Public key cryptography in resource-constrained WSN

In this paper we present a detailed review of the works on public key cryptography (PKC) in wireless sensor networks (WSNs). In the early days of sensor networks, public key cryptography was thought to be completely unfeasible considering its computational complexity and energy requirements. By this time, several works have proved that the lightweight versions of many well-known public key algorithms can be utilized in WSN environment. With the expense of a little energy, public key based schemes could in fact be the best choice for ensuring data security in high-security demanding WSN applications. Here, we talk about the notion of public key cryptography in WSN, its applicability, challenges in its implementation, and present a detailed study of the significant works on PKC in WSN

S-PkSec: an asymmetric key based security management scheme for sensor network operation

This paper proposes a public key based management scheme for secure sensor network operation namely S-PkSec (Public Key Based Security for Sensor Networks) and emphasizes detailed comparison with some similar type of schemes. Although there was a wide held belief of the incompatibility of public key cryptographic (PKC) schemes for wireless sensor networks (WSNs), some recent works have shown that, PKC or asymmetric key based schemes could be implemented for such networks in some ways. The major challenge of employing a PKC scheme in sensor network is posed by the limitations of resources of the tiny sensors. Considering this feature of the sensors, we enhance our previous work [1] with some effective comparisons and energy analysis with other two established asymmetric key based protocols. S-PkSec comprises basically of two parts; a key handshaking scheme based on simple linear operations and the derivation of decryption key by a receiver node. S-PkSec allows both base-station-to-node or node-to-base-station secure communications, and node-to-node secure communications. Analysis and simulation results show that, our proposed architecture ensures a good level of security for communications in the network and could effectively be implemented using the limited computation, memory and energy budgets of the current generation sensor nodes

An asymmetric key-based security architecture for wireless sensor networks

In spite of previous common assumptions about the incompatibility of public key cryptography (PKC) schemes with wireless sensor networks (WSNs), recent works have shown that they can be utilized for such networks in some manner. The major challenge of employing a PKC-based scheme in a wireless sensor network is posed by the resource limitations of the tiny sensors. Considering this sensor feature, in this paper we propose an efficient PKC-based security architecture with relatively lower resource requirements than those of previously proposed PKC schemes for WSN. In addition, our scheme aims to provide robust security in the network. Our security architecture comprises two basic components; a key handshaking scheme based on simple, linear operations and the derivation of a decryption key by a receiver node. Our architecture enables node-to-base-station and node-to-node secure communications. Analysis and simulation results show that our proposed architecture ensures a good level of security for network communications, and can be effectively implemented with the limited computational, memory, and energy budgets of current-generation sensor nodes

Energy Efficient Hardware Design for Securing the Internet-of-Things

The Internet of Things (IoT) is a rapidly growing field that holds potential to transform our everyday lives by placing tiny devices and sensors everywhere. The ubiquity and scale of IoT devices require them to be extremely energy efficient. Given the physical exposure to malicious agents, security is a critical challenge within the constrained resources. This dissertation presents energy-efficient hardware designs for IoT security. First, this dissertation presents a lightweight Advanced Encryption Standard (AES) accelerator design. By analyzing the algorithm, a novel method to manipulate two internal steps to eliminate storage registers and replace flip-flops with latches to save area is discovered. The proposed AES accelerator achieves state-of-art area and energy efficiency. Second, the inflexibility and high Non-Recurring Engineering (NRE) costs of Application-Specific-Integrated-Circuits (ASICs) motivate a more flexible solution. This dissertation presents a reconfigurable cryptographic processor, called Recryptor, which achieves performance and energy improvements for a wide range of security algorithms across public key/secret key cryptography and hash functions. The proposed design employs circuit techniques in-memory and near-memory computing and is more resilient to power analysis attack. In addition, a simulator for in-memory computation is proposed. It is of high cost to design and evaluate new-architecture like in-memory computing in Register-transfer level (RTL). A C-based simulator is designed to enable fast design space exploration and large workload simulations. Elliptic curve arithmetic and Galois counter mode are evaluated in this work. Lastly, an error resilient register circuit, called iRazor, is designed to tolerate unpredictable variations in manufacturing process operating temperature and voltage of VLSI systems. When integrated into an ARM processor, this adaptive approach outperforms competing industrial techniques such as frequency binning and canary circuits in performance and energy.PHDElectrical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/147546/1/zhyiqun_1.pd

Adaptable Security in Wireless Sensor Networks by Using Reconfigurable ECC Hardware Coprocessors

Specific features of Wireless Sensor Networks (WSNs) like the open accessibility to nodes, or the easy observability of radio communications, lead to severe security challenges. The application of traditional security schemes on sensor nodes is limited due to the restricted computation capability, low-power availability, and the inherent low data rate. In order to avoid dependencies on a compromised level of security, a WSN node with a microcontroller and a Field Programmable Gate Array (FPGA) is used along this work to implement a state-of-the art solution based on ECC (Elliptic Curve Cryptography). In this paper it is described how the reconfiguration possibilities of the system can be used to adapt ECC parameters in order to increase or reduce the security level depending on the application scenario or the energy budget. Two setups have been created to compare the software- and hardware-supported approaches. According to the results, the FPGA-based ECC implementation requires three orders of magnitude less energy, compared with a low power microcontroller implementation, even considering the power consumption overhead introduced by the hardware reconfiguratio

Multi-point Security by a Multiplatform-compatible Multifunctional Authentication and Encryption Board

Securing the access in networks is a first-order concern that only gains importance with the advent of Internet of Things (IoT). In this paper, a security system is presented for password-free access over the secured link. It makes the connection faster than manual authentication and facilitates Machine-to-Machine (M2M) secure interactions, as required for IoT. The authentication procedure includes the exchange of certificate and challenge/response pairs, which are stored and computed in an external security coprocessor. The system enforces the authentication protocol, includes error detection, and handles multiple devices according to their Operating Systems (OS) through their connections/ disconnections. It also performs encryption, if necessary. It is applicable on application level for devices, including IoT based devices, sensors, Android, and iOS-based smartphones. The devices that have the correct certificate and can solve the challenge can connect to the network linked with the security system. The system security is hardened because the sensitive authentication elements such as keys, certificates, and challenge responses are invisible to users and are exchanged only using strong hashing algorithms that are irreversible. The proposed hardware security system can augment any supporting network, converting the entire insecure network into a secured one, as well as retrofit existing insecure Bluetooth devices for secure access. The system incurs low overhead in time and energy by performing security operations in an ASIC coprocessor, and can be shared to secure access to multiple devices, which reduces both energy and cost

Low-Latency ECDSA Signature Verification - A Road Towards Safer Traffic -

Car-to-car and Car-to-Infrastructure messages exchanged in Intelligent Transportation Systems can reach reception rates up to and over 1000 messages per second. As these messages contain ECDSA signatures this puts a very heavy load onto the verification hardware. In fact the load is so high that currently it can only be achieved by implementations running on high end CPUs and FPGAs. These implementations are far from cost-effective nor energy efficient. In this paper we present an ASIC implementation of a dedicated ECDSA verification engine that can reach verification rates of up to 27.000 verifications per second using only 1.034 kGE

Implementation of ECC on FPGA using Scalable Architecture With equal Data and Key for WSN

Security of data transferred on the Wireless Sensor Network is of vital importance. In public key cryptography RSA algorithm has been used for a long time, but it does not meet the constraints of WSNs. Elliptic Curve Cryptography(ECC) has been employed recently because of its highest security for same length bit. ECC point multiplication operation is time consuming which affects the speed of encryption and decryption of data. Security in WSNs is addressed in our work, where a modified ECC is designed by performing the point multiplication using Montgomery multiplication technique that achieves considerable speed and with reduced area utilization. The ECC is first simulated on different FPGA devices, with key length 11, 112, 131 and 163 bits and the area-speed tradeoff is compared. ECC algorithm is implemented with software and hardware choosing Artix 7 XC7a100t-3csg324 FPGA which supports key lengths of 11, 112, 131 and 163 bits. When implemented on a Artix 7 FPGA, it completes 163 bit data encryption operation over GF(2163 ) in 1ms with the maximum frequency of 229MHz. The ECC algorithm is reconfigurable with low level to high level security with different bit key sizes. The proposed ECC algorithm modeled using VHDL and synthesized on Spartan 3 and 6, Virtex 4, 5 and 6 and Artix7 before the hardware implementation on Atrix 7. The design satisfies the needs of resource constrained devices by decreasing the encryption and decryption time to 1 ms with equal keylength and datasize, while device utilization is within 13%