AN ELLIPTIC CURVE CRYPTOGRAPHY BASED ENHANCED SECURITY FOR MOBILE AD-HOC NETWORKS PROTOCOLS

Guided By:Prof. P .R .Pardhi

Presented By:Palak V. Agrawal

TODAY’S TALK• MANET Introduction• Routing Protocols• Attacks in MANET• What Is Elliptic Curve Cryptography

(ECC)?• Using Elliptic Curves In MANET• SMD RECC Architecture • CONCLUSION• REFERENCES

MANET

A collection of wireless mobile hosts forming a temporary network without the aid of any established infrastructure.

Significant Features:1. Autonomous terminal2. Multi-hop routing3. Dynamic network topology1. No administrator

ROUTING PROTOCOLS FOR MANET

k

- AODV- DSR

Mobile Ad-Hoc Network

Proactive Reactive Hybrid

-DSDV- CGSR -

- TORA- ZRP

ASYMMETRIC APPROACHES RSA

Integer multiplication and factorization Diffie-Hellamn

Discrete exponentiation and logarithm Elliptic Curve Cryptography

Point multiplication and discrete logarithm

WHAT IS ELLIPTIC CURVE CRYPTOGRAPHY (ECC)? Independently proposed by Neal Koblitz

and Victor Miller in 1985 Every user has a public and a private

key.Public key is used for encryption/signature

verification.Private key is used for decryption/signature

generation. Elliptic curves are used as an extension to

other current cryptosystems.Elliptic Curve Diffie-Hellman Key ExchangeElliptic Curve Digital Signature Algorithm

USING ELLIPTIC CURVES IN MANET

ECC offers comparable security with smaller key sizes, faster computation, lower power consumption, as well as memory and bandwidth savings.

Reduces processing overhead. Methods for computing general elliptic curve discrete

logarithms are much less efficient than those for factoring or computing conventional discrete logarithms and it indicates that more computation time is required for ECC.

ECC ALGORITHMS• ECC provide algorithms they are, Elliptic Curve Digital

Signature Algorithm• (ECDSA) and Elliptic Curve Diffie-Hellman key

algorithm.• Each algorithm provides authentication and key

establishing respectively.• Parameters :• E (Fq) : E is elliptic curve over prime field• G: Generator points on curve.• n: order of curve• Ni, Nj : two nodes• Si and Qi are private and oublic key respectively

AUTHENTICATION MECHANISM (ECDSA) The following steps indicates signature generation

algorithm.1. Calculate e = HASH (m), where HASH is a Cryptographic hash function, such as SHA-12. Select a random integer k from [1,n − 1]3. Calculate li = xi (mod n), where (xi, yi) = k * G. If S = 0, go to step 24. Calculate mi = k − 1(e + sili)(mod n). If s = 0, go to step 25. The signature is the pair (li, mi)

The following procedure will explain about signature verification algorithm

1. Verify that li and mi are integers in [1,n − 1]. If not, the signature is invalid.2. Calculate e = HASH (m)3. Calculate w = mi −1 (mod n)4. Calculate u1 = ew (mod n) and u2 = liw (mod n)5. Calculate (xi, yi) = u1G + u2QA6. The signature is valid if xi= li(mod n), invalidOtherwise

KEY SHARING MECHANISM (ECDH) ECDH ensures secrete key between two parties by

using their public data and private data. let (si, Qi) be the pair of the private key-public key of

node Ni and (sj,Qj) be the pair of private key-public key of node Nj .

1. The end node Ni computes K = (xK, yK) = si * Qi2. The end node Nj computes L = (xL, yL) = sj * Qj3. Since si*Qi = si*sj*G = sj*si*G = sj*Qj. Therefore K = L and hence xK = xL4. Hence the shared secret is xK

PROPOSED SYSTEM SMDRECC ARCHITECTURE It stands for Secure Mechanism for DYMORouting Protocol by using Elliptic Curve

Cryptography concentrate on both routing as well as

security to the routing misbehavior, depending from flooding attacks etc

The proposed architecture for SMDRECC contains four modules.

It ensures security parameters like authentication, integrity and

PROPOSED SYSTEM SMDRECC CONTD…

Pre-Node Deployment

DYMO Protocol Routing Protocol Routing

Deployment of New Nodes

Acce

ss C

ontro

l

Fig. Architecture for SMDRECC

1.ACCESS CONTROL MECHANISM

Transfer the information in confidential manner from nodes to the target node (base station) by using encryption methods.

Nodes in MANET may be lost due to power exhaustion or malicious attacks.

To prevent malicious nodes from joining the MANET network, access control is required.

Access control protocol based on Elliptic Curve Cryptography (ECC) for MANET networks. access control mechanism needed when handshaking of old node and new node.

Elliptic Curve Digital Signature Algorithm(ECDSA) and Elliptic Curve Diffie-Hellman key algorithm are used.

2.PRE-NODE DEPLOYMENT

Before going to utilize the MANET network deploy the nodes manually.

Unlike traditional routing algorithms not only consider the identity of node but also it considers bootstrapping time further security.

Access control mechanism can be used in two scenarios, when one handshake happens between two new nodes

2.1 HANDSHAKING BETWEEN NEW NODES

1. This scenario will have to consider only after deployment of MANET Here Diffie-Hellman key algorithm is used.

2. Authentication process as follows, one node checks identity of digital and bootstrapping time

If( Tj<=Ti ){If(v==Cj){Accept;Calculateki=si*Qj;}elseReject;}

If( Ti <=Tj ){If(v==Cj){Accept;Calculateki=si*Qj;}elseReject;}

Nj,Tj,Lj,Mj

Nj,Tj,Lj,Mj

3.1 WORKING FUNCTIONALITY OF NETWORK ROUTING DYMO routing protocol, source node send request to

the target node that desire to send. The sender node selects the adjacent node

which is very nearer with minimum distance.

If the destination node is adjacent then source node checks the bootstrapping time and digital certificate of the target node.

it add the own address to the route request message

3.2 WORKING FUNCTIONALITY OF NETWORK ROUTING CONTD….

4. DEPLOYMENT OF NEW NODES

New node deployment will give the way for attackers to deploy the malicious nodes.

communication will be taking in between old node and new node.

the old node should follow the ECDSA to authenticate the identity of old node.

If Ti<=Tj{If(v==Ci){Accept;Calculatekj=sj*Qi}elseReject;}

Ni, Ti, Li, Mi

Fig: handshake between old node and new node

SECURITY COMPARISON OF ECC WITH RSA The access control mechanism on elliptic curve

cryptography with popular RSA algorithm. ECC is seen to be the standard for the next generation

cryptographic technology.

Fig: security comparison of key size’s of ECC with RSA

CONCLUSION Secure routing is vital to the acceptance and use for

many MANET network applications. AODV routing protocol with integration of Elliptic

Curve Cryptography to ensure security for the routing information.

By using proposed scheme the network life time is increased, packets sent and number of packets dropped through mitigation of intruders and malicious nodes from network.

REFERENCES• Secure Mechanism for DYMO Routing Protocol

by using Elliptic Curve Cryptography in Mobil Ad-hoc Networks.

• Dong-Won Kum, Jin-Su Park, You-Ze Cho and Byoung-Yoon Cheon,” Performance Evaluation Of AODV and DYMO Routing Protocols in MANET”, in proc IEEE CCNC, Las Vegas, Nevada, USA, pp.1046-1047, Jan.2010.

• A NOVEL ELLIPTIC CURVE CRYPTOGRAPHY BASED AODV FOR MOBILE AD-HOC NETWORKS FOR ENHANCED SECURITY .

THANK YOU……