Sie sind auf Seite 1von 6

Proceedings of National Conference on Information Processing & Remote Computing dated 27 & 28 feb.



Analysis of Authentication Schemes for Packet

Transmission in Wireless Sensor Network
Gowtham. K [1], PG Scholar [1]
Umamaheswari.S [2],Assistant Professor [2]
Ku maraguru college of Technology, Co imbatore-641049, Tamil Nadu, India
gowthamkaliappan22@g m , u

ABS TRACT: Message authentication is one of the most effective ways to counteract for unauthorized users and
corrupted messages from being forwarded in wireless sensor networks. Several message authentication schemes
have been experimented to protect messages but these authentication schemes have the limitations of high
computational and co mmunicat ion overhead, lack o f scalability, resilience to node co mpro mise attacks and
threshold problem. To overcome these issues message authentication scheme based on elliptic curve crypto graphy
(ECC) was introduced. But it suffers fro m h igh computational overhead. In our proposed system hop by hop
message authentication is introduced. While enabling intermed iate nodes authentication, this scheme allows any
node to transmit an unlimited number of messages without suffering the threshold problem. In addit ion to hop by
hop message authentication, key exchange mechanis m is enhanced through Diffie hellman key exchange algorithm
and also provide message source privacy .

KEY WORDS : Message authentication scheme, Elliptic curve cryptography, Hop by hop authentication, Diffie
hellman key exchange.


Message authentication plays a prominent role in have to share a secret key. The shared key (letter or
thwarting unauthorized and corrupted messages from symbol) is used by the sender to generate a message
being forwarded in networks to save the sensor authentication code for each trans mitted message. In
energy. Many authentication schemes have been this method, the authenticity and integrity of the
developed to provide message authenticity and message can only be verified by the node using
integrity verificat ion for wireless sensor networks. shared secret key, which is generally shared by a
The symmetric -key based approach requires group of sensor nodes. An intruder can able to
complex key management and lacks of scalability. It compro mise the key by capturing a single sensor
is not resilient to large numbers of node compro mise node. And this method does not work in multicast
attacks since the message sender and the receiver networks.
In order to solve the scalability problem, a secret authenticity of the message through polynomial
polynomial based message authentication scheme evaluation. If the trans mitted messages are larger
was introduced. The idea is similar to a threshold than the threshold, the polynomial can be fully
secret sharing, where the threshold is determined by recovered and the system is co mpletely bro ken.
the degree of the polynomial. This approach offers
informat ion security of the shared secret key when 2. ELLIPTIC CURVE
the number of messages transmitted is less than the CRYPTOGRAPHY
threshold. The intermediate nodes verify the
Proceedings of National Conference on Information Processing & Remote Computing dated 27 & 28 feb. 2014

Koblit z and M iller introduced the use of elliptic The proposed authentication scheme aims at
curves in public key cryptography in 1985 called as achieving the follo wing goals,
Elliptic curve Cryptography (ECC). The operation of
elliptic curves consists of multip lying a point by a Message authentication: The receiver should be
scalar in order to get a second point. The co mplexity able to verify whether a received message is sent by
arises from the fact that, given the initial point and the node or not
the final point, the scalar could not be deduced it Message integrity: The receiver should be able to
leads to a very difficult problem of reversibility, or verify whether the message has been modified en-
crypto analysis, called as ellipt ic curve discrete route by the adversaries.
logarith m problem [1]. Hop-by-hop message authentication Every
The ECC algorith ms with their s mall key sizes are forwarder on the routing path or network should be
the best challenge for cryptanalysis problems able to verify the authenticity and integrity of the
compared to RSA and AES, thus ECC will lead to messages upon each reception.
smaller area hardware, less bandwidth use, and more Identity and location privacy: The adversaries
secure transactions. cannot determine the message senders ID and
An elliptic curve E takes the general form given as: location by analy zing the message contents or by
the local traffic.
E: l = x3 + ax + b [p] Node compromise resilience: The scheme should be
resilient to node compro mise attacks. No matter
Where a, b are in the appropriate set (rational
numbers, real nu mbers, integers mod p ) and x, y are how many nodes are co mpro mised and the
elements of the finite field GF (p), satisfying 4a + remain ing nodes can still be secure.
27b 0 (mod p) and p is known as modular prime 4 PRO POSED AUTH ENTICATIO N SCHEME
integer making the elliptic curve finite field. There
are two basic group operations on elliptic curve. It is
given by The Objective of developing proposed
system is to provide high privacy to the message
Point addition , Po int doubling authentication and hop by hop message
authentication. Key exchange mechanism is
2.1 Point Addition enhanced through diffie hellman key exchange
algorith m. The source node encrypts the data using
Addition means that given two points on E and the public key of receiver node, and then transmits
their coordinates are P = (X1 Y1 ) and Q = (X2 Y2 ), the data. After receiver receiving the data, it needs a
private key for decrypting data. So the receiver
(p)), we need to compute the coordinates of a third
point R such that, request key server to produce a private key, the key
server authenticates the receiver access through key
P +Q = R authentication. It is very hard for the malicious node
(X1 , Y 1 ) + (X2 , Y2 ) = (X3 , Y3 ) to get a key fro m key server.

This is the case, we need to compute R = P +Q and P

Q. Point R's coordinates (X3 , Y3 ) also E (GF (p)).
= (Yp-Yq) / (Xp-Xq)
Xr = [ -Xp-Xq] mod p
Yr = [-Yp + (Xp-Xr)] mod p

2.2 Point Doubling

Point doubling is the addition of a point P on E to

obtain another point R. Th is is the case where we
need to compute P + Q but P = Q. Hence R = P + P =
2P. Fig.1 Block d iagram
2 2
= (3X p+)/2Yp Xr = [ -2Xp]
Yr = [-Yp + (Xp-Xr)] mod p
The mobile nodes are designed and configured
3. DES IGN GOALS dynamically, designed to employ across the network,
the nodes are set according to the X, Y, Z d imension,
Proceedings of National Conference on Information Processing & Remote Computing dated 27 & 28 feb. 2014

which the nodes have the direct transmission range to i In fact, if the SAMA has been correctly generated
all other nodes. without being modified, then we compute:
The message receiver should be able to verify Qi
whether a received message is sent by the node or by i=1
a node in a particular group. In other words, the = (k t +k i +r t dt h t ) G-
adversaries could not pretend to be an innocent node r i h i Qi in i
=ki G+ (kt G-
and inject fake messages into the network without
rih iQi) in
being detected. in =
(ri,y i)+(rt ,yt )
Suppose that the message sender wishes to transmit a (ri,y i) i
message m anonymously fro m her network node to
any other nodes. The AS includes n members, A 1 , Therefore, the verifier should always accept the
A 2 , , A n , e.g., S = {A 1 , A 2 , , A n}, where the SAMA .
actual message sender is A t, for some
value t, 1 t n. We will not distinguish between the
node A i and its public key Qi . Therefore, we have S = 5. HOP-BY-HOP MESS AGE AUTHENTIC ATION
{Q1 , Q2 , , Q n }.
Every forwarder on the routing path need be able to
verify the authenticity and integrity of the messages
upon reception. This can be done through the
An algorith m for generation of authentication: verification of public key. A CK is replied to prev ious
Suppose m is a message to be transmitted. The
hop node if authentication is successful.
private key of the message sender Alice is d t , 1 t
N . To generate an efficient SAMA for message m, 5.1 COMPROMIS ED NODE DETECTION
Alice performs the following three steps: PROCESS
= k G.
Select a random and pairwise different k i for each 1 i n 1, i _=t and compute ri from (ri, y i)
If a message is received by the sink node, the
2) Choose a random ki Z p and compute rt from (rt, yt) =
message source is hidden in an AS. Since the SAMA
ktG ri hi Qi such that rt 0 and rt ri scheme guarantees that the message integrity is
3) Co mpute s = kt + kii+t rt dt ht mod N . unhampered, when a bad or meaningless message is
The SAMA of the message m is defined received by the sink node, the source node is viewed
as: S(m) = (m, S, r1 , y 1 , , rn , y n , s). as compromised. If the co mpro mised source node
only transmits one message, it would be very d ifficult
4.4 VERIFICATION OF S AMA for the node to be identified without additional
network t raffic in formation. Ho wever, when a
Verification algorithm: compro mised node transmits more than one message,
the sink node can narrow the possible compro mised
For Bob to verify an alleged SAMA (m, S,
nodes down to a very small set.
r1 , y 1 ,
, r n , y n , s), he have a copy of the public keys Q 1 ,
, Qn . Then he checks following steps:
1) Checks that Qi _= O, i = 1, , n, otherwise
2) Checks that Qi , i = 1, , n lies on the curve
3) Checks that nQi = O, i = 1, , n
After that, Bob fo llo ws these steps:
1) Verify that ri, yi, i=1,., n lies between
[1,N-1]. If not, signature is invalid.
2) Calculate hh (m,ri), h is the same function
used in the signature generation.
Fig.2 Co mpro mised node
3) Calculate (x0,y 0)=s G- rih iQi 5.2 KEY S ERVER MANAGEMENT
4) The signature is valid if the first coordinate A certificate authority server is called as key server,
of (ri,y i) equals x0,invalid otherwise.
Proceedings of National Conference on Information Processing & Remote Computing dated 27 & 28 feb. 2014

which is responsible for message authentication. The algorith m is developed Both theoretical and
key server verifies the information and authenticates simu lation results our proposed scheme is more
the user. This could be a kind of data encryption and efficient than the polyno mial-based scheme in terms
decryption process. This is achieved through diffie of computational overhead, energy consumption,
hellman key exchange algorithm. delivery rat io, message delay, and memory
consumption using ns2 simulator.
DiffieHellman key exchange (DH)

It is a specific method of exchanging keys. It is one

of the practical examp les of Key exchange
implemented within the field o f cryptography. This
method allows two parties (sender and receiver) that
have no prior knowledge of each other to jointly
establish a shared secret key over an insecure
communicat ion channel. This key can then be used to
encrypt subsequent communicat ions using symmet ric
key cipher.


1. Alice and Bob agree on a huge prime p and

a generator g.
2. Alice chooses a large random integer xA < p and
keeps it secret. Bob chooses a random integer xB < p and
keeps it secret.
3. Alice computes key by using y A g A (mod
p) called as alice public key and sends it to Bob using
insecure communication. Bob computes his public key
by using y B g B and sends it to Alice. And its limit
is 0 < y A < p, 0 < y B < p. Fig.3 Message delay
Sending these public keys during
insecure communication is safe, because This fig.3 shows the simulated result of message
delay when ECC is used for message authentication.
1. It would be hard for someone to co mpute xA
fro m y A or xB fro m y B, just like the powers of 2
2. Alice computes the key by using zA yB A
(mod p) and Bob computes the key by using zB
y A B (mod p) where zA < p, zB < p.
x x
In this z = z, so z y x (g ) =
) = B A

g A B ( mod p) , si mil arl y zB (g A B

g A B (mod p). So this val ue act as shared secret)

key. In this calculation, the step y B A (g B A
involved to replace g B
its remainder y , so we

were really using the "as often as you want" principle.


In this paper, an efficient source anonymous message

authentication scheme (SAMA) depending on elliptic
curve cryptography (ECC) is designed. While
ensuring message sender privacy, SAMA can be
applied to any message to provide message content
authenticity. In order to provide scalable message Fig.4 Energy consumption
authentication without the weakness of the threshold,
a hop-by-hop message authentication scheme based This fig.4 shows the simulated result of the parameter
on the SAMA and diffie hellman key exchange of Energy consumption when ECC is imp lemented.
Proceedings of National Conference on Information Processing & Remote Computing dated 27 & 28 feb. 2014

This fig.7 shows the simu lated result of the

throughput when D-H scheme is used for

[1] Jian Li Yun Li Jian Ren Jie Wu Hop-by-Hop
Message Authentication and Source Privacy in
Wireless Sensor Networks Digital Ob ject
Indentifier 10.1109/TPDS.2013.119 1045-
9219/13/$31.00 2013 IEEE

[2] M. Albrecht, C. Gentry, S. Halevi, and J. Kat z,

Attacking cryptographic schemes based on
perturbation polynomials, Cryptology ePrint
Fig.5 Packet delivery ratio Archive, Report 2009/098, 2009

[3] A. Pfit zmann and M. Hansen, Anonymity,

This fig.5 shows the simulated result of the packet
unlinkability, unobservabil-ity, pseudonymity,
delivery ratio when the ECC technique is
implemented for authentication .
and identity management a proposal for
/Anon Terminologyv0.31.pdf, Feb. 15 2008.

[4] W. Zhang, N. Subramanian, and G. Wang,

Lightweight and comp ro miseresilient message
authentication in sensor networks, in IEEE
INFOC OM, Phoenix, AZ., April 15-17 2008.

[5] F. Ye, H. Lou, S. Lu, and L. Zhang, Statistical

en-route filtering of injected false data in sensor
networks, in IEEE INFOCOM , March 2004.
Fig.6 Throughput based on ECC Scheme [6] S. Zhu, S. Setia, S. Jajodia, and P. Ning, An
interleaved hop-by-hop authentication scheme
This fig.6 shows the simulated result of the for filtering false data in sensor networks, in
throughput parameter of ECC scheme when used for IEEE Symposium on Security and Privacy, 2004.
[7] A. Perrig, R. Canetti, J. Tygar, and D. Song,
Efficient authentication and signing of multicast
streams over lossy channels, in IEEE
Symposium on Security and Privacy, May 2000.

[8] D. Po intcheval and J. Stern, Security argu ments

for digital signatures and blind signatures,
Journal of Cryptology, vol. 13, no. 3, pp. 361
396, 2000.

[9] M. Reiter and A. Rubin, Crowds: anonymity for

web transaction, ACM Transactions on
Information and System Security, vol. 1, no. 1,
pp. 66 92, 1998.
Fig.7 Throughput for D-H scheme
roceedings of National Conference on Information Processing & Remote
Computing dated 27 & 28 feb. 2014