SEARCH WITHIN CONTENT
Citation Information : International Journal on Smart Sensing and Intelligent Systems. Volume 12, Issue 1, Pages 1-9, DOI: https://doi.org/10.21307/ijssis-2019-006
License : (CC-BY-NC-ND 4.0)
Received Date : 12-May-2019 / Published Online: 27-August-2019
One of the remarkable issues that face wireless sensor networks (WSNs) nowadays is security. WSNs should provide a way to transfer data securely particularly when employed for mission-critical purposes. In this paper, we propose an enhanced architecture and implementation for 128-bit Schmidt-Samoa cryptosystem (SSC) to secure the data communication for wireless sensor networks (WSN) against external attacks. The proposed SSC cryptosystem has been efficiently implemented and verified using FPGA modules by exploiting the maximum allowable parallelism of the SSC internal operations. To verify the proposed SSC implementation, we have synthesized our VHDL coding using Quartus II CAD tool targeting the Altera Cyclone IV FPGA EP4CGX22CF19C7 device. Hence, the synthesizer results reveal that the proposed cryptographic FPGA processor recorded an attractive result in terms of critical path delay, hardware utilization, maximum operational frequency FPGA thermal power dissipation for low-power applications such as the wireless sensor networks.
The technology of wireless sensor networks (WSNs) is in the front part of the investigation of the computer networks and it could be the next technologic market of a huge sum of money. A WSN contains hundreds to thousands of small sensors where these sensors are designed to be self-organized wireless networks. A sensor node is usually a node for sensing, a router node is a node for relaying data, and a base station node is a node for exchanging data with other networks, also known as sink node. Figure 1 shows the structure of the wireless sensor network system (Yang, 2014). The information (data) are accumulated from the sensor node about the physical change and then transmitted to the base station (sink node), which is connected to the cyber world or the satellite network. The collected data are finally received by an application through the cyber world or the satellite network. It is not a requirement that sensor nodes have constant location usually majority of them are randomly set out to monitor a sensor field. The communication between sensor nodes mostly happened via an on-board transceiver. Each sensor node consists of power supply, microcontroller, transducer, and a transceiver. The transducer formulates electrical signals relative to the sensed physical phenomena or natural variations. The microcontroller process and store the generated electrical signal. The transceiver receives and transmits commands from a task manager node usually a computer.
Sensor nodes have limited processing power, storage, bandwidth, and energy. This limitation makes provision of the security in sensor networks not an easy task (Polastre et al., 2004). A WSN has no fixed infrastructure; the sensor nodes are scattered in a special domain, which makes the network threatened by attackers in many ways of attacking (Radzevych and Mathew, 2003). For this reason, an efficient approach must be proposed in order to make WSNs secure. The applicable distribution techniques use the key management techniques (Wu and Tseng, 2006) – such as cryptographic public key to provide security issues. Public key schemes (Paar and Pelzl, 2010) are preferred to use due to many reasons such as the non-existence of the secure communication channels. Schmidt-Samoa cryptosystem (SSC) (Abu Al-Haija et al., 2018a) is an example of a public key cryptosystem that can be used to secure data transmission over non-secure communication networks.
SSC is an asymmetric cryptographic technique that is significantly based on modular arithmetic involving large prime number used for data encryption and decryption. The usage of the large prime number and modular arithmetic is to provide different security services such as confidentiality, integrity, authentication, and non-repudiation. The security of the SSC algorithm is considerably based on the difficulty of its integer factorization problem in which an integer is decomposed to its product of smaller numbers (usually prime numbers). The complexity in this method arises when factoring a very large number because there is no such known efficient algorithm. Although SSC is proved to be very secure (Samoa, 2006), there is no such a perfect system. SSC is vulnerable to some known attacks such as Brute-force attack, Man-in-the-Middle attack, and Side Channel attack. Generally, all public key cryptography algorithms suffer from these attacks (Abu Al-Haija et al., 2018a).
In this paper, we are proposing a lightweight parallelized architecture of 128-bit SSC Cryptosystem for wireless sensor communications. To verify the proposed architecture, we have implemented the proposed crypto algorithm using VHDL (LaMeres, 2017) to describe the compressor on the Altera Cyclone IV FPGA chip family (Altera Corporation, 2012a). The completed design of SSC composes several design modules including the random number generation (Tian et al., 2009; Abu Al-Haija et al., 2018b), primality testing (Ishmukhametov and Mubarakov, 2013; Asad et al., 2017a), arithmetic addition units (Ercegovac and Lang, 2004; Marouf et al., 2017a), arithmetic multiplication unit (Karatsuba and Ofman, 1963; Asad et al., 2017b; Asad et al., 2019), greatest common divisor (GCD), and least common multiple (LCM) units (Brent and Kung, 1984; Stein, 2009; Marouf et al., 2017b), modular exponentiation unit (Walter, 2010; Marouf et al., 2017c), and modular inverse unit (Hlaváč and Lórencz, 2013; Al-Haija et al., 2018). Finally, we have synthesized the resulting hardware coding using Quartus II CAD design tool (Altera Corporation, 2012b), which confirms that SSC can be used as an efficient and comparable alternative to RSA for securing the wireless sensor networks (Abu Al-Haija et al., 2014). To the best of our knowledge, the hardware design of SSC cryptosystem, that maintains maximum parallelism between its underlying computation modules to optimize the system performance factors, has not been investigated previously. Thus, the proposed work is considered new in this area of coprocessors implementations.
The rest of this paper is organized as follows. Section “Sensor security architecture” describes the sensor security architecture using parallelized Schmidt-Samoa cryptosystem and provides the proposed implementation approach and environment as well as cost factors explanations. Section “Cost factor results and analysis” presents and discusses the synthesize results and analysis by considering several design scenarios. Finally, Section “Conclusions” concludes the paper.
As every other emerging technology and since the world shifts to this new technology of WSNs, a handful of legal implications that must be clarified over time are arises. One of the most questionable issues is the use of the data that is collected and the ownership dilemma. Who owns these collected data? And how it can be used? The legal community still need to address and legislate roles for these legal issues as WSN applications growing fast and affect our daily lives. Figure 2 shows the two stages of sharing a secret key for each sensor node.
Schmidt-Samoa cryptosystem (SSC) is a public key cryptosystem. It is heavily based on modular arithmetic involving a large prime number. The challenge of SSC algorithm is the ability to factor out the public key. However, as the size of the key increases, the factorization problem becomes even more complicated (Paar and Pelzl, 2010). Factoring a number means defining that number as a product of prime numbers. To initiate the secure communication session between sensors, the receiver sensor node starts by choosing two large prime numbers (p, q) and then follows the complete SSC algorithm diagram illustrated in Figure 3 which encompasses three stages: key generation stage, encryption stage, and decryption stage (Abu Al-Haija et al., 2018a).
Figure 4 demonstrate the simplified view for the Schmidt-Samoa Cryptoprocessor design. Indeed, SSC works in two modes: encryption and decryption and it encompasses five control signals that coordinate the internal processes inside the coprocessor, including three input control signals, i.e., clock trigger, enable, and reset, and two output control signals, i.e., ack. and ready. Also, to run the SSC coprocessor in the active mode of encryption or decryption process during the sensory communication sessions, it, first, initialized with SSC_Initializing stage to reset all control signals, clear all registers, and enable/disable the internal nodules such as the multipliers and adders.
Indeed, the initialization stage is much more complicated of that shown in Figure 4 and it needs to be emphasized and detailed to demonstrate the comprehensive process of secure compunction. Therefore, Figure 5 illustrates the detailed comprehensive internal parallel architecture of SSC Coprocessor stages. According to the figure, the process is initiated by the prime random number generation to generate both large primes p and q. Concurrently, the multiplication module is activated to compute p 2 in parallel to generating q and then generate public key N = p 2 q. At the same time, the least common multiple of both numbers (p−1, q−1) is computed to generate the private key d and the decryption modulus n in parallel. Thereafter, the system can start a secure communication session by encrypting and/or decrypting messages. Note that, both processes can be executed independently using parallel modular exponentiation units.
In the last decade, many research works have been proposed to study several metrics and constraints of WSN such as security, energy consumptions, and many others. Indeed, the literature is very rich with research works that address the security issue and its impact on other factors of WSN such as Abu Al-Haija (2011), Hwang et al. (2013), Alam and De (2014), Koutsopoulos and Halkidi (2014), Kumar et al. (2014), Panja et al. (2014), Patil and Kumar (2014), Rault et al. (2014), Suman et al. (2014), Brumancia and Sylvia (2015), Chelli (2015), Chowdhury et al. (2015), Daniel and Roslin (2015), Ghormare and Sahare (2015), Anbuchelian et al. (2016), Balakrishn and Swetha (2016), Shahdad et al. (2016), Wang et al. (2016), Zorbas et al. (2016), Abu Al-Haija et al. (2017a), Abu Al-Haija et al. (2017b). However, the state-of-art works lack the detailed discussion and experimentation of SSC with the lightweight implementation that can prolong the network lifetime, and to use energy-efficient and securely protocols. The communication energy consumption of sensor node is comprised of the energy required from transmitting and receiving a number of bits over a given communication distance as illustrated in Figure 6 (communication process in each sensor node). Therefore, any promising design should focus on improving the performance for the sensor security while maintaining the minimum amount of energy consumption due to key exchange and coprocessor computations.
Indeed, SSC is a public key cryptosystem employs the properties of prime numbers alongside the congruent to produce a very secure hard to break cryptosystem. Consequently, to accomplish the proposed robust SSC cryptoprocessor, one should carefully select the underlying modules to the efficient coprocessor design that optimize the performance factors of the cryptosystem. In this work, we have implemented the lightweight parallelized architecture of high radix 128−bit SSC Cryptosystem that can be used to secure by the data communications for wireless sensor networks. We have synthesized the proposed FPGA design using Quartus II tool targeting Altera Cyclone IV EP4CGX22CF19C7 FPGA device and simulated using ModelSim 10.1 simulator tool to verify the functionality of the SSC Cryptoprocessor. Our target FPGA device is shown in Figure 7.
To achieve the best performance, we have pipelined the partial operations of SSC processor to exploit the maximum possible parallelism between the internal units to gain in speed and enhance the design performance. Also, since the completed design of SSC includes several design modules, we have implemented each module with efficient and scalable algorithms as follows: for random number generation, we have used a hybrid two-stage RNG that combines both TRIVIUM and LFSR (Abu Al-Haija et al., 2018b). For primality testing (PT) module, we have implemented MILLAR-RABIN mechanism since it is considered as one of the most powerful prime test algorithms (Asad et al., 2017a). For the addition operation, we have performed all the internal computations for SSC in a redundant fashion using the carry save adder (CSA) (Ercegovac and Lang, 2004) which improve the performance of the overall system while we have used a conventional addition for the last step of computation by employing Kogge-Stone Adder (KSA) (Marouf et al., 2017a) since its considered as one of the fastest two-operands adders. For the arithmetic multiplication module, we developed our own multiplier by using Wallace Tree CSA Based Radix-8 Booth Multiplier (Asad et al., 2019). For the least common multiple (LCM) using the GCD reduction method with pulse minus GCD (Marouf et al., 2017b) used to implement the greatest common divisor operation. For modular exponentiation, we have implemented the right-to-left modular exponentiation based on NAF representation (Marouf et al., 2017c). For modular inverse, we have implemented the Extended Euclidian Algorithm for modular inverse (Al-Haija et al., 2018).
Finally, Table 1 shows the performance analysis for the FPGA design of 128-bit SSC Cryptoprocessor for three design factors: design area, design timing, and design power dissipation. The results of this table have been obtained by synthesizing our VHDL code for SSC the computer-aided design (CAD) tools of Quartus II system for ALTERA kits. Indeed, we have run the simulation several times to verify the functionality of each internal module and to validate cost factors to finalize on the SSC process, i.e., encryption/decryption process. Finally, the proposed 128-bit SSC should a comparable result for other well-known practicable public key cryptosystems (Abu Al-Haija et al., 2014) in terms of all cost factors.
Cryptography plays an important role in the security of wireless sensor communication networks since they defend the networks against cyber-attacks and unauthorized access. The efficient and robust management of sensory systems’ security requires the development of energy-aware and secure schemes with best resource utilization and management. This is achieved by the integration of the proper Cryptoprocessor with the nodes of wireless sensor networks (WSN). Schmidt-Samoa Cryptoprocessor (SSC) is a powerful public key crypto algorithm that derives its robustness from the difficulty large integer factorization problem. Recently, many research works tried to present efficient hardware/software implementations and architectures for SSC which carries major advantages in speed, reliability, and innovation. Indeed, SSC starts to be in-use up to provide security solutions for data confidentiality for several IoT, cloud applications, and cyber-physical systems (CPS). In this paper, we are reporting on the lightweight 128-bit SSC coprocessor design to provide security for data communicated through sensor nodes of WSN. The study takes advantage of the fixability and reconfigurability of field programmable gate array (FPGA) such as Altera Cyclone chip family. Eventually, the proposed parallelized architecture has been synthesized to evaluate the different design factors including: (i) the hardware design area in terms of LEs, LUTs, registers, I/O pins, and hardware utilization percentages, (ii) the design timing in terms the critical path delay, the number of clock cycles, and the maximum operational frequency in MHz, and (iii) the design total FPGA power including dynamic and static power dissipations consumption. To sum up, the experimental results showed that that the proposed SSC Cryptoprocessor recorded an attractive result for low-power applications such as the security of wireless sensor networks.