Chameleon: a Blind Double Trapdoor Hash Function for Securing AMI Data Aggregation

Data aggregation is an integral part of Advanced Metering Infrastructure (AMI) deployment that is implemented by the concentrator. Data aggregation reduces the number of transmissions, thereby reducing communication costs and increasing the bandwidth utilization of AMI. However, the concentrator poses a great risk of being tampered with, leading to erroneous bills and possible consumer disputes. In this paper, we propose an end-to-end integrity protocol using elliptic curve based chameleon hashing to provide data integrity and authenticity. The concentrator generates and sends a chameleon hash value of the aggregated readings to the Meter Data Management System (MDMS) for verification, while the smart meter with the trapdoor key computes and sends a commitment value to the MDMS so that the resulting chameleon hash value calculated by the MDMS is equivalent to the previous hash value sent by the concentrator. By comparing the two hash values, the MDMS can validate the integrity and authenticity of the data sent by the concentrator. Compared with the discrete logarithm implementation, the ECC implementation reduces the computational cost of MDMS, concentrator and smart meter by approximately 36.8%, 80%, and 99% respectively. We also demonstrate the security soundness of our protocol through informal security analysis

Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks

This chapter discusses the need of security and privacy protection mechanisms in aggregation protocols used in wireless sensor networks (WSN). It presents a comprehensive state of the art discussion on the various privacy protection mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA protocol and proposes a mechanism to plug that vulnerability. To demonstrate the need of security in aggregation process, the chapter further presents various threats in WSN aggregation mechanisms. A large number of existing protocols for secure aggregation in WSN are discussed briefly and a protocol is proposed for secure aggregation which can detect false data injected by malicious nodes in a WSN. The performance of the protocol is also presented. The chapter concludes while highlighting some future directions of research in secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table

Secure Hop-by-Hop Aggregation of End-to-End Concealed Data in Wireless Sensor Networks

In-network data aggregation is an essential technique in mission critical wireless sensor networks (WSNs) for achieving effective transmission and hence better power conservation. Common security protocols for aggregated WSNs are either hop-by-hop or end-to-end, each of which has its own encryption schemes considering different security primitives. End-to-end encrypted data aggregation protocols introduce maximum data secrecy with in-efficient data aggregation and more vulnerability to active attacks, while hop-by-hop data aggregation protocols introduce maximum data integrity with efficient data aggregation and more vulnerability to passive attacks. In this paper, we propose a secure aggregation protocol for aggregated WSNs deployed in hostile environments in which dual attack modes are present. Our proposed protocol is a blend of flexible data aggregation as in hop-by-hop protocols and optimal data confidentiality as in end-to-end protocols. Our protocol introduces an efficient O(1) heuristic for checking data integrity along with cost-effective heuristic-based divide and conquer attestation process which is $O(\ln{n})$ in average -O(n) in the worst scenario- for further verification of aggregated results

Improved Data Client Security of DAS Model Using CDAMA in Wireless Sensor Network

Abstract -Wireless sensor networks is different from that in commonsense mobile ad-hoc networks.CDA provides end-to-end security.ie. even though the sensed data are encrypted on the sensor nodes and not decrypted before the sink node In this paper, all the homomorphism encryption techniques and various attacks is categorized, but CDA schemes are not satisfy multi-application environments and not provide secure counting; so they may suffer unauthorized aggregation attacks Therefore, a new concealed data aggregation scheme based on homomorphism public encryption system. CDAMA is designed by using multiple points, each of which has different order. DAS model are the bandwidth overhead between the server and client The security of CDAMA are based on the hardness assumption of subgroup decision problem. To maintain data privacy , clients need to outsource their data to servers in encrypted form. So that time, clients must still be able to execute queries over encrypted data