On the Performance and Use of a Space-Efficient Merkle Tree Traversal Algorithm in Real-Time Applications for Wireless and Sensor Networks

With the advance of technology, Public key cryptography (PKC) will be used - sooner or later - in wireless and sensor applications not only to provide security services like authentication, integrity and non-repudiation on the data provided, but also to achieve a perfect connectivity and a perfect resilience in large-scale wireless and sensor networks. One of the weak points of PKC is its performance, and because of this reason several authentication approaches use efficient structures, like the Merkle hash trees (MHT), which are combined with the traditional PKC operations to produce secure but also time-efficient authentication solutions.This paper investigates the performance of a popular algorithm for traversal of large MHTs authored by M. Szydlo and demonstrates that several other parameters (not just the CPU processor) need to be taken into consideration when designing applications that use MHTs, like the signing time, the hash time, the depth of the MHT and the space available, since they impact directly on the performance of the overall application. Moreover, we construct two models to simulate the behaviour of a device that uses Szydlo's algorithm to authenticate large amounts of data, like a real-time data flow. We chose Szydlo's algorithm because it saves more space than other MHT traversal algorithms and we assumed that in our case study the space (and not necessarily the CPU power) is the resource to be considered critical.

[1]  Marek Karpinski,et al.  Optimal trade-off for merkle tree traversal , 2005, ICETE.

[2]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[3]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[4]  Peng Ning,et al.  An efficient scheme for authenticating public keys in sensor networks , 2005, MobiHoc '05.

[5]  Bülent Yener,et al.  Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks , 2004, IEEE/ACM Transactions on Networking.

[6]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[7]  Paul C. Kocher On Certificate Revocation and Validation , 1998, Financial Cryptography.

[8]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1999, TNET.

[9]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[10]  Markus Jakobsson,et al.  Fractal Merkle Tree Representation and Traversal , 2003, CT-RSA.

[11]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[12]  Frank Mueller,et al.  Analyzing and modeling encryption overhead for sensor network nodes , 2003, WSNA '03.

[13]  Michael Szydlo,et al.  Merkle Tree Traversal in Log Space and Time , 2004, EUROCRYPT.

[14]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.