![International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539
_______________________________________________________________________________________
Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 2
authenticity and integrity verification for wireless sensor networks (WSNS) [1]-[5]. These schemes can largely divide into two
categories: public key based approaches and symmetric key based approaches.
1.1.1 Symmetric key based approach
The symmetric-key based approach requires complex key management lacks of scalability and is not resilient to large number of
node compromise attacks since the message sender and the receiver have to share a secret key. The shared key is used by the
sender to generate a message authentication code (MAC) for each transmitted message. However, for this method, the authenticity
and integrity of message can only be verified by the node with the shared key. An intruder can compromise the key by capturing a
single sensor node. In addition, this method does not work in multicast networks.
To solve the scalability problem, a secret polynomial based message authentication scheme was introduced in [3]. The idea of this
scheme is similar to a threshold secret sharing, where the threshold is determined by the degree of the polynomial. This approach
offers information-theoretic security of the shared secret key when the number of messages transmitted is less than the threshold.
The intermediate nodes verify the authenticity of the message through a polynomial evaluation. However, when the number of
messages transmitted is larger than the threshold, the polynomial can be fully recovered and the system is completely broken.
1.1.2 Public Key Based Approach
For the public-key based approach, each message is transmitted along with the digital signature of the message generated using
the sender’s private key. Every intermediate forwarder and the final receiver can authenticate the message using the sender’s
public key [7], [8]. One of the limitations of the public-key based scheme is the high computational overhead. The recent progress
on elliptic curve cryptography (ECC) shows that the public-key schemes can be more advantageous in terms of computational
complexity, memory usage, and security resilience, since public-key based approaches have a simple and clean key management
[9].
In this paper we consider two types of attacks launched by the opponent:
Passive attacks: Through passive attacks, the adversaries could eavesdrop on messages transmitted in the network and
perform traffic analysis.
Active attacks: Active attacks can only be launched from the compromised sensor nodes. Once the sensor nodes are
compromised, the adversaries will obtain all the in-formation stored in the compromised nodes, including the security
parameters of the compromised nodes. The adversaries can modify the contents of the messages, and inject their own
messages.
1.2 Design Goals
1.2.1 Message Authentication
The message receiver should be able to verify whether a received message is sent by the node that is claimed or by a node in a
particular group. In other words, the adversaries cannot pretend to be an innocent node and inject fake messages into the network
without being detected.
1.2.2 Message Integrity
The message receiver should be able to verify whether the message has been modified en-route by the adversaries. In other words,
the adversaries cannot modify the message content without being detected.
1.2.3 Hop-by-hop Message Authentication
Every forwarder on the routing path should be able to verify the authenticity and integrity of the messages upon reception.
1.2.4 Node Compromise Resilience
The scheme should be re-salient to node compromise attacks. No matter how many nodes are compromised, the remaining nodes
can still be secure.
1.2.5 Efficiency
The scheme should be efficient in terms of both computational and communication overhead.
2. LITERATURE SURVEY
2.1 Symmetric Key and Hash Based Authentication
F. Ye, H. Lou, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” in IEEE INFOCOM,
March 2004 and S. Zhu, S. Setia, S. Jajodia, and P. Ning, ” An interleaved hop-by-hop authentication scheme for filtering false](https://image.slidesharecdn.com/ijretm-2014-sp-043-170722101540/85/Ijretm-2014-sp-043-2-320.jpg)
![International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539
_______________________________________________________________________________________
Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 6
The opponent will try to analyze the data using Passive attacker.
Fig- 6: Eavesdropping of data.
Assigned time from one node to another node is less and routing time delay is less compared to existing system.
Fig-7: Graphical results of experimental evaluation.
7. CONCLUSIONS
Message authentication is an important concern in any network: without this unauthorized users could easily introduce invalid
data into the system. This service is usually provided through the deployment of a secure message authentication code (MAC).
In this paper, we first proposed a novel and efficient source anonymous message authentication scheme (SAMA) based on elliptic
curve cryptography (ECC). While ensuring message sender privacy, SAMA can be applied to any message to provide message
content authenticity. To provide hop-by-hop message authentication without the weakness of the built in threshold of the
polynomial-based scheme, we then propose a hop-by-hop message authentication scheme based on the SAMA.
By providing Message authentication, Message integrity and hop by hop message authentication then source should be in high
privacy and network should be efficient.
8. REFERENCES
[1] F. Ye, H. Lou, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” in IEEE
INFOCOM, March 2004.
[2] S. Zhu, S. Setia, S. Jajodia, and P. Ning, “An interleaved hop-by-hop authentication scheme for filtering false data in sensor
networks,” in IEEE Symposium on Security and Privacy, 2004.](https://image.slidesharecdn.com/ijretm-2014-sp-043-170722101540/85/Ijretm-2014-sp-043-6-320.jpg)
![International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539
_______________________________________________________________________________________
Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 7
[3] C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-secure key distribution for dynamic
conferences,” in Advances in Cryptology - Crypto’92, ser. Lecture Notes in Computer Science Volume 740, 1992, pp. 471–486.
[4] W. Zhang, N. Subramanian, and G. Wang, “Lightweight and compromise-resilient message authentication in sensor
networks,” in IEEE INFOCOM, Phoenix, AZ., April 15-17 2008.
[5] M. Albrecht, C. Gentry, S. Halevi, and J. Katz, “Attacking cryptographic schemes based on ”perturbation polynomials”,”
Cryptology ePrint Archive, Report 2009/098, 2009, http://eprint.iacr.org
[6] H. Wang, S. Sheng, C. Tan, and Q. Li, “Comparing symmetric-key and public-key based security schemes in sensor networks:
A case study of user access control,” in IEEE ICDCS, Beijing, China, 2008, pp. 11–18.
[7] D. Pointcheval and J. Stern, “Security proofs for signature schemes,” in Advances in Cryptology - EUROCRYPT, ser. Lecture
Notes in Computer Science Volume 1070, 1996, pp. 387–398.
[8] D. Chaum, “Untraceable electronic mail, return addresses, and digital pseudonyms,” Communications of the ACM, vol. 24,
no. 2, pp. 84–88, February 1981
[9]“The dinning cryptographer problem: Unconditional sender and recipient untraceability,” Journal of Cryptology, vol. 1, no. 1,
pp. 65–75, 1988.
[10] A. Pfitzmann and M. Waidner, “Networks without user observability– design options.” in Advances in Cryptology -
EUROCRYPT, ser. Lecture Notes in Computer Science Volume 219, 1985, pp. 245–253.](https://image.slidesharecdn.com/ijretm-2014-sp-043-170722101540/85/Ijretm-2014-sp-043-7-320.jpg)
Ijretm 2014-sp-043
- 1. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 1 Secure Network Discovery by Message Authentication in Wireless Sensor Network Ashwini M. Rathod1 , Archana C. S.2 1 M.Tech. Scholar, Department of E&C, BTL Institute of Technology, Bangalore, Karnataka, India,[email protected] 2 Assistant Professor, Department of E&C, BTL Institute of Technology, Bangalore Karnataka, India,[email protected] Abstract A Wireless Sensor Network (WSN) in general is a collection of small, low-cost, and low battery powered sensor nodes that communicate with each other through wireless link under highly resource constrained hostile environment. Many message authentication schemes have been developed, based on either symmetric-key cryptosystems or public-key cryptosystems. This is one of the most effective ways to thwart unauthorized and corrupted traffic from being forwarded in wireless sensor networks (WSNs) To provide this service, a polynomial-based scheme was recently introduced. However, this scheme and its extensions all have the weakness of a built-in threshold determined by the degree of the polynomial: when the number of messages transmitted is larger than this threshold, the adversary can fully recover the polynomial. In this paper, we propose a scalable authentication scheme based on elliptic curve cryptography (ECC). While enabling intermediate node authentication, our proposed scheme allows any node to transmit an unlimited number of messages without suffering the threshold problem. In addition, our scheme can also provide message source privacy. Keywords: Wireless Sensor Network, Symmetric-Key Cryptosystem, Public-Key Cryptosystem, Source Privacy, Hop Message Authentication. --------------------------------------------------------------------***---------------------------------------------------------------------- 1. INTRODUCTION A wireless sensor network (WSN) consists of a collection of these nodes that have the ability to sense, process data and communicate with each other via a wireless connection. Wireless sensor networks (WSN’s), the improvement in sensor technology has made it possible to have extremely small, low powered sensing devices equipped with programmable computing, multiple parameter sensing and wireless communication capability. Also, the low cost makes it possible to have a network of hundreds or thousands of these sensors, thereby enhancing the reliability and accuracy of data and the area coverage. Wireless sensor networks offer information about remote structures, wide-spread environmental changes, etc. Wireless sensor network (WSN) is a network system comprised of spatially distributed devices using wireless sensor nodes to monitor physical or environmental conditions, such as sound, temperature, and motion. The individual nodes wireless sensor network (WSN) is a network system comprised of spatially distributed devices using wireless sensor nodes to monitor physical or environmental conditions, such as sound, temperature, and motion. The individual nodes are capable of sensing their environments, processing the information data locally, and sending data to one or more collection points in a WSN Efficient data transmission is one of the most important issues for WSNs. Meanwhile, many WSNs are deployed in harsh, neglected and often adversarial physical environments for certain applications, such as military domains and sensing tasks with trustless surroundings. Secure and efficient data transmission is thus especially necessary and is demanded in many such practical WSNs such as sound, temperature, and motion. 1.1 Message Authentication Code In cryptography, a message authentication code (often MAC) is short piece of information used to authenticate a message and to provide integrity and authenticity assurance on the message. Integrity assurance detects accidental and intentional message changes, while authenticity assurances affirm the message origin. A MAC algorithm, sometimes called keyed (cryptographic) hash function (however cryptographic hash is only one of the possible way to generate MACs) , accepts as input a secret key and an arbitrary length message to be authenticated, outputs a MAC (sometimes knows as a tag). The MAC value protects both the message data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content. Message integrity guarantees that message has not been changed. Message authentication guarantees that the sender of the message is authentic. Message authentication is one of the most effective ways to thwart unauthorized and corrupted message from being forwarded in networks to save precious energy. For this reason, many authentication schemes have been developed to provide message
- 2. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 2 authenticity and integrity verification for wireless sensor networks (WSNS) [1]-[5]. These schemes can largely divide into two categories: public key based approaches and symmetric key based approaches. 1.1.1 Symmetric key based approach The symmetric-key based approach requires complex key management lacks of scalability and is not resilient to large number of node compromise attacks since the message sender and the receiver have to share a secret key. The shared key is used by the sender to generate a message authentication code (MAC) for each transmitted message. However, for this method, the authenticity and integrity of message can only be verified by the node with the shared key. An intruder can compromise the key by capturing a single sensor node. In addition, this method does not work in multicast networks. To solve the scalability problem, a secret polynomial based message authentication scheme was introduced in [3]. The idea of this scheme is similar to a threshold secret sharing, where the threshold is determined by the degree of the polynomial. This approach offers information-theoretic security of the shared secret key when the number of messages transmitted is less than the threshold. The intermediate nodes verify the authenticity of the message through a polynomial evaluation. However, when the number of messages transmitted is larger than the threshold, the polynomial can be fully recovered and the system is completely broken. 1.1.2 Public Key Based Approach For the public-key based approach, each message is transmitted along with the digital signature of the message generated using the sender’s private key. Every intermediate forwarder and the final receiver can authenticate the message using the sender’s public key [7], [8]. One of the limitations of the public-key based scheme is the high computational overhead. The recent progress on elliptic curve cryptography (ECC) shows that the public-key schemes can be more advantageous in terms of computational complexity, memory usage, and security resilience, since public-key based approaches have a simple and clean key management [9]. In this paper we consider two types of attacks launched by the opponent: Passive attacks: Through passive attacks, the adversaries could eavesdrop on messages transmitted in the network and perform traffic analysis. Active attacks: Active attacks can only be launched from the compromised sensor nodes. Once the sensor nodes are compromised, the adversaries will obtain all the in-formation stored in the compromised nodes, including the security parameters of the compromised nodes. The adversaries can modify the contents of the messages, and inject their own messages. 1.2 Design Goals 1.2.1 Message Authentication The message receiver should be able to verify whether a received message is sent by the node that is claimed or by a node in a particular group. In other words, the adversaries cannot pretend to be an innocent node and inject fake messages into the network without being detected. 1.2.2 Message Integrity The message receiver should be able to verify whether the message has been modified en-route by the adversaries. In other words, the adversaries cannot modify the message content without being detected. 1.2.3 Hop-by-hop Message Authentication Every forwarder on the routing path should be able to verify the authenticity and integrity of the messages upon reception. 1.2.4 Node Compromise Resilience The scheme should be re-salient to node compromise attacks. No matter how many nodes are compromised, the remaining nodes can still be secure. 1.2.5 Efficiency The scheme should be efficient in terms of both computational and communication overhead. 2. LITERATURE SURVEY 2.1 Symmetric Key and Hash Based Authentication F. Ye, H. Lou, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” in IEEE INFOCOM, March 2004 and S. Zhu, S. Setia, S. Jajodia, and P. Ning, ” An interleaved hop-by-hop authentication scheme for filtering false
- 3. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 3 data in sensor networks,” in IEEE Symposium on security and privacy, 2004. In these schemes, each symmetric authentication key is shared by a group of sensor nodes. An intruder can compromise the key by capturing a single sensor node. Therefore, these schemes are not resilient to node compromise attacks. Another type of symmetric-key scheme requires synchronization among nodes. These schemes, including TESLA and its variants, can also provide message sender authentication. However, this scheme requires initial time synchronization, which is not easy to be implemented in large scale WSNs. In addition, they also introduce delay in message authentication, and the delay increases as the network scales up. 2.2 A Secret Polynomial Based Message Authentication Scheme C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-secure Key distribution for dynamic conferences,” in Advance in cryptology – Crypto’92, ser. Lecture Notes in Computer Science Volume 740, 1992, pp. 471-486. This scheme offers information-theoretic security with ideas similar to a threshold secret sharing, where the threshold is determined by the degree of the polynomial. When the number of messages transmitted is below the thresh-old, the scheme enables the intermediate node to verify the authenticity of the message through polynomial evaluation. However, when the number of messages transmitted is larger than the threshold, the polynomial can be fully recovered and the system is completely broken. 2.3 Increase the Threshold and Complexity for Intruder W. Zhang, N. Subramanian, and G. Wang, “Lightweight and compromise-resilient message authentication in sensor networks,” in IEEE INFOCOM, phoenix, AZ., April 15-17 2008 and M. Albrecht, C. Gentry, S. Halevi, and J. Katz, “Attacking cryptographic scheme based on” perturbation polynomials”, “Cryptology ePrint Archive, Report 2009/098, 2009, http://eprint.iacr.org/. To increase the threshold and the complexity for the intruder to reconstruct the secret polynomial, a random noise, also called a perturbation factor, was added to the polynomial, to thwart the adversary from computing the coefficient of the polynomial. However, the added perturbation factor can be completely removed using error-correcting code techniques. 2.4 Public Key Based Approach H. Wang, S. Sheng, C. Tan, and Q. Li, “Comparing symmetric-ley and Public-key based security schemes in sensor networks: A case study of user access control,” in IEEE ICDCS, Beijing, China, 2008, pp. 11-18. For the public-key based approach, each message is transmit-ted along with the digital signature of the message generated using the sender’s private key. Every intermediate forwarder and the final receiver can authenticate the message using the sender’s public key. The recent progress on elliptic curve cryp-tography (ECC) shows that the public-key schemes can be more advantageous in terms of memory usage, message complexity, and security resilience, since public-key based approaches have a simple and clean key management. 3. EXISTING SYSTEM Symmetric key and hash based authentication schemes were proposed for WSNs. Disadvantages It requires initial time synchronization, which is not easy to be implemented in large scale WSNs. It also introduces delay in message authentication, and the delay increases as the network scales up. 4. PROPOSED SYSTEM Source anonymous message authentication code (SAMAC). Message authentication code (MAC). Hop by hop message authentication. Compromised node detection. Source privacy. Key server management. 5. PROCEDURE FOR IMPLEMENTATION Step 1: First we have select the path from the existing file. Step 2: Initiate MAC to all nodes from source to destination. Step 3: After that we have select IP address and the type of receiver. Step 4: Message will go from source to destination through router. Step 5: If any false message found in any node then we have to filter it.
- 4. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 4 Step 6: We need to check the possible attacks those are active attack and passive attack. 6. RESULTS First we have to select the existing file to select the path and initialize the nodes to all 17 nodes. Fig -1: Selection of path. Fig-2: Initialization of MAC. Later we have to select IP address and receiver then message will go to the receiver through router.
- 5. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 5 Fig-3: Message passes through router. Receiver received the message. Fig- 4: Received message. We need to check the possible attacks those are active attack and passive attack. Inject the message by using active attacker, first select the file. Fig-5: Injection of message.
- 6. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 6 The opponent will try to analyze the data using Passive attacker. Fig- 6: Eavesdropping of data. Assigned time from one node to another node is less and routing time delay is less compared to existing system. Fig-7: Graphical results of experimental evaluation. 7. CONCLUSIONS Message authentication is an important concern in any network: without this unauthorized users could easily introduce invalid data into the system. This service is usually provided through the deployment of a secure message authentication code (MAC). In this paper, we first proposed a novel and efficient source anonymous message authentication scheme (SAMA) based on elliptic curve cryptography (ECC). While ensuring message sender privacy, SAMA can be applied to any message to provide message content authenticity. To provide hop-by-hop message authentication without the weakness of the built in threshold of the polynomial-based scheme, we then propose a hop-by-hop message authentication scheme based on the SAMA. By providing Message authentication, Message integrity and hop by hop message authentication then source should be in high privacy and network should be efficient. 8. REFERENCES [1] F. Ye, H. Lou, S. Lu, and L. Zhang, “Statistical en-route filtering of injected false data in sensor networks,” in IEEE INFOCOM, March 2004. [2] S. Zhu, S. Setia, S. Jajodia, and P. Ning, “An interleaved hop-by-hop authentication scheme for filtering false data in sensor networks,” in IEEE Symposium on Security and Privacy, 2004.
- 7. International Journal of Research in Engineering Technology and Management ISSN 2347 - 7539 _______________________________________________________________________________________ Special Issue | June-2014, Available @http://www.ijretm.com| Paper id - IJRETM-2014-SP-041 7 [3] C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-secure key distribution for dynamic conferences,” in Advances in Cryptology - Crypto’92, ser. Lecture Notes in Computer Science Volume 740, 1992, pp. 471–486. [4] W. Zhang, N. Subramanian, and G. Wang, “Lightweight and compromise-resilient message authentication in sensor networks,” in IEEE INFOCOM, Phoenix, AZ., April 15-17 2008. [5] M. Albrecht, C. Gentry, S. Halevi, and J. Katz, “Attacking cryptographic schemes based on ”perturbation polynomials”,” Cryptology ePrint Archive, Report 2009/098, 2009, http://eprint.iacr.org [6] H. Wang, S. Sheng, C. Tan, and Q. Li, “Comparing symmetric-key and public-key based security schemes in sensor networks: A case study of user access control,” in IEEE ICDCS, Beijing, China, 2008, pp. 11–18. [7] D. Pointcheval and J. Stern, “Security proofs for signature schemes,” in Advances in Cryptology - EUROCRYPT, ser. Lecture Notes in Computer Science Volume 1070, 1996, pp. 387–398. [8] D. Chaum, “Untraceable electronic mail, return addresses, and digital pseudonyms,” Communications of the ACM, vol. 24, no. 2, pp. 84–88, February 1981 [9]“The dinning cryptographer problem: Unconditional sender and recipient untraceability,” Journal of Cryptology, vol. 1, no. 1, pp. 65–75, 1988. [10] A. Pfitzmann and M. Waidner, “Networks without user observability– design options.” in Advances in Cryptology - EUROCRYPT, ser. Lecture Notes in Computer Science Volume 219, 1985, pp. 245–253.