ShortPK: A short-term public key scheme for broadcast authentication in sensor networks

Broadcast authentication is an important functionality in sensor networks. Energy constraints on sensor nodes and the real-time nature of the broadcasts render many of the existing solutions impractical: previous works focusing primarily on symmetric key schemes have difficulties in achieving real-time authentication. Public Key Cryptography (PKC), however, can satisfy the real-time requirements, and recent trends indicate that public key is becoming feasible for sensor networks. However, PKC operations are still expensive computations. It is impractical to use PKC in the conventional ways for broadcast authentication in sensor networks. To reduce costs, we propose ShortPK, an efficient Short-term Public Key broadcast authentication scheme. The basic idea is to use short-length public/private keys, but limit their lifetime to only a short period of time. To cover a long period of time, we need to use many public/private key pairs; distributing these public keys to sensors is a challenging problem. We describe a progressive key distribution scheme that is secure, efficient, and packet-loss resilient. We compare our scheme with the traditional 160-bit ECC public key schemes, and show that our scheme can achieve a significant improvement on energy consumption.

[1]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[2]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, CRYPTO.

[3]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[4]  Rosario Gennaro,et al.  How to Sign Digital Streams , 1997, Inf. Comput..

[5]  Mihail L. Sichitiu,et al.  Simple, accurate time synchronization for wireless sensor networks , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[6]  L. Washington Elliptic Curves: Number Theory and Cryptography , 2003 .

[7]  Johannes Blömer,et al.  Low Secret Exponent RSA Revisited , 2001, CaLC.

[8]  Christian P̈uhringer,et al.  High Speed Elliptic Curve Cryptography Processor for GF (p) , 2005 .

[9]  Michael J. Wiener,et al.  Cryptanalysis of short RSA secret exponents , 1990, IEEE Trans. Inf. Theory.

[10]  Boaz Patt-Shamir,et al.  Optimal and efficient clock synchronization under drifting clocks , 1999, PODC '99.

[11]  Peng Ning,et al.  An efficient scheme for authenticating public keys in sensor networks , 2005, MobiHoc '05.

[12]  A. Atkin,et al.  ELLIPTIC CURVES AND PRIMALITY PROVING , 1993 .

[13]  Paul J. M. Havinga Energy efficiency of error correction on wireless systems , 1999, WCNC.

[14]  Christos D. Zaroliagis,et al.  On the Efficient Generation of Elliptic Curves over Prime Fields , 2002, CHES.

[15]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[16]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[17]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1991, STOC '91.

[18]  Xiaoyun Wang,et al.  Efficient Collision Search Attacks on SHA-0 , 2005, CRYPTO.

[19]  Adrian Perrig,et al.  The BiBa one-time signature and broadcast authentication protocol , 2001, CCS '01.

[20]  Shreyas Sundaram,et al.  A public-key cryptographic processor for RSA and ECC , 2004 .

[21]  Dawn Xiaodong Song,et al.  Expander graphs for digital stream authentication and robust overlay networks , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[22]  Viktor K. Prasanna,et al.  Energy-Balanced Task Allocation for Collaborative Processing in Wireless Sensor Networks , 2005, Mob. Networks Appl..

[23]  D. Shanks Class number, a theory of factorization, and genera , 1971 .

[24]  Dan Boneh,et al.  Cryptanalysis of RSA with private key d less than N0.292 , 1999, IEEE Trans. Inf. Theory.

[25]  P.J.M. Hayinga Energy efficiency of error correction on wireless systems , 1999, WCNC. 1999 IEEE Wireless Communications and Networking Conference (Cat. No.99TH8466).

[26]  Vipul Gupta,et al.  A public-key cryptographic processor for RSA and ECC , 2004, Proceedings. 15th IEEE International Conference on Application-Specific Systems, Architectures and Processors, 2004..

[27]  Simon S. Lam,et al.  Digital signatures for flows and multicasts , 1998, Proceedings Sixth International Conference on Network Protocols (Cat. No.98TB100256).

[28]  YuYang,et al.  Energy-balanced task allocation for collaborative processing in wireless sensor networks , 2005 .

[29]  D. Boneh Cryptanalysis of RSA with Private Key d Less Than N 0 , 1999 .

[30]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[31]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[32]  Bruce Schneier,et al.  Building PRFs from PRPs , 1998, CRYPTO.

[33]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[34]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[35]  Richard Han,et al.  TSync: a lightweight bidirectional time synchronization service for wireless sensor networks , 2004, MOCO.

[36]  Jessica Staddon,et al.  Graph-based authentication of digital streams , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[37]  Johannes Wolkerstorfer Hardware Aspects of Elliptic Curve Cryptography , 2004 .

[38]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[39]  Pankaj Rohatgi,et al.  A compact and fast hybrid signature scheme for multicast packet authentication , 1999, CCS '99.

[40]  Philippe Golle,et al.  Authenticating Streamed Data in the Presence of Random Packet Loss , 2001, NDSS.

[41]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[42]  S.A Vanstone Next generation security for wireless: elliptic curve cryptography , 2003, Comput. Secur..

[43]  D. Boneh,et al.  Cryptanalysis of RSA with Private Key Less Than , 2000 .

[44]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[45]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[46]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1993, IEEE Trans. Inf. Theory.

[47]  Dan Boneh,et al.  Cryptanalysis of RSA with private key d less than N0.292 , 2000, IEEE Trans. Inf. Theory.

[48]  A. Atkin,et al.  ELLIPTIC CURVES AND PRIMALITY PROVING , 1993 .