تجزیه و تحلیل عملکرد از برنامه های سیستم رمزنگاری چند متغیره برای شبکه های حسگر بی سیم

In a wireless sensor networks (WSN), large numbers of tiny sensor devices observe their environment and communicate the observation to a sink. Security is vital to avoid false reporting, safety of sensors and sensed objects. In particular, message authentication is crucial to prevent false response that may be evoked by a message. This necessitates a strong cryptographic mechanism to ensure safety. However, existing resource intensive cryptographic mechanisms are can affect the performance and lifetime of a WSN adversely. To address this problem of security in resource limited WSN, multivariate cryptosystem schemes are proposed and evaluated in this paper. The viability of different multivariate cryptosystems have been analyzed on the anvil of computation and memory requirements. Simulation results show that multivariate cryptosystem require small computation time and low memory that make them viable for security provisioning in a WSN. Results also show that the throughput of the network is large with low average delay even with large number of sensor nodes.

A WSN consists of tiny low cost devices equipped with sensors and transreceivers that sense data and then cooperate among themselves to forward data to the sink [1]. Both sensor nodes and sensed data are vulnerable and security concerns are a serious impediment to widespread adoption of sensor networks. WSN pose unique security implementation challenges viz., low communication bandwidth, wireless broadcast channel, limited memory, limited power and low processing capability. The broadcast nature [2] and [3] of the channel makes data susceptible to intrusion, interception, injection and modification. Data confidentiality, forward secrecy, privacy and integrity are, therefore, required to protect the nodes and information in transit. The resource constraints [4] and [5] make security provisioning a challenging task. The existing security primitives [6] and [7] require large size keys for encryption/decryption/signature validation to satisfy the sensor security needs. Existing cryptographic schemes such as Diffie–Hellman, Rivest, Shamir and Adleman (RSA) and Elliptic curve cryptosystem (ECC) require large computational power and memory which a tiny sensor node does not possess. Symmetric key cryptosystems require storage of pairwise keys in all nodes in the network in the pre-deployment stage or using an efficient key distribution scheme, however, both are resource intensive. Moreover, compromise of a few nodes leads to compromises of the entire network. For example, RSA [8] requires complicated computation and long period of key-setup time since it performs a univariate monomial operation over a very large ring. Moreover, most of these techniques drain the battery. To overcome these problems two paths exist; one, multivariate polynomials over small finite fields and second, use of monomials as the public key and hiding data in the exponent that leads to the discrete logarithm over complicated groups. Compared to the RSA and ECC schemes, systems based on the discrete logarithm over elliptic curves are capable of maintaining the same security level with shorter key sizes. The low complexity and shorter length of the keys make ECC attractive for implementation on sensor motes. However, the shortest signature that can be produced using an elliptic curve digital signature algorithm (ECDSA) is too long for most sensor nodes [8]. Multivariate cryptosystems over small fields are very fast as compared to RSA and ECC. Their security is based on the difficulty of solving multivariate polynomial equations. Multivariate cryptography [9] comprises all the cryptographic schemes that use multivariate polynomials over finite fields. They are faster since arithmetic operations on large units (RSA or ECC) are replaced by operations on many small units. The primary idea is to choose a multivariate system F of quadratic polynomials which can be easily inverted. After that two affine linear invertible maps S and T are chosen to hide the structure of the central map. The public key of the cryptosystem is the composed map P = S∘F∘T which is difficult to invert. The private key consists of S, F and T and therefore allows P by inversion. There are several ways to build the central map F. Matsumoto and Imai (MI scheme), is one of the big field schemes [10] that is used for encryption and signature. Both secret and public transformations in C∗ scheme [11] can be done in much less than O(N3) complexity. Internal perturbation of MI scheme (PMI) is an extension and generalization of MI scheme. In the construction of PMI scheme [12], a small dimensional subspace is used to produce the perturbation. HFE [13] and [14] uses polynomial equation over finite fields. A signature scheme based on HFE called Quartz has been proposed in [15]. On the other hand, oil and vinegar (OV) scheme [16] and Rainbow multivariate signature scheme are single field family schemes. OV scheme uses quadratic polynomials in which oil variables can only appear linearly. With the set of OV polynomials, solutions for the oil variables produce a signature. OV scheme [16] is very efficient and provides fast signature generation and verification. Rainbow multivariate signature scheme [17] and [18] is a variant of OV scheme. It has a set of embedded layer which uses several instances of the OV construction layers. This allows Rainbow multivariate signature scheme to improve upon the efficiency of the original OV scheme. The Rainbow multivariate signature scheme is believed to be secure against attacks. Medium field [19] schemes have been proposed as third family of multivariate cryptosystems which contain schemes like ℓ-iC scheme [20]. The objective of the present work is to determine the viability of these cryptosystem schemes for WSN and compare their performance against the ECC based scheme with respect to computational needs and memory required for intermediate and final output. The rest of the paper is organized as follows. Section 2 gives the problem definition. Section 3 describes the existing cryptosystem for WSN with details of ECC based scheme. Multivariate cryptographic schemes are detailed in Section 4. Section 5 contains the performance analysis of the simulation results. The conclusions are given in Section 6.

In this work, the practicability of multivariate cryptosystems was examined for resource constrained WSN. The performance of MI, PMI, HFE, OV and Rainbow multivariate signature schemes was compared with the ECDSA on the anvil of memory foot prints and computational requirements. The parameters chosen for the multivariate cryptographic schemes were chosen to suit WSN resource constraints and security requirements. It was found that for similar parameters and security strength, the computation time of all multivariate cryptographic schemes was far less requiring only four to 7% computation time as compared to ECDSA. The memory requirements were also 30–40% less as compared to ECDSA. The rainbow scheme had the best performance among all the schemes in terms of memory and computational requirements. The performance of rainbow signature and ECDSA schemes were then compared in terms of throughput and delay in the sensor network environment. Both the schemes have comparable throughput in the order of kbps for sparse networks which is sufficient for a typical sensor network. However, throughput degradation in WSN with rainbow scheme was far less in dense networks as compared ECDSA scheme. Moreover, the end to end delay induced by the network was in the order of few ms in moderate to dense network and became almost constant with increase in node density, although the increase in delay was linear in networks with ECDSA scheme. The nodes with multivariate cryptosystem schemes not only outperformed ECDSA scheme for the same security level but also their resource need was within the resource capabilities of typical sensor node. With rainbow signature scheme, the throughputs were adequate and delays were small enough to suit the data rate and delay requirements of a typical sensor network.