Prototyping Telematic Services in a Wireless Vehicular Mesh Network Environment

International audienceNext generation telematic services are expected to play a key role in future automotive applications. In order to achieve strong integration between the services and the underlying network infrastructure there is a need for both simulation and emulation of the entire system. This paper presents a combined simulation and emulation approach for telematic services prototyping in an emulated wireless vehicular mesh networking environment. The ns-3 wireless mesh model, SUMO vehicular mobility model and different telematic services are integrated to demonstrate high scalability and flexibility of the proposed approach

Low-Weight Primes for Lightweight Elliptic Curve Cryptography on 8-bit AVR Processors

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to wireless sensor nodes. Many of these applications require asymmetric encryption or authentication, which has spurred a body of research into implementation aspects of Elliptic Curve Cryptography (ECC) on the AVR platform. In this paper, we study the suitability of a special class of finite fields, the so-called Optimal Prime Fields (OPFs), for a "lightweight" implementation of ECC with a view towards high performance and security. An OPF is a finite field Fp defined by a prime of the form p = u*2^k + v, whereby both u and v are "small" (in relation to 2^k) so that they fit into one or two registers of an AVR processor. OPFs have a low Hamming weight, which allows for a very efficient implementation of the modular reduction since only the non-zero words of p need to be processed. We describe a special variant of Montgomery multiplication for OPFs that does not execute any input-dependent conditional statements (e.g. branch instructions) and is, hence, resistant against certain side-channel attacks. When executed on an Atmel ATmega processor, a multiplication in a 160-bit OPF takes just 3237 cycles, which compares favorably with other implementations of 160-bit modular multiplication on an 8-bit processor. We also describe a performance-optimized and a security-optimized implementation of elliptic curve scalar multiplication over OPFs. The former uses a GLV curve and executes in 4.19M cycles (over a 160-bit OPF), while the latter is based on a Montgomery curve and has an execution time of approximately 5.93M cycles. Both results improve the state-of-the-art in lightweight ECC on 8-bit processors

MoTE-ECC: Energy-Scalable Elliptic Curve Cryptography for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are susceptible to a wide range of malicious attacks, which has stimulated a body of research on "light-weight" security protocols and cryptographic primitives that are suitable for resource-restricted sensor nodes. In this paper we introduce MoTE-ECC, a highly optimized yet scalable ECC library for Memsic's MICAz motes and other sensor nodes equipped with an 8-bit AVR processor. MoTE-ECC supports scalar multiplication on Montgomery and twisted Edwards curves over Optimal Prime Fields (OPFs) of variable size, e.g. 160, 192, 224, and 256 bits, which allows for various trade-offs between security and execution time (resp. energy consumption). OPFs are a special family of "low-weight" prime fields that, in contrast to the NIST-specified fields, facilitate a parameterized implementation of the modular arithmetic so that one and the same software function can be used for operands of different length. To demonstrate the performance of MoTE-ECC, we take (ephemeral) ECDH key exchange between two nodes as example, which requires each node to execute two scalar multiplications. The first scalar multiplication is performed on a fixed base point (to generate a key pair), whereas the second scalar multiplication gets an arbitrary point as input. Our implementation uses a fixed-base comb method on a twisted Edwards curve for the former and a simple ladder approach on a birationally-equivalent Montgomery curve for the latter. Both scalar multiplications require about 9*10^6 clock cycles in total and occupy only 380 bytes in RAM when the underlying OPF has a length of 160 bits. We also describe our efforts to harden MoTE-ECC against side-channel attacks (e.g. simple power analysis) and introduce a highly regular implementation of the comb method

Don't hesitate to share! A novel IoT data protection scheme based on BGN cryptosystem

In cloud-based Internet of Things (IoT), sharing of data with third-party services and other users, inherently incurs potential risk and leads to unique security and privacy concerns. Existing cryptographic solutions ensure the security of IoT data, but due to their significant computational overhead, most of them are not suitable for resource-constrained IoT devices. To address these concerns, we propose a data protection system to store encrypted IoT data in a cloud while still allowing query processing over the encrypted data. More importantly, our proposed system features a novel encrypted data sharing scheme based on Boneh-Goh-Nissim (BGN) cryptosystem, with revocation capabilities and in-situ key update. We perform exhaustive experiments on real datasets, primarily to assess the feasibility of the proposed system on resource-constrained IoT devices. We next measure the computation overhead, storage overhead and throughput. The experimental results show that our system is not only feasible, but also provides a high level of security. Furthermore, the results show that our system is 34% more computationally faster, requires 25% less storage and 15% more throughput than the best performed system in the state-of-the-art

Vehicular Mesh Networks for Infotainment Content Delivery: the CarMesh Perspective

International audienc

Nanoecc: Testing The Limits Of Elliptic Curve Cryptography In Sensor Networks

By using Elliptic Curve Cryptography (ECC), it has been recently shown that Public-Key Cryptography (PKC) is indeed feasible on resource-constrained nodes. This feasibility, however, does not necessarily mean attractiveness, as the obtained results are still not satisfactory enough. In this paper, we present results on implementing ECC, as well as the related emerging field of Pairing-Based Cryptography (PBC), on two of the most popular sensor nodes. By doing that, we show that PKC is not only viable, but in fact attractive for WSNs. As far as we know pairing computations presented in this paper are the most efficient results on the MICA2 (8-bit/7.3828-MHz ATmega128L) and Tmote Sky (16-bit/8.192-MHz MSP-430) nodes. © 2008 Springer-Verlag Berlin Heidelberg.4913 LNCS305320Estrin, D., Govindan, R., Heidemann, J.S., Kumar, S., Next century challenges: Scalable coordination in sensor networks (1999) MobiCom 1999. Mobile Computing and Networking, pp. 263-270. , Seattle, WA USA, ppAkyildiz, I.F., Su, W., Sankarasubramaniam, Y., Cayirci, E., Wireless Sensor Networks: A survey (2002) Computer Networks, 38 (4), pp. 393-422Karlof, C., Wagner, D., Secure routing in Wireless Sensor Networks: Attacks and countermeasures. Elsevier's AdHoc Networks Journal, Special Issue on Sensor Network Applications and Protocols 293-315 (2003) (Also apeared in 1st IEEE International Workshop on Sensor Network Protocols and Applications)Wood, A.D., Stankovic, J.A., Denial of service in sensor networks (2002) IEEE Computer, 35 (10), pp. 54-62Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: Security protocols for sensor networks. Wireless Networks 8(5), 521-534 (2002) (Also appeared in MobiCom 2001)Karlof, C., Sastry, N., Wagner, D., Tinysec: A link layer security architecture for Wireless Sensor Networks (2004) 2nd ACM SensSys, pp. 162-175Watro, R.J., Kong, D., fen Cuti, S., Gardiner, C., Lynn, C., Kruus, P., Tinypk: Securing sensor networks with public key technology (2004) SASN 2004. 2nd ACM Workshop on Security of ad hoc and Sensor Networks, pp. 59-64. , Washington, DC, ppGura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, 3156, pp. 119-132. Springer, Heidelberg (2004)Malan, D.J., Welsh, M., Smith, M.D., A Public-Key Infrastructure for key distribution in TinyOS based on Elliptic Curve Cryptography (2004) SECON 2004. 1st IEEE Intl' Conf. on Sensor and Ad Hoc Communications and NetworksOliveira, L.B., Aranha, D., Morais, E., Daguano, F., López, J., Dahab, R., Tiny-Tate: Computing the TinyTate in resource-constrained nodes (2007) 6th IEEE International Symposium on Network Computing and Applications, , Cambridge,MAMiller, V., Uses of elliptic curves in cryptography, advances in cryptology (1986) LNCS, 218, pp. 417-426. , Williams, H.C, ed, CRYPTO 1985, Springer, HeidelbergKoblitz, N., Elliptic curve cryptosystems (1987) Mathematics of computation, 48, pp. 203-209Scott, M.: MIRACL - A Multiprecision Integer and Rational Arithmetic C/C++ Library. Shamus Software Ltd, Dublin, Ireland (2003), http://www.shamus.ieZhou, L., Haas, Z.J., Securing Ad Hoc Networks (1999) IEEE Network, 13 (6), pp. 24-30Hubaux, J.P., Buttyán, L., Capkun, S., The quest for security in mobile ad hoc networks (2001) 2nd ACM international symposium on Mobile ad hoc networking & computing, pp. 146-155. , ACM Press, New YorkEschenauer, L., Gligor, V.D., A key management scheme for distributed sensor networks (2002) CCS 2002. 9th ACM conf. on Computer and communications security, pp. 41-47Zhu, S., Setia, S., Jajodia, S., LEAP: Efficient security mechanisms for large-scale distributed sensor networks (2003) CCS 2003. 10th ACM conference on Computer and communication security, pp. 62-72. , ACM Press, New YorkPietro, R.D., Mancini, L.V., Mei, A., Random key-assignment for secure Wireless Sensor Networks (2003) SASN 2003. 1st ACM workshop on Security of ad hoc and sensor networks, pp. 62-71Kannan, R., Ray, L., Durresi, A.: Security-performance tradeoffs of inheritance based key predistribution for Wireless Sensor Networks. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, 3313, Springer, Heidelberg (2005)Çamtepe, S.A., Yener, B.: Combinatorial design of key distribution mechanisms for Wireless Sensor Networks. In: Samarati, P., Ryan, P.Y A, Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, 3193, pp. 293-308. Springer, Heidelberg (2004)Liu, D., Ning, P., Li, R.: Establishing pairwise keys in distributed sensor networks. ACM Transactions on Information and System Security (TISSEC) 8(1), 41-77 (2005)(Also appeared in ACM CCS 2003)Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: A pairwise key pre-distribution scheme for Wireless Sensor Networks. ACM Transactions on Information and System Security 8(2), 228-258 (2005) (Also appeared in ACM CCS 2003)Oliveira, L.B., Wong, H.C., Dahab, R., Loureiro, A.A.F., On the design of secure protocols for hierarchical sensor networks (2007) International Journal of Networks and Security (IJSN) 2(3/4), pp. 216-227. , Special Issue on Cryptography in NetworksOliveira, L.B., Ferreira, A., cca, M.A.V., Wong, H.C., Bern, M., Dahab, R., Loureiro, A.A.F., Secleach-on the security of clustered sensor networks (2007) Signal Process, 87 (12), pp. 2882-2895Hwang, J., Kim, Y., Revisiting random key pre-distribution schemes for Wireless Sensor networks (2004) 2nd ACM workshop on Security of ad hoc and sensor networks, pp. 43-52. , ACM Press, New Yorkhttp://discovery.csc.ncsu.edu/software/TinyECC, Liu, A, Kampanakis, P, Ning, P, Tinyecc: Elliptic Curve Cryptography for sensor networks ver. 0.3, 2007Guajardo, J., Bluemel, R., Krieger, U., Paar, C.: Efficient implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x family of microcontrollers. In: Kim, K.-c. (ed.) PKC 2001. LNCS, 1992, Springer, Heidelberg (2001)Wang, H., Sheng, B., Li, Q., Elliptic Curve Cryptography based access control in sensor networks. International Journal of Security and Networks (IJSN) (2006) Special Issue on Security Issues on Sensor Networks 1(3/4), pp. 127-137Polastre, J., Szewczyk, R., Culler, D., Telos: Enabling ultra-low power wireless research (2005) IPSN 2005. 4th international symposium on Information processing in sensor networks, p. 48. , IEEE Press, Piscataway, NJ, USAZhang, Y., Liu, W., Lou, W., Fang, Y., Securing sensor networks with location-based keys (2005) WCNC 2005. IEEE Wireless Communications and Networking ConferenceOliveira, L.B., Dahab, R.: Pairing-based cryptography for sensor networks. In: 5th IEEE International Symposium on Network Computing and Applications, Cambridge, MA (fast abstract) (2006)Doyle, B., Bell, S., Smeaton, A.F., McCusker, K., O'Connor, N., Security considerations and key negotiation techniques for power constrained sensor networks (2006) The Computer Journal, 49 (4), pp. 443-453McCusker, K., O'Connor, N., Diamond, D., Low-energy finite field arithmetic primitives for implementing security in Wireless Sensor Networks (2006) 2006 Intl. Conf. on Communications, Circuits and systems. Computer, Optical and BroadbandCommunicationsComputational Intelligence, 3, pp. 1537-1541Bellare, M., Namprempre, C., Neven, G., Unrestricted aggregate signatures. Cryptology ePrint Archive (2006), http://eprint.iacr.org, Report 2006/285Oliveira, L.B., Dahab, R., Lopez, J., Daguano, F., Loureiro, A.A.F., Identity-based encryption for sensor networks (2007) PERCOMW 2007. 5th IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 290-294Segars, S., ARM7TDMI power consumption (1997) IEEE Micro, 17 (4), pp. 12-19López, J., Dahab, R., An overview of Elliptic Curve Cryptography (2000), Technical Report IC-00-10, Institute of Computing, UNIAMPMenezes, A., Okamoto, T., Vanstone, S., Reducing elliptic curve logarithms to logarithms in a finite field (1993) IEEE Transactions on Information Theory, 39 (5), pp. 1639-1646Sakai, R., Ohgishi, K., Kasahara, M., CryptoSystems based on pairing (2000) SCIS 2000. Symposium on Cryptography and Information Security, pp. 26-28Joux, A.: A one round protocol for tripartite diffie-hellman. J. Cryptology 17(4), 263-276 (2004) (Proceedings of ANTS-IV, 2000)Galbraith, S., Pairings, Advances in Elliptic Curve Cryptography (2005) London Mathematical Society Lecture Notes, pp. 183-213. , Blake, I, Seroussi, C, Smart, N, eds, Cambridge University Press, Cambridge(2006) ATmegal28(L) datasheet, , http://www.atmel.comTl, M.S.P., (2002) 430F1611, Datasheet, , http://www.ti.com41 Daggett Dr (2003) San Jose, CA 95134: MPR/MIB Mote Hardware Users Manual - Document 7430-0021-05, , Crossbow Technology, Inc(2006) Tmote Sky datasheet, , http://www.moteiv.comLevis, P., Madden, S., Polastre, J., Szewczyk, R., Whitehouse, K., Woo, A., Gay, D., Culler, D., TinyOS: An operating system for Wireless Sensor Networks (2004) Ambient Intelligence, , Weber, W, Rabaey, J, Aarts, E, eds, Springer, New YorkGay, D., Levis, P., von Behren, J.R., Welsh, M., Brewer, E.A., Culler, D.E., The nesC language: A holistic approach to networked embedded systems (2003) ACM Conf. on Programming Language Design and Implementation, pp. 1-11Scott, M., Szczechowiak, P., Optimizing multiprecision multiplication for Public Key Cryptography. Cryptology ePrint Archive (2007), Report 2007/299Hankerson, D., Menezes, A., Vanstone, S., (2004) Guide to Elliptic Curve Cryptography, , Springer. HeidelbergScott. M.: Optimal irreducible polynomials for GF(2m) arithmetic. Cryptology ePrint Archive, Report 2007/192 (2007)Scott, M., (2006) Implementing cryptographic pairingsBarreto, P.S.L.M., Galbraith, S., hEigeartaigh, C.O., Scott, M., Efficient pairing computation on supersingular abelian varieties (2006) Designs Codes And Cryptography, , Boston/Norwell USAScott, M.: Computing the Tate Pairing. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, 3376, pp. 293-304. Springer, Heidelberg (2005)Hess, F., Smart, N., Vercauteren, F., The Eta Pairing revisited (2006) IEEE Transactions on Information Theory, 52 (10), pp. 4595-4602Arazi, O., Qi, H., Load-balanced key establishment methodologies in Wireless Sensor Networks. International Journal of Security and Networks (IJSN) (2006) Special Issue on Security Issues on Sensor Networks 1(3/4), pp. 158-166Blaß, E.O., Zitterbart, M., Towards Acceptable Public-Key Encryption in Sensor Networks (2005) The 2nd Int'l Workshop on Ubiquitous Computing, ACM SIGMI

A forward & backward secure key management in wireless sensor networks for PCS/SCADA

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme