AN ELLIPTIC CURVE CRYPTOGRAPHY BASED ENHANCED SECURITY FOR MOBILE AD-HOC NETWORKS PROTOCOLS
Guided By:Prof. P .R .Pardhi
Presented By:Palak V. Agrawal
TODAY’S TALK• MANET Introduction• Routing Protocols• Attacks in MANET• What Is Elliptic Curve Cryptography
(ECC)?• Using Elliptic Curves In MANET• SMD RECC Architecture • CONCLUSION• REFERENCES
MANET
A collection of wireless mobile hosts forming a temporary network without the aid of any established infrastructure.
Significant Features:1. Autonomous terminal2. Multi-hop routing3. Dynamic network topology1. No administrator
ROUTING PROTOCOLS FOR MANET
k
- AODV- DSR
Mobile Ad-Hoc Network
Proactive Reactive Hybrid
-DSDV- CGSR -
- TORA- ZRP
ASYMMETRIC APPROACHES RSA
Integer multiplication and factorization Diffie-Hellamn
Discrete exponentiation and logarithm Elliptic Curve Cryptography
Point multiplication and discrete logarithm
WHAT IS ELLIPTIC CURVE CRYPTOGRAPHY (ECC)? Independently proposed by Neal Koblitz
and Victor Miller in 1985 Every user has a public and a private
key.Public key is used for encryption/signature
verification.Private key is used for decryption/signature
generation. Elliptic curves are used as an extension to
other current cryptosystems.Elliptic Curve Diffie-Hellman Key ExchangeElliptic Curve Digital Signature Algorithm
USING ELLIPTIC CURVES IN MANET
ECC offers comparable security with smaller key sizes, faster computation, lower power consumption, as well as memory and bandwidth savings.
Reduces processing overhead. Methods for computing general elliptic curve discrete
logarithms are much less efficient than those for factoring or computing conventional discrete logarithms and it indicates that more computation time is required for ECC.
ECC ALGORITHMS• ECC provide algorithms they are, Elliptic Curve Digital
Signature Algorithm• (ECDSA) and Elliptic Curve Diffie-Hellman key
algorithm.• Each algorithm provides authentication and key
establishing respectively.• Parameters :• E (Fq) : E is elliptic curve over prime field• G: Generator points on curve.• n: order of curve• Ni, Nj : two nodes• Si and Qi are private and oublic key respectively
AUTHENTICATION MECHANISM (ECDSA) The following steps indicates signature generation
algorithm.1. Calculate e = HASH (m), where HASH is a Cryptographic hash function, such as SHA-12. Select a random integer k from [1,n − 1]3. Calculate li = xi (mod n), where (xi, yi) = k * G. If S = 0, go to step 24. Calculate mi = k − 1(e + sili)(mod n). If s = 0, go to step 25. The signature is the pair (li, mi)
The following procedure will explain about signature verification algorithm
1. Verify that li and mi are integers in [1,n − 1]. If not, the signature is invalid.2. Calculate e = HASH (m)3. Calculate w = mi −1 (mod n)4. Calculate u1 = ew (mod n) and u2 = liw (mod n)5. Calculate (xi, yi) = u1G + u2QA6. The signature is valid if xi= li(mod n), invalidOtherwise
KEY SHARING MECHANISM (ECDH) ECDH ensures secrete key between two parties by
using their public data and private data. let (si, Qi) be the pair of the private key-public key of
node Ni and (sj,Qj) be the pair of private key-public key of node Nj .
1. The end node Ni computes K = (xK, yK) = si * Qi2. The end node Nj computes L = (xL, yL) = sj * Qj3. Since si*Qi = si*sj*G = sj*si*G = sj*Qj. Therefore K = L and hence xK = xL4. Hence the shared secret is xK
PROPOSED SYSTEM SMDRECC ARCHITECTURE It stands for Secure Mechanism for DYMORouting Protocol by using Elliptic Curve
Cryptography concentrate on both routing as well as
security to the routing misbehavior, depending from flooding attacks etc
The proposed architecture for SMDRECC contains four modules.
It ensures security parameters like authentication, integrity and
PROPOSED SYSTEM SMDRECC CONTD…
Pre-Node Deployment
DYMO Protocol Routing Protocol Routing
Deployment of New Nodes
Acce
ss C
ontro
l
Fig. Architecture for SMDRECC
1.ACCESS CONTROL MECHANISM
Transfer the information in confidential manner from nodes to the target node (base station) by using encryption methods.
Nodes in MANET may be lost due to power exhaustion or malicious attacks.
To prevent malicious nodes from joining the MANET network, access control is required.
Access control protocol based on Elliptic Curve Cryptography (ECC) for MANET networks. access control mechanism needed when handshaking of old node and new node.
Elliptic Curve Digital Signature Algorithm(ECDSA) and Elliptic Curve Diffie-Hellman key algorithm are used.
2.PRE-NODE DEPLOYMENT
Before going to utilize the MANET network deploy the nodes manually.
Unlike traditional routing algorithms not only consider the identity of node but also it considers bootstrapping time further security.
Access control mechanism can be used in two scenarios, when one handshake happens between two new nodes
2.1 HANDSHAKING BETWEEN NEW NODES
1. This scenario will have to consider only after deployment of MANET Here Diffie-Hellman key algorithm is used.
2. Authentication process as follows, one node checks identity of digital and bootstrapping time
If( Tj<=Ti ){If(v==Cj){Accept;Calculateki=si*Qj;}elseReject;}
If( Ti <=Tj ){If(v==Cj){Accept;Calculateki=si*Qj;}elseReject;}
Nj,Tj,Lj,Mj
Nj,Tj,Lj,Mj
3.1 WORKING FUNCTIONALITY OF NETWORK ROUTING DYMO routing protocol, source node send request to
the target node that desire to send. The sender node selects the adjacent node
which is very nearer with minimum distance.
If the destination node is adjacent then source node checks the bootstrapping time and digital certificate of the target node.
it add the own address to the route request message
3.2 WORKING FUNCTIONALITY OF NETWORK ROUTING CONTD….
4. DEPLOYMENT OF NEW NODES
New node deployment will give the way for attackers to deploy the malicious nodes.
communication will be taking in between old node and new node.
the old node should follow the ECDSA to authenticate the identity of old node.
If Ti<=Tj{If(v==Ci){Accept;Calculatekj=sj*Qi}elseReject;}
Ni, Ti, Li, Mi
Fig: handshake between old node and new node
SECURITY COMPARISON OF ECC WITH RSA The access control mechanism on elliptic curve
cryptography with popular RSA algorithm. ECC is seen to be the standard for the next generation
cryptographic technology.
Fig: security comparison of key size’s of ECC with RSA
CONCLUSION Secure routing is vital to the acceptance and use for
many MANET network applications. AODV routing protocol with integration of Elliptic
Curve Cryptography to ensure security for the routing information.
By using proposed scheme the network life time is increased, packets sent and number of packets dropped through mitigation of intruders and malicious nodes from network.
REFERENCES• Secure Mechanism for DYMO Routing Protocol
by using Elliptic Curve Cryptography in Mobil Ad-hoc Networks.
• Dong-Won Kum, Jin-Su Park, You-Ze Cho and Byoung-Yoon Cheon,” Performance Evaluation Of AODV and DYMO Routing Protocols in MANET”, in proc IEEE CCNC, Las Vegas, Nevada, USA, pp.1046-1047, Jan.2010.
• A NOVEL ELLIPTIC CURVE CRYPTOGRAPHY BASED AODV FOR MOBILE AD-HOC NETWORKS FOR ENHANCED SECURITY .
THANK YOU……