Energy Efficient Encryption Algorithm for Wireless Sensor Network

Energy Efficient Encryption Algorithm for Wireless Sensor Network

A. Babu Karuppiap, Dr. S. Rajaram2

1 Velammal College of Engineering and Technology, Madurai, India

2Thiagarajar College of Engineering, Madurai, India

Abstract

Sensor devices have critical resource constraints such as processing speed, memory size and energy supply. Especially, energy consumption affects the network lifetime so that energy efficiency is an important requirement for Wireless Sensor Network s (WSNs). It means that it is a considerable matter to choose the energy- and a memory- efficient cryptographic algorithm suitable for WSNs. In this paper, an Energy Efficient Encryption Algorithm with 64-bit block length and 128-bit key length with basic operations like exclusive-OR (XOR) and shifting is implemented. It provides low-resource hard-ware implementation, which is suitable to sensor devices. It not only consists of simple operations but also has enough security as a good encryption algorithm. The reduction in the hardware resources also decreases the power consumption of the Wireless Sensor Network .

Keywords – Wireless Sensor Network s (WSNs), Encryption algorithm, Energy Efficiency.

1. Introduction

   Wireless Sensor Networks consist of base station and a lot of battery-powered and low-cost devices, called sensor nodes. Distributed Wireless Sensor Network consist of several scattered nodes in a knowledge area. Those sensors have as its only power supplies a pair of batteries that must let them live up to five years without substitution. Thats why it is necessary to develop some power aware algorith ms that could save battery lifetime as much as possible. WSNs have currently been used for a variety of applications such as environment monitoring, health monitoring, military applications, etc. and also WSNs are expected to be used at anywhere in the near future. To support many kinds of applications based on sensor networks, the consideration of security aspects such as Data Confidentia lity, Data Integrity, and Data Authenticity is essential [1]. Since the interest lies in imple menting a security scheme for wire less sensor networks, here it is a must to choose the schemes that meet the limited resources of sensor

   nodes. The key issue of designing cryptographic algorith ms is to deal with the trade-off among security, cost, and performance. A host of cryptographic primit ives that particularly target resource-constrained smart devices have been published in the past few years and focus will be on lightwe ight symmetric ciphers in this paper. All the previous proposals can be roughly divided into the following three categories. The first category consists of highly optimized and compact hardware imple mentations for standardized bloc k c iphers such as AES. However, the energy consumption of strong encryption is relatively high, whereas the proposals in the second category involve slight modifications of a classical block cipher like DES for lightweight applicat ions. Finally, the third category features new low-cost designs, including lightwe ight block ciphers HIGHT. Thus Public key encryption algorithm is a fundamental and wide ly used technology around the world, since it has hardware limitations like me mory usage and battery life, so it is not applied to the sensor network. Therefo re, Sy mmetric key encryption algorith m with Lo w- Energy consumption is used in the sensor networks. In this paper, a new block cipher encryption algorithm is presented which has a 32-round iterative structure which is a variant of generalized Fe istel network. The pro minent feature of the algorithm is that it consists of simple operations such as XOR, addit ion mod 28, and le ft bitwise rotation. So, it is hardware-oriented rather than software-oriented. Moreover, the proposed algorith m is imple mented using verilog language in Xilin x software and the experiment results shows that this algorithm is mo re energy efficient than the e xisting algorith ms, the hardware resources consumption of the existing algorith m such as HIGHT [4] is more than the proposed encryption algorith m in the way as number of gate usage, total CPU time to Xst completion, total me mory usage, number of slices used etc. So these result analyses provides us criterion of selecting Energy Effic ient Encryption Algorith m suitable for WSNs.

   This paper is organized as follows: In section II, issues in wireless sensor networks are described. In section III, Security require ments in WSN are e xpla ined. In section IV, the existing encryption algorith m schemes are presented. In section V, the proposed encryption algorithm scheme is analyzed how efficient it can be and whether it can meet the low powe r resource or not. In the fina l section, the e xperimental results are discussed followed by concluding rema rks and refe rences.

2. Issues in WSNs

   A WSN is a network of cheap and simple processing devices (sensor nodes) that are equipped with environ mental sensors for temperature, humid ity, etc. and can communicate with each other using a wireless radio device. Sensor networks need to become autonomous and exhib it responsiveness without explic it user or administrator action. Security has become a significant issue in regards to the violation of individual info rmation security [2, 3]. Encryption is supposed to make a secret document that is functionally diffe rent fro m the orig inal docu ment. As WSNs grow to be more popular and widely used, security becomes a very serious concern. Users do not want to reveal their data to unauthorized people as the disclosed information could be used for malic ious purposes. This concern is even more re levant to wire less environments where anyone can overhear a message sent over the radio. Therefore, even a very useful and convenient system might not be appealing to the users if it is not secure. Security is in general considered to be e xpensive. Its cost is even more noticeable in WSNs due to the limited resources of the sensor nodes. Thus, in order to provide a sufficient level of security while properly utilizing the available resources, it is important to have a good understanding of both the cost and the features of the security algorith ms used. Apart from the security issue, the primary challenges for sensor networks stem fro m t wo facts [2]. First, sensors are e xtre me ly resource constrained. Second, in many applications sensor nodes will be randomly deployed. The resource limitation of sensor networks poses great challenges for security. As sensor nodes are with very limited computing power, it is difficult to provide security in WSN using public-key cryptography.

3. Security Requirements in WSNs

   Recall that the most important network services that should be imple mented by any security mechanis m are : data confidentia lity, data Integrity, and data Authenticity [5]. Since interest lies in imple menting a security scheme for wireless sensor networks, the schemes must be chosen that meet the limited resources of sensor nodes. In this section the reasons for choosing the schemes are discussed. The process by which public key and symmetric key cryptography schemes should be selected is based on the following criteria:

   Energy : how much energy is required to e xecute the encryption/decryption functions.

   Program memory : the me mory required to store the encryption/decryption program

   Temporary memory : the required RAM size or number of registers required temporarily when the encryption/decryption code is being executed.

   Execution time : the time required to execute the encryption/decryption code./p>

4. Existing Algorithms for Encryption

   1. AES Algorithm

      The Advanced Encryption Standard (AES) algorith m, also known as Rijndael, is a bloc k c ipher adopted as an encryption standard by the US government. AES is a substitution permutation network and is one of the most popular symmetric- key cryptography algorithms. AES is fast in both software and hardware and is relatively easy to imple ment. It operates on a 4 by 4 array of bytes and has a fixed bloc k size of 128 b its and a key size of 128, 192, or 256 bits with 10, 12, and 14 number of rounds [3]. For encryption, each round of AES (e xcept the last round) consists of four stages. a) SubBytes – a non-linear substitution step where each byte is replaced with another according to a lookup table (known as S Bo x). b) Shift Rows – a transposition step where each row of the state is shifted cyclically a certain number of steps. c) MixCo lu mns a mixing operation which operates on the columns of the state, combin ing the four bytes in each column using a linear transformat ion.

      d) AddRoundKey – each byte of the state is

      combined with the round key; each round key is derived fro m the cipher key using a key schedule. AES a lgorith m co mprises of various rounds depending on the key size and block size . Out of a ll the rounds the Pre- round comprises only AddRoundKey whereas the final round omits the MixCo lu mns stage.

      Figure. 1 Hardware I/O S pecifications

      Figure. 1 shows the encryption process of the AES algorithm. Here the pla inte xt is applied along

      with the key and cloc k input to obtain the cipherte xt by applying operations with encryption and decryption module. The round transformation modifies the 128-bit state. The init ial state is the input plainte xt and the final state is the output cipherte xt where the state is organised as a 4 X 4 matrix of bytes.

      Figure. 2 AES Round Transformation

      Figure. 2 shows the round transformation of AES, where it scra mbles the bytes of the state either indiv idually, ro wwise, or co lu mnwise by applying the functions SubBytes, ShiftRows, MixCo lu mns, and AddRoundKey sequentially [7].

   2. RC5 Algorithm

      RC5 is a fast symmetric block c ipher suitable for hardwa re or software imple mentations. RC5 has a variable block size (32, 64 or 128-b its), key size (0 to 2040 bits) and number of rounds (0 to 255) [6]. The original suggested choices of parameters were a b lock size of 64-bits, a 128-b it key and 12- rounds. It is fast symmetric block cipher suitable for hardware or software imple mentations. A novel feature of RC5 is the heavy use of data-dependent rotations. RC5 has a variable word size , a variable number of rounds, and a variable-length secret key. The encryption and decryption algorithms are e xceptionally simple . RC5 is not intended to be secure for all possible parameter values. On the other hand, choosing the ma ximu m para meter value will be overkill for most applications. RC5 is hard to use in open environments and one-shot communicat ions. 12-round RC5 (with 64-b it blocks) is susceptible to a differentia l attack using 244 chosen plainte xts. 18-20 rounds are suggested as sufficient protection. A distinguishing feature of RC5 is its heavy use of data dependent rotation. The a mount of rotation performed is dependent on the input data and its not pre-determined. Word size, nu mber of rounds and key size of RC5 can be varied. The diffe rent combinations of values for these parameters are used to fully understand their

      influence on the energy consumption caused by the encryption algorithm:

      1. The usual word size for encryption is 32 bits (4

         bytes) to study the impact of the word size on the time it takes to perform key setup, encryption, and decryption.

      2. The number of rounds (4,8,12,16,18) has a proportional effect on the security of RC5 [10].

      3. RC5 a lso uses different key sizes as AES.

         Figure. 3 Block Diagram of RC5

         Figure. 3 shows the Block Diagra m of RC5 that illustrates the functioning with init ial key addit ion, Mixing Circu lar Sh ift Key Addition blocks to obtain ciphertext by applying the plaintext and keys.

   3. Skip Jack

      Skipjac k uses an 80-b it key to encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel network with 32 rounds [6]. It has been found that the number of rounds is exponentially proportional to the amount of time required to find a key using a brute-force attack. So, as the number of rounds increases, the security of the algorithm increases exponentially. Skipjac k uses F-BOX which can be stored in either RAM or program me mo ry.

      Figure. 4 Skip Jack Round Function

      Fro m Figure 4, the output of the Skip jack Round function can be explained with the following e xpressions,

      A (a,b,c,d) = (d + Gk(a) + counter, GK (a), b,c);

      B (a,b,c,d) = (d;Gk (a); a + b + counter; c):

      A1(a,b,c,d) = (G1k (b); c; d; a + b + counter);

      B-1 (a,b,c,d) = (G1k (b); c + G1k (b) + counter; d; a):

      Skipjac k has been extensively crypt analyzed, and has no weaknesses. There are no known shortcut attacks that can break Skip jack. However, the small key size makes this algorith m inferior to the newer candidate algorithms for the Advanced Encryption Standard (AES) co mpetit ion being held by NIST.

   4. HIGHT

      HIGHT has 64-bit bloc k length and 128-b it key length, which is suitable for low-cost, low power and ultra-light imp le mentation. 32-round iterative structure which is a variant of generalized Fe istel network [6]. The hardware imp le mentation of HIGHT requires 3048 gates on 0.25 m technology [4]. It has been analyzed for the security against various attacks. The strength of the HIGHT algorith m is evaluated with respect to differential attack, linear attack, truncated differential cryptanalysis, impossible diffe rential cryptanalysis, saturation attack, boomerang attack, interpolation and higher order differentia l attack.

5. Proposed Method

   The existing HIGHT Algorith m utilizes more hardware resource by using large number of X -OR gates for all co mputational rounds. By reducing the number of gates, resource utilization is also reduced which in turn reduces power consumption which is achieved by the concept of reusability. Here the concept of reusability in verilog coding is utilized that uses a single output variable for a ll round iterations, which results in only one X-OR gate that is used for all round operations instead of as many X-ORs as rounds. The 64-bit p lain-te xt and ciphertext are considered as concatenations of 8 bytes and denoted by P = P7||P1||P0 and C = C7||..C1||C0, respectively. The 64-b it intermediate values are analogously represented, Xi

   = Xi,7||.Xi,1||Xi,0 for i = 0,..,32. The 128-b it

   master key is considered as a concatenation of 16 bytes and denoted by MK = MK15||||MK0. The following are notations for mathe matical operations:

   WK Whitening Key; SK SubKey

   : Addition mod 28

   : Subtraction mod 28

   : XOR (Exclusive OR)

   A<<s : s-bit left rotation of a 8-bit value A

   The detailed process of Encryption of HIGHT Algorith m is depicted in Figure. 5.

   Figure. 5 Encryption Process of HIGHT Algorithm

   HIGHT Encryption algorithm consists of key schedule, initia l transformation, round function, and final t ransformat ion.

   For j = 0 to 7 {

   SK16.i+j M K(j-im od8) + 8 16.i+j +8 ;

   }

   }

   }

   HightEncryption(P,MK)

   {

   KeySchedule(MK,WK,SK); HightEncryption(P ,WK,SK)

   {

   InitialT ransfomation(P,X0,WK3,WK2,WK1,WK0); For i = 0 to 31 {

   RoundFunction(Xi,Xi+1, SK4i+3, SK4i+2, SK4i+1, SK4i);

   }

   FinalTransfomation(X32,C,WK7,WK6,WK5,WK4);

   }

   }

   1. Whitening Key Generation

      It uses 8 whitening key bytes WK0,…..,WK7 for the initia l and final transformations. The algorithm WhiteningKeyGeneration generates them as follow.

      WhiteningKeyGeneration {

      For i = 0 to 7 {

      If (0< i < 3) then WKi MKi+12; Else, WKi MKi-4;

      }

      }

      It is observed that Whitening Keys (WK0,.,WK7) are generated fro m the 16 bytes input Master Key. This serves as a Key for the Initia l Transformation Block where the operation is done with plaintext and whitening keys and proceeded further.

   2. Initial Transformation

      Initia l Transformation transforms a plainte xt P into the input of the first Round Function, X0 = X0,7||X0,6||.||X0,0 by using the four whitening-key bytes, WK0, WK1,WK2, and WK3.

   3. Subkey Generation

      SubkeyGeneration(M K,SK) {

      Run Constant Generation For i = 0 to 7 {

      For j= 0 to 7 {

      SK16.i+j M Kj -im od8 16.i+j ;

      }

      128 subkeys are used for 1 co mputation of Hight Encryption, 4 subkeys per round. The algorith m Subkey Generation uses the subalgorithm ConstantGeneration to generate 128 7-bit constants 0 ,.,127, and then generates the subkeys SK0,,SK127 with the constants. 0 is fixed as 10110102. Th is is also the initial state (s6 ,, s0) of 7-bit LFSR and so 0=127.

   4. Round Function

      RoundFunction uses two auxiliary functions F0 and F1:

      F0(x) = x<<1

      F1(x) = x<<3

      x<<2

      x<<4

      x<<7;

      x<<6;

      For i=0,..,31, RoundFunction transforms Xi=Xi,7||,,||Xi,0 into Xi+1 =Xi+1,7||,||Xi+1,0 as follows.

      For(i=0;i<=32;i=i+1) {

      RoundFunction(Xi,0, Xi+1,SK4i+2,SK4i+1,SK4i) { X1 X0; X3 X2; X5 X4; X7 X6;

      X0=X7 X2=X1 X4=X3 X6=X5

      }

      (F0(X6)

      (F1(X0)

      (F0(X2)

      (F1(X4)

      SK4i+3); SK4i+2); SK4i+1); SK4i);

      }

      The above algorithm is used for generation of a ll

      32 round function block. The output of the preceding round is given as the input to the successive round.

      WK0; X0,1 P1 ;

      WK1;

      P0 P2 P3 ; P4 P6

      P7 ;

      X0,0 X0,2 X0,3 X0,4 X0,6

      X0,7

   5. Final Transformation

      InitialTransformation(P,X0,WK3,WK2,WK1,WK0){

      }

      P5 ;

      WK2; X0,5

      WK3;

      FinalTransformation untwists the swap of the last round function and transforms X32 = X32,7||X32,6||,.,||X32,0 into the ciphertext C by using the four whitening-key bytes WK4, WK5, WK6, and WK7. This step is similar to initia l Transformat ion. It is observed that the X-OR and modular arith metic operations are performed to generate 7- byte ciphertext.

      FinalTransformation(C,X32,WK7,WK6,WK5,WK4) {

      C0 X32,1 WK4; C1 X32,2 ; C2 X32,3

      WK5; C3

      C4 WK5; C7

      }

      X32,4; X32,5

      WK4; C5 X32,6 ; C6 X32,7

      X32,0;

   6. Decryption

      The decryption operation is identical in operation to encryption apart from the follo wing two modifications. (1) All addition modular 28 operations are replaced by subtraction modular 28 operations except for the operations connecting SKi and outputs of F0.

      (2) The order in wh ich the keys WKi and SKi are applied is reversed.

6. Experimental Results and Comparison

   The structure of HIGHT is generalized Feistellike. This kind of structure reduces restriction of designing inner auxiliary functions. Co mpared to A ES like structure, the round function is light. Since encryption process is simp ly converted into decryption process, imple mentation of the circuit supporting both encryption and decryption processes does not require much more cost than the encryption-only circuit. Every operation in HIGHT is 8- b it-processor-oriented. CPUs embedded into the sensors in USN (Ubiquitous Sensor Network) are based on 8-bit processor. So, HIGHT has efficient performance in such environment.

   Figure.7 (a) Generation of Plain text (b) A sample Round function block

   Figure 7 (a) shows the generation of plaint text and

   (b) shows the generation of sample round function block.

   Figure.8 Simulation result for Encryption

   Figure 8 shows the simulation result of the encryption algorithm for 64-bit p lainte xt, 128 Subkeys, 8 Whitening Keys using 32 rounds. The target device chosen was XC3S250E of Spartan3E fa mily. It shows the 64-bit encrypted result using Energy Efficient Encryption Algorith m.

   Figure.9 Simulation result for Decryption

   Figure 9 shows the simulation result of the decryption process where the original 64-b it plainte xt is retained, using the same Whitening Keys and SubKeys as in encryption.

   Table1: Comparison of Results

   S. No.	Parame ters Taken	Existing architecture	Proposed architecture
   1.	Nu mber of Slices	62%	51%
   2.	Nu mber of 4 input LUTs	58%	48%
   3.	Nu mber of IOs:	4493	2438

   Table 1 shows the comparison of results that are obtained from the synthesis report. It can be inferred that the proposed algorithm has an advantage over the existing algorith m by consuming 11% less number of slices, 10% less number of 4 input LUTs and a greater reduction in the number of inputs and outputs.

7. Conclusion

   For any Wireless Sensor Network the battery life time and the energy of the network are limited. In this paper, it is shown that the proposed Energy Efficient Encryption Algorith m which includes the

   basic operations of XOR and shift is suitable to overcome the limitations of wireless sensor nodes. The result indicates that the algorithm achieves reduction in hardware resources providing energy efficiency thereby increasing the life span of wireless sensor nodes in the network.

8. References

1. Sang-Eon Lee, Sang-Ho Shin, Geum-Dal Park and Kee- Young Yoo, Wireless Sensor Network Protocols for Secure and Energy-Efficient Data Transmission Proceedings of the CISIM'08 on Computer Information Systems and Industrial Management Applications, 26-28 June 2008.

2. Zoran S. Bojkovic, Bojan M. Bakmaz, and Miodrag R. Bakmaz Security Issues in Wireless Sensor Networks in International Journal of Communications, Issue 1, Volume 2, pp.1

3. Jongdeog Lee, Krasimira Kapitanova and Sang H. Son, The price of security in wireless sensor networks, Computer Networks 54 (2010) pp.29672978.

4. Deukjo Hong, Jaechul Sung, Seokhie Hong, Jongin Lim and Sangjin Lee HIGHT : A New Block Cipher Suitable for Low- Resource Device, Proceedings of the Cryptographic Hardware and Embedded Systems (CHES) Volume 4249, in 2006, pp.46- 59

5. Mohammad AL-Rousan, A. Rjoub and Ahmad Baset , A Low-Energy Security Algorithm for Exchanging Information in Wireless Sensor Networks Published in Journal of Information Assurance and Security4 (2009), pp.48-59.

6. Woo Kwon Koo, Hwaseong Lee, Yong Ho Kim and Dong Hoon Lee, Implementation and Analysis of New Lightweight Cryptographic Algorithm Suitable for Wireless Sensor Networks, Proceeding of International Conference on Information Security and Assurance, 2008.

7. Sounak Samanta, FPGA Implementation of AES Encryption and Decryption, in an International Conference on Control, Automation, Communication and Energy Conservation, June 2009.

8. Jason Van Dyken and José G. Delgado-Frias, FPGA Schemes for Minimizing the Power-Throughput Trade-off in Executing the Advanced Encryption Standard Algorithm, Published in Journal of Systems Architecture 56 (2010), pp.116123.

9. Gil-Ho Kim, Jong-Nam Kim and Gyeong-Yeon Cho, An improved RC6 algorithm with the same structure of encryption and decryption, Proceeding of ICACT on 11th International Conference of Advanced Communication Technology, 2009, Volume 2, pp.1211 1215.

10. B.S. Kaliski Jr., Y.L. Yin, On the security of the RC5 encyption algorithm, RSA Laboratories, September 2006, T R- 602, Version 1.0.

11. ASIC Official Website : http://www.asic-world.com