Secure-EEDR: Dynamic key exchange protocol based on Diffie-Hellman

algorithm with NOVSF code-hopping technique for wireless sensor networks

Vishnu Kumar, Yunjung Park, Dugki Min
School of Information and Communication Engineering
Konkuk University
Seoul, Korea
{vishnu, sm6280p, dkmin}@konkuk.ac.kr
Eunmi Choi
School of Business IT
Kookmin University
Seoul, Korea
emchoi@kookmin.ac.kr


AbstractSecure data transmission and data routing are
critical in designing cluster based sensor network. This
paper presents a secure energy efficient dynamic routing
scheme (SEEDR) for wireless sensor networks. SEEDR uses
a symmetric cryptography algorithm to support security.
The dynamic key exchange protocol based on DH (Diffie-
Hellman) algorithm is proposed, with non blocking OVSF
codes. Our analytical model and the security analysis prove
that SEEDR increase data communication security and
consume less communication energy.
Keywords-Diffie-Hellman algorithm, NOVSF codes,
mobile robot, clustered wireless sensor networks
I. INTRODUCTION

Wireless sensor network consist hundreds of small
sensor node [1], each node has the sensing ability with less
computational and communication power [2]. Even though
Sensor node has a basic hardware and software for
manipulating the given task [3], the limitations for
processing power is still exist. Research efforts on power
limitations are the top priority in sensor network
development. Such sensor nodes are applied in the vast
variety of environments for public safety, traffic
management, home security application and Military [4],
[5], [6]. These application areas need certain amount of
security. Since sensor networks are power constrains,
providing security is critical compared to conventional
networks. Very few researches have been reported in
sensor network security so far. Among them few popular
security protocols are [7], [8], [9].
Asymmetric cryptography algorithms are not suitable
for sensor network due to its computational power,
storage, and energy constrains. Symmetric cryptographic
algorithm is well suited for sensor networks, because of its
less computation and memory usage [10]. But these
algorithms provide less security when compared to
Asymmetric cryptography algorithms, both security and
energy become a trade off in development.
In this paper, we compromise both security and energy
by using non-blocking OVSF [11] with DH (Diffie-
Hellman) algorithm. We implemented DH-NOVSF based
dynamic key exchange protocol for sensor networks. At
first we use the DH algorithm to generate the public key
and then transferred to the network, based on the public
key the nodes generate their own private key. Using the
generated private key the node used to encrypting the data.
Along with the frame packet the node append its generated
public key and transfer to the base station. This makes high
security as well as less energy consumption. Conceptual
process of the algorithm is illustrated in figure.1 (a).
Attackers cannot decrypt the information unless the private
key is known. Using the public key the attackers cannot
generate the private key.



(a) (b)

Figure 1. (a) Conceptual flow of the SEEDR algorithm, (b) Example
model [12] of our network where U-robot is used as the agent to collect
the data and balance the energy consumption.
II. EEDR PROTOCOL
Energy efficient dynamic routing protocol (EEDR)
[12] has four stages namely: cluster setup stage, routing
stage, data aggregation stage, and localization and
navigation stage. This paper is based on EEDR protocol;
nodes are formed as clusters randomly based on the
probability. The set of nodes S= {s
1,
s
2
,s
3,
.s
n
} which has
not been selected as a cluster head for (1/p) round, will be
selected as the cluster head for the current round, the
threshold value [13] T(n) is calculated as

I(n) =
P
1-p__mod[
1
p
__
, i n e 0 (1)

Where G is the set of nodes that are involved in the
cluster heads election.
Once the cluster head is selected, the entire member
will join to the particular cluster head to transmit the data
from the environment. The cluster head transfers the data
to the U-robot via single-hop or multi-hop manner.
Figure.2 shows an example how the EEDR protocol works
with the U-robot. It starts by announcing the message from
U-robot to the cluster head; once the cluster head receives
the member node data it forwards the data to U-Robot. The
uniqueness of our protocol lies in its simplicity and energy
2010 International Conference on Innovative Computing and Communication and 2010 Asia-Pacific Conference on Information Technology and Ocean Engineering
978-0-7695-3942-3/10 $26.00 2010 IEEE
DOI 10.1109/CICC-ITOE.2010.34
102
Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply.
efficiency. The member node blindly sends the data to the
cluster head without any computation.



(a) (b)

Figure 2. Data aggregation in EEDR protocol where the U-robot
collects the information from the cluster head.
Therefore wastage of energy at member node is very
less compare to landmark algorithms. Furthermore each
node only knows about its cluster heads, so it reduces the
memory usage.
III. SEEDR PROTOCOL
A. Assumption
We assume that the communication architecture as
figure.1 (b). The mobile U-robot deployed without any
prior knowledge of the network. All the other sensor nodes
are stationary. The U-robot has more power when
compared with the sensor node, and has more coverage
area than sensor node. It has enough memory to store and
manipulate the encrypted data. At the deployment stage it
is assumed that all nodes have Mb
a
and P.
B. Details of secure-EEDR protocol
The communication between the networks is divided in
three categories: sensor node to cluster head
communication; cluster head to U-robot communication;
mobile base station to all cluster head communication. The
security is achieved for sensor network by implementing
the following phases.
Broadcast the public key (SK
a
) from U-Robot.
Generate the private key (Ss
b
) based on SK
a
in
sensor node, performed in algorithm.
Encrypt the data using generated private key (Ss
b
)
and transmit the data from sensor node to U-Robot
via cluster head using NOVSF code hoping
technique.
Append the public key SK
b
along with the data and
then send to the cluster head along with the node
ID#.
Generate authentication code (AC) using the public
key SK
b
and decrypt the data at U-Robot.

The U-robot, periodically broadcast a new public key
when it moves to new location, this maintain the data
freshness. Sensor node receives broadcasted public key
(SK
a
) and computes private key (Ss
b
) as of equation.4.
Using the private key the sensor node encrypts the data
and forwards it along with the ID# and time stamp to
verify data freshness. More over the security of our
algorithm is ensured by sending the encrypted data using
NOVSF code-hoping technique. Each cluster head append
their ID# and energy level before it forwards the data to U-
robot. This helps U-robot to trace out the node which is not
capable to be a cluster head at next round.
IV. SEEDR ALGORITHM
Step1: U-robot Generates ephemeral key SK
a
with (Mb
a
,
Pr
a
). Where Pr
a
is pseudorandom number with the interval
(1, n-1) and perform modulo with P to generate ephemeral
public key SK
a
(2). The SK
a
broadcasted to the entire node
which is under the coverage of the U-robot.

Sk
u
= ((Hb
u
)
P
c
) moJ P (2)

Step2: Sensor node generates ephemeral key SK
b
with
(Mn
b
, Pr
u
o) where Mb
a
= Mn
b
. The Cluster member uses
Ss
b
(4) to encrypt the data. The public key SK
b
(3) is
append with data before it sends to cluster head.

Sk
b
= ((Hn
b
)
P
c
o
) moJ P (S)

Ss
b
= ((Sk
u
)
P
c
o
) moJ P (4)

Step3: Sensor node i encrypt the data with generated
private key Ss
b
and appends ID# along with time stamp to
the encrypted data which is send to Cluster head.

Step4: Cluster head receives the data, append its ID# and
sends the data via NOVSF code hoping technique to the
higher-level cluster head or U-robot.

Step5: Checks if there is any data coming to the U-robot,
then compute the authentication key AC (5). U-robot then
uses Ss
u
to decrypt the data.


AC = Ss
u
= ((Sk
b
)
P
c
) moJ P (S)

In the above case we need to transfer only one
ephemeral public key SK
a
from U-Robot to member node.
In general this key is appended with the beacon signal.
Using the SK
a
the member node generates the private key
as mentioned above. The private key is used to encrypt the
valuable data. Therefore the attacker only knows the public
key SK
a
, SK
b
.Using both of the public key the attacker
cannot generate or compute the private key.
Behind that we use NOVSF code hoping technique
[11] to transfer the data from source to base station. Both
of the algorithms allow the network to be more secure and
energy efficient.
V. NOVSF TECHNIQUE
Sensor network are highly sensitive for energy
resource. Considering resource as a main concern,
developing the secured protocol is highly challenging. To
provide more secure communication with less energy
consumption we use NOVSF code-hopping technique.
This technique provides complete security without
utilizing additional power for implementation. In this
paper we use NOVSF codes to transmit the valuable data
from the cluster member node to U-robot, which improves
the security and spectral efficiency of the networks.
The NOVSF code has 64time slots, any number of time
slot can be assigned to a channel. Figure.4 illustrates an
example model of slot assignment with two channels. The
103
Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply.
proposed NOVSF method takes advantage by data frame
block to time slots with two channels using different
permutations in every session. U-robot sends different
mapping permutations to cluster heads when it moves to
new location.
Each node in the network transmits the encrypted data
using aforementioned method, and then applies the
NOVSF code-hoping technique. The advantage of this
technique is it gives two levels of securities to network.
The first once is by using the secured channel and second
one is by slot mapping.


Figure 3. NOVSF mapping with two channels where data frames are
transmitted in the following order in time: S2C1, S1C1, S2C2, S1C5,
S1C4, S2C7, S2C5, S1C8.
The advantage of using DH-NOVSF technique is even
if the malicious user finds NOVSF mapping the data
cannot be decrypted with the public keys. Another key
advantage of this method is that it increases security at
network layer without any additional energy.
VI. ANALYSIS AND EVALUATION
A. Security Analysis
In S-EEDR protocol we generate SK
a
and SK
b
to share
the secret key among the U-robot and sensor node. The
authentication code (AC) can be generated only using the
ephemeral public key SK
b
which is encapsulated with the
data frame packet. This method reduces one message
between sensor node and U-robot. In classical key sharing
methods, the keys are shared using individual messages,
but in our case the sensor node will encapsulate the key
with data message itself, this reduces the energy for
transmitting one message packet. By using the NOVSF
code-hopping technique we setup more secure channels
between the cluster member, cluster head and U-robot.
The U-robot changes its public key when it moves to
another location for data collection and balance the energy
to increase the network life time. By changing the public
key in the interval of (1, n-1) the data freshness is always
ensured. By assigning the NOVSF time slot it makes the
network to be more secured.
B. Evaluations
1) Storage: Each sensor node store parameter P and
the private key Mn
b
, using these two values the sensor
node and the U-robot generates public key SK
a
, SK
b
. The
parameter p, Mn
b
stored in EPROM of sensor node and
SK
a
stored in temp accumulators for computation, it may
change at round (r-1). In our analysis we assume a key
length of 100bits, then Mn
b
, p each will cost
100bitsx2=200bits, so the total storage of each entity we
need is only 2x100+ 1028 = 1228bits. As mentioned
1028bits is used for cryptographic algorithms, like
blowfish [14], so the total amount of memory we spend
for security measures is 1228bits. This makes the
difference of our approach to be unique and simpler. Our
algorithm reduces code size with its simple logic and also
be applied in smart-dust [15] project.
2) Computation:The computation cost can be
analyzed only at the sensor node, based on cryptographic
and arithmetic operations performed. Due to the abundant
energy at the U-robot, its computation cost is considered
as infinite. The details of the computation are illustrated in
table1.
TABLE I. COMPUTATIONAL ANALYSIS
Operations Sensor node U-robot
Pseudorandom
number generation
1
-
Data decryption

- 1K
Data encryption

1 1k

3) Communication: Sensor node need to transmit SK
b
,
along with the data frame. Each sensor need to
authenticate the incoming public key SK
a
, which will cost
100bitsX2=200bits added to the transceiver power cost
calculation. So the average communication complexity is
very less for our scheme.
VII. CONCLUSION AND FUTURE WORKS
In this paper, we mainly present the design of Secure-
EEDR, a secure energy efficient dynamic routing protocol.
The core idea of our protocol is derived by using Diffie-
Hellman algorithm with NOVSF code-Hopping technique
which not only provides a variety of security features, but
also increase the efficiency of the entire network in terms
of energy. It has been proved by simple analysis that our
algorithm needs less storage, communication cost and
computation power which makes the network more stable
and secured. In future, we implement the algorithm
practically and validate our conclusion. We believe that
our security protocol increase the network security as well
as communication security for sensor network.
ACKNOWLEDGMENT
This Research was supported by MKE, Korea,
under ITRC supported program supervised by National
IT Industry Promotion Agency (NIPA-2009-C1090-
0902-0026).
This paper was supported by MKE (The Ministry
of knowledge Economy), Korea, under the development
of Integrated Control SW Platform for Automotive
Electronics Project (2008-S-007-02).
REFERENCES
[1] Akyildiz.I.F, Su.W, Sankarasubramaniam.Y, Cayirci.E, Wireless
Sensor Net-works:A Survey, Computer Networks 38, 393422
(2002) .
[2] A. Sinha and A. Chandrakasan,Dynamic power management in
wireless sensor networks, IEEE Design and Test of Computers,
pp. 62-74, March-April 2001.
[3] P. Yanbin, W. Xiangyu and W. Youcha, The sensor network
based on LONWORKS Technology, SICE 1999, Pr0001-
3/99/0000-0897.
104
Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply.
[4] A. Mainwaring, J. Polastre, R. Szewczyk, D. Culler, and J.
Anderson, Wireless sensor networks for habitat monitoring, in
Proceedings of ACM Workshop on Wireless Sensor Networks and
Applications, Sep.2002, pp. 88-97.
[5] W. Chen, J. C. Hou, and L. Sha, Dynamic clustering for acoustic
target tracking in wireless sensor networks, IEEE Trans. Mobile
Comput.,vol. 3, pp. 258-271, Jul.2004.
[6] Yang Wang, Liusheng Huang, Junmin Wu, Hongli Xu, Wireless
Sensor Networks for intensive irrigated agriculture, IEEE Trans,
pp. 197-201, Jun.2007.
[7] David J. Malan, Matt Welsh, Michael D. Smith, A Public-Key
Infrastructure for Key Distribution in TinyOS Based on Elliptic
Curve Cryptography, IEEE Trans.,pp71-80, 2004.
[8] Shengbao Wang1, Zhenfu Cao1, Maurizio Adriano Strangio and
Lihua Wang, Cryptanalysis and Improvement of an Elliptic Curve
Die-Hellman Key Agreement Protocol, IEEE Communications,
Dec 2007.
[9] Tony Chung and Utz Roedig, Poster Abstract: DHB-KEY - A
Dife-Hellman Key Distribution Protocol for Wireless Sensor
Networks, IEEE Trans.
[10] A. Perrig, R. Szewczyk, J.D. Tygar, V. Wen, and D.E. Culler,
SPINS: Security protocols for sensor networks, Wireless
networks 8,521-534, 2002, Kluwer Academic Publications.
[11] H. Cam, Nonblocking OVSF Codes and Enhancing Network
Capacity for 3G Wireless and Beyond Systems, Special Issue of
Computer Communications on "3G Wireless and Beyond For
Computer Communications", Spring 2003.
[12] Donghoon Lee, Vishnu Kumar Kaliappan, Duckwon Chung, Dugki
Min, An Energy Efcient Dynamic Routing Scheme for Clustered
Sensor Network Using a Ubiquitous Robot IEEE Trans., 198-203,
Dec 2008.
[13] W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan,
Energy efcient communication protocol forwireless microsensor
networks, in Proceedings of the 33rd Hawaii International
Conference on System Sciences, 2000.
[14] Hasan am, Suat zdemir, Devasenapathy Muthuavinashiappan,
and Prashant Nair, Energy Efficient Security Protocol for
Wireless Sensor Networks, 2003 IEEE.
[15] K.S.J. Pister, J.M. Kahn and B.E. Boser, Smart dust: Wireless
networks of millimeter-scale sensor nodes (1999).



105
Authorized licensed use limited to: RL Jalappa Institute of Technology. Downloaded on April 06,2010 at 04:45:28 EDT from IEEE Xplore. Restrictions apply.