheme [1] was first proposed by Eschenauer and Gligor. The basic idea of
their scheme was randomly selecting a subset of communication keys from a very large
size key pool, and storing into each sensor’s memory before deployment.
Chan et al presented q-composite scheme[21] which required two neighbor nodes share
at least q (q>1) common keys to establish a secure link.
Du et al. and Liu et al extended the basic random key pre-distribution scheme to pair
wise key pre-distribution scheme. In their scheme[21], the resilience against node capture
was significantly improved.
Liu et al. presented pair-wise key establishment scheme using pre-deployment
knowledge and Rabin’s scheme to achieve high degree of connectivity and strong
resilience against nodes capture [22]. In this, an effective pair-wise key establishment
scheme was implemented based on Rabin’s scheme without the knowledge of pre-
deployment. He proposed a framework for key management schemes in distributed
wireless sensor networks with heterogeneous sensor nodes.
Dept. of P.G Studies,VTU Belgaum Page 2
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
1.5 Proposed Work:
The proposed key management scheme is implemented in a sensor network (SN)
model for better performance and security.
A public key algorithm–RSA is used to further improve the key management
scheme.
This project proposed a routing-driven key management scheme, which
establishes shared keys only for those neighboring sensors that communicate with
each other by using RSA public-key algorithm along with Quantum Key
Distribution Protocols (QKDPs).
Dept. of P.G Studies,VTU Belgaum Page 3
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
LITERATURE SURVEY
The following works were carried out by specific persons in the area of wireless sensor
networks:
L. Eschenauer and V.D.Gligor, “A key management scheme for distributed sensor
networks”-(2002)
In this paper, a Dynamic Combinatorial Key management scheme(DCK) was
implemented to provide efficient, scalable, and survivable dynamic keying in a clustered
sensor network with a large number of sensor nodes[1]. DCK employs the Exclusion-
Basis Systems (EBS) as the underlying framework for key management at both the
cluster and the sensor node levels. DCK enhances network security by localizing cluster
key management functions, thus limiting the impact of sensor node capture to the
attacked cluster.DCK is efficient in terms of energy consumption and storage. Also, it
significantly outperforms other dynamic keying schemes, in particular with regards to
energy consumed in key refreshment and re-keying after node capture.
Drawbacks: This model includes regarding clustered (homogeneous) networks only.
And also using of DCK limits the impact of sensor nodes to the attacked cluster but not
completely eliminated.
H. Chan, A. Perrig, and D. Song, “Random key pre-distribution schemes for sensor
networks”-(2003)
They presented three new mechanisms for key establishment using the framework of pre-
distributing a random set of keys to each node because asymmetric key cryptosystems are
unsuitable for use in resource constrained sensor nodes and the nodes could be physically
compromised by an adversary [2]. First, in the q-composite keys scheme, they trade off
the unlikeliest of a large-scale network attack in order to significantly strengthen random
key pre-distribution's strength against smaller-scale attacks. Second, in the multipath-
Dept. of P.G Studies,VTU Belgaum Page 4
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
reinforcement scheme, they showed how to strengthen the security between any two
nodes by leveraging the security of other links. Finally, the random-pair wise keys
scheme, which perfectly preserves the secrecy of the rest of the network when any node
is captured, and also enables node-to-node authentication.
Drawbacks: This model only suits well for homogeneous sensor networks and
unsuitable for heterogeneous wireless sensor networks where the sensors will have
different capabilities.
David J. Malan, “Toward PKI for Sensor Networks”-(2004)
He made implementations on the evaluation of elliptic curve cryptography (ECC) with
163-bit keys, which ultimately reduce space for distribution of keys[3].
Drawbacks: Here, as this method depends on curves, the computation of product modulo
is very difficult.
Arjan Durresi, Vijay Bulusu, Vamsi Paruchuri, Mimoza Durresi, Raj Jain, “Key
Distribution in Mobile Heterogeneous Sensor Networks”-(2006)
In this paper, two schemes were proposed namely; key pre-distribution using separate
key pool and key pre-distribution using segmented key pool. They allow the mobile
nodes to interact with the stationary nodes of different networks [4]. In key pre-
distribution with separate key pool, a separate key pool was used to connect the mobile
nodes to the stationary nodes. In key pre-distribution with segmented key pools, a large
key pool was divided into disjoint segments and each of these segments was assigned to a
different sensor network.
Drawbacks: As this method requires generation of more keys for the purpose of pre-
distribution, there is wastage of more space and energy for pre-distribution of key polls
among different networks.
Dept. of P.G Studies,VTU Belgaum Page 5
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Jeremy Brown, Xiaojiang Du, Kendall Nygard, “An Efficient Public-Key-Based
Heterogeneous Sensor Network Key Distribution Scheme”-(2007)
An idea of key-distribution scheme for a heterogeneous sensor network was described in
this paper. The scheme can guarantee that arbitrary nodes will be able to connect with
each other, and all messages are cryptographically secure. This scheme provides facilities
for in-network processing, which will help in optimizing usage of sensor resources [5].
Compromised nodes do not affect other parts of the sensor network. All of the damage is
localized to the node’s immediate neighbors, and provided that the compromise is
detected, the security breach was fairly stopped.
Drawbacks: Public-key-Based key management scheme doesn’t guarantees the detection
of presence of any third party (eavesdroppers).
Yong Ma, Siddharth Dala1, Majd Alwan, James Aylor, “ROP: A Resource Oriented
Protocol for Heterogeneous Sensor Networks”-(2007)
They described a network model that was adaptively formed according to the resources
of its members. A protocol named Resource Oriented Protocol (ROP) was developed to
create the network model [6]. This protocol entails two phases: topology formation and
topology update. In the first topology formation phase, sensors report their characteristics
of available resources, and then local cluster heads aggregate these reports and send to
sensors with largest resource capacity (LRC). After this step, based on the reports, LRCs
decide the topology and appoint cluster heads from top to bottom levels. In the topology
update phase, sensors maintain their route cache reactively. They also pointed ROP that
energy efficiency cannot always result in longer system lifetime especially in
heterogeneous networks. Instead, balancing resources among sensors and saving energy
for those more resource-constrained sensors are greatly helpful in lengthening the overall
system lifetime architecture. The targeted areas of applications include tele-health
Dept. of P.G Studies,VTU Belgaum Page 6
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
applications, health care facilities and other care settings, in addition to more secure
automation applications.
Drawbacks: Here, the simulation, emulation and deployment process of the proposed
protocol is difficult.
Venkata Krishna Ravi, Bo Sun, Xiaojiang Du, Fei Hu, Michael Galloway, Yang
Xiao, “A survey of key management schemes in wireless sensor networks”-(2007)
Sensor nodes used to form Wireless sensor networks are resource-constrained, which
make security applications a challenging problem. Efficient key distribution and
management mechanisms are needed besides lightweight ciphers [7]. Many key
establishment techniques have been designed to address the tradeoff between limited
memory and security, but which scheme is the most effective is still debatable. They
provided a survey of key management schemes in wireless sensor networks.
Drawbacks: They noticed that no key distribution technique is ideal to all the scenarios
where sensor networks are used; therefore the techniques employed must depend upon
the requirements of target applications and resources of each individual sensor network.
Xiaojiang Du, Hsiao-Hwa Chen, Yang Xiao, Mohsen Guizani, “A Pseudo-Random
Function Based Key Management Scheme for Heterogeneous Sensor Networks”-(2007)
They presented an efficient Pseudo Random Function based key management scheme for
heterogeneous sensor networks[8]. The PRF-based scheme consists of three phases: key
pre-distribution; shared-key discovery; and establishing pair-wise key by a H-sensor.
They also presented a centralized and a distributed shared-key discovery scheme, and
compare their communication overheads. In the PRF based scheme, powerful H-sensors
are utilized to provide efficient and effective key establishment for neighbor L-sensors.
Dept. of P.G Studies,VTU Belgaum Page 7
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
The performance evaluation and security analysis showed that the PRF-based key
management scheme can significantly reduce the storage requirement in achieving better
security than several other key management schemes.
Drawbacks: Not enough control of key ring size: it is possible that applying the formula
to sensor id and key in a key pool will yield key ring that is;
too large - larger than sensor memory
too small – not enough for the network to be connected
In either case node id should be regenerated
Sk. Md. Mizanur Rahman, Nidal Nasser, Kassem Saleh, “Identity and Pairing-based
Secure Key Management Scheme for Heterogeneous Sensor Networks”-(2008)
Key management poses a main concern for security operation in sensor
network[10]. Most existing key management schemes try to establish shared
keys for all pairs of neighbor sensors, no matter whether these nodes
communicate with each other or not, and causes large overhead. Recent trend of
research mainly consider homogeneous sensor network and a few consider
heterogeneous sensor network for key management. They considered heterogeneous
sensor network (HSN) as a model for their proposed novel key agreement protocol
based on pairing identity based encryption (IBE). The proposed scheme reduces
the key spaces of the nodes, in fact nodes do not need to store any key of the other nodes
rather it computes secret sharing key by using pairing and IBE properties. Security
analysis shows it also robust against different attacks such as replay attack,
masquerade attack, and integrity attack.
Drawbacks: This network model requires specific requirements like:
Sensors have to be equipped with GPS modules
Efficient clustering algorithm is required.
Dept. of P.G Studies,VTU Belgaum Page 8
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
F. Amin, A. H. Jahangir, and H. Rasifard, “Analysis of Public-Key Cryptography for
Wireless Sensor Networks Security”-(2008)
With the wide spread growth of applications of Wireless Sensor Networks (WSNs), the
need for reliable security mechanisms over networks has increased manifold[11]. They
provided security solutions in the domain of WSN. These solutions were usually based
on well-known cryptographic algorithms.
Drawbacks: Public key cryptography relies on computationally difficult mathematical
functions and cannot provide any indication of eaves dropping or guarantees key security.
S.Poornima, B.B.Amberker, “Tree-based Key Management Scheme for Heterogeneous
Sensor Networks”-(2008)
To achieve security in WSN, it is important to be able to encrypt the messages sent
between sensor nodes[12]. It is required to agree upon a common key before encrypting
the messages. The key management task is challenging due to resource constrained
nature of WSN. They were proposed a tree based key management scheme for
heterogeneous sensor networks. The scheme supports revocation of the compromised
nodes and the energy efficient re-keying.
Drawbacks: This scheme lacks in efficient storage for group keying in IEEE 802.15.4.
This method was difficult to set up securely. Cluster formation information is application
dependent.
Dept. of P.G Studies,VTU Belgaum Page 9
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
T.Kavitha, D.Sridharan, “Security vulnerabilities in Wireless Sensor Networks: A
Survey”-(2009)
The significant advances of hardware manufacturing technology and the
development of efficient software algorithms make technically and economically
feasible a network composed of numerous, small, low-cost sensors using wireless
communications, that is, a wireless sensor network(WSN)[13]. Security is becoming
a concern for WSN protocol designers because of the wide security-critical
applications of WSNs. They proposed how WSN differs from wired network
and other wireless network and also basic information about the WSN and its security
issues compared with wired network and other wireless networks.
Dept. of P.G Studies,VTU Belgaum Page 10
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
NETWORK SECURITY &CRYPTOGRAPHY
3.1 Network:
A network is a series of points or nodes interconnected by communication paths.
Networks can interconnect with other networks and contain sub-networks. A computer
connected to a non computing device (e.g., networked to a printer via an Ethernet link)
may also represent a computer network.
In order for a network to function, it must meet three basic requirements, it must provide
connections, communications and services.
‘Connections’ refers to the hardware.
‘Communications’ is the way in which the devices talk to each other.
‘Services’ are the things which are shared with the rest of the network
3.2 Sensor Network:
A sensor network comprises of sensor nodes and a base station. Each sensor node is
battery powered and equipped with integrated sensors, data processing capabilities and
short-range radio communications Due to their limited power and shorter communication
range, sensor nodes perform in-network data fusion.
Data fusion process:
A data fusion node collects the results from multiple nodes.
It fuses the results with its own based on a decision criterion.
Sends the fused data to another node/base station.
Dept. of P.G Studies,VTU Belgaum Page 11
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Advantages:
Reduces the traffic load.
Conserves energy of the sensors.
3.3 Cryptography:
All aspects such as security and integrity of information have been aided by rapid
advances in communication technology and networking. Hackers can utilize both active
and passive methods to overload networks and alter data. To provide Security and
integrity for information/data Cryptography came into existence.
Definition: Writing the messages in secret way is called cryptography [24].
3.3.1 Security:
Security is mainly of three types, namely;
1. Computer Security
2. Information Security
3. Network Security
3.3.2 Security Violations:
Copy a file without authentication during transmission.
Constructing own messages instead of intercepting.
Modifying messages by intercepting.
Delaying messages.
3.3.3 Security attacks:
Dept. of P.G Studies,VTU Belgaum Page 12
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
1. Passive attacks
2. Active attacks
Passive attack attempt to learn or make use of information from the system but does
not affect system resources. An active attack attempts to alter system resources or affect
their operation.
3.3.4 Methods to achieve security goals:
Access control
Authentication
Encryption
Intrusion detection
3.3.5 Introduction to Cryptography:
In the era of information technology, the possibility that the information stored in a
person’s computer or the information that are being transferred through network of
computers or internet being read by other people is very high. This causes a major
concern for privacy, identity theft, electronic payments, corporate security, military
communications and many others. We need an efficient and simple way of securing the
electronic documents from being read or used by people other than who are authorized to
do it. Cryptography is a standard way of securing the electronic documents.
Basic idea of Cryptography:
Basic idea of cryptography is to mumble-jumble the original message into something that
is unreadable or to something that is readable but makes no sense of what the original
message is. To retrieve the original message again, we have to transform the mumble-
jumbled message back into the original message again.
Dept. of P.G Studies,VTU Belgaum Page 13
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
3.3.6 Basic Terminologies used in Cryptography:
Cryptography is an important tool in securing information transactions for thousands of
years. It was originally intended to disguise messages so that adversaries could not
acquire or alter sensitive information. It is the science of mathematics to “Encrypt” and
“Decrypt” data. Cryptography enables us to store sensitive information or transmit it
across insecure networks like Internet so that no one else other than the intended recipient
can read it.
Data that can be read and understood without any special measures is called plain text or
clear text. This is the message or data that has to be secured. The method of disguising
plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext
results in unreadable gibberish called cipher text. We use encryption to ensure that
information is hidden from anyone for whom it is not intended, even those who can see
the encrypted data. The process of reverting cipher text to its original plaintext is called
decryption. Cryptanalysis is the art of breaking Ciphers that is retrieving the original
message without knowing the proper key. Cryptography deals with all aspects of secure
messaging, authentication, digital signatures, electronic money, and other applications.
Cryptography has also been expanded to provide the following information security
requirements [24]:
1. Non-repudiation: Preventing an entity from denying previous commitments or
actions.
2. Integrity: Ensuring no unauthorized alteration of data.
3. Authentication: Verifying an entity’s identity
4. Confidentiality: Protecting the data from all but the intended receiver.
3.3.7 Cryptographic Algorithms:
Cryptographic algorithms are mathematical functions that are used in the encryption and
decryption process. A cryptographic algorithms works in combination with a key(a
Dept. of P.G Studies,VTU Belgaum Page 14
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
number, word or phrase)to encrypt the plain text. Same plain text encrypts to different
cipher texts for different keys. Strength of a cryptosystems depends on the strength of the
algorithm and the secrecy of the key.
Cryptography is entrenched in higher mathematics: group theory, computational
complexity and even real analysis. Practical cryptography which is being used in the field
of information security uses either a key or a pair of keys for encryption and decryption,
depending on the algorithm. There are three types of algorithms available for practical
crypto-systems which can be used to accomplish the security.
1. Symmetric-key crypto-systems
2. Asymmetric-key crypto-systems
3. Public-key crypto-systems
Crypto-System Model:
The general basic model which is used for encryption and decryption is shown
below in figure 3.1. A message is to be transferred from sender to recipient across the
information channel and that message must not be accessible by intruders who are having
means of accessing the channel. The sender uses his key to scramble the message data
and generate cipher text. Although the algorithm which is used in the process of
scrambling or encrypting the message is known to public, the key which is used for
encryption is a secret component. Therefore, no one can divulge the message out of
cipher text without having the combination of particulars of encryption algorithm and the
key. The recipient uses the agreed algorithm and key to decrypt or descramble cipher text
which he received from the sender via an unsecured information channel.
Dept. of P.G Studies,VTU Belgaum Page 15
Key One
Message
Intruder Key Two
Cipher Text Channel Cipher Text Message
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Sender Recipient
Fig 3.1 Crypto System Model for encryption and decryption
Symmetric Key cryptosystem:
A symmetric key cryptosystem [24] can be used to implement a secure
communication system. The protocol for the secure communication with the symmetric
key cryptosystem can be explained as follows;
1. Sender and recipient agree on a cryptosystem.
2. Sender and recipient agree on a key.
3. Sender encrypts his plaintext message using the encryption algorithm and key. This
creates a cipher text message. Sender sends this cipher text to recipient.
4. Recipient decrypts cipher text message with the same algorithm and key and reads it
as plaintext.
Sender Recipient
Fig 3.2 Model for Encryption and decryption with Symmetric Key Algorithm
Suppose assume that,
M – Message
C (M) – Cipher text message
ESymKey - Encryption with the symmetric key
Dept. of P.G Studies,VTU Belgaum Page 16
Sym Key
Message
Intruder Sym Key
Cipher Text Channel Cipher Text Message
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
DSymKey – Decryption with the symmetric key
The above figure illustrates the model of symmetric key crypto-system. According to
that;
At the senders end:
C (M) = ESymKey (M)
At the recipient’s end:
M = DSymKey [C (M)]
Examples of well-known symmetric algorithms include the Data Encryption
Algorithm (DEA) defined by the Data Encryption Standard (DES), and Triple-DES.
Asymmetric Key Cryptosystem:
The origin of public key cryptography is based on one-way function. One-way
functions [16] are relatively easy to compute, but significantly harder to reverse. That is,
given x it is easy to compute f(x), but given f(x) it is harder to compute x, i.e. it will take
more time to compute x from f(x). There are two more additional requirements for the
asymmetric key crypto-systems than symmetric crypto-system;
1. It is computationally hard to calculate private key from public key.
2. Cipher text which is generated by a public key can only be decrypted by the
corresponding private key.
The protocol for asymmetric key crypto-system can be outlined as follows;
1. Sender and recipient agree on a public key crypto-system.
2. Recipient sends his public key to sender.
3. Sender encrypts his message using recipient’s public key and send it out to the
recipient.
Dept. of P.G Studies,VTU Belgaum Page 17
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
4. Recipient decrypts sender’s message using his private key.
Sender Recipient
Fig: 3.3 Model for Encryption and decryption with Asymmetric Key Algorithm
According to the above mentioned figure, an asymmetric crypto-system is following
encryption and decryption mechanism;
At the sender’s end:
C (M) = EPublicKey (M)
At the recipient’s end:
M = DPrivateKey [C (M)]
Public Key Crypto-System:
This project is based on the Public-Key cryptosystem.
The proposal of public key cryptosystems in 1976 by Whitfield Diffie and Martin
Hellman introduced a revolutionary way to address modern security issues such as key
management, authentication, non-repudiation, and signatures [14] in a digital
environment.
All cryptosystems are secure only if the difficulty of the mathematical problem
that they are based on should be determined to be hard. Public-key cryptosystems are
Dept. of P.G Studies,VTU Belgaum Page 18
Public key
Message
Intruder Private Key
Cipher Text Channel Cipher Text Message
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
based on the intractability of one of three problems. These problems and the
cryptosystems based on them are:
1. The Integer Factorization Problem; RSA
2. The Discrete Logarithm Problem; DSA, Diffie-Hellman
3. The Elliptic Curve Discrete Logarithm Problem; ECDSA, ECDH
3.3.8 Overview of Public Key Cryptography:
Public Key cryptography uses two keys Private key (known only by the recipient) and a
Public key (known to everyone). The public key is used to encrypt the message and then
it is sent to the recipient who can decrypt the message using the private key. The message
encrypted with the public key cannot be decrypted with any other key except for its
corresponding private key.
Fig:3.4 Encryption process in the public-key cryptography
The following figure illustrates the decryption process in the public-key cryptography.
Dept. of P.G Studies,VTU Belgaum Page 19
Message to be encrypted or plain text
Encryption Algorithm
Encrypted message or Cipher text
Public Key known to everyone
Message to be decrypted or cipher text
Decryption Algorithm
Decrypted message or Plain text
Private Key known only to receiver
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig:3.5 Decryption process in the public-key cryptography
The public-key algorithm uses a one-way function to translate plain text to cipher text.
Then, without the private key, it is very difficult for anyone (including the sender) to
reverse the process (i.e., translate the cipher text back to plain text). A one-way function
is a function that is easy to apply, but extremely difficult to invert. The most common
one-way function used in public-key cryptography involves factoring very large numbers.
The idea is that it is relatively easy to multiply numbers even large ones, with a
computer; however, it is very difficult to factor large numbers. The only known
algorithms basically have to do a sort of exhaustive search (Does 2 go in to? Does 3? 4?
5? 6? and so on). With numbers 128 bits long, such a search requires performing as many
tests as there are particles in the universe.
3.3.8.1 RSA – Public Key Cryptography Algorithm:
Introduction to RSA Algorithm:
RSA is one of the most popular and successful public-key cryptography algorithms. The
algorithm has been implemented in many commercial applications. It is named after its
inventor’s Ronald L. Rivest, Adi Shamir, and Leonard Adleman. They invented this
algorithm in the year 1977. They utilized the fact that when prime numbers are chosen as
a modulus, operations behave “conveniently”. They found that if we use a prime for the
modulus, then raising a number to the power (prime - 1) is 1.
RSA algorithm and its security simply capitalize on the fact that there is no efficient way
to factor very large integers. If someone comes up with an easy way of factoring a large
number, then that’s the end of the RSA algorithm. Then any message encrypted with the
RSA algorithm is no more secure.
Dept. of P.G Studies,VTU Belgaum Page 20
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
RSA Algorithm:
The encryption and decryption of this work is based on RSA algorithm. Before
encryption and decryption is done, we have to generate the key pair and then those keys
are used for encryption and decryption. The key generation, encryption and decryption
process of RSA are explained in the implementation part.
3.3.8.2 ECC Crypto system
Figure 3.6 sharing the sensitive data in network using ECC algorithm
Dept. of P.G Studies,VTU Belgaum Page 21
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
In this architecture the user both sender and receiver generates the private and public
keys. While communicating both encrypts the data using others public key and decrypts
using their own private key.
SOFTWARE REQUIREMENTS & SPECIFICATIONS
4.1 Feasibility Study:
The feasibility study is an important factor in analyzing the capability of the project. The
key objective of the feasibility study is to weigh up three types of feasibility. They are:
a) Operational Feasibility
b) Technical Feasibility
c) Economic Feasibility
4.1.1 Operational Feasibility.
Operational feasibility is necessary as it ensures that the project developed is a successful
one. As the execution process of the proposed work is very much user friendly, the
operational feasibility of the project is high.
4.1.2. Technical Feasibility.
Technical feasibility analysis makes a comparison between the level of technology
available and that is needed for the development of the project. The level of technology
consists of the factors like software tools, machine environment, and platform developed
Dept. of P.G Studies,VTU Belgaum Page 22
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
and so on. Since, the resources like Swing, QKDPs and security mechanism packages for
the development of the project are available, the project is technically feasible.
4.1.3. Economic Feasibility.
This is the most important part of the project because the terms and conditions for
implementing the project have to be economically feasible. The risk of finance does not
exist as the existing hardware is sufficient and the software is free of cost. Hence, the
system is economically feasible.
4.2 User Interface:
Describes the logical characteristics of each interface between the software product and
the users. This may include sample screen images, any GUI standards or product family
style guides that are to be followed, screen layout constraints, standard buttons and
functions (e.g., help) that will appear on every screen, keyboard shortcuts, error message
display standards and so on. It defines the software components for which a user interface
is needed. It also specifies the details of the user interface design that are to be
documented in a separate user interface specification.
4.2.1 GUI Components:
JButton, JLabel, JTextField, JTextArea, JFrame, JTabbedPane, JScrollPane, Container.
JButton:
JButton is used to send, clear, hopcount, process, store, back, generate to dataset,
receive, Add IDS Entry and More Systems.
Dept. of P.G Studies,VTU Belgaum Page 23
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
JLabel
A display area for a short text string. A label does not react to input events. As a
result, it cannot get the keyboard focus. In the development environment, it will display
the To, From, Port, Intermediate System No., Intermediate System Names, Send data,
Received Data, source IP, Destination IP, Enter new rules in dataset.
JTextField
JTextField is a light weight component that allows the editing of a single line of
text. In the development environment, it gets the IP addresses, Port number, Intermediate
System No., Intermediate System Names from the user.
JTextArea
JTextArea is a multi-line area that displays plain text. In the development
environment, it is used to send the data and to receive the data. The user enters the
message to send the data.
JScrollPane
Provides a scrollable view of a light weight component. A JScrollPane manages a
viewport, optional vertical and horizontal scroll bars, and optional row and column
heading viewports.
JTabbedPane
A component that lets the user switch between a group of components by clicking
on a tab with a given title and/or icon. In the development environment, there are two
JTabbedPane are used. One is anomalous tab and normal tab.
Dept. of P.G Studies,VTU Belgaum Page 24
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Container
A generic Abstract Window Toolkit (AWT) container object is a component that
can contain other AWT components. Components added to a container are tracked in a
list. The order of the list will define the components front-to-back stacking order within
the container. If no index is specified when adding a component to a container, it will be
added to the end of the list (and hence to the bottom of the stacking order).
4.3 Hardware Interface:
Describes the logical and physical characteristics of each interface between the software
product and the hardware components of the system. This may include the supported
device types, the nature of the data and control interactions between the software and the
hardware, communication protocols to be used.
Hardware Requirements:
Processor : Pentium IV
RAM : 512 MB
Hard Disk : 20 GB
4.4 Software Interface:
Describes the connections between this product and other specific software components
(name and version), including databases, operating systems, tools, libraries, and
Dept. of P.G Studies,VTU Belgaum Page 25
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
integrated commercial components. Identify the data items or messages coming into the
system and going out and describe the purpose of each. Describe the services needed and
the nature of communications. Refer to documents that describe detailed application
programming interface protocols. Identify data that will be shared across software
components. If the data sharing mechanism must be implemented in a specific way (for
example, use of a global data area in a multitasking operating system), specify this as an
implementation constraint.
Software Requirements:
Front End : Java, Swing
Operating System : WindowsXP
Data Base : MySQL
4.5 SQL Server 2005:
It included native support for managing XML data, in addition to relational data. For this
purpose, it defined an xml data type that could be used either as a data type in database
columns or as literals in queries. XML columns can be associated with XSD schemas;
XML data being stored is verified against the schema. XML is converted to an internal
binary data type before being stored in the database. Specialized indexing methods were
made available for XML data. XML data is queried using XQuery; Common Language
Runtime (CLR) integration is the main feature enabling one to write SQL code as
Managed Code by the CLR. SQL Server 2005 added some extensions to the T-SQL
language to allow embedding XQuery queries in T-SQL. It also defines a new extension
to XQuery, called XML DML that allows query-based modifications to XML data. SQL
Server 2005 also allows a database server to be exposed over web services using TDS
packets encapsulated within SOAP (protocol) requests.
Dept. of P.G Studies,VTU Belgaum Page 26
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
SYSTEM DESIGN
Design and Testing are the actual process of producing a solution according to the
specification derived from the analysis stage.
5.1 System Preliminary Design:
Message browsing
Plaintext
Cipher text
Dept. of P.G Studies,VTU Belgaum Page 27
SRC Node
DB
Encryption process
DESNode
Decryption process
Plaintext
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Cipher text
Fig 5.1 Preliminary design of the proposed model
Functionality:
Initially a source(SRC) sensor node browses message (plaintext) from database
and encrypts that message using RSA keys. Then the encrypted message (Cipher text)
will be transferred to destination(DES) sensor node via the cluster header. Now DES
node decrypts the Cipher text into plaintext and reads the original message.
5.2 Data Flow Diagram:
A data-flow diagram (DFD) is a graphical representation of the "flow" of data through
an information system. DFDs can also be used for the visualization of data
processing (structured design). On a DFD, data items flow from an external data source
or an internal data store to an internal data store or an external data sink, via an internal
process DFD provides no information about the timing of processes, or about whether
processes will operate in sequence or in parallel.
Dept. of P.G Studies,VTU Belgaum Page 28
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig 5.2 Data flow diagram.
5.3 Use Case Diagram:
A use case diagram in the Unified Modeling Language (UML) is a type of behavioral
diagram defined by and created from a Use-case analysis. Its purpose is to present a
graphical overview of the functionality provided by a system in terms of actors, their
goals (represented as use cases), and any dependencies between those use cases.
The main purpose of a use case diagram is to show what system functions are performed
for which actor. Roles of the actors in the system can be depicted. Use Case diagrams are
Dept. of P.G Studies,VTU Belgaum Page 29
Cluster Head
Node
Key Generation Using RSA
Node Details
Key Details
Communication Node1
Communication Node2
Sink
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
formally included in two modeling languages defined by the OMG: the Unified Modeling
Language (UML) and the Systems Modeling Language (SysML).
Fig: 5.3 Use case diagram.
5.4 Sequence Diagram:
A sequence diagram in Unified Modeling Language (UML) is a kind of interaction
diagram that shows how processes operate with one another and in what order and at a
specific time. It is a construct of a Message Sequence Chart. Sequence diagrams are
sometimes called event diagrams, event scenarios, and timing diagrams.
Dept. of P.G Studies,VTU Belgaum Page 30
client1
Login
Cluster Head
Key_Reqest
Request Server
Response from Client
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
SinkCluster Head : (Cluster Head)
Node : (Node) Communication Node1...
Communication Node2
Rigitration
Accept
Path Request
Send Path
Key Request
Key Distribute
Forward Data
Forward
Forward
Fig 5.4 Sequence diagram.
5.5 Collaboration Diagram:
A collaboration diagram, also called a communication diagram or interaction diagram, is
an illustration of the relationships and interactions among software objects in the Unified
Modeling Language (UML). The concept is more than a decade old although it has been
refined as modeling paradigms have evolved. A collaboration diagram resembles a
Dept. of P.G Studies,VTU Belgaum Page 31
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
flowchart that portrays the roles, functionality and behavior of individual objects as well
as the overall operation of the system in real time.
Cluster Head
Node
1: Rigitration
2: Accept
3: Path Request
4: Send Path
5: Key Request
6: Key Distribute
Sink
Communication Node1
Communication Node2
7: Forward Data
8: Forward
9: Forward
Fig: 5.5 Collaboration Diagram:
5.6 Component Diagram:
A component diagram in the Unified Modeling Language, depicts how sure wired
together to form larger components and or software systems. When using a component
diagram to show the internal structure of a component, the provided and required
Dept. of P.G Studies,VTU Belgaum Page 32
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
interfaces of the encompassing component can delegate to the corresponding interfaces of
the contained components.
Cluster Head
Node Registration
Key Generation
Key Distribution
Key Request
Node
Data Forwarding
Sink
Fig 5.6 Component Diagram
5.7 Activity Diagram:Describes the flow of control of the target system.
Dept. of P.G Studies,VTU Belgaum Page 33
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 5.7 Activity Diagram
5.8 State Machine Diagram:
Dept. of P.G Studies,VTU Belgaum Page 34
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
A state machine diagram models the behavior of a single object, specifying the sequence
of events that an object goes through during its lifetime in response to events.
Authentication
Cluster Formation
Key Generation
Key Distribution
Key_Request
Data Forwarding
Fig: 5.8 State chart Diagram.
SYSTEM IMPLEMENTATION
Dept. of P.G Studies,VTU Belgaum Page 35
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Modular implementation:
The project mainly has been divided in to four modules. They are;
Cluster Formation
Routing in Sensor Networks(SNs)
Key Generation and distribution of keys
Encryption & Decryption
6.1 The Cluster Formation:
After sensor deployment, clusters are formed in an SN(Sensor Network) and
designed an efficient clustering scheme for SNs [9]. For the simplicity of discussion,
assume that each H-sensor can communicate directly with its neighbor H-sensors (if not,
then relay via L-sensors). All H-sensors form a backbone in an SN. After cluster
formation, a SN is divided into multiple clusters, where H-sensors serve as the cluster
heads. An illustration of the cluster formation is shown in Fig:6.1, where the small
squares are L-sensors, large rectangular nodes are H-sensors, and the large square at the
bottom-left corner is the sink. For the ease of execution, I considered all H-sensor, L-
sensors in a single host machine and confined all nodes to communicate in a single
cluster where each H-sensor can directly communicate with any of its L-sensors(if the
node is not a neighbor, then it can relay via other L-sensors).
Dept. of P.G Studies,VTU Belgaum Page 36
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 6.1.Cluster formation in a Sensor Networks (SN)
6.2 Routing in SNs:
In a SN, the sink, H-sensors and L-sensors form hierarchical network architecture.
Clusters are formed in the network and H-sensors serve as cluster heads. All H-sensors
form a communication backbone in the network. Powerful H-sensors have sufficient
energy supply, long transmission range, high date rate, and thus provide many advantages
for designing more efficient routing protocols [6]. Routing in a SN consists of two
phases: 1) Intra-cluster routing – each L-sensor sends data to its cluster head via multi-
hops of other L-sensors; and 2) Inter-cluster routing - a cluster head (an H-sensor)
aggregates data from multiple L-sensors and then sends the data to the sink via the H-
sensor backbone. The routing structure in an SN is illustrated in Fig:6.1. An intra-cluster
routing scheme determines how to route packets from an L-sensor to its cluster head. The
basic idea is to let all L-sensors (in a cluster) form a tree rooted at the cluster head H. (1)
Dept. of P.G Studies,VTU Belgaum Page 37
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
If complete data fusion is conducted at intermediate nodes, (i.e., two k-bit packets come
in, and one k-bit packet goes out after data fusion) then a minimum spanning tree (MST)
consumes the least total energy in the cluster. (2) If there is no data fusion within the
cluster, then a shortest-path tree (SPT) can be constructed using either a centralized or
distributed algorithm. It consumes the least total energy.
6.3 Key Generation and Key Distribution:
This project makes use of RSA public-key Cryptosystem for key generation and
integrated QKDP’s for key distribution.
6.3.1 Key Generation:
The first step in RSA encryption is to generate a key pair. Two keys are generated of
which one is used as the public key and the other is used as the private key. The keys are
generated with the help of two large prime numbers. The keys are generated as follows:
1. Generate two large random primes p and q.
2. Compute n which is equal to product of those two prime numbers, n = pq
3. Compute φ(n) = (p-1)(q-1).
4. Choose an integer e, 1 < e < φ(n), such that gcd(e, φ(n)) = 1.
5. Compute the secret exponent d, 1 < d < φ(n), such that ed ≡ 1 (mod φ(n)).
6. The public key is (n, e) and the private key is (n, d). The values of p, q, and
φ(n) should also be kept secret.
n is known as the modulus.
e is known as the public exponent or encryption exponent.
d is known as the secret exponent or decryption exponent.
Dept. of P.G Studies,VTU Belgaum Page 38
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
6.3.2 Key Distribution:
For key distribution process, QKDP’s were used with RSA in order to distribute the keys
to neighboring nodes by the cluster header(which acts as a Trusted Center).
Quantum Cryptography:
Quantum cryptography is only used to produce and distribute a key, not to
transmit any message data.
With the use of Quantum cryptography, the two communicating parties can be
able to detect the presence of any third party trying to gain knowledge of the key.
For secure communications, Quantum key distribution protocols(QKDP’s) are
used. It enables two parties (sensors) to produce a shared random bit string known
only to them, which can be used as key to encrypt and decrypt the messages.
Quantum cryptography easily resists replay and passive attacks.
An unique property of quantum cryptography is providing the ability to the both
communicating users to detect the presence of any third party trying to gain
knowledge of the key by using quantum super positions or quantum entanglement
and transmitting information in quantum states, by this eavesdroppers can be
detected.
Dept. of P.G Studies,VTU Belgaum Page 39
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Key Management Scheme:
This technique involves encoding information in quantum states(Qu-bits) as opposed to
classical communications use of bits. Usually, photons are used for these quantum states.
QKD divided into two main categories depending on which property they exploit.
Prepare and measure protocols (Calculate the amount of information that has been
intercepted).
Entanglement based protocols (Two quantum states of two(or more) separate
objects can become linked together in such a way that they must be described by a
combined quantum states, not as individual objects).
Performing a measurement on one object affects the other. If an entangled pair of objects
is shared between two parties(sensors), any one intercepting either object alters the
overall system revealing the presence of the third party and amount of information they
have gained.
6.3.3 Design Aspects:
TC(Trusted Center)-Cluster header and participant synchronize their polarization basis
according to pre-shared secret key. During session key distribution, the pre-shared secret
key together with random string are used to produce another encryption key to encipher
the session key. By this, a receiver will not receive the same polarization qu-bits even if
identical session key is retransmitted. Hence, the secrecy of pre-shared secret key can be
preserved and thus this secret key can be long term and repeatedly used between TC and
participant. Due to combined use of classical cryptographic techniques over quantum
channel, a receiver can authenticate user identity, verify the correctness and freshness of
the session key and detect the presence of eavesdroppers.
Dept. of P.G Studies,VTU Belgaum Page 40
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Level0:
Fig:6.2 Distribution of Session Key with Quantum Cryptography
Level 1:
Fig:6.3 Generation of Session key with Quantum Cryptography
Dept. of P.G Studies,VTU Belgaum Page 41
Trusted center
Receiver
Secret Key
Secret Key
Session Key
Encrypted Msg by Session Key
Level1
Key Generation
Sender
Sec Key
Session key
Qubit Generation
Random String Generation
Session Key Generationononon
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
6.4 Encryption and Decryption:
6.4.1 Encryption:
Encryption is done using the public key component e and the modulus n. To whichever
the particular node want to send the message, it encrypt the message with its public key
(e,n). Encryption is done by taking an exponentiation of the message m with the public
key e and then taking a modulus of it. The following steps are done in encryption:
1. Obtain the recipient’s public key (n,e)
2. Represent the plain text message as a positive integer m < n
3. Compute the cipher text c = m^e mod n.
4. Send the cipher text c to the recipient.
Dept. of P.G Studies,VTU Belgaum Page 42
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 6.4 Data Encryption process
To encrypt a message M the sender:
obtains public key of recipient KU={e,N}
computes: C=M^e mod N, where 0≤M<N
Dept. of P.G Studies,VTU Belgaum Page 43
Get the original data and public key for encryption
Perform Encryption
If Encrypte
d
Get Encrypted data
Stop
No
Yes
Start
Exit
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
6.4.2 Decryption:
Decryption is done using the Private key. The node which is receiving the encrypted
message uses its own private key to decrypt the message. Decryption is similar to the
encryption except that the keys used are different.
1. Recipient uses his private key (n,d) to compute m = c^d mod n.
2. Extract the plaintext from the integer representative m.
NOTE: The message M must be smaller than the modulus N (block if needed)
Fig: 6.5 Data Decryption process
Dept. of P.G Studies,VTU Belgaum Page 44
Start
Get Ciphertext and private key
Decrypt the encrypted data
Retrieve original data
Stop
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
6.5 Importance of RSA:
RSA algorithm had been in use for the past 25 years and it’s been one of the most
successful cryptography algorithms that the security world ever had. This is still widely
used in many applications even after hundreds of public key cryptographic algorithms
emerged after the invention of RSA algorithm. This algorithm is still in use because of its
security and easy implementation. RSA strengths make it most suitable for resource-
constrained systems. RSA provides greater security for a given key size and can be
efficiently and compactly implemented. These attributes make it well suited for systems
with constraints on processor speed, security, power consumption, bandwidth, and
memory. The RSA algorithm has been implemented in many applications and it is
currently one of the most popularly used encryption algorithm. The security of the RSA
algorithm lies in the fact that there is no good way of factoring numbers. No one till now
knows a way to factorize a number into its prime factors. As long as no one finds a way
RSA will be safe and will be one of the best encryption algorithms in use. If someone
comes up with a way to factorize algorithms, then that’s the end of RSA. If we consider
RSA vis-à-vis ECC, ECC is very much faster than RSA, but actually ECC is significantly
faster than RSA only when used with pre-computed values. That is, if we can store ECC
key in a small space and if we want to get the performance advantage, we have to store
some tables of pre-computed values. These tables can be as many as 20,000 bytes. But if
we don’t have 20,000 bytes of storage space lying around (say your smart card), we may
not be able to use the pre-computed tables. Then the ECC is not that much faster than
RSA. With ECC you can sign fast or save storage space, but you can’t do both. Of
course, saving storage space and transmission size may be reason enough.
Currently in the industry, RSA is winning. The key size, transmission size and signature
performance issues concern makers of small devices. But they often find that RSA is fast
and small enough. Sure, it’s not the fastest signer or the smallest key, but it still works
just fine. And RSA has a well-developed certificate infrastructure.
Dept. of P.G Studies,VTU Belgaum Page 45
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
RESULTS AND DISCUSSIONS
Fig: 7.1 Number of participating nodes in a cluster
Fig: 7.1 define the number of nodes that are going to participate in the communication
process by forming a cluster (Group of nodes over a network).
Consider for an instance, if a cluster is formed by 4 nodes viz..node1,node2,node3,node4
and so on, then among the existing nodes, any node can be a cluster header and via this
cluster header a MST(Minimum Spanning Tree) is constructed and the communication
will takes place via this particular node.
Dept. of P.G Studies,VTU Belgaum Page 46
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.2 Formation of Cluster
Fig: 7.2 depict the formation of cluster with the neighboring nodes in a network. Among
the existing nodes, any node can be a cluster header and the remaining nodes have to
register with the particular header in order to participate in the communication process.
The cluster header can be changed dynamically.
Dept. of P.G Studies,VTU Belgaum Page 47
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.3 Cluster Header Registration
Fig: 7.3 represent the registration of the cluster header. All the details of each and every
node are stored in a central data base. The cluster header gets the details of its
neighboring nodes from the data base.
Fig: 7.4 Registering Process of Cluster Header
Dept. of P.G Studies,VTU Belgaum Page 48
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.4 represent the registering process of cluster header. All other nodes (neighbor)
which want to participate in the communication process have to send a registration
request to cluster header.
Fig: 7.5 Confirmation of Cluster Header
Fig: 7.5 define the confirmation of the cluster header by generating a unique password.
This header in future communicates with its neighboring nodes with the help of this
password.
Dept. of P.G Studies,VTU Belgaum Page 49
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.6 Neighboring Nodes Registration Process with Cluster Header
Fig: 7.6 represent the neighboring nodes registration with the header (the nodes those
want to participate in the communication process).
Fig: 7.7 Registration Request
Fig: 7.7 indicate the request that has been made by a node to header in a network.
Dept. of P.G Studies,VTU Belgaum Page 50
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.8 Acceptance of Request by Header
Fig: 7.8 indicate the request that has been accepted by a header node and it sends a reply
message of its confirmation by generating a unique node ID in a network
Dept. of P.G Studies,VTU Belgaum Page 51
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.9 MST Request for Communication
Fig :7.9 indicates that the MST(Minimum Spanning Tree) request generated from cluster
header to the requested node, it(the requested node) can get the coordinates by providing
the information like node name, unique ID generated to it ,by then a MST can be
constructed by using the ID’s.
NOTE: The steps from Fig 7.6 to Fig 7.9 are common for all other nodes in a network if
they want to takes place in the process of communication.
Dept. of P.G Studies,VTU Belgaum Page 52
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.10 Key Request Form for a Node for Communication
Fig: 7.10 indicate that the key request generated from cluster header to the requested
node, it (the requested node) can get the key by providing the information like node
name, unique ID generated to it, by then a private key is generated to it by the cluster
header that which would be provided for the further communication with other nodes in
the network.
Dept. of P.G Studies,VTU Belgaum Page 53
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.11 Co-ordinates Identification of a Node
Fig: 7.11 tell us the identification of coordinates of a node in order to locate that
particular node in a network by the production of its unique ID.
Dept. of P.G Studies,VTU Belgaum Page 54
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.12 Locating Neighboring Nodes
Fig: 7.12 depict the location of neighboring nodes and then it constructs a MST via
cluster header node to the neighboring nodes.
Dept. of P.G Studies,VTU Belgaum Page 55
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.13 Key Requests for Communication
Fig: 7.13 indicates the key request made by a particular node to the cluster header by
producing its public key (Unique ID).
Dept. of P.G Studies,VTU Belgaum Page 56
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.14 Generation of Private Key
Fig: 7.14 represents the generation of private key. Here, the cluster header here acts as a
trusted centre (TC) and generates a private after verifying the details produced by a
particular node. Then by using the secret key, the requesting node can communicate with
the other neighboring nodes (of its requirement).
Dept. of P.G Studies,VTU Belgaum Page 57
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.15 Destinations and Message Content
Fig:7.15, here the node that want to communicate has provide the details like the data
that want to transfer and the destination node that it wants to communicate with.
Dept. of P.G Studies,VTU Belgaum Page 58
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.16 Encrypted Form of the Message Content
Fig: 7.16 represent the encrypted form of the message that is to be transferred by using
the Cryptographic algorithm.
Dept. of P.G Studies,VTU Belgaum Page 59
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
Fig: 7.17 Receiving Message at Destination
Fig: 7.17 shows that the message encrypted there at the sender side and at the receiving
end are same. Hence the sensor nodes communicated successfully.
Dept. of P.G Studies,VTU Belgaum Page 60
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
CONCLUSION AND FUTURE SCOPE
8.1 Conclusion:
In this project, a model was implemented which provides internal security in a network
and also an efficient key management scheme has been proposed for a sensor network.
This scheme utilizes the fact that a node communicates with only a small portion of its
neighbors and thus greatly reduces the communication and computation overheads of key
setup. A public-key algorithm RSA is used along with QKDP’s to further improve the
key management scheme for generation and distribution of secret keys. These keys were
used to encrypt, transmit and decrypt sensitive data being shared among nodes within a
network.
8.2 Future Scope of the work:
This work can be extended in real world heterogeneous sensor networks by making use
of Elliptic Curve Cryptography (ECC) algorithm to achieve stronger information
security. Authentication would be still provided in an easier manner by making use of
ECC algorithm on wireless sensor networks. By making use of ECC, further reduction in
storage space, computational overheads, power consumption could be achieved because
of its shorter key length.
Dept. of P.G Studies,VTU Belgaum Page 61
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
REFERENCES
[1] L. Eschenauer and V.D.Gligor, “A key management scheme for distributed sensor
networks,” Ninth ACM Conference on Computer and Communication Security,
November 2002.
[2] H. Chan, A. Perrig, and D. Song, “Random key pre-distribution schemes for sensor
networks,” Carnegie Mellon University, Proceedings of the 2003 IEEE Symposium on
Security and Privacy (SP’03)-(2003).
[3]. David J. Malan, “Toward PKI for Sensor Networks” Division of Engineering and
Applied Sciences. Harvard University [email protected]. 8 November 2004.
[4] Arjan Durresi, Vijay Bulusu, Vamsi Paruchuri, Mimoza Durresi, Raj Jain, “Key
Distribution in Mobile Heterogeneous Sensor Networks” direction of IEEE
Communications Society subject matter experts for publication in the IEEE GLOBECOM
2006 proceedings-(2006).
[5] Jeremy Brown, Xiaojiang Du, Kendall Nygard, “An Efficient Public-Key-Based
Heterogeneous Sensor Network Key Distribution Scheme” Nygard, “Global
Telecommunications Conference, GLOBECOM '07. IEEE 26 December 2007.
[6] Yong Ma, Siddharth Dala1, Majd Alwan, James Aylor, “ROP: A Resource Oriented
Protocol for Heterogeneous Sensor Networks” Wireless Communications, vol. 6, no. 9,
pp. 3395–3401, in 2007.
[7] Venkata Krishna Ravi, Bo Sun, Xiaojiang Du, Fei Hu, Michael Galloway, Yang
Xiao, “A survey of key management schemes in wireless sensor networks” Proceedings
of the 2007 international conference on Wireless communications ,Vol 30,in 2007.
Dept. of P.G Studies,VTU Belgaum Page 62
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
[8] Xiaojiang Du, Hsiao-Hwa Chen, Yang Xiao, Mohsen Guizani, “A Pseudo-Random
Function based Key Management Scheme for Heterogeneous Sensor Networks” Global
Telecommunications Conference, GLOBECOM '07. IEEE Nov 2007.
[9] Qing Yang, Qiaoliang Li, Sujun Li, “An Efficient Key Management Scheme for
Heterogeneous Sensor Networks” Networks, ICON 2008. 16th IEEE International
Conference on Dec 2008.
[10] Sk. Md. Mizanur Rahman, Nidal Nasser, Kassem Saleh, “Identity and Pairing-based
Secure Key Management Scheme for Heterogeneous Sensor Networks”. IEEE
International Conference on Wireless and Mobile Computing, Oct. 2008.
[11] F. Amin, A. H. Jahangir, and H. Rasifard, “Analysis of Public-Key Cryptography
for Wireless Sensor Networks Security” Embedded End-to-End Wireless Security with
ECDH Key Exchange, the 46th IEEE in 2008.
[12] A.S.Poornima, B.B.Amberker, “Tree-based Key Management Scheme for
Heterogeneous Sensor Networks” This paper appears in: Networks, 2008. ICON 2008.
16th IEEE International Conference Dec. 2008.
[13] T.Kavitha, D.Sridharan, “Security vulnerabilities in Wireless Sensor Networks: A
Survey” Mobile - Wireless Communications, Security Management in 2009.
[14] Jeremy S. Nightingale, “Comparative Analysis of Java Cryptographic Libraries for
Public Key Cryptography”, ECE 746.
[15] P. Mackenzie, “More efficient password authenticated key exchange” CT-RSA,
pages 361 – 377, 2001.
[16] RSA Laboratories. “Frequently Asked Questions About Today’s Cryptography”. 4
Apr. 2005. Bedford: RSA Laboratories. < http://www.rsasecurity.com/rsalabs/
node.asp?id=2152>
[17] X. Du and F. Lin, “Maintaining differentiated coverage in heterogeneous sensor
networks,” EURASIP J. Wireless Commun. and Networking, no. 4, pp. 565-572, 2005.
Dept. of P.G Studies,VTU Belgaum Page 63
“A Routing-Driven Public-Key Cryptosystem Based Key Management Scheme for A Sensor Network”
[18] WATRO R, et al. TinyPK: secuting sensor networks with public key technology.
Proceedings of the 2nd ACM Workshop on Secutity of Ad hoc and Sensor Networks.
New York, 2005. 135-142.
[19] G. Frey and H. Ruck, “A remark concerning m-divisibility and the discrete
logarithm in the divisor class group of curves”. Mathematics of Computation, vol
62, pages 865 – 874, 1994.
[20] N. Koblitz, “Elliptic curve cryptosystems”, Mathematics of Computation, vol 48.,
pages 203 – 209, 1987.
[21] Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, Jonathan Katz,
Aram Khalili, “A Pairwise Key Pre-Distribution Scheme for Wireless Sensor
Networks”, ACM Journal Name, Vol. V, No. N, Month 20YY, 2005.
[22] Fang Liu, Maiou Jose “Manny” Rivera, Xiuzhen Cheng. “Location aware Key
Establishment in Wireless Sensor Networks”, IWCMC’06,2006.
[23] Li, Sujun, Li, Qiaoliang, Zhou, Boqin, “A New Efficient Pair-wise Key
Establishment Scheme for Wireless Sensor Networks”, Wicom’07, pp.2495–2498,
2007.
[24] William Stallings, “Network Security Essentials and Standards”, Person Education,
2000.
[25] Atul Kahate, Cryptography and Network Security, TMH.
Dept. of P.G Studies,VTU Belgaum Page 64