Professional Documents
Culture Documents
2010 135
handshake and join the network if there is any report to 128 bits key length. Therefore the total energy cost of
send. µPKI handshake is 28, 46µJ.
The Sensor to Sensor handshake is less energy consum-
ing, since only one message needs to be send as a hand-
6 Analysis shake request and one message for receiving the session
key, added to the cost of decrypting the received message
6.1 Security Services to retrieve the session key sent by the base station. Thus,
Scalability. This propriety deals with network widening the total energy consumed is 3, 66µJ for the received and
is possible with µPKI, since µPKI manages the in- the sent data and 0, 039µJ for decrypting it which results
creasing number of sensor nodes by new handshakes on 3, 70µJ for the whole handshake.
and a new entry is created in the global table of the Compared to the energy cost of the simplified Ker-
base station to manage this connection. beros [11] and SSL [24] presented in Section 3, which are
respectively between 39, 6µJ and 47, 6µJ for simplified
Confidentiality. This aspect is ensured by the use of Kerberos [11] and 93,9µJ for simplified SSL [24] it seems
symmetric encryption to encrypt the exchanged traf- that µPKI is more energy saving, which makes it appli-
fic between the base station and sensors. The con- cable for WSN. In addition to this it also guaranties a
fidentiality is enforced using periodic key update to great threshold of security by using periodic key update
prevent long term attacks. and public key cryptography.
Authentication. In µPKI we have tried to ensure au-
thentication by using the public key cryptography at
the level of the base station the authority which needs
7 Conclusion
to be authenticated by sensors since all the WSN re- In this paper we have presented a Public Key Infrastruc-
ports are sent to this base station. Consequently, we ture for wireless sensor network called µPKI. µPKI tries
have ensured its authentication using a public key to solve the problem of security in WSN by the use of pub-
pre-installed in each deployed sensor. lic key cryptography as a tool for ensuring the authentic-
Integrity. The integrity in µPKI is ensured using MAC ity of the base station. µPKI is composed of two phases,
(Message authentication codes) computed and joined the first is the µPKI sensor to base station handshake in
to each sent packet between the base station and any which the base station and a given sensor node setup a
sensor over the network as well as between sensors if session key to secure end to end link between them, this
there is any communication. handshake is protected and authenticated using the pub-
lic key of the base station. The second phase is the use
of this session key for data encryption to ensure confiden-
6.2 Energy Cost Analysis of µPKI tiality and ensuring the integrity of the exchanged data
The energy cost of any key management scheme is deter- using the MAC joined to each packet. We have also pro-
mined by the energy required for the execution of crypto- posed sensor to sensor handshakes in order to establish
graphic primitives and the energy needed for transmitting secure tunnels between each two sensors; this handshake
the encrypted data. According to [24], the transmission is managed and supervised by the base station. For more
of a single byte of data requires 59, 2µJ and 28, 6µJ for security a periodic key update is defined for the session
reception. key. Compared to other PKI, µPKI is energy efficient and
As described above, two kinds of messages exist in gives a considerable threshold of security.
µPKI for both Base station to Sensor or Sensor to Sen-
sor handshake, the size of each message is between 64 to
256 bits (according to session key length), added to 256 References
bits which is the size of the underlying protocols data
checksum, node’s IDs and protocol headers. Thus, the [1] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and
maximum size of each µPKI packet is 512 bits, the en- E. Cayirci, “Wireless sensor networks: A survey,”
ergy needed for transmitting such packet is 3,78mJ and Computer Networks, vol. 38, no. 4, pp. 393-422, 2002.
1,83mJ for receiving it. [2] S. Basagni, K. Herrin, E. Rosti, and Danilo Bruschi,
As described in Section 5 for Base station to Sensor “Secure pebblenets,” Proceedings of the 2nd ACM in-
handshake a sensor needs to send one message to the base ternational symposium on Mobile ad hoc Networking
station containing the session key (3, 78µJ) and receive & Computing, pp. 156-163, 2001.
the Ok message sent by the base station (1, 83µJ), in ad- [3] H. Chan, A. Perrig, and D. Song, “Random key
dition to the cost of encrypting the session key using the predistribution schemes for sensor networks,” IEEE
public key of the base station which is 22, 82µJ accord- Symposium on Security and Privacy, pp. 197-213,
ing to [24], as well as the energy needed to decrypt the Berkeley, California, May 2003.
Ok message sent by the base station which is 0, 039µJ [4] Crossbow Technology Inc., Processor/Radio Mod-
according to [24] if the used algorithm is AES and using ules, 2008. (http://www.xbow.com/)
International Journal of Network Security, Vol.10, No.2, PP.135–141, Mar. 2010 141
[5] D. Culler, D. Estrin, and M. Srivastava, “Overview [19] O. Moussaoui and al, “Efficient saving in wireless
of sensor networks,” IEEE Computer Society, vol. 37, sensor networks through hierarchical-based cluster-
no. 8, pp. 41-49, 2004. ing,” Proceedings of the International IEEE Global
[6] A. K. Das, “An identity-ased random key pre- Information Infrastructure Symposium, pp. 226-229,
distribution scheme for direct key establishment to 2007.
prevent attacks in wireless sensor networks,” Inter- [20] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.
national Journal of Network Security, vol. 6, no. 2, D. Tygar, “SPINS: Security protocols for sensor net-
pp. 134-144, 2008. works,” Mobile Computing and Networking, pp. 189-
[7] L. Eschenauer, and V.D. Gligor, “A key-management 199, 2001.
scheme for distributed sensor networks,” Proceedings [21] A. Perrig, J. Stankovic, and D. Wagner, “Security
of the 9th ACM conference on Computer and Com- in wireless sensor networks,” Communications of the
munication Security, pp. 41-47, 2002. ACM, vol. 47, no. 6, pp. 53-57, 2004.
[8] C. F. G. Ehermandez, and al, “Wireless sensor net- [22] R. Ramanathan and J. Redi, “A brief overview of
works and applications,” International Journal of ad hoc networks: Challenges and directions,” IEEE
Computer Science and Network Security, vol. 7, no. Communications Magazine, vol. 40, no. 5, pp. 20-22,
3, pp. 264-273, Mar. 2007. 2002.
[9] N. Gura, A. Patel, A. Wander, H. Eberle, and S. [23] B. Schneier, Cryptographie App.liquée Algorithms,
C. Shantz, “Comparing elliptic curve cryptography Protocoles, 2nd Edition, Wiley, 2001.
and RSA on 8-bit CPUs,” Proceedings of the Sixth [24] A. S. Wander, N. Gura, H. Eberle, V. Gupta, and S.
Workshop on Cryptographic Hardware and Embedded C. Shantz, “Energy analysis of public-key cryptog-
Systems (CHES’04), pp. 119-132, 2004. raphy for wireless sensor networks,” Proceedings of
[10] D. Hankerson, A. Menezes, and S. Vanstone, Guide PerCom, pp. 324-328, 2005.
to Elliptic Curve Cryptography, Springer-Verlag New [25] R. Watro, D. Kong, S. Cuti, C. Gardiner, C. Lynn,
York, ISBN 0-387-95273-X, Inc. 2004. and P. Kruus, “Tinypk, securing sensor networks
[11] G. Johann, S. Alexander, and T. Stefan, “The en- with public key technology,” Proceedings of the 2nd
ergy cost of cryptographic key establishment,” Pro- ACM Workshop on Security of Ad Hoc and Sensor
ceedings of the 2nd ACM Symposium on Informa- Networks (SASN 04), pp. 59-64, 2004.
tion, Computer and Communications Security, pp. [26] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient se-
380-382, 2007. curity mechanisms for large-scale distributed sensor
[12] B. Kadri, A. Mhamed, and M. Feham, “Secured clus- networks,” ACM CCS 2003, pp. 62-72, 2003.
tering algorithm for mobile ad hoc networks,” Inter-
national Journal of Computer Science and Network Benamar Kadri received his engineer degrees in com-
Security, vol. 7, no. 3, pp. 27-34, Mar. 2007. puter science from the University of Tlemcen, Algeria in
[13] B. Kadri, M. Feham, and A. Mhamed, “A new man- 2004, and his M.S. degrees in networks and telecommu-
agement scheme of cluster based PKI for ad hoc net- nication systems within of the same University. Member
works using multi-signature,” Proceeding of the in- of STIC laboratory in the University of Tlemcen, his
ternational IEEE Global Information Infrastructure recent work is dealing with mobile wireless networks,
Symposium, pp. 167-172, 2007. their security, routing and management.
[14] C. Karlof, N. Sastry, and D. Wagner, “Tinysec A link
layer security architecture for wireless sensor net- Mohammed Feham received his PhD in Engineering
works,” Second ACM Conference on Embedded Net- in optical and microwave communications from the
worked Sensor Systems (SensSys 2004), pp. 162-175, university of Limoges, France in 1987, and his PhD
2004. in science from the university of Tlemcen, Algeria in
[15] J. T. Kohl, and B. C. Neuman, The Kerberos Net- 1996. Since 1987 he has been assistant professor and
work Authentication Service (Version 5), Internet professor of microwave and communication engineering
Engineering Task Force (IETF), Internet Draft RFC his research interest is in telecommunication systems and
1510, 1993. mobile networks.
[16] T. Landstra, S. Jagannathan, and M. Zawodniok,
“Energy-efficient hybrid key management protocol Abdallah M’hamed is an associate professor in Net-
for wireless sensor networks,” International Journal work security and dependability. He received his Doc-
of Network Security, vol. 9, no. 2, pp. 121-134, 2009. tor degree in dependability studies from the Technologi-
[17] D. Liu, and P. Ning, “Location-based pairwise key cal University of Compiegne, France. In 1990 he joined
establishments for relatively static sensor networks,” the National Institute of Telecommunications, in Evry
2003 ACM Workshop on Security of Ad Hoc and Sen- France. His current teaching activities are dealing with
sor Networks (SASN03), pp. 72-82, 2003. network security services, cryptographic protocols and ac-
[18] A. Mohaisen, D. Nyang, and K. Lee, “Hierarchical cess controls. Member of the Handicom laboratory, his
grid-based pairwise key pre-distribution in wireless recent research activities are focused on authentication
sensor networks,” International Journal of Network protocols and architectures, security and privacy in smart
Security, vol. 8, no. 3, pp. 282-292, 2009. environments.