Twisted Edwards-Form Elliptic Curve Cryptography for 8-bit AVR-based Sensor Nodes

Wireless Sensor Networks (WSNs) pose a number of unique security challenges that demand innovation in several areas including the design of cryptographic primitives and protocols. Despite recent progress, the efficient implementation of Elliptic Curve Cryptography (ECC) for WSNs is still a very active research topic and techniques to further reduce the time and energy cost of ECC are eagerly sought. This paper presents an optimized ECC implementation that we developed from scratch to comply with the severe resource constraints of 8-bit sensor nodes such as the MICAz and IRIS motes. Our ECC software uses Optimal Prime Fields (OPFs) as underlying algebraic structure and supports two different families of elliptic curves, namely Weierstraß-form and twisted Edwards-form curves. Due to the combination of efficient field arithmetic and fast group operations, we achieve an execution time of 5.8*10^6 clock cycles for a full 158-bit scalar multiplication on an 8-bit ATmega128 microcontroller, which is 2.78 times faster than the widely-used TinyECC library. Our implementation also shows that the energy cost of scalar multiplication on a MICAz (or IRIS) mote amounts to just 19 mJ when using a twisted Edwards curve over a 160-bit OPF. This result compares fairly well with the energy figures of two recently-presented hardware designs of ECC based on twisted Edwards curves

An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations

With the expansion of wireless sensor networks (WSNs), the need for securing the data flow through these networks is increasing. These sensor networks allow for easy-to-apply and flexible installations which have enabled them to be used for numerous applications. Due to these properties, they face distinct information security threats. Security of the data flowing through across networks provides the researchers with an interesting and intriguing potential for research. Design of these networks to ensure the protection of data faces the constraints of limited power and processing resources. We provide the basics of wireless sensor network security to help the researchers and engineers in better understanding of this applications field. In this chapter, we will provide the basics of information security with special emphasis on WSNs. The chapter will also give an overview of the information security requirements in these networks. Threats to the security of data in WSNs and some of their counter measures are also presented

Energy-efficient implementation of ECDH key exchange for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are playing a vital role in an ever-growing number of applications ranging from environmental surveillance over medical monitoring to home automation. Since WSNs are often deployed in unattended or even hostile environments, they can be subject to various malicious attacks, including the manipulation and capture of nodes. The establishment of a shared secret key between two or more individual nodes is one of the most important security services needed to guarantee the proper functioning of a sensor network. Despite some recent advances in this field, the efficient implementation of cryptographic key establishment for WSNs remains a challenge due to the resource constraints of small sensor nodes such as the MICAz mote. In this paper we present a lightweight implementation of the elliptic curve Diffie-Hellman (ECDH) key exchange for ZigBee-compliant sensor nodes equipped with an ATmega128 processor running the TinyOS operating system. Our implementation uses a 192-bit prime field specified by the NIST as underlying algebraic structure and requires only 5.20 middot 10/sup 6/ clock cycles to compute a scalar multiplication if the base point is fixed and known a priori. A scalar multiplication using a random base point takes about 12.33 middot 106 cycles. Our results show that a full ECDH key exchange between two MICAz motes consumes an energy of 57.33 mJ (including radio communication), which is significantly better than most previously reported ECDH implementations on comparable platforms.Anglai

Energy-Efficient Implementation of ECDH Key Exchange for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are playing a vital role in an ever-growing number of applications ranging from environmental surveillance over medical monitoring to home automation. Since WSNs are often deployed in unattended or even hostile environments, they can be subject to various malicious attacks, including the manipulation and capture of nodes. The establishment of a shared secret key between two or more individual nodes is one of the most important security services needed to guarantee the proper functioning of a sensor network. Despite some recent advances in this field, the efficient implementation of cryptographic key establishment for WSNs remains a challenge due to the resource constraints of small sensor nodes such as the MICAz mote. In this paper we present a lightweight implementation of the elliptic curve Diffie-Hellman (ECDH) key exchange for ZigBee-compliant sensor nodes equipped with an ATmega128 processor running the TinyOS operating system. Our implementation uses a 192-bit prime field specified by the NIST as underlying algebraic structure and requires only 5.20·10^6 clock cycles to compute a scalar multiplication if the base point is fixed and known a priori. A scalar multiplication using a random base point takes about 12.33·10^6 cycles. Our results show that a full ECDH key exchange between two MICAz motes consumes an energy of 57.33 mJ (including radio communication), which is significantly better than most previously reported ECDH implementations on comparable platforms

Designing Flexible, Energy Efficient and Secure Wireless Solutions for the Internet of Things

The Internet of Things (IoT) is an emerging concept where ubiquitous physical objects (things) consisting of sensor, transceiver, processing hardware and software are interconnected via the Internet. The information collected by individual IoT nodes is shared among other often heterogeneous devices and over the Internet. This dissertation presents flexible, energy efficient and secure wireless solutions in the IoT application domain. System design and architecture designs are discussed envisioning a near-future world where wireless communication among heterogeneous IoT devices are seamlessly enabled. Firstly, an energy-autonomous wireless communication system for ultra-small, ultra-low power IoT platforms is presented. To achieve orders of magnitude energy efficiency improvement, a comprehensive system-level framework that jointly optimizes various system parameters is developed. A new synchronization protocol and modulation schemes are specified for energy-scarce ultra-small IoT nodes. The dynamic link adaptation is proposed to guarantee the ultra-small node to always operate in the most energy efficiency mode, given an operating scenario. The outcome is a truly energy-optimized wireless communication system to enable various new applications such as implanted smart-dust devices. Secondly, a configurable Software Defined Radio (SDR) baseband processor is designed and shown to be an efficient platform on which to execute several IoT wireless standards. It is a custom SIMD execution model coupled with a scalar unit and several architectural optimizations: streaming registers, variable bitwidth, dedicated ALUs, and an optimized reduction network. Voltage scaling and clock gating are employed to further reduce the power, with a more than a 100% time margin reserved for reliable operation in the near-threshold region. Two upper bound systems are evaluated. A comprehensive power/area estimation indicates that the overhead of realizing SDR flexibility is insignificant. The benefit of baseband SDR is quantified and evaluated. To further augment the benefits of a flexible baseband solution and to address the security issue of IoT connectivity, a light-weight Galois Field (GF) processor is proposed. This processor enables both energy-efficient block coding and symmetric/asymmetric cryptography kernel processing for a wide range of GF sizes (2^m, m = 2, 3, ..., 233) and arbitrary irreducible polynomials. Program directed connections among primitive GF arithmetic units enable dynamically configured parallelism to efficiently perform either four-way SIMD GF operations, including multiplicative inverse, or a long bit-width GF product in a single cycle. This demonstrates the feasibility of a unified architecture to enable error correction coding flexibility and secure wireless communication in the low power IoT domain.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/137164/1/yajchen_1.pd

Design and Evaluation of Security Mechanism for Routing in MANETs. Elliptic Curve Diffie-Hellman cryptography mechanism to secure Dynamic Source Routing protocol (DSR) in Mobile Ad Hoc Network (MANET).

Ensuring trustworthiness through mobile nodes is a serious issue. Indeed, securing the routing protocols in Mobile Ad Hoc Network (MANET) is of paramount importance. A key exchange cryptography technique is one such protocol. Trust relationship between mobile nodes is essential. Without it, security will be further threatened. The absence of infrastructure and a dynamic topology changing reduce the performance of security and trust in mobile networks. Current proposed security solutions cannot cope with eavesdroppers and misbehaving mobile nodes. Practically, designing a key exchange cryptography system is very challenging. Some key exchanges have been proposed which cause decrease in power, memory and bandwidth and increase in computational processing for each mobile node in the network consequently leading to a high overhead. Some of the trust models have been investigated to calculate the level of trust based on recommendations or reputations. These might be the cause of internal malicious attacks. Our contribution is to provide trustworthy communications among the mobile nodes in the network in order to discourage untrustworthy mobile nodes from participating in the network to gain services. As a result, we have presented an Elliptic Curve Diffie-Hellman key exchange and trust framework mechanism for securing the communication between mobile nodes. Since our proposed model uses a small key and less calculation, it leads to a reduction in memory and bandwidth without compromising on security level. Another advantage of the trust framework model is to detect and eliminate any kind of distrust route that contain any malicious node or suspects its behavior

Design and Evaluation of Security Mechanism for Routing in MANETs. Elliptic Curve Diffie-Hellman cryptography mechanism to secure Dynamic Source Routing protocol (DSR) in Mobile Ad Hoc Network (MANET).

Ensuring trustworthiness through mobile nodes is a serious issue. Indeed, securing the routing protocols in Mobile Ad Hoc Network (MANET) is of paramount importance. A key exchange cryptography technique is one such protocol. Trust relationship between mobile nodes is essential. Without it, security will be further threatened. The absence of infrastructure and a dynamic topology changing reduce the performance of security and trust in mobile networks. Current proposed security solutions cannot cope with eavesdroppers and misbehaving mobile nodes. Practically, designing a key exchange cryptography system is very challenging. Some key exchanges have been proposed which cause decrease in power, memory and bandwidth and increase in computational processing for each mobile node in the network consequently leading to a high overhead. Some of the trust models have been investigated to calculate the level of trust based on recommendations or reputations. These might be the cause of internal malicious attacks. Our contribution is to provide trustworthy communications among the mobile nodes in the network in order to discourage untrustworthy mobile nodes from participating in the network to gain services. As a result, we have presented an Elliptic Curve Diffie-Hellman key exchange and trust framework mechanism for securing the communication between mobile nodes. Since our proposed model uses a small key and less calculation, it leads to a reduction in memory and bandwidth without compromising on security level. Another advantage of the trust framework model is to detect and eliminate any kind of distrust route that contain any malicious node or suspects its behavior

Contribution à la sécurité des communications des réseaux de capteurs sans fil

Les réseaux de capteurs sans fil (RCSF) sont devenus un thème porteur aussi bien pour la recherche académique que pour les activités des services de R&D en raison de leur simplicité de déploiement et de leur potentiel applicatif dans des domaines très variés (militaire, environnemental, industriel). Un RCSF est composé d'un ensemble de noeuds devant être opérationnels et autonomes énergétiquement pour de longues périodes. De ce fait ils sont limités en capacité mémoire et de calcul, et contraint à exploiter une faible puissance de transmission, ce qui en limite leur portée et rend leur débit modeste. Le besoin de sécuriser les communications dans un RCSF dépend de la criticité des données échangées pour l'application supportée. La solution doit reposer sur des échanges sûrs, confidentiels et fiables. Pour assurer la sécurisation des échanges, des techniques de cryptographie existent dans la littérature. Conçues à l'origine pour des réseaux informatiques majoritairement câblés, elles se basent généralement sur des algorithmes complexes et gourmands en ressource. Dans le cadre de cette thèse, nous avons proposé, implémenté et évalué une architecture sécurisée et dynamique adaptée aux communications des RCSF. Elle permet de garantir et de maintenir la sécurité des communications durant toute la durée de vie d'un réseau multi-saut. Nous avons utilisé et adapté des algorithmes standards de cryptographie, tels que AES-CTR et la suite d'algorithmes basée sur ECC, qui permettent à notre architecture de résister à la majorité d'attaques. Nous avons quantifié le surcoût en temps de calcul et en occupation mémoire de notre solution. Les résultats d implémentation de notre proposition sont issus de mesures réelles faites sur une maquette réalisée à partir de cartes TelosB.Wireless sensor networks (WSNs) have become an attractive topic for both academic research and the activity of R&D services due to their simple deployment and their potential of application in varied fields (military, environmental, industrial). A WSN is composed of a set of nodes that are supposed to operate and to be energetically autonomous for long durations. Thus, they are limited in memory and computing capacities, and constrained to function in a low-power transmission mode which limit their communication range and leave them with low data rates.The need to secure communications in a WSN depends on the criticality of the exchanged data for the supported application. The solution must be based on safe, confidential and reliable exchanges. To ensure the security of exchanges, cryptographic techniques exist in the literature. Originally designed for mostly wired computer networks, they are usually based on complex and resource-consuming algorithms. In this thesis, we have proposed, implemented and evaluated a secure and dynamic architecture suitable for WSNs communications. It ensures and maintains secured communications throughout the lifetime of a multi-hop network. We have used and adapted standard cryptographic algorithms, such as AES-CTR and algorithms based on ECC cipher suites, which allow our architecture to resist against most attacks. We have quantified the overhead of our solution in terms of computation time and memory occupancy. The results of implementation of our proposal are obtained through real measurements on testbeds using TelosB motes.CLERMONT FD-Bib.électronique (631139902) / SudocSudocFranceF