Presentation Handout: TinyECC for Security and Privacy in Sensor Networks

Adam Hodges Ravi Mandliya

hodges8@g.clemson.edu

rmandli@g.clemson.edu

March 11, 2013

Introduction

Phenomenal growth in Wireless Sensor Network eld has opened new gates for a variety of real world applications, challenges and research. Applications like Forest-re Monitoring, Wild life tracking, Volcano monitoring, Trac monitoring, Health care solutions,Climate sensing, Military & spy sensing etc are some of the examples of wireless sensor network applications. However some applications deal with sensitive data and operate in hostile unattended environments, therefore it is imperative that security concerns needs to be addressed for WSNs as well. Current security mechanisms are not sucient for wireless sensor network due to some unique challenges WSN poses for example low memory and power constraints, limited computational ability etc.[4] Public Key Cryptography(PKC) such as RSA are very dicult to apply to these resource constrained devices, as they require huge computation and memory. Elliptical Curve Cryptography (ECC)[1] is being explored as an alternative to current PKC mechanisms. Researchers at NC state have developed TinyECC [3], a congurable TinyOS library for ECC operations. In the next section, we will explore the Elliptical Curve Cryptography and its suitability to WSN domain. In further section, we will discuss performance of WSN using ECC.

Symmetric Encryption(key size in bits) 80 112 128 192 256

RSA and DieHellman(key size in bits) 1024 2048 3072 7680 15360

ECC (key size in bits) 160 224 256 384 512

Table 1: source - http://www.nsa.gov/business/programs/elliptic_

curve.shtml

2
2.1

Elliptical Curve Cryptography

Idea of ECC in Nutshell

Imagine, we have a set of points (xi ,yi ) in a plane. The set is very, very large but nite. We will denote this set by E. Now If we dene a group operator(usually denoted by '+' which has nothing to do with addition operation), and apply it to two points P and Q of set E, we can dene a third point R, also in set E such that R = P + Q. [2] ECC uses concept of group operation such as point doubling and point operations. A point P is multiplied by a scalar k results in point Q. If we just know P and Q ,it is computationally infeasible to determine which scalar value of k was multiplied to P to yield Q. For k =23, 23P = 2(2(2(2P) + P) + P) + P = Q
2.2 Why ECC?

The computational overhead of the RSA-based approach to public-key cryptography increases with the size of the keys.As algorithms for integer factorization have become more and more ecient, the RSA based methods have had to resort to longer and longer keys. However, this makes things dicult for WSN devices. Elliptical Curve Cryptography on other hand can provide same level of security and Elliptic curve cryptography (ECC) can provide the same level and type of security as RSA, but with much shorter keys. The table 1 compares the three approaches of encryption for comparable level of security against brute force attacks. 2

The computational overhead of both RSA and ECC grows as O(N3 ) where N is the Key length in bits. Nonetheless, despite this parity in the dependence of the computational eort on key size, it takes far less computational overhead to use ECC on account of the fact that you can get away with much shorter keys.Because of the much smaller key sizes involved, ECC algorithms can be implemented on smartcards without mathematical coprocessors. Contactless smart cards work only with ECC because other systems require too much induction energy. Since shorter key lengths translate into faster handshaking protocols, ECC is also becoming increasingly important for wireless sensor networks[2].

TinyECC

TinyECC is a congurable TinyOS library developed by researches at NC state. It provide a ready-to-use, publicly available software package for ECCbased PKC operations such as Digital signatures (ECDSA),Key exchange protocol (ECDH),Public key encryption scheme (ECIES) in a TinyOS environment. The implementation of ECC in a wireless sensor network is still a performance challenge even with smaller keys, which are still larger in context to specication of a wireless sensing device for e.g. TelosB [2]. Authors have used various optimization techniques such as Barrett Reduction, Hybrid Multiplication and Hybrid Squaring, Shamir`s Trick etc to speed up the ECC operations. Such optimizations, however, typically will increase the ROM and RAM consumptions, though they may reduce the execution time and energy consumption. ECC without optimization will use least amount of RAM and ROM, however ECC execution may use 20-40 seconds to implement and may consume upto 6-24 times energy in comparison to ECC with optimization. ECC with optimization may take 1-3 seconds for execution, and it consumes a signicant portion of RAM. We need to nd a balance between the two, as per our performance requirements.

Demo

We will demonstrate a digital signature and a packet sning application implemented over TinyOS using TinyECC.

References
[1] An introduction to elliptic curve cryptography. http: //www.embedded.com/design/safety-and-security/4396040/ An-Introduction-to-Elliptic-Curve-Cryptography. Accessed: 03/11/2013.

[2] Avi Kak. Lecture notes on computer and network security:elliptic curve cryptography and digital rights management. https://engineering. purdue.edu/kak/compsec/NewLectures/Lecture14.pdf. Accessed: 03/11/2013. [3] An Liu and Peng Ning. Tinyecc: A congurable library for elliptic curve cryptography in wireless sensor networks, 2011. [4] Adrian Perrig, John Stankovic, and David Wagner. Security in wireless sensor networks. COMMUNICATIONS OF THE ACM, 47(6):5357, 2004.