Design the proposed EW-MOF algorithm

In this section, we propose an enhanced window-based mutual opposite form for scalar multiplication (EW-MOF) in WSNs. The proposed EW-MOF combines MOF with an enhanced window method that can significantly not only reduce the number of essential pre-computed points but also reduce memory consumption and speed up the average key generation time. The proposed EW-MOF algorithm is shown in Algorithm 1, which includes

Figure 8. Selection of the best window size under N (assuming 100) times of key generations.

three phases, essential pre-computed points pre-computation phase, signed binary representation phase and public key generation using enhanced window method phase. In the essentialpre-computed points pre-computation phase, all the essential pre-computed points will be calculated once S is selected for a specific window size. After the essential pre-computed points pre-computation phase, we start to execute the scalar multiplication algorithm to calculate the public key. In the signed binary representation phase, the private key utilizes MOF to convert the binary representation into a signed binary representation.

Then, the public key is calculated in the public key generation using enhanced window method phase. Firstly, the private key is scanned from left to right. If a digit is 0, doubling operations are executed; otherwise, remove the block based on the window size. If the sum of the block has been saved in the sensor node, addition operations are executed to calculate the public key. If the sum of the block has not been saved in the sensor node, addition operations are executed to calculate the sum of the block first by using essential pre-computed points and save it in the sensor node. Then, addition operations are executed to calculate the public key.

In addition, if we have another block with the same sum later, no more calculation is needed.

Finally, the execution will continue until the end of digits and the public key is returned.

Algorithm 1: Left-to-Right EW-MOF

Input: An n-bit binary string K = b_n-1,b_n-2, …, b₁, b₀, where K is a private key and w Output: A public key Q, where Q = KP

1. Essential pre-computed points pre-computation phase:

1.1 S = Table lookup (w)

3. Public key generation using enhanced window method phase:

3.1 Q = P If P_wsum has been calculated

Q = Q + P_wsum Else

calculate P_wsum by essential pre-computed points save P_wsum in the sensor node

Q = Q + P_wsum 3.2.3 n = g – 1

3.3 Return Q

Figure 9 shows the flowchart of selecting an elliptic curve and a base point (P(x, y)) for ECC in wireless sensor networks. Firstly, the sink selects an elliptic curve over GF(p) where a, b GF(p) and . Then, the sink selects a base point P = (x, y) on the elliptic curve, where x and y are the coordinates of E. When a sensor node receives the elliptic curve and the base point, it will determine a window size w and executes the essential pre-computed points pre-computation phase. After this phase, these essential pre-computed points will be stored in the sensor node. If the elliptic curve E or the base point P is changed, the essentialpre-computed points pre-computation phase needs to be re-executed and new essential pre-computed points are stored in the sensor node. In this paper, we assume all computations are performed in the sensor node, since it would be more secure to do key exchanges and key generations in WSNs.

Figure 10 shows the flowchart of the public key generation process for a sensor node.

The sensor node generates a private key K and executes the signed binary representation phase to convert K into m in MOF. Then, according to window size w, m is split into several blocks. Then, the sensor node checks whether the sum of the block has been saved or not. If the sum of the block has been saved, the sensor node will compute public key Q using the proposed enhanced window method. Otherwise, the sensor node will execute addition operations to derive the sum of the block from essential pre-computed points and save it in the sensor node. Then, the sensor node computes public key Q using the enhanced window method. Finally, public key Q is calculated.

 

GF b

a,  4

a



b



 

GF b

ax x y

E  ²  ³  

Figure 9. Flowchart of selecting an elliptic curve and a base point for ECC in WSNs.

In the following, we give an example to illustrate how a sensor node computes a public key Q. For w = 6, essential pre-computed points = {2P, 4P, 7P 17P, 27P}. Firstly, the sensor node randomly generates a private key K = 12434877 = (101111011011110110111101)2. Express K in MOF:

Note that 3P can be calculated by 7P – 4P, which only needs to be calculated once and 9P can be calculated by 7P + 2P, which again only needs to be calculated once. The intermediate values of Q are 3P, 6P, 12P, 24P, 48P, 96P, 192P, 384P, 768P, 759P, 1518P, 3036P, 6072P, 12144P, 24288P, 48576P, 97152P, 194304P, 194295P, 388590P, 777180P, 1554360P, 3108720P, 6217440P, 12434880P, 12434877P

Figure 10. Flowchart of the public key generation process for a sensor node.

The computation cost of arithmetic operations for the above example include 22 doubling operations, 5 addition operations, with two extra addition operations used to calculate 3P and 9P. Although two extra addition operations are needed, there is no need to calculate them again at next time. Note that the two extra addition operations will result in very small increase in the average key generation time since the average extra number of additions for w = 6 is very small, as shown previously. That is, the time required for the two extra addition operations in the average key generation time can be neglected.

Chapter 5

Performance Evaluation and Discussion

In this chapter, we evaluate the average key generation time of the proposed EW-MOF and compare it with that of one’s complement.

5.1 Simulation environment setup

We implemented the proposed EW-MOF on the 2.66 GHz Intel Core i5 and used Multiprecision Integer and Rational Arithmetic C/C++ Library (MIRACL) [13] for elliptic curves and Basicrypt which is an ECC benchmark suite [14] for ECC. MIRACL is a big number library which implements all of the primitives necessary to design big number cryptography into your real-world application [13]. It is an open source library and can be used to perform the arithmetic of elliptic curves. The Basicrypt benchmark package uses the MIRACL library and it contains standards and elliptic curve codes for Diffie-Hellman key exchange, digital signature algorithm, ElGamal and RSA encryption/decryption [14].

Furthermore, the various parameters of elliptic curves are defined in the National Institute of Standards and Technology (NIST) DSS standard FIPS 186-3 [15].

5.2 Comparison between the proposed EW-MOF and one’s complement

Figure 11 shows the average key generation time, excluding pre-computation time, of the binary, MOF, one’s complement, and the proposed EW-MOF methods under different field sizes for w = 6. The average key generation time is defined as the summation of each key generation time divided by the number of key generations (N). The field size means the

elliptic curves over prime fields that are specified in [15]. The average key generation time of Binary is the worst because Binary contains the most bits of 1 that involve addition and doubling operations. The average key generation time of MOF is better than that of Binary because MOF contains less bits of 1. As to the one’s complement, the average key generation time is better than that of MOF because one’s complement uses the window method that splits the private key into blocks so as to reduce the number of addition operations. The proposed EW-MOF is almost the same as one’s complement because their numbers of blocks are not much different. As a result, their numbers of addition operations are not much different.

Although the proposed EW-MOF requires extra addition operations, it causes little increase in the average key generation time.

Figure 12 shows the average key generation time, including pre-computation time, of the one’s complement and the proposed EW-MOF under different field sizes for w = 6. The average key generation time of the proposed EW-MOF is better than that of the one’s Figure 11. Average key generation time excluding pre-computation time under different

field sizes.

complement because the number of pre-computed points in the one’s complement is larger than that of the proposed EW-MOF, as shown in Figure 5 and Figure 7. Thus, the pre-computation time in the one’s complement is longer than that of the proposed EW-MOF.

In summary, in terms of the average key generation time, including pre-computation time, under different field sizes, for w = 6, the proposed EW-MOF is 24.69% faster than the one’s complement.

Figure 13 shows the average key generation time, excluding pre-computation time, of the one’s complement and the proposed EW-MOF under different window sizes. We found that when the window size increases the average key generation time decreases. This is because when the window size increases the number of blocks will decrease and the number of addition operations will decrease as well. The average key generation time of the one’s complement and the proposed EW-MOF are almost the same for . This matches the Figure 12. Average key generation time including pre-computation time under different

field sizes.

generations. For , the average key generation time of the proposed EW-MOF will slowly increase. This is because that the proposed EW-MOF has a smaller number of essential pre-computed points. However, for the same number of pre-computed points, the proposed EW-MOF can set a bigger window size than one’s complement. Thus, the proposed EW-MOF can be still faster than the one’s complement in terms of average key generation time, excluding pre-computation time.

Figure 14 shows the average key generation time, including pre-computation time, of the one’s complement and the proposed EW-MOF under different window sizes. The average key generation time of the proposed EW-MOF is better than that of the one’s complement because the number of pre-computed points in the one’s complement is larger than that of the proposed EW-MOF, as shown in Figure 7. Note that the average key generation time of the proposed EW-MOF increases slowly compared to that of the one’s complement as window

Figure 13. Average key generation time, excluding pre-computation time, under different window sizes.

size increases. This is because the number of essential pre-computed points does not increase complement. That is, the proposed EW-MOF is more feasible than the one’s complement for wireless sensor networks, which is battery powered, in terms of power saving. Applying the proposed EW-MOF to the ECC for wireless sensor networks can benefit associated sensor nodes in terms of less computing and memory needed, and power saving. In addition, the proposed EW-MOF is also feasible to other mobile and wireless devices for ECC security.

Figure 14. Average key generation time, including pre-computation time, under different window sizes.

Chapter 6 Conclusion

6.1 Concluding remarks

In this paper, we have presented an enhanced window-based mutual opposite form for scalar multiplication (EW-MOF) that combines MOF with an enhanced window method. The proposed EW-MOF can largely reduce average key generation time including pre-computation time and it needs less pre-computation time and memory. Moreover, the proposed enhanced window method only requires to calculate essential pre-computed points, which is better than the original window method that needs to calculate all pre-computed points. Simulation results have shown that the proposed EW-MOF is 24.69% faster than the one’s complement in terms of average key generation time including pre-computation time under different field sizes. Furthermore, the proposed EW-MOF can use a larger window size because its number of essential pre-computed points is smaller than the number of pre-computed points used in the one’s complement. Thus, the average key generation time, excluding pre-computation time, of the proposed EW-MOF can be still shorter than that of the one’s complement. Shorter average key generation time implies consuming less power, which is important for wireless sensor networks that are battery-powered. The proposed EW-MOF can significantly reduce ECC key generation time and is suitable for wireless sensor networks.

That is, the proposed EW-MOF is more feasible than the one’s complement for wireless sensor networks in terms of key generation time and power saving.

6.2 Future work

The proposed EW-MOF can be applied to key exchange protocols, such as ECDH and ECDSA, for security and power saving of wireless sensor networks. In addition, we can apply the proposed EW-MOF to any wireless network that uses elliptic curve cryptography for reducing key generation time and power consumption.

Bibliography

[1] E. K. Wang and Yunming Ye, "An Efficient and Secure Key Establishment Scheme for Wireless Sensor Network," in Proc. Intelligent Information Technology and Security Informatics, pp. 511-516, Apr. 2010.

[2] W. Stallings, Cryptography and Network Security- Principles and Practices, 3rd Ed. NJ:

Prentice Hall, 2003.

[3] E. Karthikeyan and P. Balasubramaniam, "Improved Elliptic Curve Scalar Multiplication Algorithm," in Proc. IEEE International Conference on Information and Automation, pp.

254-257, Dec. 2006.

[4] P. G. Shah, Xu Huang, D. Sharma, "Algorithm Based on One's Complement for Fast Scalar Multiplication in ECC for Wireless Sensor Network," in Proc. IEEE 24th International Conference on Advanced Information Networking and Applications Workshops, pp. 571-576, Apr. 2010.

[5] V.S. Miller, "Use of Elliptic Curves in Cryptography," in Proceedings of Advances in Cryptology – CRYPTO '85, vol. 218: Springer-Verlag, pp. 417-426, 1986.

[6] N. Koblitz, "Elliptic Curve Cryptosystems," in Proceedings of Mathematics of Computation, vol. 48, pp. 203-209, 1987.

[7] NIST, DRAFT Special Publication 800-57, Recommendation for Key Management, Mar

2007, Available at

http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pd f.

[8] A.D. Booth, "A Signed Binary Multiplication Technique," in Journal of Applied Mathematics, vol. 4, pp. 236-240, 1951.

[9] F. Morain, J. Olivos, "Speeding Up the Computations on an Elliptic Curve Using

Addition–Subtraction Chains," in Proceedings of RAIRO Theoretical Informatics and Applications, vol. 24, pp. 531-543, 1990.

[10] K. Okeya, "Signed Binary Representations Revisited," in Proceedings of CRYPTO’04, pp. 123-139, 2004.

[11] P. Balasubramaniam and E. Karthikeyan, "Elliptic Curve Scalar Multiplication Algorithm Using Complementary Recoding," in Proceedings of Mathematics and Computation, Jan.2007.

[12] C.C. Chang, Y.T. Kuo, and C.H. Lin, "Fast Algorithms for Common Multiplicand Multiplication and Exponentiation by Performing Complements," in Proceeding of 17th International Conference on Advanced Information Networking and Applications, pp.

807-811, Mar. 2003.

[13] MIRACL, Multiprecision Integer and Rational Arithmetic C/C++ Library, Available at http://www.shamus.ie/.

[14] Basicrypt, Elliptic Curve Cryptography Benchmark Suite, Available at http://www.dii.unisi.it/~giorgi/basicrypt/.

[15] NIST, Digital Signature Standard FIPS PUB 186-3, Available at http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf, 2009.

[16] J. Lopez and R. Dahab, "An overview of elliptic curve cryptography," Technical Report, Institute of Computing, State University of Campinas, Brazil, May 2000.