A bilinear pairing based secure data aggregation scheme for WSNs

End to end secure data aggregation scheme for wireless sensor networks that are based on public key cryptography generally use elliptic curves. However elliptic curve based protocols require messages to be mapped to elliptic curves before performing any operations and finally reverse mapped to retrieve the message back. No mapping function, however, which is both homomorphic and has an efficient reverse mapping function is currently known. The mapping functions used in many previous protocols require brute forcing to reverse map the message from a point on the elliptic curve. This solution may be feasible on a base station with unlimited energy and processing power but it means that decrypting becomes very inefficient on ordinary sensors. We propose a secure data aggregation algorithm based on bilinear pairing that avoids this problem and makes decrypting data feasible on ordinary sensors

Efficient Data Gathering and Aggregation for Multiple Applications in Wireless Sensor Networks

Data aggregation in wireless sensor networks refers to acquiring the sensed data from the sensors to the gateway node. It reduces the amount of power consumed during data transmission between the sensor nodes. Generally homomorphic encryptions have been applied to conceal communication during aggregation. Since enciphered data can be aggregated algebraically without decryption. Here adversaries are able to forge aggregated results by compromising them. However, these schemes are not satisfying multi-application environments, provide insecure transmission and do not provide secure counting for unauthorized aggregation attacks. In this paper, we propose a new concealed data aggregation scheme extended from homomorphic privacy encryption system. The proposed scheme designed for a multi-application environment, mitigates the impact of compromising attacks in single application environments and also it can avoid the damage from unauthorized aggregations by the privacy homomorphic encryption scheme.Comment: 14 pages, 4 figure

Data Sharing on Untrusted Storage with Attribute-Based Encryption

Storing data on untrusted storage makes secure data sharing a challenge issue. On one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. Cryptographic methods are usually applied to address this issue -- only encrypted data are stored on storage servers while retaining secret key(s) to the data owner herself; user access is granted by issuing the corresponding data decryption keys. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key/user management, user accountability and etc. To address these challenge issues, this dissertation studies and enhances a novel public-key cryptography -- attribute-based encryption (ABE), and applies it for fine-grained data access control on untrusted storage. The first part of this dissertation discusses the necessity of applying ABE to secure data sharing on untrusted storage and addresses several security issues for ABE. More specifically, we propose three enhancement schemes for ABE: In the first enhancement scheme, we focus on how to revoke users in ABE with the help of untrusted servers. In this work, we enable the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. In the second enhancement scheme, we address key abuse attacks in ABE, in which authorized but malicious users abuse their access privileges by sharing their decryption keys with unauthorized users. Our proposed scheme makes it possible for the data owner to efficiently disclose the original key owner\u27s identity merely by checking the input and output of a suspicious user\u27s decryption device. Our third enhancement schemes study the issue of privacy preservation in ABE. Specifically, our proposed schemes hide the data owner\u27s access policy not only to the untrusted servers but also to all the users. The second part presents our ABE-based secure data sharing solutions for two specific applications -- Cloud Computing and Wireless Sensor Networks (WSNs). In Cloud Computing cloud servers are usually operated by third-party providers, which are almost certain to be outside the trust domain of cloud users. To secure data storage and sharing for cloud users, our proposed scheme lets the data owner (also a cloud user) generate her own ABE keys for data encryption and take the full control on key distribution/revocation. The main challenge in this work is to make the computation load affordable to the data owner and data consumers (both are cloud users). We address this challenge by uniquely combining various computation delegation techniques with ABE and allow both the data owner and data consumers to securely mitigate most computation-intensive tasks to cloud servers which are envisaged to have unlimited resources. In WSNs, wireless sensor nodes are often unattendedly deployed in the field and vulnerable to strong attacks such as memory breach. For securing storage and sharing of data on distributed storage sensor nodes while retaining data confidentiality, sensor nodes encrypt their collected data using ABE public keys and store encrypted data on storage nodes. Authorized users are given corresponding decryption keys to read data. The main challenge in this case is that sensor nodes are extremely resource-constrained and can just afford limited computation/communication load. Taking this into account we divide the lifetime of sensor nodes into phases and distribute the computation tasks into each phase. We also revised the original ABE scheme to make the overhead pertained to user revocation minimal for sensor nodes. Feasibility of the scheme is demonstrated by experiments on real sensor platforms

Secure data aggregation in IoT using Efficient-CSDA

In recent days, IoT has been widely accepted and WSN (Wireless Sensor network) is being used for variety of the applications such as transportation, medical, environmental, military, it moreover the main aim to deploy the WSN is to collect the data about the given set of phenomena. The common task of WSN is to sense the data and send over the network. Moreover, due to the various purpose such as statistical analysis, the data aggregation is required.  However, the when the dynamic network topology is considered, it is considered to be the very difficult task to provide the secure and efficient data aggregation. The main issue here is to ensure the security and accuracy of the data aggregation. Hence, in this research we have proposed an algorithm named as E-SDA (Efficient Secure Data Aggregation) in order to provide the secure data. In this, the algorithm provides the flexibility to detect the dishonest honest through neighbor monitoring. Later, extensive simulation has been done in order to prove the convergence of our algorithm

Secure Equality Test Technique Using Identity-Based Signcryption for Telemedicine Systems

For telemedicine, wireless body area network (WBAN) offers enormous benefits where a patient can be remotely monitored without compromising the mobility of remote treatments. With the advent of high capacity and reliable wireless networks, WBANs are used in several remote monitoring systems, limiting the COVID-19 spread. The sensitivity of telemedicine applications mandates confidentiality and privacy requirements. In this article, we propose a secure WBAN-19 telemedicine system to overcome the pervasiveness of contagious deceases utilizing a novel aggregate identity-based signcryption scheme with an equality test feature. We demonstrate a security analysis regarding indistinguishable adaptive chosen-ciphertext attack (IND-CCA2), one-way security against adaptive chosen-ciphertext attack (OW-CCA2), and unforgeability against adaptive chosen-message attack (EUF-CMA) under the random oracle model. The security analysis of the scheme is followed by complexity evaluations where the computation cost and communication overhead are measured. The evaluation demonstrates that the proposed model is efficient and applicable in telemedicine systems with high-performance capacities

Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V