I Nature has offered many intelligent sensors;

Nature has offered many intelligent sensors;
Only need is to recognize them.
I
This thesis is dedicated to my friend
Jamil S Moulavi (WIT, India) who passed away in1990.
II
An Enhancement of Elliptical Curve
Cryptography for the Resource
Constrained Wireless Sensor
Network
PRITAM GAJKUMAR SHAH
BACHELOR OF ENGINEERING (ELECTRONICS)
MASTER OF TECHNOLOGY (ELECTRONICS DESIGN)
FACULTY OF INFORMATION SCIENCES AND ENGINEERING
UNIVERSITY OF CANBERRA, AUSTRALIA
THIS DISSERTATION IS SUBMITTED IN PARTIAL FULFILMENT OF
THE REQUIREMENTS FOR THE AWARD OF THE DEGREE
DOCTOR OF PHILOSOPHY
NOVEMBER 2010
III
© 2010 By Pritam Gajkumar Shah, University of Canberra, Australia. All rights reserved.
V
Certificate of Authorship of Thesis (Form B)
Except where clearly acknowledged in footnotes, quotations and the bibliography, I certify
that I am the sole author of the thesis submitted today entitled –
―An Enhancement of Elliptic Curve Cryptography for the Resource Constrained Wireless
Sensor Network‖.
I further certify that to the best of my knowledge the thesis contains no material previously
published or written by another person except where due reference is made in the text of the
thesis.
The material in the thesis has not been the basis of an award of any other degree or diploma
except where due reference is made in the text of the thesis.
The thesis complies with University requirements for a thesis as set out in Gold Book Part 7:
Examination of Higher Degree by Research Theses Policy, Schedule Two (S2).
Refer to http://www.canberra.edu.au/research-students/goldbook
Signature of Candidate
Date: 22/11/2010
Signature of Chair of the Supervising Panel
Date: 22/11/2010
VII
Abstract
Development in Micro Electro Mechanical Systems (MEMS), Very Large Scale Integration
(VLSI) and Wireless Communication has opened a new domain in networking area called
Wireless Sensor Networks (WSN). WSN is a special case of a Mobile Ad Hoc Networks
(MANET) in which information is gathered, processed and communicated with the help of
tiny wireless sensor nodes that are deployed in the field where ordinary networks are
unreachable for various environmental and strategic reasons. Wireless sensor nodes use radio
frequencies as a communications medium, and are vulnerable to active and passive attacks
from adversaries including node capturing, frequency jamming, and various Denial of
Service (DOS) attacks. Most of the ongoing research is to make WSN secure with Symmetric
Key (SK) protocols but at the same time Public Key Cryptography (PKC) has received little
attention from researchers.
PKC is based on hardness of a mathematical problem like factoring the product of two large
primes which is used in Rivest, Shamir and Adleman (RSA) algorithm or computing a
discrete logarithm used in Elliptical Curve Cryptography (ECC). As compared to RSA, ECC
offers the same security level but with significantly smaller key size and is the potential
candidate in the near future for WSN security. For an example, a 160-bit ECC key provides
the same level of security as a 1024-bit RSA key. A smaller key size in WSN means faster
computation, lower power consumption, memory and bandwidth savings for the sensor
nodes.
Analysis and mathematical modeling of ECC is investigated in this thesis in regard to the
WSN. Novel approaches combing use of mixed coordinate system, recoding of integer with
One‘s Complement Subtraction (OCS) method, OCS window method to avoid Special Power
Analysis (SPA) attacks, use of Dynamic Window method to avoid node failure and use of
hidden generator point to avoid man-in-the-middle attack and use of uni-coordinate public
key for WSN have been proposed. These six innovative, novel and industrially applicable
algorithms are demonstrated which significantly improve performance of scalar
multiplication processes on WSN and demonstrated to achieve node authenticity, data
integrity, confidentiality on 8-bit microcontroller of sensor node. These claims are validated
using simulation results obtained on MIRACL crypto library and using MATLAB analysis,
appropriately provided wherever necessary.
IX
Table of Contents
Certificate of Authorship of Thesis (Form B) ................................................................................ VII
Abstract................................................................................................................................................IX
Table of Contents ................................................................................................................................XI
List of Figures.................................................................................................................................... XV
List of Algorithms .......................................................................................................................... XVII
List of Tables .................................................................................................................................... XIX
Abbreviations and Definitions ........................................................................................................ XXI
Acknowledgements .......................................................................................................................XXIII
Chapter 1
1.1
1.2
1.3
1.4
1.5
Introduction.................................................................................................................. 1
Background and Motivation...................................................................................................... 1
Research Questions ................................................................................................................... 4
Research Tools .......................................................................................................................... 5
Research Contribution .............................................................................................................. 6
Thesis Outline ........................................................................................................................... 7
Chapter 2
Wireless Sensor Networks and Security: A Review .................................................. 9
2.1 Introduction ............................................................................................................................... 9
2.2 WSN Architecture ................................................................................................................... 10
2.2.1 WSN Node ...................................................................................................................... 10
2.2.2
Node Power Consumption .............................................................................................. 15
2.3 WSN Protocol Stack ............................................................................................................... 16
2.4 WSN Topology ....................................................................................................................... 18
2.5 Network Layer Protocols Evaluation ...................................................................................... 20
2.6 Possible Attacks on WSN in terms of Layer Wise Security ................................................... 21
2.6.1 Physical Layer .................................................................................................................. 22
2.6.2 Data Link Layer ............................................................................................................... 24
2.6.3 Network Layer ................................................................................................................. 24
2.6.4 Transmission Layer .......................................................................................................... 26
2.6.5
Application Layer ........................................................................................................... 26
2.7 A survey of cryptography protocols for WSN ........................................................................ 26
2.7.1 SPINS: Security Protocol for Sensor Network ................................................................ 27
2.7.2 TinySec: ........................................................................................................................... 29
2.8 Summary ................................................................................................................................. 29
Chapter 3
3.1
3.2
3.3
Elliptical Curve Cryptography Modelling............................................................... 31
Introduction ............................................................................................................................. 31
Definition of Elliptical Curve ................................................................................................. 31
Pyramid of Elliptical Curve Cryptography ............................................................................. 33
XI
3.4 Elliptic Curve Protocols for WSN .......................................................................................... 34
3.4.1 Elliptic curve key generation ........................................................................................... 34
3.4.2 Definition of Elliptic Curve Discrete Logarithm Problem (ECDLP) .............................. 35
3.4.3 Elliptical Curve Diffie-Hellman Protocol (ECDH).......................................................... 36
3.4.4 Comparison between RSA and ECC................................................................................ 37
3.4.5 ElGamal Elliptic Curve Protocol ..................................................................................... 39
3.5 Point Addition and Point Doubling on Elliptical Curve ......................................................... 42
3.6 Finite Field Arithmetic ............................................................................................................ 43
3.7 Fields of odd characteristic ..................................................................................................... 44
3.7.1 Moduli of Special form or pre computed moduli............................................................. 44
3.7.2 Residue number system arithmetic .................................................................................. 45
3.7.3 Barrett Reduction ............................................................................................................. 45
3.7.4 Montgomery Reduction ................................................................................................... 46
3.8 Fields of characteristic two ..................................................................................................... 49
3.8.1 Polynomial Bases ............................................................................................................. 49
3.8.2 Normal bases .................................................................................................................... 51
3.8.3 Subfield bases .................................................................................................................. 54
3.9 Summary ................................................................................................................................. 55
4.1 Introduction ............................................................................................................................. 57
4.2 Coordinate Systems in Elliptical Curve .................................................................................. 58
4.2.1 Affine coordinates ............................................................................................................ 58
4.2.2 Projective Coordinate ....................................................................................................... 59
4.2.3 Jacobian and Chudnovsky Jacobian Coordinates............................................................ 61
4.2.4 Modified Jacobian Coordinates ...................................................................................... 62
4.2.5 Mixed Coordinates .......................................................................................................... 62
4.3 Implementation on MIRACL crypto Library.......................................................................... 66
4.4 Summary ................................................................................................................................. 67
Chapter 5
Proposed One’s Complement Subtraction (OCS) algorithm ................................ 69
5.1 Introduction ............................................................................................................................. 69
5.2 ECDH Protocol Implemented on WSN to Achieve Data Confidentiality .............................. 70
5.3 The Existing Methods of Integer Recoding ............................................................................ 71
5.3.1 Binary Method ................................................................................................................. 71
5.3.2
Non Adjacent Form ( NAF) method ............................................................................... 72
5.3.3 Mutual Opposite Form (MOF) Method .......................................................................... 74
5.4 Use of Complementary Methods for Subtraction ................................................................... 75
5.4.1 The 10‟s complement ....................................................................................................... 76
5.4.2 The 9‟s Complement ........................................................................................................ 77
5.4.3 Binary Subtraction by Utilization of 2‟s Complement..................................................... 77
5.5 Proposed One‟s Complement Subtraction (OCS) Algorithm for Recoding of Scalar k ....... 79
5.6 Proposed Two‟s Complement Subtraction (TCS) algorithm .................................................. 82
5.7 Performance Evaluation of OCS algorithm on MATLAB ..................................................... 83
5.8 Summary ................................................................................................................................. 89
Chapter 6 Proposed Window One’s Complement Subtraction Algorithm for Prevention of
SPA ....................................................................................................................................................... 91
6.1
6.2
Introduction ............................................................................................................................. 91
Side channel attacks on WSN node ........................................................................................ 92
XII
6.2.1 CMOS Inverter Circuit and Simple Power Analysis ....................................................... 92
6.2.2 Enhanced Simple Power Analysis ................................................................................... 94
6.2.3 Differential Power Analysis ............................................................................................. 94
6.2.4 Electromagnetic Analysis ................................................................................................ 95
6.2.5 Fault and Timings Attacks ................................................................................................ 95
6.3 SPA Counter Measures ............................................................................................................ 95
6.3.1 „Double and Add Always ‟Algorithm ............................................................................. 96
6.3.2 Montgomery Ladder ........................................................................................................ 96
6.3.3 Identical formulae for point addition and doublings ......................................................... 97
6.4 A Window OCS Method Proposed To Avoid SPA ................................................................. 97
6.5 Summary .................................................................................................................................. 99
Chapter 7
Proposed Dynamic Window Method of Scalar Multiplication ............................ 101
7.1 Introduction ........................................................................................................................... 101
7.2 Existing Methods for Scalar Multiplication .......................................................................... 101
7.2.1 The Binary Method for Scalar Multiplication ................................................................ 101
7.2.2 The m-ary Method ......................................................................................................... 102
7.2.3 Sliding Window Method ................................................................................................ 103
7.3 Effect of Window Size on Memory Utilization of Mica Nodes ........................................... 108
7.4 Stack Depth Analysis ............................................................................................................ 109
7.5 Proposed Dynamic Window Algorithm for scalar multiplication ........................................ 110
7.6 Fuzzy Controller for ECC ..................................................................................................... 111
7.7 Summary ............................................................................................................................... 117
8.1 Introduction ........................................................................................................................... 119
8.2 Proposed New ECC Protocol Based On Hidden Generator Point ...................................... 120
8.3 Multi-agent System Implementation of ECC Public Key ..................................................... 124
8.3.1 Intelligent agent.............................................................................................................. 125
8.3.2 Classification of environmental properties for intelligent agents .................................. 126
8.3.3 Intelligent Agent capabilities ......................................................................................... 126
8.3.4
Architecture of Intelligent Agents:................................................................................ 127
8.3.5 Definition of Multiagent systems ................................................................................... 128
8.3.6 Problem solving in MAS................................................................................................ 128
8.3.7 Programming for Multi-Agent Systems ......................................................................... 131
8.3.8 Proposed MAS framework for ECC .............................................................................. 132
8.4 Summary ............................................................................................................................... 133
9.1 Introduction ........................................................................................................................... 135
9.2 Quadratic equations in field of odd characteristics ............................................................... 135
9.3 Solving quadratic equations in binary field .......................................................................... 137
9.4 Summary ............................................................................................................................... 138
Chapter
10.1
10.2
10
Conclusion and Future Work .............................................................................. 139
Thesis Summary.................................................................................................................. 139
Future Work ........................................................................................................................ 141
Bibliography ...................................................................................................................................... 145
Appendix A
NIST Recommended Curves for Cryptography ................................................ 153
Appendix B
List of My Publications and Patents ................................................................... 167
XIII
Publications ..................................................................................................................................... 167
Patents ............................................................................................................................................. 169
Invited Talk ..................................................................................................................................... 171
Appendix C
Results Obtained On MIRACL Crypto Library ............................................... 173
Appendix D
Sample Source Codes Written in C, C++ for ECC............................................ 183
XIV
List of Figures
Figure 2. 1
A Typical WSN Architecture .................................................................................... 9
Figure 2. 2
Block Diagram of WSN Node ................................................................................. 11
Figure 2. 3
Fleck3B WSN Node by CSIRO [34] ....................................................................... 11
Figure 2. 4
Images of MICA Node (on Left) and Telos Node (on Right) .................................. 13
Figure 2. 5
WSN Protocol Stack with Proposed Security Plane ................................................. 17
Figure 2. 6
Deployment of Nodes in Delphi Distribution........................................................... 19
Figure 2. 7
Deployment of Nodes in Gaussian Distribution ....................................................... 19
Figure 2. 8
Deployment of Nodes in Exponential Distribution .................................................. 20
Figure 2. 9
Classical flooding protocol results ........................................................................... 21
Figure 2. 10 Power Traces of SC140DS Processor [47] ............................................................... 23
Figure 2. 11 μTESLA One Way Key Function [52] ..................................................................... 28
Figure 3. 1
An Elliptical Curve Example.................................................................................... 32
Figure 3. 2
An Elliptical Curve and Its Group Elements ............................................................ 32
Figure 3. 3
ECC Operational Pyramid [21] ................................................................................ 34
Figure 3. 4
Diffie Hellman Key Exchange Protocol ................................................................... 39
Figure 3. 5
Point Addition, Point Doubling Operations in Elliptic Curve .................................. 42
Figure 4. 1
Evaluation of Coordinates for ECDH and ECDSA protocol on MIRACL Library . 67
Figure 5. 1
ECDH Protocol Implemented on WSN .................................................................... 70
Figure 5. 2 MATLAB code for Decimal to Binary Conversion .................................................. 84
Figure 5. 3
MATLAB Code for Decimal to MOF Form ............................................................ 85
Figure 5. 4 MATLAB Code for Decimal To NAF Form............................................................. 86
Figure 5. 5 MATLAB code for OCS Algorithm.......................................................................... 87
Figure 5. 6
MATLAB code for TCS algorithm .......................................................................... 88
Figure 5. 7 Comparison of OCS with other algorithms on MATLAB ........................................ 89
Figure 6. 1
Power traces revealing value of private key of the WSN node [63] ........................ 91
Figure 6. 2
Block diagram of SPA setup .................................................................................... 92
Figure 6. 3
CMOS Logic Inverter Circuit [80] ........................................................................... 92
Figure 6. 4
Example of Power Consumption Information Leakage [82] .................................... 94
Figure 7. 1
Trade-off between Window size and computational cost....................................... 107
Figure 7. 2
Trade off between window size and number of pre-computations......................... 107
Figure 7. 3
Memory model for Tiny OS on MICA mote .......................................................... 109
Figure 7. 4
Three inputs and one output fuzzy window control system ................................... 112
Figure 7. 5
Proposed Algorithm of Dynamic Window for Scalar Multiplication [91, 92] ....... 113
Figure 7. 6
The block diagram of current fuzzy controller ....................................................... 115
XV
Figure 7. 7 The output of the surface for the StorageRoom vs. PreComputing ......................... 115
Figure 7. 8
The output of the surface for the StorageRoom vs. Doubling ................................ 116
Figure 7. 9
The output of the Surface for PrecComputing vs. Doubling. ................................. 116
Figure 8. 1
Man-in-Middle Attack in WSN .............................................................................. 119
Figure 8. 2
Distribution of Elliptic Group E23 (1, 1). .............................................................. 122
Figure 8. 3
A new protocol protecting the man-in-the-middle attack. ...................................... 122
Figure 8. 4
Block diagram for hidden generator point principle. ............................................. 123
Figure 8. 5
A protocol for ECC with hidden generator point ................................................... 123
Figure 8. 6
An agent in its environment ................................................................................... 125
Figure 8. 7
CDPS Protocol ....................................................................................................... 129
Figure 8. 8
Task and Results sharing in MAS .......................................................................... 130
Figure 8. 9
Block Diagram of MAS Framework for ECC [109] .............................................. 133
Figure 10. 1 Cloud Computing Architecture for WSN ................................................................ 141
XVI
List of Algorithms
Algorithm 3. 1
Elliptic Curve Key Pair Generation.................................................................... 35
Algorithm 3. 2
Elliptical Curve Diffie-Hellman Protocol .......................................................... 36
Algorithm 3. 3
Algorithm 3.3 Basic ElGamal Encryption Algorithm [47] ................................ 39
Algorithm 3. 4
Basic ElGamal Decryption Algorithm [47]........................................................ 40
Algorithm 3. 5
Point Addition .................................................................................................... 43
Algorithm 3. 6
Point Doubling ................................................................................................... 43
Algorithm 3. 7
Reduction Modulo .............................................................................................. 45
Algorithm 3. 8
Barrett Reduction Algorithm .............................................................................. 46
Algorithm 3. 9
Montgomery Reduction Simple Case................................................................. 47
Algorithm 3. 10 Modified Montgomery Reduction ..................................................................... 47
Algorithm 3. 11 Computing x 1 (mod 2w ) ................................................................................. 48
Algorithm 3. 12 Montgomery Multiplication .............................................................................. 48
Algorithm 3. 13
Re ductionMod ulo f(x)
xn
xt 1, 0 t
n. ............................................ 49
Algorithm 4. 1
Point Addition and Point Doubling in Affine Coordinate System ..................... 59
Algorithm 4. 2
Point Addition and Point Doubling in Projective Coordinate ............................ 60
Algorithm 4. 3
Point Addition and Point Doubling in Jacobian Coordinate .............................. 61
Algorithm 4. 4
Conversion of Affine Coordinates to other Coordinates .................................... 62
Algorithm 4. 5
Conversion of Projective Coordinate to other Coordinates ................................ 63
Algorithm 4. 6
Conversion of Jacobian Coordinates to other Coordinates ................................ 63
Algorithm 5. 1
Left to Right Binary Method .............................................................................. 71
Algorithm 5. 2
Right to Left Binary Method .............................................................................. 71
Algorithm 5. 3
Computing the NAF of a Positive Integer .......................................................... 73
Algorithm 5. 4
Binary NAF Method for Point Multiplication .................................................... 74
Algorithm 5. 5
Conversion from Binary to NAF ........................................................................ 74
Algorithm 5. 6
Left to Right Processing from Binary to MOF................................................... 75
Algorithm 5. 7
OCS Algorithm Proposed for Recoding Positive Integer in WSN...................... 82
Algorithm 5. 8
TCS Algorithm for a Positive Integer ................................................................ 83
Algorithm 6. 1
SPA Resistant Double and Always Method ....................................................... 96
Algorithm 6. 2
Montegomery Ladder to Avoid SPA.................................................................. 97
Algorithm 6. 3
Proposed Window OCS Method for Scalar Multiplication ................................ 98
Algorithm 7. 1
Multiplication by m-ary Method ...................................................................... 103
Algorithm 7. 2
Sliding Window Method .................................................................................. 104
Algorithm 8. 1
Proposed Protocol to Avoid Man-in-the-Middle Attack [91,92] ..................... 124
Algorithm 9. 1
Legendre Symbol [17] ...................................................................................... 136
XVII
Algorithm 9. 2
Square Root Modulo p [17].............................................................................. 137
XVIII
List of Tables
Table 2. 1
Family of Berkeley Nodes [35] ................................................................................. 12
Table 2. 2
Specifications of First Generation Nodes [1]............................................................ 13
Table 2. 3
Specifications of Imote2 [1] ...................................................................................... 13
Table 3. 1
Nomenclature in ECC ................................................................................................ 33
Table 3. 2
NIST Guidelines for Key Sizes [59] .......................................................................... 37
Table 4. 1
Comparison of binary and prime field on Motorola processor .................................. 57
Table 4. 2
Cost of Conversion To and From Various Coordinate Systems [64] ........................ 64
Table 4. 3
Cost of Operations In Mixed Coordinates [30].......................................................... 65
Table 4. 4
Representation of Point in Various Coordinate Systems[30] .................................... 66
Table 4. 5
Comparison of Coordinate for ECDH and ECDSA Protocol for WSN .................... 67
Table 5. 1
Comparison of OCS with other methods on MATLAB (Execution time in ms)....... 89
XIX
Abbreviations and Definitions
The following abbreviations of standard phrases are used throughout the thesis:
AES
Advanced Encryption Standard
AES 128
AES with a 128-bit key
AES 192
AES with a 192-bit key
AES 256
AES with a 256-bit key
CM
Complex Multiplication
CRT
Chinese Remainder Theorem
CMOS
Complementary Metal Oxide Semiconductor
DES
Data Encryption Standard
DLP
Discrete Logarithm Problem
DoS
Denial-of-Service
DSA
Digital Signature Algorithm
ECC
Elliptical Curve Cryptography
ECDH
Elliptical Curve Diffie-Hellman
ECDLP
Elliptical Curve Discrete Logarithmic Problem
ECDSA
Elliptical Curve Digital Signature Algorithm
GCD
Greatest Common Divisor
IEEE
Institute of Electrical and Electronics Engineers
ISM
Industrial, Scientific and Medical band
JSF
Joint Sparse Form
µTESLA
Micro timed Efficient Stream Loss Tolerant Authentication
MAC
Media Access Control
MANET
Mobile Adhoc Networks
MEMS
Micro Electro Mechanical Systems
MIRACL
Multiprecision Integer and Rational Arithmetic C/C++ Library
NAF
Non Adjacent Form
NIST
National Institute of Standards and Technology
ONB
Optimal Normal Basis
PKC
Public Key Cryptography
RAM
Random Access Memory
XXI
ROM
Read Only Memory
RSA
Rivest Shamir Adleman algorithm
SD
Signed Digits
SNEP
Sensor Network Encryption Protocol
SPA
Simple Power Analysis
SPIN
Security Protocol for Sensor Networks
VLSI
Very Large Scale Integration
WSN
Wireless Sensor Networks
XXII
Acknowledgements
My sincere thanks to PhD Supervisor and Chair Dr. Xu Huang whose faith in my work and
constant support at all academic and research levels were priceless factors that helped me to
achieve more than I thought possible.
Special gratitude is to Honourable Dean Prof. Dr. Dharmendra Sharma who offered me an
opportunity to do research in one of Australia‟s best universities, and for co-supervising the
work.
I would like to thank my parents, wife Rakhee, daughters Darshana and Namita for their
endless support and understanding through the last five years of my research. Their love and
confidence in me were the constant source of inspiration to offer the best of myself to this
research.
I also extend my sincere thanks to Mr and Mrs Subhash Jalota for their support during my
initial days in Canberra.
XXIII