public key based cryptoschemes for data concealment in wireless sensor networks
DESCRIPTION
Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks. Einar Mykletun , Joao Girao , Dirk Westhoff IEEE ICC 2006 , 1-4244-0355-3/06 Citation: 73 Presenter: 林顥桐 Date: 2012/12/17. Outline. Introduction A Desirable Homomorphic Cryptoscheme - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/1.jpg)
Public Key Based Cryptoschemes for Data Concealment in Wireless
Sensor Networks
Einar Mykletun, Joao Girao, Dirk WesthoffIEEE ICC 2006 , 1-4244-0355-3/06
Citation: 73Presenter: 林顥桐Date: 2012/12/17
![Page 2: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/2.jpg)
Outline
• Introduction• A Desirable Homomorphic Cryptoscheme• Public-Key Cryptoscheme Candidates• Applications and Recommendation• Conclusion
![Page 3: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/3.jpg)
Introduction
• Data aggregation is untrusted between sensors and the sink
• Public-key based solutions provide a higher level of system security
• But not popular– Too costly for computationally weak devices– A faster depletion of the sensor’s energy
![Page 4: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/4.jpg)
Introduction
• Contrast a set of candidate solutions and give recommendations for the selection of the preferred scheme
![Page 5: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/5.jpg)
A Desirable Homomorphic Cryptoscheme
• Aggregation– Additively Homomorphic Encrytion which have the
property that Enc(m1) Enc(m1) = Enc(m1+ m2)⊕• Security– Can be proved on math– The compromise of sensor node should not assist in
revealing aggregated data– Key management should be simple– Chiphertext Expansion should be moderate– Probabilistic Encryption
![Page 6: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/6.jpg)
A Desirable Homomorphic Cryptoscheme
• WSN Lifetime– Efficient Computations– Sending ciphertexts should not require the
transmission of large amounts of additional data– Electing aggregator nodes should not need to take
into account security parameters• The use of elliptic curve cryptoschemes
![Page 7: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/7.jpg)
Outline
• Introduction• A Desirable Homomorphic Cryptoscheme• Public-Key Cryptoscheme Candidates• Applications and Recommendation• Conclusion
![Page 8: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/8.jpg)
Public-Key Cryptoscheme Candidates
• Okamoto-Uchiyama(OU)– Based on the ablity of computing discrete logarithms– additive homomorphic: Enc(m1+m2) = Enc(m1) X Enc(m2)– Probabilistic encryption, and relating the computational complexity of
the encryption function to the size of the plaintext
L(x) = (x - 1)/p
p and q are random k-bit primes, n is approximately 1024 bits, k could be 341
![Page 9: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/9.jpg)
Public-Key Cryptoscheme Candidates
• Benaloh– A probabilistic cryptoscheme whose encryption
cost is dependent on the size of the plaintextp, q are large primes
![Page 10: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/10.jpg)
Public-Key Cryptoscheme Candidates
• Elliptic curve ElGamal encryption Scheme(EC-EG)– This is equivalent to the original ElGamal scheme, but
transformed to an additive group
E is an elliptic curve, p is a prime with 163bits, G is a generator
![Page 11: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/11.jpg)
Public-Key Cryptoscheme Candidates
• Elliptic curve ElGamal encryption Scheme(EC-EG)– EC-EG is additively homomorphic and chipertexts are
combined through addition, i.e. map(m1 + m2) = map(m1) + map(m2)
– This mapping needs to be deterministic such that the same plaintext always maps to the same point
![Page 12: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/12.jpg)
Outline
• Introduction• A Desirable Homomorphic Cryptoscheme• Public-Key Cryptoscheme Candidates• Applications and Recommendation• Conclusion
![Page 13: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/13.jpg)
Applications
• Data Aggregation– The usage of additive encryption for calculating
the average and for movement detection• Long-term data storage– Data is kept in the nodes for later retrieval– The nodes have restricted storage capacity, it is
important to reduce the amount of values that are actually stored
![Page 14: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/14.jpg)
Recommendation
• OU– Bigger ciphertext size
• EC-EG– Expensive mapping function during decryption, to
costly to revert
![Page 15: Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks](https://reader034.vdocuments.pub/reader034/viewer/2022052703/56815f01550346895dcdbe6f/html5/thumbnails/15.jpg)
Conclusion
• The addition of ciphertexts– minimize bandwidth overhead– reduce the sensors’ energy consumption
• EC-EG, Benaloh, OU are better