Security Mechanism in Wireless Sensor Network

wireless sensor networks for security issues and challenges simulation for security of wireless sensor network using matlab survey on wireless sensor network security
Dr.MohitBansal Profile Pic
Published Date:26-10-2017
Your Website URL(Optional)
Mathematical Model for Wireless Sensor Nodes Security WSNs have recently emerged as an important means to study and interact with physical world. In previous era, castles were surrounded by moats (deep trenches, filled with water, and even alligators) to prevent or discourage intrusion attempts. Today one can replace such barriers with stealthy and wireless sensors. In this chapter, we develop mathematical foundations model using barriers concept to design secure wireless sensors nodes. Security becomes one of the major concerns when there are potential attacks against sensor network nodes. Thus we have designed fundamental security in disk shaped to provide basic security elements that can be implemented in various sensor nodes. The mathematical models introduced are flexible and efficient to be embedded in sensor nodes and can create a suitable nodes components security in hostile environments. We also demonstrate how these nodes can be deployed in wall and belt form to fulfill their tasks. WSNscanreplacesuchbarrierstodayatthebuildinglevelandattheestatelevel, wherebarrierscanbemorethanakilometerlong1.Effortsarecurrentlyunderway to extend the scalability of WSNs so that they can be used to monitor one of the largest international borders 1. Intrusion detection and border surveillance con- stitute a major application category for WSNs. A major goal in these applications is to detect intruders as they cross a border or as they penetrate a protected area. Existing sensor network security research has mostly focused on adapting security mechanisms to the computational and messaging constraints imposed by tiny sensor devices 2, 3. From an operational point of view, it is also worth mentioning that sensor nodes might or might not have addressable global identi- fication (ID). This fact affects how protocols and security schemes are designed for WSNs. None of the sensor nodes applications would function correctly if appro- priate security measures are not taken. Threat such as a mote-class attacker versus a laptop-class attacker, an insider attacker versus an outsider attacker, Passive versus active attacker can be expected from the absence of excellent security mechanisms.42 3 Mathematical Model for Wireless Sensor Nodes Security ThesecurityofWSNscanbeclassifiedintotwobroadcategories:(1)operational security, and (2) information security. The operation-related security objective is that a network as a whole should continue to function even when some of its components are attacked (the service availability requirement). The information-related security objectives are that confidential information should never be disclosed, and the integrity and authenticity of information should always be ensured. While it may seem that information security can readily be achieved with cryptography, there are 2 facts that make achieving the above objectives non-trivial in WSNs: (1) sensor nodes operate unattended—they are potentially accessible, both geographically and physically, to any malicious party imaginable; (2) sensor nodes communicate through an open medium. The first fact makes insiderattackspossible,whenthesoftbellyofeverynodeisupforgrabs—itiseasy for an attacker to gain access to the data (including system states and cryptographic material)andprograms thatpowerthe devices, andeven modifythe software to run its own algorithms. Effective security support proposed is a model design that needs an integrated approach. Securing a system requires more than simply adding encryption pro- cessors and virus-scanning software, rather, you must implement those security elements in an organized way. A system’s security is only as strong as its weakest link. For example, a smart card’s strongest cipher algorithm is worthless if a hacker can disassemble the card and retrieve sensitive data by observing its power consumption 4. We think of security as a design domain with multiple layers of design abstraction, and a complete system as a co-design of domains (security, networking, and graphics, for example) rather than a co-design of implementations (such as hardware and soft- ware). The classic view emphasizes using hardware for performance and software for flexibility. In embedded applications such as mobile phones, PDAs, and sensor network nodes, however, energy efficiency is tantamount important. We approach these challenges by designing domain-specific mathematical based model disc shaped which can be integrated into flexible sensor nodes based on a reconfigurable interconnect sensor network. This type of model is referred to as barrier, where the sensors form a barrier for the intruders. 3.2 Barrier Security Most of the existing works focus on barrier full-coverage 5–7 and that too in regular regions rather than in a thin belt region. The proofs and the conditions developedfor full-coveragedonot readily carry over to thecaseofbarrier coverage in thin belt regions. Another work related to barrier 8 is addressed the issue of intruder tracking in regular regions such as a square. The focus of this work is the following problem— given a value of l what is the minimum number of sensors needed so that if the nodes are independently and uniformly distributed, the average length of an3.2 Barrier Security 43 uncovered path traveled by an intruder that starts at a random (uniformly chosen) location within the field. Although this is an important problem for tracking applications, it does not address the problem sensor nodes design in mathematical model as means creating robust security. The concept of barrier coverage first appeared 9 in the context of robotic sensors. Simulations were performed in 10to find the optimal number of sensors to be deployed to achieve barrier coverage. To the best of our knowledge, ours is the first work to address the theoretical foundation for disc sensing design that can be employed as barrier (using critical WSNs conditions) to achieve security in sensor network. As can be seen from the discussion of some related work above, a lot of interesting works have come close to the problem of barrier coverage, but none have addressed the issue ofbarrierdesignto deriving critical security conditionsfor WSNs, which is a more realistic model for sensor deployed on unsecured envi- ronments. Also, no existing work, to the best of our knowledge, has addressed the issue of developing efficient mathematical design for determining whether a given node barrier can stop malicious action on sensor network. Earlier research on sensor networks has focused on developing extremely optimized protocols at different layers of networking stack, as well as a specialized operatingsystemcalledTinyOs11.However,themajorityoftheseprotocolshave not been designed with security and privacy in mind resulting in substantial per- formancedegradation ifthere isasecurity breach. Securitycannot bedesigned asa separate module to be added on top of these protocols. Rather, security has to be integrated in the design of every component of the sensor network. 3.3 Problem Statement and Mathematical Model Design Securitybecomesoneofthemajorconcernswhentherearepotentialattacksagainst sensor networks. Many protocols and algorithms (e.g. routing, localizations) will notworkinhostileenvironmentswithoutsecurityprotection.Securityservicessuch as authentication and key management are critical to ensure the normal operations of sensor network in hostile environments. In this section we present our secure mathematical based model designed to be implemented in sensor nodes in disc shape creating barrier to intruders who might attack sensor nodes. The design can be implemented to sensor nodes and its for- malizationsare elaborated indetailsinthissectionaswell. Assumethat eachsensor node has only secured protocol, or locations. An attacker may capture or com- promise one or number of sensor nodes without being noticed if nodes are not secured. If the sensor nodes are compromised, the attacker learns all the secrets stored on them and may launch a variety of malicious actions against the network through these compromised nodes. For example a compromised node may discard all important messages in order to hide some critical events from being noticed or report observations that are significantly different from those observed by non44 3 Mathematical Model for Wireless Sensor Nodes Security compromised nodes in order to mislead any decision made on these data. The results will be worse if the nodes that provide some critical functions (e.g. data aggregation) are compromised. Thekeyissuehere is todevelopasecuremathematical model which canbeused tocovereverypointofsecuritywhenitcomestoWSNssecurity,notonlyprotocols carrying the information within sensor nodes but as well as node itself and make sure WSNs as a whole are well protected and are resilient to node compromise attack inthe sensethatnoeven oneornumberofsensornodes canbecompromised andsensornetwork functioncorrectly.Ourmodel canbeaproperapplication tothe work well developed 12 with high probability guarantees the detection of intruders as they cross a barrier of stealthy sensors, a sensor network providing strong barrier coverage with high probability (at the expense of more sensors) guarantees the detection of allintruders crossing abarrier ofsensors,even when the sensors are not stealthy. 3.4 Formalization Figure 3.1 represents the essence of formalization of passive countermeasure against attacks, it shows how operation might take place and how the defense mechanism can be implemented (the number of barriers which can be implemented are from 1st to Kth). Data, commands and the messages can be presented in the capacity of “Nodes information”. For clarity we present our formalization in elementary security model in Fig. 3.2 which showed that there is locked secure contour around protected information. Defense stability depends on defense’s properties. The principal role is the defense ability to resist overcoming attempts sent by attacker. Here we present two ways to estimate sufficient defense’s stability: � If cost of measures to overcome the defense is more than cost of secured information, then we count defense’s stability is sufficient; � If the timetable to overcome the defense is more than information lifetime, then defense’s stability is sufficient. st Fig. 3.1 Attack and defense 1 defense ... mechanism scenario th K defense Unauthorized access is not implemented Malicious operations Attack Nodes Malicious information implemented3.4 Formalization 45 1 2 3 Fig. 3.2 Elementary security model. 1 Secured information; 2 barrier defense mechanism; 3 barrier defense stability Indication P Probability of defense stability (probability of a barrier’s irresistibility); stable t Information lifetime; lt t Expected time to overcome the defence by attacker; ex P Probability to break the defense. break However we formulate our second case (timetable to overcome the defense is more than information lifetime) as follow: � P ¼1if t\t and P ¼ 0. stable lt ex break P ¼ 0 indicates that there is locked secure contour around protected break information (system is stable). � If t t and P ¼ 0, then P ¼ð1P Þ, lt ex break stable br min where P —probability of overcoming the defence by the attacker for time br min less than t . lt In actual conditions there are t t and P 0, therefore we can estimate lt ex break our security strength by Eq. (3.1) P ¼ð1P Þð1P Þð1P Þð3:1Þ stable br min break1 breakK where P ¼ 0, if t\t ; br min lt ex P 0, if t t ; br min lt ex K—number of ways to break the defence, i.e. for each barrier it can be several ways to be overcomed. The choice and definition of P , firstly, can be made by expertise way on break basis of previous experience. P must take on value from 0 to 1, otherwise with break P ¼ 1 the effect of security is lost. break When the secured information is refresh periodically, i.e. with t t , perma- lt ex nent defense is used which can discovers and blocks the access of attacker to the secured information.46 3 Mathematical Model for Wireless Sensor Nodes Security Our proposed automated defense’s principle is based on following: Periodically, control module monitors all the sensors to find the overcomings. The condition for defence stability with disclosure and blocking of unauthorized access can be pre- sented as follow (3.2): T þt þt þt inquiry response ld block \1 ð3:2Þ t ex or T total \1 ð3:3Þ t ex where T Sensor’s inquiring period; inquiry t Disturbed signalization response time; response t Location disclosure time; ld t Access blocking time; block T ¼ T þt þt þt Disclosure and blocking time of unautho- total inquiry response ld block rized access. We present an unauthorized attacker’s actions in form of temporal graph pre- sented on Fig. 3.3. Here we assume that time interval T is T=(¼ of the total time), 1 i.e. T ¼ T . Our results show that the response time (t ) is excellent total response 4 variable as it can counter unauthorized access as well as attacker within¼ of total time before even their disclosure or blockage. However, the approach is efficient as adversaries can be revealed or blocked before they destruct the system within given total time. Fig. 3.3 Temporal diagram of unauthorized access control3.4 Formalization 47 From Fig. 3.3 we can see, that adversary could not be disclosured into the two cases: � t \T; ex Probability of attack to succeed (P ): br_min Tt t ex ex P ¼ ¼ 1 ð3:4Þ br min T T Probability of discovering malicious action (P ): md P ¼ 1P ð3:5Þ md br min or t ex P ¼ ð3:6Þ md T � T\t \T ; ex total Probability of attack to succeed (P ): br_min T t t total ex ex P ¼ ¼ 1 ð3:7Þ br min T T total total Probability of discovering and blocking malicious action (P ): mdb P ¼ 1P ð3:8Þ mdb br min or t ex P ¼ ð3:9Þ mdb T total 3.5 Ensuring Passive Resistance to Threat on Sensor Nodes Concept of defending sensor nodes using in practice, protective contour or barrier designed consists ofcoupled of connected barriers with different strength and to the bestofourknowledgehaveneverbeenstudiedbefore.Thedefensemechanismalso includes several barrier’s strength designed in layer form in disc shape as can be seen in Figs. 3.4 and 3.5. We consider our sensor being scattered randomly in the field and will form a sensor network after deployment in an ad hoc manner to fulfill certain tasks and eventually they will have multiple links. Each individual sensor48 3 Mathematical Model for Wireless Sensor Nodes Security Fig. 3.4 Model of multilink 3 security. 1 Barrier 1; 2 barrier 2; 3 secured information; 4 1 barrier 3; 5 barrier strength 2 5 4 node then monitors conditions and activities in its local surrounding and reports its observations to central server by communicating with its neighbors. Obviously, the design of sensor nodes requires wireless networking techniques, especially wireless ad hoc networking techniques. As most traditional wireless networking protocols and algorithms are not suitable for sensor network 2,13–15we proposethe use of mathematical model of barrier’s defense to be integrated in sensor nodes for security purposes. The protective contour consisted of coupled of connected bar- riers (barrier 1, 2 and 3) with different strength can be called as “Multilink model” and presented as follow (Fig. 3.4). Since we have multiple links we calculate probability of our multilink security (P ) as: stable P ¼ P P stable stable1 stable n ð3:10Þ ¼ð1P Þð1P Þ break break 1 n where P is strength of nth barrier and P is probability of nth barrier stable break n n breaking. We also consider if stability of weakest part (barrier) is satisfy to qualifying standards of security requirements in general, then we will have the redundant strength of another parts of contour. Therefore, the use of equal-stable barriers will be economically reasonable in multilink security contour. With the higher requirements of security, we propose to use multilevel security model as it presented in Fig. 3.5. Here we use several contours (levels) to achieve greater security of secured information. Figure 3.5 presented three security levels— level 1, 2 and 3. Also, each level still can have one or more connected barriers as it was presented at “Multilink security model” (Fig. 3.4). The total strength of security contours (P ) to our proposed multilevel security R model can be presented mathematically as: m Y P ¼ 1 ð1PÞð3:11Þ R stable i i¼13.5 Ensuring Passive Resistance to Threat on Sensor Nodes 49 Fig. 3.5 Multilevel security 1 4 model. 1 3rd security contour; 2 2nd security contour; 3 1st 2 security contour; 4 secured information 3 where 1im—ordinal (serial) number ofbarrier;m—numberoflevels (m=3in the case of Fig. 3.5); P —ith contour’s stability. So, to calculate P , firstly, we stable R i should calculate each level strength using Eq. (3.10). With P = 0, there is no need to calculate ith contour’s strength. With stable i P = 1, others security contours are redundant. This model suits only for stable i security contours, which block the same unauthorized access channel to the same subject of security. 3.6 The Nodes Model Application In this section we present two ways of implementation our secure model, there are k-lines covered area and belt secure region (Figs. 3.6 and 3.7). Assumption 1 (Mathematical-based nodes) We assume a mathematical node based model where each active sensor nodes has a sensing radius of r; any object withinthenodes ofradiusrcenteredatanactivesensornetworkisreliably detected by it. The sensing sensor node located at location u is denoted by D (u). r Fig. 3.6 The above region is 3-lines nodes covered area f e d c b a50 3 Mathematical Model for Wireless Sensor Nodes Security D 2 D 1 Fig. 3.7 A sensor network deployed over a closed belt region Definition 1 (Intruder) An intruder is any person or object that is subject to detection by the sensor network nodes as it crosses the barrier. Looking at the sensor deployment in Fig. 3.6, one can easily conclude that the region is 3-barrier covered (from node a to node b, from node c to node d and from node e to node f)sincethere does notexistanypath that crossesthe complete width ofthe regionwithoutbeing detected by at least three sensors(nodes a, d, e from the left border and nodes b, c and f from the right border). Assumption2 Thereisthebeltregion(B)inconsideration(Fig.3.7).Iftwosensing node D1 and D2 have overlap, thenðD D Þ\B is a connected sub-region in B. 1 2 In the Fig. 3.7 we show the resulting coverage graph for the sensor networks presented as a belt region, covered by two closed barriers. The area is well secured since there does not exist any path that crosses the complete width of the region without being detected by at least sensors nodes. 3.7 Summary Detection of intruders breaching the perimeter of a building or an estate, or those crossing an international border is increasingly being seen as an important appli- cation for WSNs. We need a theoretical foundation to determine the minimum number of sensors to be deployed so that intruders crossing a barrier of sensors will always be detected. However the sensor nodes deployed should have the security implemented in them as suggested with our findings.3.7 Summary 51 In this chapter, we present the fundamental mathematical model design for sensor nodes that can be used to secure different WSNs topology against intruders. As we are still in the early stage of our findings the concept of barrier technique design in sensor nodes is a relatively new concept, several problems still remain open in this space. One such problem is the implementation of our approach to alreadyexistingbarriercoveragepresentedtechniques.Anotheropenproblemisthe impact of our mathematical model in sensor nodes is not yet fully explored. In our future work, we plan to address these and other open problems in the area of sensor nodes design with respect to our presented model. References 1. Extreme scale wireless sensor networking. Technical Report. exscal/ (2004) 2. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: Security protocols for sensor networks. In: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking, pp. 189–199 (2001) 3. Karlof, C., Sastry, N., Wagner, D.: TinySec: Link-layer encryption for tiny devices. In: Proceedings of the 2nd ACM SenSys Conference (2004) 4. Anderson, R., Kuhn, M.: Tamper resistance—A cautionary note. In: Proceedings of 2nd Usenix Workshop Electronic Commerce, Usenix, pp. 1–11 (1996) 5. Huang, C., Tseng, Y.: The coverage problem in a wireless sensor network. In: ACM International Workshop on Wireless Sensor Networks and Applications (WSNA), pp. 115– 121 (2003) 6. Kumar, S., Lai, T.H., Balogh, J.: On k-coverage in a mostly sleeping sensor network. In: International Conference on Mobile Computing and Networking, pp. 144–158 (2004) 7. Zhang, H., Hou, J.: On deriving the upper bound of α-lifetime for large sensor networks. In: InternationalSymposiumonMobileAdHocNetworkingandComputing,pp.121–132(2004) 8. Gui, C., Mohapatra, P.: Power conservation and quality of surveillance in target tracking sensor networks. In: International Conference on Mobile Computing and Networking, pp. 129–143 (2004) 9. Gage, D.W.: Command control for many-robot systems. In: Nineteenth Annual AUVS Technical Symposium, vol. 10(4), pp. 28–34 (1992) 10. Hynes, S.: Multi-agent simulations (mas) for assessing massive sensor coverage and deployment. Technical Report, Master’s Thesis, Naval Postgraduate School (2003) 11. Gay, D., Levis, P., Culler, D.: Software design patterns for TinyOs. In: Proceedings of the ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems, pp. 40–49 (2005) 12. Kumar, S., Lai, T.H., Arora, A.: Barrier coverage with wireless sensors. In: MobiCom, pp. 284–298 (2005) 13. Niculescu, D., Nath, B.: Ad hoc positioning system (APS). In: INFOCOM 2003. IEEE Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, pp. 1734–1743 14. Intanagonwiwat, C., Govindan, R., Estrin, D.: Directed diffusion: A scalable and robust communication paradigm for sensor networks. In: Proceedings of the Sixth Annual International Conference on Mobile Computing and Networking, pp. 56–67 (2003) 15. Newsome, J.,Song,D.: GEM: Graphembeddingfor routinganddata-centric storagein sensor networks without geographical information. In: Proceedings of the First ACM Conference on Embedded Networked Sensor Systems, pp. 76–88 (2003)4.1 Introduction WSNareexposedtovarietyofattacksasothernetworks.Qualityandcomplexityof attacks are rising day by day. The proposed work aim at showing how complexity of modern attacks is growing accordingly, converging to usher resistant methods also to rise. Limitations in computation and battery power in sensor nodes gives constrain to diversity of security mechanisms. We must apply only suitable mechanism to WSN where by applications of improved “Feistel Scheme” moti- vated our approach. The modified accelerated-cipher design use data-dependent permutations (DDP), and can be used for fast hardware, firmware, software and WSN encryption systems. The approach presented showed that ciphers using this approach have less intrusion probability against differential cryptanalysis than currently used popular WSN ciphers like DES, Camellia and so on. The goal of information security is to provide information safety and integrity 1, 2. Information transferring through WSN needs to be protected from misuse respectively. Modernsecuritymethodsneedtoguaranteesafetyofdatatransmitting with respect to security needs i.e. Confidentiality, Integrity, and Availability (CIA). Providing information security in WSN is also necessary especially for those security-sensitive applications and is one of the major concerns to our proposal. There are lots of countermeasures methods have been extensively studied to pro- vide WSN communication securities 1, 3–5. However WSN is still exposed to some kinds of attacks 4–6. These defenses are ineffective against attacks i.e. from compromised servers due to WSN level constantly increasing, attacks and becoming more and more complicated 2, 5, 6. Moreover WSN has some restrictions when it comes to its applications like limited power supplies, low bandwidth, small memory sizes and limited energy which make it more vulnerable 7. And as information become more valuable and costly making intruders to use more complicated methods in attacking WSN, eventually this makes security issue become highly sensitive. Due to the increases of new trend of attacks previously54 4 Improved Feistel-Based Ciphers for Wireless … security methods are unable to combat or resist against modern attacks. We present additional steptocreateefficientandresourcesconstrainedsecuritymechanismsfor WSN. Our study shows that new and more stable security approaches need to be put in place to provide information safety considering the following attributes: avail- ability, confidentiality, integrity, authentication, and non-repudiation. We propose to use a modified accelerated-cipher using permutations (DDP) presented as a cryptographic primitive approach for WSN. This concept of DDP is perspective approach in many information securities today 8–10. Constituting to the key challengeswefollowthisapproachbyusingFeistelschemeapproachtopresentour improved cipher block using DDP. By cryptanalysis realization, it’s necessary to consider differential and linear properties of individual round transformation crypto primitives of block ciphers. This method allows us to create more stable secure mechanisms against modern types of attacks and also provide high-accelerated security program within small sensor devices. In this presentations we use con- trolled permutation boxes based method for block ciphers implementation to pro- vide modified stable cipher against modern crypto-attacks such as differential cryptanalysis in WSN. The proposed cipher is free key preprocessing which pro- vides high performance in frequent keys exchange. In our work we show the effectiveness of using DDP in ciphers design for WSN. Experiments presented in the rest of this chapter demonstrate the best results of DDP-based ciphers. 4.2 Attacks Threats Methods of crypto attacks are very complicated. They combined mathematics, information science and even electronics with non ordinary thinking. WSNS block ciphers design needs to consider stability against analytical crypto-attacks. Past years practices has shown that differential (DCA) 11 and linear cryptanalysis (LCA) 12 where the most powerful analytical crypto analysis methods used. The main content of DCA is analysis of influence propagation degree in plaintext modification at cipher text (propagation properties). Using DCA as one of complex attack with complicated mathematics methods can be one of proof verifying to block ciphers stability. In block cipher cryptanalysis realization, it’s necessary to consider differential andlinearpropertiesofindividualroundtransformationcryptoprimitivesofblocks. The cases are complicated to element addition on stable round transformation which sometimes might givethe negative results to a given cipher algorithm. Block cipher designers who are trying to use theoretical computing constructions that provided distinctness at block ciphers evaluation to modern cryptanalysis methods should give consideration before putting all these into action 13. Besides differential cryptanalysis there are many threats against new modern networks. One of the main challenges is the design of these networks and their vulnerability to security attacks which leads to network destruction and poor4.2 Attacks Threats 55 Fig. 4.1 Advancement of complex attacks level, mechanisms and hacker’s performance. Every year the attack complexity increases as can be seen on pre- sented graph in Fig. 4.1. Figure4.1showsattackincreasementandcomplexmechanismsagainsthacker’s skills and experience. Every year not only quantity and complexity of new threats are rapidly increasing but also appearance and momentum. Resistance against them is becoming more and more complicated. Malicious are using more of these security vulnerabilities especially to attack WSN due to the wireless weakness in security. 4.3 The Efficiency of Existing WSN Algorithms We outline brief draw backs of existing algorithm methods which are being used in many current technologies. � Widespread algorithms (End to end, single destination communication, IP overlays); � Probabilistic broadcasts (Discrete effort: does not handle disconnection); � Scalable Reliable Multicast (Multicast over a wired network, latency-based suppression); � SPIN (Propagation protocol, does not address maintenance cost) 14; � Public-key cryptography is too expensive to be usable; � Fast symmetric-key ciphers must be used sparingly 1. OndesigningWSNprotocolit’snecessarytoconsiderallWSNspecificfeatures. For example, communication bandwidth is extremely limited in these networks: each bit transmitted consumes about as much power as executing 800–1000 of56 4 Improved Feistel-Based Ciphers for Wireless … operation instructions, and as a consequence, any message expansion caused by security mechanisms comes at significant cost 1, 15. However we present sets of requirements to WSN protocols 14. We use these requirements as the highlight in facilitate the design of our new improved cipher. � Low maintenance overhead (Minimize communication when everyone is up to date); � Rapid propagation (When new data appears, it should propagate quickly); � Scalability (Protocol must operate in a wide range of densities, cannot require a priori density information); � Technical cryptanalysis stability (high-frequency influence at sensors with the purpose of information distortion. These methods allow to get rounds keys value. Last researches showed block ciphers are instable to this kind of attack). 4.4 Techniques of Proposed Method The presented techniques are based on original Feistel scheme which due to its significant properties can be used in WSN security applications. The modified Feistel scheme design is capable of meeting today’s security challenges and gen- erate high-quality results. 4.4.1 Feistel Scheme In all of WSN’s blocks ciphers designed by 16-rounds Feistel scheme, data block coding are realizing by two sub blocks using data transformation and F function (round encoding function). Like many other symmetric block ciphers DES is also a FeistelNetwork11.ThenamecomesfromHorstFeistelwhofirstproposedsucha network in early 1970s. In a Feistel network the plaintext is divide into two halves fro the first round of computations which is repeated a number of times (i.e., in a subsequent rounds). Generally the output of the ith round is determined from the out of the previously round in the following way (Eqs. 4.1 and 4.2): L ¼ R ð4:1Þ i i1 R ¼ L fðR ;KÞð4:2Þ i i i1 i where f() represents the round function, K key of ith round, L and R are the left i i i and right parts of data block of ith round. The advantage of Feistel scheme is that block cipher used is very difficulty to m breach by proportional of one round key (2 ) enumeration 9. So to determine the4.4 Techniques of Proposed Method 57 requirements for one round cipher transformation during Feistel scheme design is necessary. We briefly indicate below the essential need for designing: � Increase size of transcriptive block up to 128 bits and more; � Increase round key size; � Provide round key elements inseparability within the limits of one algorithm round; � Using the special methods which prevent mathematical and technical analysis especially addition of some transformations at the beginning of the algorithm and after last round. Nevertheless before implementing Feistel Schemes to network security we will also like to analyze cons and pros of this approach to network in few words as follow: Advantages of Feistel approach to networks � In Feistel scheme we can encode and decode by one operations sequence. Encoding algorithm modification is achieved by queue of round sub keys using modification; � It minimizes software coding. Disadvantages of Feistel approach to networks � In Feistel scheme we have two parts, left and right but only one part of block is used for coding in one round. For example, if block on right side (R) is used for the first time in coding the second one on the left part (L) is only use for exchangingplaces,thusnotallpartsofblockareparticipatingincodingprocess; � Transformation isverysimplebecauseofroundfunctionFdepends onlyontwo parameters (L and round key R). For understanding of our presentations we give further destabilizations in this paragraph, given Feistel scheme (Fig. 4.2) one of the standards we elaborate in Fig. 4.2 One round modified Feistel scheme58 4 Improved Feistel-Based Ciphers for Wireless … 0 0 0 details how Feistel scheme works. Right part R of transcriptive data LjjR is a result of group operation XORðÞ where F is a ith round function, i is a round K i 0 number and K is a round key: R ¼ RF ðLÞ. For advance readings and details i K i about Feistel scheme one should see 16 as well. Feistel scheme appeared much earlier than modern crypto-attacks as the original cipher using block structure. Its modified version is applied further to limited resources devices as well as embedded devices. From the original standard version it is seen that unmodified version does not meet new security requirements para- digm. The latest record in cracking DES (as of September 1999), set by the ElectronicFrontier Foundation’s“Deep Crack” is 22 hand 15 min 17. Itinvolved about 100,000 PCs on the Internet. It was performed as a“know cipher text attack” basedonachallengefromRSALaboratories.Thetaskwastofinda56-bitDESkey for a given plaintext and a given cipher text. More so this is well demonstrated in Fig. 4.1 presented above, that no matter many securities being installed in different places but every year attacks trends are strongly increasing in many computer applications. Taking Feistel approach as a key to our methodology we present our modifiedversionto meet thenew attackchallengesin section“Animproved Feistel scheme for block data transformation”. 4.4.2 Theoretical Approach of CPB In our work we propose using controlled permutation boxes for implementation of Feistel scheme design for WSN security. Data depend permutations (DDP) can be performed with so called controlled permutation boxes (CPB) which are fast if implemented in cheap hardware. CPB is one parts of comprehensively upcoming commencement of controlled operation in security applications 18. The main content of this concept is to created substitution and permutation elements of block ciphers. They provide high-accelerated program-realization nonlinear transformations with small volume of modifications. These transforma- tions are realized by the whole large size of data block at once (32 and more bits) and managed by transcriptive data and algorithm’s keys dynamically. CPB mechanisms and its implementation in block ciphers methods provide high stability of such algorithms to modern crypto-attacks such as differential cryptanalysis 9. WSNs use the block-algorithms data encryption for data transfer. Quality of these algorithms depends on indexes of binary information “dispersion” and “interfusion” which provide interchange of substitution and permutation transfor- mations 11. In the modern block ciphers these transformations are used by applying two types of crypto primitives: � Special nonlinear S-box given at the table view. S-boxes provide degree of each block nonlinearity and degree of errors propagation. But small size of S-boxes alsogivesinconveniencyforencodingdatablocktoachievehighindexesonthe www.allitebooks.com4.4 Techniques of Proposed Method 59 following parameters: nonlinearity degree, errors propagation degree and cor- relation insusceptibility level 11. � Standard arithmetic or algebraic operations realized with computer commands. Arithmetic operations are effective in software implementation and not com- plicated in hardware implementation. They have high correlation insuscepti- bility for all encoding blocks but low degree of nonlinearity and errors propagation. Modern approach does not give guarantee to maximum security in using Feistel scheme as they have some disadvantages. Attempting to solve this problem we employ controlled operations to make important adaptation of controlled permu- tation boxes. Controlled operations are described as more simple operations mul- titudes that are being selected depending on some controlling code value. Controlled permutation boxes (CPB) are alternative to traditional S-boxes and common mathematic operations that generally used at block cipher synthesis 9. Thus availability of special crypto primitive creation is becoming obviously. These crypto primitives combine and optimize advantages of block ciphers substitution transformations. 4.4.3 An Improved Feistel Scheme for Block Data Transformation InthissectionsweconsideroneroundofFeistelschemewithCPB(Fig.2.3a).Inan 0 improved scheme right part R of encrypted data block can be calculated as: 0 1 1 R ¼ G ðG ðRÞF ðLÞÞ, where G and G are mutually inverse transforma- V K V U i U 1 tionsanddependoncontrolvectorsVandU,i.e.G ,XORandG transformations V U are implementing in series. Generally, control vectors V and U are values of some procedureE from two variables (Fig. 4.3b): data blockL and round keyK (orK ), V U 0 i.e. V ¼ EðL;K Þ and U ¼ EðL;K Þ. Highest possible unity number k ðjjAjjÞ V U max 2 for given scheme is also n =2þn=2, but here independence between categories of 0 output blockR isachieved greatly easer. Two mutually inverse transformationsG V 1 and G are provided possibility of using one scheme for direct and inverse U transformations, but keys order using is more complicated. Figure 4.3 shows the main concept of implementing CPB in Feistel scheme. In our work some ciphers based on CPB have been mentioned as well for later comparison in experimental performance. The more detailed information about Cobra-F64a, Cobra-F64b and Spectr-H64 with Feistel characteristics can be found in 18–21.60 4 Improved Feistel-Based Ciphers for Wireless … Fig. 4.3 One round scheme of basic (a) and detailed (b) improved Feistel 4.5 Comparison of CPB-Feistel Scheme Based Ciphers Versus Ciphers with No CPB Improved Feistel-scheme with different variations of DDP can be implemented in some encoded WSN algorithms, especially for effectiveness of hardware imple- mentation and nature of its block ciphers which basically fits packet structure that can be transmitted within WSN. In case of embedded devices implementation, effectiveness can be achieved from SPECTR and Cobra-ciphers which are CPB based as well. They provide performance of about 20 Mbit/s for microcontroller working at 30 MHz 9. We run experiment and compare our improved Feistel scheme performance and its stability for data security in different versions of Feistel-based ciphers, i.e. Cobra-F64a, Cobra-F64b, Cobra-S128, Spectr-H64 9, Camellia 22 and DES 23 against differential cryptanalysis and we present our results in Table 4.1. Table 4.1 and Fig. 4.4 show the results of differential cryptanalysis security estimation of ciphers, CPB-based block-ciphers, Cobra-S128, Cobra-F64a, SPECTR-H64 and Cobra-F64b. Camellia and DES are examples of block—ciphers based on traditional Feistel scheme. We can see that DDP-based ciphers have more security capability due to less probability of breaking against differential crypt- analysis (in Fig. 4.4 DES and Camillia show a higher probability to be broken than another ciphers). Obtained results show that all considered ciphers are secure against differential crypto—attacks and DDP-based ciphers perform better.4.5 Comparison of CPB-Feistel Scheme Based Ciphers Versus Ciphers with No CPB 61 Table 4.1 Differential cryptanalysis security estimation Cipher Maxnumber ofrounds Numberofround Probability of attack success −32 Cobra-S128 12 2 2 −21 Cobra-F64a 16 3 2 −13 SPECTR-H64 12 2 1.1 × 2 −12 Cobra-F64b 20 2 2 −12 Camellia 24 3 2 −7 DES 16 2 2 0,009 0,008 0,007 0,006 0,005 Probability of attack success 0,004 0,003 0,002 0,001 0 DES Camellia Cobra- SPECTR- Cobra- Cobra- F64b H64 F64a S128 Ciphers Fig. 4.4 Ciphers strength against attack success These ciphers also can be comparing using the notion of the security margin (SM). It is one of the main security characteristics. Then percentage of SM more, then the cipher more vulnerable to attacks. SM can be estimated as 100%ðRRminÞ SM ¼ ð4:3Þ Rmin where Rmin is the minimum number of round that is sufficient to provide security against differential analysis, R is nominal number of rounds.Rmin is defined by the block size, probability and number of rounds of the differential characteristic. For Cobra-S128,SM ¼ 50%forSpectr-H64,SM ¼ 33%forCamelliaSM ¼ 50%and for DES SM ¼ 77%. These results show that modified ciphers based on Feistel-scheme less vulnerability to attacks then DES or Camellia. From the comparison done the results shows that there is a higher breakage probability on DES compared to our modified ciphers based on Feistel-scheme. Probability

Advise: Why You Wasting Money in Costly SEO Tools, Use World's Best Free SEO Tool Ubersuggest.