1 Calculations over an Elliptic curve, HOW DO WE DO IT? Why do we need it for WSN? Ortal Arazi Electrical & Computer Engineering Department The University.

Slides:

Advertisements

Similar presentations

Key Management Nick Feamster CS 6262 Spring 2009.

Advertisements

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?

Cryptography and Network Security

1 Fault-Tolerant Computing Systems #6 Network Reliability Pattara Leelaprute Computer Engineering Department Kasetsart University

Chapter 4 Finite Fields. Introduction of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key concern operations on “numbers”

Cryptography and Network Security Chapter 4 Fourth Edition by William Stallings.

Chapter 4 – Finite Fields. Introduction will now introduce finite fields of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key.

Copyright 2004 Koren & Krishna ECE655/DataRepl.1 Fall 2006 UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Fault Tolerant Computing.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

LOGO A Public Key Cryptographic Method for Denial of Service Mitigation in Wireless Sensor Networks O. Arazi, H. Qi, D. Rose IEEE SECON 2007 proceedings.

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

A One Round Protocol for Tripartite Diffie Hellman By Dane Vanden Berg.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Homework #4 Solutions Brian A. LaMacchia Portions © , Brian A. LaMacchia. This material is provided without.

Cryptography and Network Security Chapter 4

A Public Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography David J. Malan, Matt Welsh, Michael D. Smith Presented.

A Dual Field Elliptic Curve Cryptographic Processor Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Public Key Algorithms 4/17/2017 M. Chatterjee.

Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.

Computer Science Public Key Management Lecture 5.

Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.

1 Solid State Storage (SSS) System Error Recovery LHO 08 For NASA Langley Research Center.

CPSC 3730 Cryptography and Network Security

1 Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 4 – Finite Fields.

Information Security and Management 4. Finite Fields 8

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Application of Elliptic Curves to Cryptography

Cryptography and Network Security Introduction to Finite Fields.

Description of the monitoring system experimentation on the freight car pSHIELD Demonstrator Testbed Architecture pSHIELD Final Review Meeting, Bruxelles.

CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate.

Cryptography and Network Security (CS435) Part Eight (Key Management)

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Elliptical Curve Cryptography Manish Kumar Roll No - 43 CS-A, S-7 SOE, CUSAT.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 4 – Finite Fields

Data Security and Encryption (CSE348) 1. Lecture # 12 2.

Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.

1 Collaborative Processing in Sensor Networks Lecture 7 - Light-weight Security Solutions Hairong Qi, Associate Professor Electrical Engineering and Computer.

1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.

KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT DIFFIE-HELLMAN KEY.

PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Cryptography and Network Security Key Management and Other Public Key Cryptosystems.

Cryptography and Network Security Chapter 4. Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic.

To ensure secure and dependable monitoring of rail cars transporting hazardous materials, providing resiliency against both random and malicious threats.

The Pennsylvania State University CSE597B: Special Topics in Network and Systems Security The Miscellaneous Instructor: Sencun Zhu.

Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005.

Lecture 9 Elliptic Curves. In 1984, Hendrik Lenstra described an ingenious algorithm for factoring integers that relies on properties of elliptic curves.

11 RSA Variants.  Scheme ◦ Select s.t. p and q = 3 mod 4 ◦ n=pq, public key =n, private key =p,q ◦ y= e k (x)=x (x+b) mod n ◦ x=d k (y)=  y mod n.

1 Network Security Dr. Syed Ismail Shah

Introduction to Elliptic Curves CSCI 5857: Encoding and Encryption.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The.

Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Efficient Montgomery Modular Multiplication Algorithm Using Complement and Partition Techniques Speaker: Te-Jen Chang.

Key Management public-key encryption helps address key distribution problems have two aspects of this: – distribution of public keys – use of public-key.

Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.

Information Security Lab. Dept. of Computer Engineering 251/ 278 PART II Asymmetric Ciphers Key Management; Other CHAPTER 10 Key Management; Other Public.

A Key Pre-Distribution Scheme Using Deployment Knowledge for Wireless Sensor Networks Zhen Yu & Yong Guan Department of Electrical and Computer Engineering.

CS480 Cryptography and Information Security

The Application of Elliptic Curves Cryptography in Embedded Systems

CSCE 715: Network Systems Security

Symmetric-Key Cryptography

Presentation transcript:

1 Calculations over an Elliptic curve, HOW DO WE DO IT? Why do we need it for WSN? Ortal Arazi Electrical & Computer Engineering Department The University of Tennessee Knoxville, TN

Ortal Arazi – Research overview (second presentation) 2 Outline What is an Elliptic Curve? Point by Scalar multiplication Experimental results Experimental results Scalar by Scalar multiplication

Ortal Arazi – Research overview (second presentation) 3 What is an Elliptic Curve? In GF(2 m ) an ordinary elliptic curve E suitable for elliptic curve cryptography is defined by the set of points (x; y) that satisfy the equation : Example:

Ortal Arazi – Research overview (second presentation) 4 Point by Scalar multiplication: Q- point on the curve K- scalar k*Q=? Point by scalar multiplication involves Point additions and multiplications of a pint by 2 How do we multiply a point by 2? How do we add two points? These arithmetics involve calculations over the field GF(2 m ) C=Q For i=2 to n C=2*C If k(i)=1 then C=C+Q C= k*Q Example: (k=1101, Q-point, n=4) 13*Q=? K(2)=1, K(3)=0, K(4)=1, C=Q i=2: C=2*Q C=2*Q+Q=3*Q i=3: C=2*3*Q=6*Q i=4: C=2*6*Q=12*Q C=12*Q+Q=13*Q

Ortal Arazi – Research overview (second presentation) 5 Cryptocomplexity Analysis The number of MIPS years it takes to compute an elliptic curve logarithm MIPS: million of instructions per second. A MIPS computer performs about 2 40 elliptic curve additions per year

Ortal Arazi – Research overview (second presentation) 6 Experimental results on the motes: Experimental results on the TPR 2400CA TelosB motes: (1)(2) The curves that we are using:

Ortal Arazi – Research overview (second presentation) 7 Experimental results on the motes: Experimental results on the TPR 2400CA TelosB motes: Time computed for establishing an online pairwise self-certified fixed and ephemeral key

Ortal Arazi – Research overview (second presentation) 8 Fixed key Vs. Ephemeral key Fixed key: The private key shared by a pair of nodes is constant Ephemeral key: The private key shared by the same pair of nodes change Cluster A Cluster B Offloading the calculations

Ortal Arazi – Research overview (second presentation) 9 Scalar by Scalar Multiplication All calculations over an Elliptic curve are modulo the order of the curve For example: If the order of the curve is Ord G, then: What is Ord G? A number in which multiplying G (a point ton the curve) by a scalar is periodic. i.e. when exceeding ordG you start from the beginning: 1×G = (ordG + 1)×G.  s×P = (s mod ordG)×P. What does all this have to do with WSN?

Ortal Arazi – Research overview (second presentation) 10 Self certified DH key generation Node i Node j In both Fixed and Ephemeral key generations, each node needs to multiply 2 scalars mod ord G each node needs to multiply 2 scalars mod ord G Fixed: x i * H(ID j, U j ) * U j + x i R Ephemeral: Pvi* H(IDj, Uj) * Uj + (xi+ Pvi) (Evj +R) - xi * R

Ortal Arazi – Research overview (second presentation) 11 The Montgomery Multiplication a b Montgomery (mod n) X- number of bits in the scalar Step (1) Step (2) Montgomery (mod n) How do we achieve the multiplication ?

Ortal Arazi – Research overview (second presentation) 12 The Montgomery Multiplication (cont) s = 0 for i = 0 to n-1 (r- a number obtained form the curve) (u is the least significant coefficient of the value obtained from multiplying the least significant coefficient of t, by r.) (the least significant coefficient of v is now 0) (s is obtained by erasing the least significant coefficient of v) if s = 164 (or 132) bits then s = s – OrdG p q 16 (128 or 160 bits) 0 n-1 Ord G: 163 or 131 bits

Ortal Arazi – Research overview (second presentation) 13 The Montgomery Multiplication (cont) X i, Pvi H(IDj, Uj) 16 0 n-1 Ord G: 163 or 131 bits Type of key issued: On-line scalar multiplication - What we need After Montgomery - What we have Fixed xi * H(IDj, Uj) Mod Ord G xi*H(IDj, Uj)*2 -16n Mod Ord G Ephemeral Pvi * H(IDj, Uj) Mod Ord G Pvi*H(IDj, Uj)*2 -16n Mod Ord G

Ortal Arazi – Research overview (second presentation) 14 The Montgomery Multiplication (cont) How do we generatexi * H(IDj, Uj) Mod Ord G How do we generate xi * H(IDj, Uj) Mod Ord G instead of xi*H(IDj, Uj)*2 -16n Mod Ord G? use the Montgomery procedure again ? use the Montgomery procedure again ? Problem: using more resources (time, memory and energy) Do not change it, change the calculations of the secrect key x i ! Do not change it, change the calculations of the secrect key x i !

Ortal Arazi – Research overview (second presentation) 15 The Montgomery Multiplication (cont) Calculations of node i: Calculations of node j:

Ortal Arazi – Research overview (second presentation) 16 Mathematical equations: Calculations of node i: Calculations of node j:

Ortal Arazi – Research overview (second presentation) 17 Summery Despite the elaborate calculations, point by scalar multiplications is feasible on a WS mote Cryptocomplexity Analysis shows that using ECC is highly desirable Offloading will help in: gaining execution speed and better power distribution across the network The need for scalar by scalar Multiplication was introduced. The Montgomery multiplication procedure was introduced saving resources (energy, memory and time) saving resources (energy, memory and time) Implementing the Montgomery multiplication procedure only ONCE is feasible, hence saving more resources (energy, memory and time)

Ortal Arazi – Research overview (second presentation) 18 Future directions Finish the implementation of a self-certified DH key generation Implementation of a group key generation Fault tolerance key exchange Ensuring group key generation even if some of the nodes fail Probability of failure as a function of node density % of nodes without a group key (treated as malicious or malfunctioned) Reduction of the time it takes to calculate the shared keys by the pairs a b c K ab K ba K ac K ca

Ortal Arazi – Research overview (second presentation) 19 Future directions Self certified DH key exchange between cluster heads (within different clusters) Using base stations to help with the calculations Key exchange between nodes and the base station (taking into advantage the fact that the base station does not have computational problems ) Hijacking of nodes by malicious party (how do we establish a way to distinguish the attackers) Mobile nodes

Ortal Arazi – Research overview (second presentation) 20 Questions?