Analysis of Symmetric Key Cryptosystem in VANET



Comments



Description

Full Paper Int. J. on Recent Trends in Engineering and Technology, Vol. 7, No.2, July 2012 Analysis of Symmetric Key Cryptosystem in VANET Yogesh A. Suryawanshi1 Dr. Avichal Kapur2 Manish D.Chawhan3 1 Research Scholars in Electronics Engg.,Y.C.C.E, R.T.M. Nagpur University ,Nagpur,India. 2 C.E.O. ,N.Y.S.S, MGI, Nagpur, India. 3 Assitant Prof in Electronics & Communication Engg., RCOEM , Nagpur,Nagpur,India. Email: [email protected] B Digital Signature as a Building Block Message legitimacy is mandatory to protect VANETs from outsiders as well as misbehaving insiders. The simplest and the most efficient method is to assign to each vehicle a set of public/private key pairs that will allow the vehicle to digitally sign messages and thus authenticate itself to receivers. V R : M, SigPrKV [M|T], CertV Where V designates the sending vehicle, R represents all the message receivers, M is the message, | is the concatenation operator and T is the timestamp to ensure message freshness. CertV is the public key certificate of V. The receivers of the message have to extract and verify the public key of V using the certificate and then verify V’s signature using its certified public key. In order to do this, the receiver should have the public key of the CA. If the message is sent in an emergency context, which means that it belongs to the liability-related class, this message should be stored (including the signature and the certificate) in the EDR for further potential investigations in the emergency. This technique provides authentication and Confidentiality. To enhance the security, communications between wireless nodes should be encrypted to protect the sensitive data. Cryptography is an important mechanism to achieve the communication security in wireless networks by converting the readable plaintext into meaningless cipher text. Symmetric-key (secret-key) and asymmetric-key (public-key) are two major approaches in cryptography. In symmetric-key approach, a same key is used for both encryption and decryption procedures; while in asymmetric-key approach, different keys are used (in most case, a public-key is used to convert the plaintext to cipher text and a corresponding private-key is used to recover the information). As we known, asymmetric cryptography approach such as public-key cryptography (PKC) can achieve authentication, integrity, and confidentiality in wired networks. But it is too complicated and expensive for wireless networks. Symmetric-key approach is preferred in wireless network due to its low computational and communication overhead. In symmetric-key approach, two communicating parties need to share a secret key before communicate each other. Due to the unpredictable network topology, how to distribute the secret keys into the wireless nodes securely and efficiently is a big challenge. II. RELATED WORK There has been a rich literature on public-key management in Mobile Adhoc Networks. Some schemes depend on certificate-based cryptography [1], [2], [3], [4], and [5] in which 63 Abstract— Networking in vehicles is a promising approach to facilitate road safety, traffic management and infotainment dissemination for drivers and travelers. Hence it becomes essential to provide security services such as authentication, non-repudiation, confidentiality, access control, integrity and availability. Security is the most important part in data communication system, where more randomization in secret keys increases the security as well as complexity of the cryptography algorithms. As a result in recent dates these algorithms are compensating with enormous memory spaces and large execution time on hardware platform. Introducing security services into VANETs causes considerable transmission latency & processing delays, this would defeat the purpose of VANETs to improve road safety. In this paper, 128 bit AES algorithm is implemented and analyzed its performance on Vehicular Adhoc Network. Index Terms— MANET, VANET, AES, SKC I. INTRODUCTION Vehicular networking protocols will allow nodes, that is vehicles or road-side infrastructure units to communicate with each other over single or multiple hops; providing each other with information such as safety warnings and traffic information. As a cooperative approach, vehicular communication systems can be more effective in avoiding accidents and traffic congestions than if each vehicle tries to solve these problems individually. The network should support both private data communications and public (mainly safety) communications. Attractive features of Vehicular Adhoc Networks inevitably incur higher risks if such networks do not take security into account prior to deployment. For instance, if the safety messages are modified, discarded or delayed either intentionally or due to hardware malfunctioning, serious consequences such as injuries or even deaths may occur. In the US, FCC has allocated a bandwidth of 75MHz for these applications, usually referred to as DSRC (Dedicated Short Range Communications) cost in million of rupees . Hence, to make the system cost effective and protect it from misbehavior node of system, security is essential. A. Securing Vehicular Communications Require • Authentication and integrity: to prevent message modification and forgery. • Non-repudiation: to prevent nodes from denying transmission of a message. • Privacy: to prevent the collection or extraction of private information from vehicular communications. © 2012 ACEEE DOI: 01.IJRTET.7.2.521 Full Paper Int. J. on Recent Trends in Engineering and Technology, Vol. 7, No. 2, July 2012 public-key certificates are used to authenticate public keys by binding public keys to the users’ identities. Identity-based (ID-based) key management schemes have a simple key management process and reduced memory storage cost compared to other methods. In ID based schemes the node or user identity, such as an IP address is used to derive its public key, while the private key is generally provided by an external entity. The main concern with this approach is the need for public key certificate distribution. This approach suffers from lack of scalability with increasing the network size. Another approach is providing keying material through a web of trust [6], [7]. In these schemes, each node generates the public/private key pair by the node itself, issues certificates to its neighboring nodes and holds these certificates in its certificate repository. Key authentication is performed via chains of certificates. However, this scheme suffers from the delay and the large amount of traffic needed to collect certificates. In the mobility environment of VANETs, only distributive key management schemes can work efficiently. Two straightforward solutions can distribute symmetric keys into wireless nodes before deployed. The first solution is assigning a unique key to all the nodes in a network. This approach is called “master-key” approach, which can guarantee any two nodes establish a secure link between them. Although this approach looks very simple and efficient, but it is not secure for wireless networks. Since all the wireless nodes use the same key, any node’s capture or compromise could break the entire network. Another straightforward solution is giving each pair of nodes a distinct pairwise key, in which each node needs to store (n-1) different pairwise keys in its memory if there are n nodes in a network. The main limitation of this solution is the key storage overhead, which makes it not suitable for largescale wireless networks. For instance, if a network has 10,000 nodes inside, each node needs to store 9,999 distinct pair wise keys in its memory, which is impossible for a tiny node. III. SIMULATION RESULT As per the approaches suggested by different authors in literature discussed earlier , this paper implemented Symmetric key cryptosystem using Advanced Encryption standard Proposed by Rijendal [ 20] A. Advanced Encryption Standards Working Principal AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael [20] can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits. Assuming one byte equals 8 bits, the fixed block size of 128 bits is 128/ 8 = 16 bytes. AES operates on a 4×4 array of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plain-text into the final output of ciphertext. Each round consists of several processing steps, © 2012 ACEEE DOI: 01.IJRTET.7.2.521 64 including one that depends on the encryption key. A set of reverse rounds are applied to transform cipher-text back into the original plain-text using the same encryption key. High-level description of the algorithm Key Expansion using Rijndael’s key schedule 1.Initial Round 2.AddRoundKey 3.Rounds SubBytes—A non-linear substitution step where each byte is replaced with another according to a lookup table. ShiftRows—a transposition step where each row of the state is shifted cyclically a certain number of steps. MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column AddRoundKey—each byte of the state is combined with the round key; each round key is derived from the cipher key using a key schedule. Final Round (no MixColumns) 1. SubBytes 2. ShiftRows 3.AddRoundKey B. Algorithm and Flowchart AES Encryption Figure 1. AES Encryption Full Paper Int. J. on Recent Trends in Engineering and Technology, Vol. 7, No. 2, July 2012 AES decryption: key and would be able to decrypt the message. Those who would not remain the secrete keys, would not be able to decrypt the messages. In this case, the message will be in encrypted form, shown in following window. Figure 4. Client window displayed encrypted message Figure 2. AES decryption As per Security Architecture, the following simulation result shows the general communication between nodes. To evaluate the performance of certificate-based SKC schemes, this paper examines the transmission latency and processing latency. Transmission latency refers to the time taken to transmit secure messages to the intended recipient. Processing latency refers to the time required for certificate validation, signature generation and verification. Security Overhead Analysis The IEEE 802.11 Trial-Use standard defines the secure message format based on certificate-based SKC for use in the DSRC system. In this standard, a signed message consists of four major parts: i) the message header; ii) certificate; iii) unsigned message payload; and iv) digital signature, as shown in Figure5. Security overhead involves the size of the certificate plus the size of the digital signature (126+16 =142 bytes). The total message size of a signed message in this standard is 224 bytes. The percentage of security overhead from a signed message is 63.39% (142 bytes/224 bytes=63.39%) Figure 3. Client window displayed message The vehicles would be able to share the above information only when the nodes registration through the trusted server which will provide certificate consists of node identity and two keys(public and private keys). With the help of public key, the node will decrypt the certificate which will provide node identity like electronic plate number and private key. In this way the recipients node, will get the sender node private © 2012 ACEEE DOI: 01.IJRTET.7.2.521 65 224 Bytes Figure 5. An example of a signed message derived from the IEEE 802.11 Trial-Use Standard Full Paper Int. J. on Recent Trends in Engineering and Technology, Vol. 7, No. 2, July 2012 TABLE I. CERTIFICATE-BASED PKC TABLE II. EVALUATION PARAMETERS SCHEME result shows the time taken to examine the expiration date of certificate is very small, close to zero milliseconds . It is then suggested to be ignored. This value is then taken to be 0 ms. The simulation results are shown in Table III. [21]. TABLE III. EVALUATION RESULTS The transmission latency of employing a certificate-based SKC scheme Ttx for VANETs includes: Ttx SKC = Size of Secrete key request/Transmission Rate + Size of signed secrete key reply/Transmission Rate + Size of CRL/Transmission Rate The processing latency of employing a certificate-based SKC scheme includes four parts: 1.Tsign : the signature generation time 2.Tverify : the signature verification time; 3. Texpiration: the time for validating expiration date of certificate; 4.TCRL : the time for checking the CRL. The processing latency of employing a certificate-based SKC scheme Tprocess includes: Tprocess PKC = T sign + Texpiration + T CRL + Tverify *3 Performance analysis of the Certificate-based SKC scheme All evaluation parameters used in this paper are listed in Table 2. According to the National Institute of Standards and Technology (NIST) Public Key Infrastructure Study: Final Report (1994), the estimated signed CRL size is 51 bytes plus 9 bytes for each revoked certificate on a CRL. The execution times of signature generation and verification on an average using the AES is found to be 4 milliseconds (ms) for signature generation and verification[ 20]. Simulations for estimating the execution time of validating the expiration date of the certificate, checking the CRL and searching for a public key in the public key directory are developed in the Java language and performed on an Intel Core 2 Duo 2.5GHz laptop with 5GB RAM. The simulation © 2012 ACEEE DOI: 01.IJRTET.7.2.521 66 Based on Figure 3, the size of the secrete key query and of a signed message are 82 bytes (656 bits) and 224 bytes (1792 bits) respectively. Additionally, the size of the CRL and transmission rate is defined in Table II. The transmission latency of employing a certificate-based SKC scheme for VANETs calculated as follows: Ttx = (656 bits)/(6000000bits/s) + (1792bits)/ (6000000bits/s) + (7200408 bits)/(6000000bits/s) Ttx =1200.47 ms The times for signature generation and verification, validating the expiration date of a certificate and for checking the CRL can be found in Table 3. The processing latency of employing a certificate-based PKC scheme can be calculated as follows: Tprocess = 4 ms +0ms+97.2975ms +4.5 ms *3= 114.79 ms Summing up these two results, the total latency of employing a certificate-based PKC scheme for VANETs is 1315.26 ms. The CRL downloading is, however, optional. If a client already has the latest issued CRL, it is unnecessary to undertake this procedure. The total latency of employing a certificate-based PKC scheme for VANETs then can be 137.842 ms (1315.26 ms – 1200.068 ms = 115.19 ms). TABLE IV. EVALUATION RESULTS OF TOTAL LATENCY OF EMPLOYING A CERTIFICATEBASED SKC SCHEME CONCLUSIONS From above analysis, it is observed that the main limitation of this solution is the key storage overhead in which Key authentication is performed via chains of certificates. Full Paper Int. J. on Recent Trends in Engineering and Technology, Vol. 7, No. 2, July 2012 However, this scheme suffers from the delay and the large amount of traffic needed to collect certificates. For instance, if a network has 10,000 nodes inside, each node needs to store 9,999 distinct pair wise keys in its memory, which is impossible for a tiny node. The analyzed approach guarantee about authentication but not the security of system. So to achieve security, there is a need to develop efficient key management system in terms of low overhead and memory space. REFERENCES [1] D. P. Agrawal and Q-A Zeng, “Introduction to Wireless and Mobile Systems,” Brooks/Cole Publishing, Aug. 2003. [2] Neha Jain and Dharma P. Agrawal, “Current trends in wireless sensor network design,” International Journal of Distributed Sensor Networks,Vol.1, issue 1, pp.101-122, 2005. [3] David W. Carman, Peter S. Kruus, and Brian J. Matt, “Constraints and approaches for distributed sensor network security,” NAI Labs Technical Report #00-010, September 2000. [4] L. Eschenauer and V. D. Gligor, “A key-management scheme for distributed sensor networks,” In Proceedings of the 9th ACM conference on Computer and communications security, November 2002. [5] H. Chan, A. Perrig, and D. Song, “Random key pre-distribution schemes for sensor networks,” In IEEE Symposium on Security and Privacy, pages 197–213, Berkeley, California, May 11-14 2003. [6] R. Blom, “An optimal class of symmetric key generation systems,” Advances in Cryptology: Proceedings of EUROCRYPT 84 (Thomas Beth, Norbert Cot, and Ingemar Ingemarsson, eds.), Lecture Notes in Computer Science, Springer-Verlag, 209:335–338, 1985. [7] W. Du, J. Deng, Y. S. Han, and P. K. Varshney, “A pairwise key predistribution scheme for wireless sensor networks,” in Proceedings of the 10th ACM Conference on Computerand Communications Security (CCS), Washington, DC, USA, October 27-31 2003, pp. 42–51. [8] C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-secure key distribution for dynamic conferences,” Lecture Notes in Computer Science, 740:471– 486, 1993. [9] Y. Cheng, D. P. Agrawal, Efficient Pairwise Key Establishment and Management in Static Wireless Sensor Networks, in: Proc. of the 2nd IEEE International Conference on Mobile Ad-Hoc and Sensor Systems, Washington, DC, Nov. 7-10, 2005. [10] Dong gang Liu and Peng Ning, “Location-Based Pairwise Key Establishments for Static Sensor Networks,” in Proceedings of 2003 ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03), George W. Johnson Center at George Mason University, Fairfax, VA, USA, October 31, 2003. [11] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar, “SPINS: Security protocols for sensor networks,” MobiCom 2001, pp. 189-199, July 2001. [12] D. Liu, P. Ning, R. Li, “Establishing Pairwise Keys in Distributed Sensor Networks”, in ACM Transactions on Information and System Security (TISSEC), 2004. [13] D. Liu, P. Ning, “Improving Key Pre-Distribution with Deployment Knowledge in Static Sensor Networks,” in ACM Transactions on Sensor Networks (TOSN), 2005. [13] Jeremy Blum and Azim Eskandarian, “The Threat of Intelligent Collisions”, IT Professional, 6(1), 24–29, Jan.[14] S. Capkun and J.P. Hubaux, “Secure Positioning of Wireless Devices with Application to Sensor Networks”, In IEEE INFOCOM, 2005. [15] Sastry Duri, Marco Gruteser, Xuan Liu, Paul Moskowitz, Ronald Perez, Moninder Singh, and Jung-Mu Tang, “Framework for Security and Privacy in Automotive Telematics”, In Proceedings of the 2nd International Workshop on Mobile Commerce, Pages 25–32, ACM Press, 2002. [16] Stephan Eichler, Jerome Billion, Robert Maier, Hans-Jrg Vgel, and Rainer Kroh, “On Providing Security for an Open Telematics Platform”, In 5th International Conference on ITS Telecommunications, 2005. [17] Per Enge, “Retooling the Global Positioning System”,Scientific American, May 2004.[7] Wilfried Enkelmann, “FleetNetapplications for Intervehicle Communication”, In IEEE Intelligent Vehicles Symposium, Pages 162–167, June 2003. [18] Igor Furgel and Kerstin Lemke, “A Review of the Digital Tachograph System”, In Workshop on Embedded ITSecurity in Cars (escar), 2004. [19] Lutz Gollan and Christoph Meinel, “Digital Signatures for Automobiles”, In Systemics, Cybernetics and Informatics (SCI), 2002. [20] Rourab Paul, Sangeet Saha Suman Sau, Amlan Chakrabarti “Design & Implementation of Real Time AES-128 on Real Time Operating System For Multiple FPGA Communication” [21] Shen, Pei-Yuan, Liu, Vicky, Tang, Maolin, & William, Caelli (2011) An efficient public key management system : an application in ehicular ad hoc networks. In Pacific Asia Conference on Information Systems (PACIS),AIS Electronic Library (AISeL), Queensland University of Technology, Brisbane, Qld, p. 175. [22] Neng-Wen Wang a, Yueh-Min Huang a,*, Wei-Ming Chen b ,”A novel secure communication scheme in vehicular ad hoc networks” Computer Communications 31 (2008) 2827–2837 © 2012 ACEEE DOI: 01.IJRTET.7.2.521 67
Copyright © 2024 DOKUMEN.SITE Inc.