... derives the accumulated data. )'( )',( z. Dz pc. = Fig.1 illustrates the approach. ... of CH. Average Energy. Usage %. DA. SDA. Average Energy w/o min/max %.
Problem Area Identification with Secure Data Aggregation in Wireless Sensor Networks Paresh Solanki, Gaurang Raval, and Srikant Pradhan Institute of Technology, Nirma University, Ahmedabad, Gujarat, India {08mce018,gaurang.raval,snpradhan}@nirmauni.ac.in http://nirmauni.ac.in/it/
Abstract. The primary use of wireless sensor networks (WSNs) is to collect and process data. Most of the energy consumption is due to data transmission. Because of the unique properties of WSNs all raw data samples are not directly sent to the sink node instead data aggregation is preferred. Since sensor nodes are deployed in an open environment such as a battlefield or similar applications, data confidentiality and integrity are vital issues in such conditions, hence secure aggregation is required. End to end secure aggregation is less demanding compared to hop by hop secure aggregation so former is superior. When aggregation is performed on data, crucial information is lost which may be indicating alarming situation. This paper presents an idea to reduce the amount of information transmitted with retention of critical data so that the problem area could be identified. Privacy Homomorphism(PH) preserves the data characteristics even in the encrypted form. This paper is based on the PH technique which provides secure data aggregation without significant loss of individuality of data.
Keywords: Data aggregation, convergecast, security, wireless sensor networks
1 Introduction In wireless sensor networks, sensor nodes collect data from hostile environment and send it to sink node where it is processed, analyzed and used by the application. In these resource constrained networks, the general approach is to send the data jointly which is generated by different sensor nodes. While being forwarded towards the base station such in-network processing of data is known as data aggregation. When base station queries to the network, all nodes do not send their data to sink node directly but aggregator node collects data and responds to sink node. Data aggregation reduces the number of data transmissions thereby improving the bandwidth and energy utilization in the network but results in loss of individuality of reading which could be of important use. Because of peculiar characteristics of sensor network, security on data aggregation [2] is most crucial. There is a strong conflict between security and data aggregation protocols. Security protocols require sensor nodes to encrypt and authenticate any sensed data prior to its transmission and prefer data to be decrypted by the base station. On the other hand, data aggregation protocols prefer plain data to
implement data aggregation at every intermediate node so that energy efficiency is maximized. Moreover, a data aggregation result in alterations in sensor data and therefore it is a challenging task to provide source and data authentication along with data aggregation. Due to these conflicting goals, data aggregation and security protocols must be designed together so that data aggregation can be performed without sacrificing security and individuality of data. This paper is based on secure data aggregation using cluster based approach for problem area identification. In the implementation Jist/SWANS simulator [10][11] was used. The basic code of heartbeat application was modified to implement the clustering strategy with dynamic selection of clusters. The energy model [13] was hooked in to the simulator. Separate application was developed for both plain aggregation and secure aggregation with PH method integration. Specific reason of selecting PH method is its ability to preserve individuality of data after encryption. It was assumed that nodes are aware of their location. Jist/SWANS significantly outperform ns2 and GloMoSim, both in time and space [12].
2 Related Works In wireless sensor network, there are so many challenges like how to improve lifetime of network, how to provide robustness to network and security issues. WSNs collect the data from sensor nodes, process it and send it to the base station. 70% [2] of energy consumption is due to data transmission. It is widely accepted that the energy consumed in one bit of data transfer can be used to perform a large number of arithmetic operations in the sensor processor. Moreover in a densely deployed sensor network the physical environment would produce very similar data in close-by sensor nodes and transmitting such data is more or less redundant. Therefore, all these facts trigger the concept of grouping of nodes such that data from a group can be combined together in an intelligent way and transmit only compact data. This process of grouping of sensor nodes in a densely deployed large-scale sensor network is known as clustering. One major goal of clustering is to allow in network pre-processing, assuming that cluster heads collect multiple data packets and relay only one aggregated packet [1]. To reduce the latency present in the tree-based aggregation, recent trend is to group sensor nodes into clusters so that data is aggregated with improved efficiency and low latency. Attackers may capture secret data as sensor network deployments are vulnerable, so secure aggregation is required. By using traditional symmetric key cryptography algorithms, it is not possible to achieve end-to-end confidentiality and in-network data aggregation together. If the application of symmetric key based cryptography algorithms is combined with data aggregation, then the messages must be encrypted hop-by-hop. Clearly, this is not an energy efficient way of performing secure data aggregation and it may result in considerable delay. Secondly due to resource constraints of sensor nodes, symmetric key cryptography is preferable over asymmetric key cryptography [4]. In addition, this process requires neighboring data aggregators to share secret keys for decryption and encryption. Hop by hop secure data aggregation is highly resource consuming because data aggregator nodes first decrypt the data then aggregate it and again encrypt it. So end to end secure encrypted
data aggregation is preferred because aggregation process is done on encrypted data[3][5]. In order to achieve end-to-end data confidentiality and data aggregation together without requiring secret key sharing among data aggregators, PH based cryptography becomes obvious choice. Sensor nodes share a common symmetric key with the base station that is kept hidden from intermediate aggregators. Currently different schemes are available for end to end secure encrypted data aggregation but needs some more attention. Few enhancements cannot be ruled out in existing secure data aggregation methods to solve the issue of problem area identification.
3 Secure Data Aggregation Aggregated WSNs provide better power conservation and efficient use of communication channels but also introduce additional security concerns. Most existing schemes for data aggregation are subject to attack. Because of this, the need for secure data aggregation is raised and its importance needs to be highlighted [6]. Hop-by-hop secure data aggregation increases the computational demand at the inner nodes (aggregator) a lot though they are the most important ones and should save on energy as much as possible. Thus it would be desirable to process data without having to decrypt it while preserving the content. The aggregating node does not necessarily need to interpret the data; it only has to be able to work with it. A concept which meets the above requirements is called Privacy Homomorphism and has been introduced by Rivest, Adelman and Dertouzos. This PH method is used in end-to-end secure data aggregation. 3.1 Privacy Homomorphism PH is an encryption function which allows operations like additions or multiplications on the encrypted data. The result will yield an encrypted codeword which is similar to the codeword that would be obtained by applying the operation on the cleartext first and encrypting the result afterwards. Additions or multiplications are of particular interest in this context. An instance of such method was suggested by Domingo-Ferrer in a provably secure additive and multiplicative privacy homomorphism. PH is an encryption transformation that allows direct computation on encrypted data [7][8][9]. It is a symmetric encryption scheme which uses the same key for encryption and decryption. Let Q and R denote two rings, + denote addition and x denote multiplication on both. Let K be the keyspace. Following is the encryption transformation E: K x Q -> R and the corresponding decryption transformation is D : K x R -> Q. Given a, b є Q and k є K we term additively homomorphic and multiplicatively homomorphic. a + b = Dk (Ek (a) + Ek (b))
(1)
a * b = Dk (Ek (a) * Ek (b))
(2)
RSA is a multiplicative PH, while Domingo-Ferrer presented an additive and multiplicative PH which is a symmetric scheme and secures against chosen cipher text attacks. Asymmetric PH is not acceptable in the context of WSNs due to execution times.
4 Implementation of Secure Data Aggregation The algorithm requires the same secret key for encryption and decryption. The aggregation is performed with a key that can be publicly known, i.e., the aggregator nodes do not need to decrypt the encrypted messages. However, it is required that the same secret key is applied on every node in the network that needs to encrypt data. For very secure parameter combinations (d > 100), the messages become very big. However, with reasonable parameters it also fits the needs of constrained devices. Parameter settings, encryption and decryption algorithm process is shown below: Parameter Settings: 1. A large integer p which holds the following two properties: (a) It should consist of a large number of divisors. p simply is a product of integers with repeatedly multiplying prime numbers. (b) The large p should be chosen such that many integers c can be found for which an cinv exists so that c x cinv mod p = 1 where c
