2011 First International Conference on Informatics and Computational Intelligence

Wireless Network Security Using Elliptic Curve Cryptography

Hero Modares Amirhossein Moravejosharieh Rosli Salleh

Department of Computer system Department of Computer system Department of Computer system
and technology and technology and technology
University of Malaya University of Malaya University of Malaya
Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia
hero.modares@gmail.com Amirhosein.moravej@gmail.com rosli_salleh@um.edu.my

Abstract— As wireless sensor networks continue to grow, so reprogrammed and reconfigured [1]. These kinds of
does the need for effective security mechanisms. Sensor operations are very sensible to potential attacks. A number of
networks may interact with sensitive data and/or operate in solutions that discussed this issue have been proposed so far
hostile unattended environments; it needs to be secured. It is [2]. In next section we will survey the WSN architecture in
an important challenge to find out suitable cryptography for WSNs. Section 4 and 5 deal with security requirements and
wireless sensor networks (WSN) due to limitations of energy, Key management issues in WSNs, respectively. Section 7
computation capability and storage resources. Hybrid, El- and 8 will present Elliptic Curve Cryptography and Energy
Gamal, RSA and Elliptic Curve Cryptography (ECC) are Analysis. Section 10 concludes the paper and proposes some
public key cryptography algorithms. We present a comparison future work [3].
of two public-key algorithms, RSA and ECC. We found ECC
to have a significant advantage over RSA as it reduces II. WSN ARCHITECTURE
computation time and also the amount of data transmitted and
stored. In a typical WSN we see following network components:
 Field devices: Field devices are established in the
process and must be able of routing packets.
Keywords- Wireless Security; Elliptic Curve Cryptography;
 Access points or Gateway: Access points or
key management
Gateway enables communication between Host and
I. INTRODUCTION field devices.
 Network manager: A Network Manager is liable for
Wireless sensor networks comprise of small nodes that configuration of the network, management of the
communicate through wireless links. They are used to carry routing tables, monitoring, scheduling
a wide variety of applications; many of them have in any communication between devices and reporting the
case some security requirements. Public keys and private health of the network.
keys are two ways in cryptographic algorithm to implement
 Security manager: The Security Manager is liable for
authentication and encryption. Using public keys, the key
the generation, management and storage of keys [4].
value of every node is public hence it is known by all other
nodes. When a node requests to communicate privately with
other node, the source node will use public key to encrypt
data of the target node and only the target node can properly Field Device
decrypt the data using private key. In this case, two Security Manager
communicating nodes are not using the same keys during the Field Device
session which is called asymmetric key encryption. But if
two communicating nodes want use private keys, nodes have Field Device

to agree at the beginning on a key before starting Gateway

communicate securely. This way of encryption is called

symmetric key encryption because both communicating Network Manager

nodes for encrypting and decrypting data use the same keys. Figure 1. WSN Architecture.
In wired data networks trusted server is used to help nodes to
establish trust relationships, but there is no trusted authority III. SECURITY REQUIREMENTS
in WSN because sensor nodes have limited CPU power,
memory and energy, that are why cryptographic algorithms In order to secure of WSNs, there are security objectives
must be selected warily. Enabling security in WSNs is very that provide security services, such as Confidentiality which
scenario reliant in all its approaches. There are different confidential information should never be revealed, and the
requirements, for instance, requirements appear in the authenticity and integrity of information should always be
control domain and operation. Sensor nodes must be assured [3].

978-0-7695-4618-6/11 $26.00 © 2011 IEEE 348

DOI 10.1109/ICI.2011.63
A. Data Confidentiality authors in [7] propose a set of secure synchronization
Data is kept privately in an electronic communication. It protocols for sender-receiver (pairwise), multihop sender-
is typically provided by encryption. It contains both receiver (to be used when the pair of nodes are not within
protections of the transmitted data between two ends. single-hop range), and group synchronization [6].
Similarly it secures the traffic flow analysis [5].
B. Authentication IV. KEY MANAGEMENT
Receiver determines its source to confirm the sender’s Key management issues are not unique to wireless sensor
identity by using something that you have or you know. networks. In fact, key establishment and management
Normally, it is done by using the sender public key. It is the matters have been considered in depth outside of the wireless
same integrity provided by digital signature [5]. networking area. However most of the traditional techniques
in wireless sensor networks are unsuitable because of low
C. Data Integrity
power in fact that typical key exchange techniques use
Data is not changed in an unauthorized manner. It is asymmetric cryptography, as well called public key
typically provided by digital signature and encryption as well cryptography. Usually, Diffie-Hellman which is one of
[5]. public-key protocols is used to key establishment. In the
D. Data Freshness public-key protocols, data is encrypted with the public key
and decrypted only with the private key so it is necessary to
Insurance of the freshness of each message is needed maintain both public and private keys. However in
even if confidentiality and data integrity are assured. Data symmetric protocols data encrypt and decrypt with a single
freshness mentions that the data is fresh, and it guarantees shared key which is known only between the two
that no old messages have been replayed. This requirement is communicating hosts but it has key exchange problem. In
mainly significant while there are share key strategies in the this case, the key exchange problem comes from the fact that
network design. In general shared keys need to be changed two communicating hosts before they start securely
time by time. On the other hand, it takes time for new shared communication must know the shared key. Thus the problem
keys to be scattered to the whole network. In this case, it is is that how to make sure the shared key is truly shared
easy for the guilty to use a replay attack and to disturb the among two hosts who wish to communicate and there are no
normal work of the sensor. To resolve this problem and other hosts who may wish to eavesdrop. How to distribute a
make sure data is freshness another time-related counter, can shared key securely to communicating hosts is a significant
be added into the packet [6]. problem since pre-distributing the keys is not always
E. Availability possible [6].
Asymmetric cryptography problem in a wireless sensor
In sensor networks there are many possibility of injury
network is that it is typically excessively computationally
that could result in defeat of availability such as denial of
demanding for the individual nodes in a sensor network. This
service attacks and sensor node capturing. But all these
is correct in the common case, nevertheless [8, 9, 10, 11]
approaches make weak availability of sensor network for the
show that it is possible with the right choice of algorithms.
below reasons [6]:
 Additional computation consumes additional energy. V. KEY ESTABLISHMENT
If no more energy exists, the data will no longer be
available. In sensor networks key establishment protocols are used
to setup shared secrets between neighboring either through
 Additional communication also consumes more
key agreement or key transport. In key transport protocol
energy. What’s more, as communication increases so
one entity creates or otherwise gets a secret key then
too does the chance of incurring a communication
transfers it securely to the other entity. But in key agreement
conflict.
to get shared secret key all entities contribute a random input
 A single point failure will be introduced if using the so the key depend on the input of all entities and no entity
central point scheme. This greatly threatens the can predetermine the key which it is advantage of key
availability of the network. The requirement of agreement. Trusted-server scheme, self-enforcing scheme,
security not only affects the operation of the and key pre-distribution scheme are three types of key
network, but also is highly important in maintaining agreement schemes. The trusted-server scheme is not
the availability of the whole network [6]. suitable for WSNs because it uses a trusted server to do key
F. Time Synchronization agreement between nodes and usually there is no trusted
infrastructure in sensor networks. The self-enforcing scheme
Most sensor network applications depend on some
is a key agreement using public key certificates which it is
structure of time synchronization. An individual sensor’s
asymmetric cryptography [12, 13, 14]. Key pre-distribution
radio in order to preserve power it may be turned off for
is the third type of key agreement scheme, in this type key
periods of time. Also, sensors may want to compute the end-
information is distributed between all sensor nodes prior to
to-end delay of a packet as it moves between two pairwise
deployment. Keys can be decided a priori if we know which
sensors. A more collaborative sensor network possibly will
nodes stay in the same neighborhood before deployment [3].
require group synchronization for tracking applications, etc.

349
 VI. ELLIPTIC CURVE CRYPTOGRAPHY Different elliptic curve is produced by changing the
A fundamental building block for digital communication values of ‘a’ and ‘b’. In elliptic curve cryptography,
is the Public-key cryptography systems. Public-Key calculating the public-key can be done by multiplying the
cryptography (PKC) systems can be used to provide secure private key with the generator point ‘G’ in the curve. The
communications over insecure channels without exchanging generator point ‘G’ is the point on the curve. The private key
a secret key. Implementing Public-Key cryptography is the random number in the interval [1, n-1],‘n’ is the
systems is a challenge for most application platforms when curve’s order [17].
several factors have to be considered in selecting the The strength of ECC security comes from the difficulty
implementation platform. The most popular public-key of Elliptic Curve Discrete Logarithm Problem. If ‘P’ and ‘Q’
cryptography systems nowadays are RSA and Elliptic Curve are points on the curve, then kP=Q where ‘k’ is a scalar.
Cryptography (ECC). Thus, point multiplication is the basic operation in ECC. For
Elliptic curve cryptography (ECC) was proposed in 1985 example, the multiplication of a scalar ‘k’ with any point ‘P’
by Neal Koblitz and Victor Miller. Elliptic curve on the curve in order to obtain another point ‘Q’ on the curve
cryptographic schemes can provide the same functionality as [5].
RSA schemes which are public-key mechanisms. The VII. ENERGY ANALYSIS
security is based on the difficultly of a different problem,
which is called the Elliptic Curve Discrete Logarithm According A.S.Wander, etc in Energy Analysis of
Problem (ECDLP).In order to solve the ECDLP, the best Public-Key Cryptography for Wireless Sensor Networks
algorithms have fully exponential time. In contrast, the paper they compares the energy consumed by RSA and ECC
integer factorization problem has to be solved with for energy cost of key exchanges not including
subexponential-time algorithms [15]. It makes Elliptic Curve authentication and certificate verification also for generating
Cryptography offers similar security. It is offered by other and verifying signatures.
traditional public key cryptography schemes used nowadays, Sign operation and RSA verify both are required for
with smaller key sizes and memory requirements (As shown authentication but where the cost of an RSA verifies is small;
in Table.1) [16]. For example, it is generally accepted that a sign operation is more expensive. As shown in the table.2
1024-bit RSA key provides the same level of security as a transitioning energy cost of signing from RSA-1024 to RSA-
160-bit elliptic curve key. The advantages can be achieved 2048 increases, although ECDSA-224 signing is less
from smaller key sizes including storage, speed and efficient expensive than ECDSA-160 signing. The RSA-based key
use of power and bandwidth. The use of shorter keys means exchange protocol trusts in entity A to encrypt a randomly
lower space requirements for key storage and quicker generated secret key using entity B's public key, and entity
arithmetic operations. These advantages are essential when B’s private key used to decrypting. However, both entities
public-key cryptography is applied in constrained devices, perform a single ECDH operation to get the secret key in
such as in mobile devices or RFID. In brief, ECC based ECC protocol [18].
algorithms can be easily included into existing protocols to
TABLE II. COMPARISON.
get the same backward compatibility and security with
smaller resources. Therefore, more low-end controlled Algorithm Signature Key Exchange
devices can use such protocols to be considered unsuitable - Sign Verify Client Server
for such systems.
RSA-1024 304 11.9 15.4 304
TABLE I. KEY SIZES. 3
ECDSA-160 22.82 45.09 22.3 22.3

Symmetric-key ECC RSA Comment RSA-2048 2302.7 53.7 57.2 2302.7

64 bit 128 bit 700 bit Short period security ECDSA-224 61.54 121.983 60.4 60.4

80 bit 160 bit 1024 bit Medium period security

128 bit 256 bit 2048 bit Long period security Preceding sections illustrated security, ECC and some
related work about wireless communication that are based on
elliptic curve cryptographic techniques. Presently, RSA
A group structure used to implement the cryptographic algorithm demands a key length be not less than 1024 bits
schemes is provided by using Elliptic curves and is for long term security and we know that ECC with only a
determined over a finite field. The elements of the group are 160 bits modulus offers an the same level of security as RSA
the points on the elliptic curve. They act as the identity with 1024-bit modulus. Thus, using ECC in wireless
element of the group. On the other hand the group operation communication system is extremely recommended. This
can be executed by arithmetic operations based on finite work will provide a secure protocol for wireless
field. It is discussed in detail in the next section [15]. communication based on ECC techniques. The key
There are many ways to calculate the points over the distribution and storage problems, which are typical in
prime field elliptic curve. A direct method is by applying the secret-key settings it is solved by the public-key
next equation [17]. cryptography conception. The proposed protocol will
y2=x3+ax+b where 4a3+27b2≠0 

350
provide the most important security services such as [6] Walters, J. P., Liang, Z., Shi, W., & Chaudhary, V. (2006).
authentication of service and user and no repudiation. Wireless Sensor Network Security: A Survey. 2006 Auerbach
Publications, CRC Press: Auerbach Publications, CRC Press.
[7] Ganeriwal, S., Capkun, S., Han, C.-C., & Srivastava, M. (2005).
Secure time synchronization service for sensor networks.
VIII. CONCLUSION Proceedings of the 4th ACM workshop on Wireless security
Elliptic curve cryptography can be a substitute for RSA (pp. 97–106). New York, NY, USA: ACM Press.
[8] Gaubatz, G., Kaps, J., & Sunar, B. (2004). Public key
in efficacious applications because of its efficiency in cryptography in sensor networks - revisited. In 1st European
software as well as in hardware realizations. ECC offers an Workshop on Security in Ad-Hoc and In 1st European
enhanced security with shorter bit sizes than in RSA. Shorter Workshop on Security in Ad-Hoc and. ESAS.
key length is useful to save bandwidth, power, and it [9] Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S.
improves the performance. The recent sensor devices have (August 2004). Comparing elliptic curve cryptography and rsa
on 8-bit cpus. In In 2004 workshop on Cryptographic In In 2004
restricted computational power. In order to realize 80 bit of
workshop on Cryptographic.
security in ECC, it requirements 160bit parameters size, and [10] Malan, D., Welsh, M., & Welsh, M. (2004). A public-key
offers the same security level presented by 1024 bit RSA. infrastructure for key distribution in tinyos based on elliptic
Unlike the past, combination in ECC catches the attention of curve cryptography. In First Annual IEEE Communications
experts because it can be used to build cryptographic Society Conference on Sensor and Ad Hoc Communications
schemes that cannot be built in any other way. and Networks. and Networks.
[11] Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C., & Kruus,
P. (2004). Tinypk: securing sensor networks with public key
technology. In Proceedings of the 2nd ACM workshop on
REFERENCES Security of Ad hoc and Sensor Networks . New York, NY,
[1] Fuchs, G., Truchat, S., & Dressler, F. (2006). Distributed USA: ACM Press.
Software Management Distributed Software Management. in 1st [12] Perrig, A., Szewczyk, R., Wen, V., Culler, D., & Tygar, J. ( July
IEEE/ACM International Conference on Communication 2001). SPINS:Security Protocols for Sensor Networks. in
System Software and . New Dehli,India: IEEE COMSWARE Proceedings of the 7th Annual ACM/IEEE International
2006. Conference on Mobile Computing and Networking (MobiCom)
[2] Zhang, W., & Cao, G. (March 2005). Group Rekeying for (pp. 189–199). Rome, Italy: ACM/IEEE .
Filtering False Data in Sensor Networks: A Predistribution and [13] Diffie, W., & Hellman, M. (November 1976). New directions in
Local Collaboration-Based Approach. 24th IEEE Annual Joint cryptography. IEEE Transactions on Information Theory, vol.
Conference of the IEEE Computer and Communications 22, (pp. 644–654).
Societies (IEEE INFOCOM 2005) (pp. 503–514). IEEE . [14] Rivest, R., Shamir, A., & Adleman, L. (1978). A method for
[3] Amin, F., Jahangir, A., & Rasifard, H. (2008). Analysis of obtaining digital signatures and public-key cryptosystems.
Public-Key Cryptography for Wireless Sensor Networks Communications of the ACM vol. 21,no. 2, (pp. 120–126).
Security. World Academy of Science, Engineering and [15] Hankerson, D., Hernandez, J., & Menezes, A. (2000). Software
Technology. Implementation of Elliptic Curve Cryptography Over Binary
[4] Kalita, H. K., & Kar, A. (2009). WIRELESS SENSOR Fields. Proceedings of the Workshop on Cryptographic
NETWORK SECURITY ANALYSIS. International Journal of Hardware and Embedded Systems (pp. 1-24). Springer-Verlag.
Next-Generation Networks (IJNGN), (pp. Vol.1, No.1). [16] Kumar, S. (2006). Elliptic Curve Cryptography for Constrained
[5] Modares, H. (2009). A Scalar Multiplication in Elliptic Curve Devices. Ruhr-University Bochum.
Cryptography with Binary Polynomial Operations in Galois [17] Tata, E. (2007). Elliptic Curve Cryptography, An
Field. Kuala Lampur: Thesis submitted to The Faculty of Implementation Guide. In Anoop MS. India: Anoop, MS.
Computer Science and Information Technology University [18] Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C.
Malaya. Energy Analysis of Public-Key Cryptography for Wireless
Sensor Networks. University of California.

351