CHAPTER 4 SECURED MODEL USING RSA CRT -...
Transcript of CHAPTER 4 SECURED MODEL USING RSA CRT -...
86
CHAPTER 4
SECURED MODEL USING RSA – CRT
4.1 Secured Wireless Network using RSA Algorithm
The solution for critical issues due to the inherent limitations of
computational capacity, storage capacity and power usage, security in
Wireless Networks (WN) is focused on this chapter. Packets are dropped or
discarded completely, or selectively forwarded by an anonymous party, the
network is flooded with global suspicious broadcasts are the few kinds of
attacks are countered using multipath and authenticated broadcasts, which has
to be facilitated by the underlying key management architecture.
Key management only makes sure the communicating nodes
possess the necessary keys (Liang et al, 2011), at the same time protecting the
confidentiality, integrity and authenticity of the communicated data. In this
chapter, the analysis of existing methodology of the different security
approaches and various key management schemes available for authenticated
broadcast in the wireless mobile networks indicating their advantages,
drawbacks and weaknesses.
It is difficult to identify the suitable cryptography for WNs because
of its inherent limitations. Most previous schemes available for mobile
87
network security have used symmetric cryptography than asymmetric
cryptography as asymmetric keys are used for key generation. In this chapter,
a broader analysis of the well-known security issues in WNs is carried out and
the study of the various asymmetric key or public key algorithms which are
used for key distribution as well as encryption/decryption in ad hoc network
for authenticated message broadcast is taken into account.
Based on the analysis, this chapter further proposed a new method
which improves the performance of an existing RSA algorithm by using
Chinese Remainder Theorem (CRT) in decryption phase which reduces
computation time through Montgomery multiplication. The improved RSA
with CRT algorithm is proposed for efficient key management and
encryption/decryption of broadcast message authentication.
4.2 Introduction to Security Mechanism in Wireless Network
Security mechanisms in WN are developed in view of certain
constraints and are classified into two types. One is security needed for
operations and another is security of information. The objectives of these
securities are, first the network should continue its function even when some
of its components attacked and CIA of information should never be disclosed
respectively. In the second objective the information security can be achieved
with cryptography, the following two facts that influences and make it difficult
in achieving CIA in WNs because
As ad hoc nodes operate unattended, they are potentially accessible
to any malicious user.
88
Ad hoc nodes communicate through open medium.
4.2.1 Issues and challenges in WN security
The security in WNs is critical issue due to the inherent hardware
limitations and constraints:
Energy efficiency: The requirement for energy efficiency suggests
that in most cases, computation is favoured over communication, as
communication is three orders of magnitude more expensive than
computation (Wander, 2005). The requirement also suggests that
security should never be overdone. More computationally intensive
algorithms not used to incorporate security due to energy
considerations.
No public-key cryptography: Public-key algorithms remain
prohibitively expensive on mobile nodes in both terms of storage
and energy (Carman et al, 2000). No security schemes should rely
on public-key cryptography. However, it has been shown that
authentication and key exchange protocols using optimized
software implementations of public-key cryptography is very much
viable for smaller networks (Wander, 2005).
Physically tamper able: Since mobile nodes are low-cost hardware
that is not built with tamper-resistance in mind (Chan et al, 2003),
their strength has to lie in their number. Even if a few nodes go
down, the network survives (Yang et al, 2004). The network should
instead be resilient to attacks.
89
Multiple layers of defence: Security becomes an important concern
because attacks can occur in different layers of a networking stack.
Naturally, it is evident that a multiple layer of defence is required,
i.e. a separate defence (Yang et al, 2004) for each layer.
4.2.2 Security requirements
Availability: Since the wireless mobile networks are vulnerable to
various attacks, there is a risk of no availability of information. The
following facts will have an impact on the availability of
information.
i. If no energy exists, the data will not be available.
ii. Additional communication consumes more power and results
in conflict or interference.
iii. A single point failure in central scheme (e.g. Sink or
gateway) will greatly affect the availability.
Confidentiality: Confidentiality, integrity and authentication
security services are required to thwart the attacks from adversaries.
These security services are achieved by cryptographic primitives as
the building blocks. Confidentiality means that unauthorized third
parties are not authorized to access the information between two
communicating parties. Ad hoc network should not leak mobile
readings to its neighbours. In many applications, nodes
communicate highly sensitive data, e.g., key distribution; therefore
it is extremely important to build a secure channel in a wireless ad
hoc network.
90
Integrity and authenticity: Confidentiality only ensures that the
data are not accessible for reading by the third party, but it does not
guarantee that data is unaltered or unchanged. Integrity means the
message one receives is exactly what was sent and it was unaltered
by unauthorized third parties or damaged during transmission.
Wireless ad hoc networks are more vulnerable to eavesdropping and
message alteration. Measures for protecting integrity are needed to
detect message alteration and to reject the injected message.
Authentication: Authentication ensures that the contents of the
message have not been altered since in ad hoc network an adversary
can easily inject a message. It is essential that each node and base
station should verify the correctness of data and trusted sender.
Authentication for the broadcast message requires stronger trusted
assumptions on the network nodes. SPIN (Perigg et al, 2002) and
LEAP (Zhu and Lui, 2003).
Security Management: Issues like key distribution from base
station to nodes for establishing encryption and routing information
need the secure management.
Data freshness: Data freshness means that the data is recent and
any old data has not been replayed. Data freshness criteria are a
must in case of shared- key cryptography where the key needs to be
refreshed over a period of time. An attacker may replay an old
message to compromise the key.
Quality of service: Since the Wireless Ad hoc networks are having
many limitations, the objective of achieving QoS becomes more
91
difficult. Performance and quality in ad hoc networks involve timely
delivery of data to prevent the loss of critical data, accuracy.
Self organization: Due to the ad-hoc nature of WNs it should be
flexible, resilient, adaptive and corrective in regards to security
measures.
4.3 Analysis of Types of Threats and Attacks in WN
Security attacks in ad hoc networks can be broadly classified into
Passive attacks and Active attacks. Passive attacks are in the nature of
eavesdropping on, or monitoring of, transmissions. The motive of the attacker
is to obtain information that is being transmitted. Basically, this thesis mainly
looking at two types of protection: protection from Denial-of-Service (DoS)
attacks, and protection of the secrecy of information.
4.3.1 Physical Layer
DoS attacks on the physical layer are radio jamming. Well-known
countermeasures to radio jamming include adaptive antenna systems, spread
spectrum modulations, error correcting codes and cryptography.
4.3.2 Data Link Layer
The data link layer defines how the data are encoded and decoded,
how errors are detected and corrected, the addressing scheme as well as the
medium access scheme. According to results in link-layer jamming smart
92
jammers can take advantage of the data link layer to achieve energy-efficient
jamming. Thus link-layer jamming is more energy efficient for the attackers
as compared to radio-jamming in physical layer. TDMA protocols like LMAC
have better anti-jam properties.
4.3.3 Network Layer
The network layer “provides functional and procedural means to
exchange network service data units between two transport entities over a
network connection depending upon parameters such as latency or energy. It
provides transport entities with independence from routing and switching
considerations.”
Neglect: Packets are dropped or discarded completely, or
selectively forwarded by an anonymous party. This attack is
countered using multipath routing (Ganesan et al, 2002)
Flooding: The network is flooded with global suspicious
broadcasts. This attack is countered using authenticated broadcasts,
which has to be facilitated by the underlying key management
architecture.
Sybil attack/Misdirection/Homing: Some mobile nodes in the
network are misguided into believing that nodes that either are
multiple hops away, or that do not exist at all are their neighbours.
93
Wormholes: A considerable amount of the network traffic is
tunnelled from one place in the network to another distant place of
the network, depriving other parts of the network that under normal
circumstances would have received the traffic themselves. This is
called a wormhole attack. This tunnelling or retransmitting of bits
can be done selectively.
Black holes: In flooding based protocols, the attacker listens to
requests for routes then replies to the target nodes that it contains
the high quality or shortest path to the base station. Thus it attracts
a large portion of traffic and acts as a black hole in the network.
This is called a sink hole or black hole attack. This attack can be
facilitated by the wormhole attack.
Looping: Some routes form loops or detours. These attacks are
sophisticated forms of DoS attacks. Among these attacks, This
thesis ignores the last one because this is not a significant value for
the attackers in it - causing loops is not more efficient than just
dropping or discarding packets; causing detours is an inefficient
way of wasting the mobile node‟s energy.
Sybil, wormhole and sinkhole attacks require the attackers to
manipulate packets (Proano and Lazos, 2012). To prevent this, key
management architecture is required. In particular, Sybil attacks can be
countered using random key pre-distribution schemes, to be discussed later.
Against wormhole attacks and hence sinkhole attacks, so far there is no
resource-lean and energy-efficient countermeasure, i.e. with or without key
management, wormholes and sinkhole attacks are still an open issue.
94
Table 4.1 Different types of attacks and mode of defence in Network layer
of ad hoc network
Main
Security
Concern
Available Modes of defence Best optional
choice Mode Strength Weakness
Hello-
flooding Nil Nil Nil
Authenticated
Broadcast &
Efficient Key
management
Neglect
/discard Nil Nil Nil
Multipath
routing
Black holes
or sink hole
Key
Management
Schemes
Nil Nil REWARD
algorithm
Sybil
Radio-resource
testing, Random
Key pre-
distribution
Nil Nil
Key
management
Architecture
Wormholes TIK
Implements
Temporal
leashes
Requires
synchronize on
computational
expensive
TIK based upon
symmetric
cryptography
In general, the above strategy is not effective against wormhole and
sinkhole attacks, but the data link layer is easier to DoS attack than the
network layer, so if the security of the network is somewhat relaxed, then data
link layer should at least be made as resistant to DoS attacks as possible. In
ID-based routing, it is recommended to use (Hu and Perrig, 2004), an
95
improved version of Ariadne (Buttyan and Hubaux , 2003), because it is
probably more secure against an attacker with a single compromised key and a
single compromised node.
However, it does not support multipath routing. Furthermore, the
corresponding key management architecture has to support node-specific key
pre-distribution (i.e. every node has to share one key with every other node in
the network), in addition to authenticate broadcasts. These two issues, 1)
Multipath routing support and 2) Node specific key pre-distribution support
should be well analysed and a new efficient key management scheme to be
proposed.
Table 3.1 summarizes the different types of attacks in Network
layer and the mode of defence availability with their strength and weakness.
4.4. Analysis of Key Management Schemes
Key management is the process in which cryptographic keys are
generated, stored, protected, transferred, loaded, used, and destroyed. There
are four principal concerns in a key management framework are given below
and the major advantages and drawbacks of different key distribution and
management schemes are summarized in Table 3.2.
96
Table 4.2 Comparison of Various key management schemes in WNs
Key
Management
schemes
Advantage Drawback
Network Wide
Shared Key
A symmetric key is used by
every node.
An adversary can extract by
capturing a single node.
Master Key and
Link Keys
Every node is preconfigured
and loaded with a master key
and a set of link keys for each
communication link to
others.
Resilient to a single node
compromise attack, addition of new
node is not possible and the link
keys cannot be securely transmitted
over the network.
Public Key
Cryptography
Very good solution for key
management and distribution
in traditional WN.
The memory, energy and
processing constraints rule out the
possibility for using this scheme.
Preconfigured
Symmetric Keys
Every node in the network is
preconfigured with a set of
link keys
This is not scalable as every node
has to store n(n-1)/2 keys, where n
is the number of nodes. Needs large
space to store keys.
One way key
chain
Very efficient to verify since
it can compute one way
function only in milliseconds.
It would require a long time to
generate or verify the traditional
signature up to minutes.
Bootstrapping
Keys
Allows an on-demand key
generation for a secure
connection established
between the nodes.
Suffers from a single point of
failure as base station has to
maintain a database for the link
keys.
Random pre
distributed keys
Allows a node to be mobile
and countering Sybil attacks.
Yet to establish secure connections
with neighbours, although with
reduced connectivity.
97
Key deployment/pre-distribution: Method to find the number of
keys and methods required to distribute the keys before the nodes
are deployed.
Key Establishment: Establish the secure session between any pair
or group of mobile nodes or between node to cluster head and in
turn to base station.
Member/ Node Addition: Method for a node to be added to the
network such that it be able to establish secure sessions with
existing nodes in the network, while not being able to decipher past
traffic in the network.
Member / Node Deletion: Method for a node to be evicted from
the network such that it will not again be able to establish secure
sessions with any of the existing nodes in the network, and not be
able to decipher future traffic in the network.
4.4.1 Key Establishment
Establishment of keys in ad hoc networks can also be realized with
protocols where the nodes set up a shared secret key after deployment, either
through key transport or key agreement. The advantage of key agreement over
key transport is that no entity can predetermine the resulting key as it depends
on the input of all participants.
98
There are three types of general key agreement schemes:
i. Trusted-server schemes,
ii. Self-enforcing scheme, and
iii. Key pre-distribution scheme.
First the Trusted server scheme depends on a trusted server for key
agreement between nodes (e.g. Kerberos) is not suited for WNs because there
is no trusted infrastructure in WNs. Second, Self-enforcing scheme depends on
asymmetric cryptography using public key algorithms for key agreement
(Diffie-Hellman, RSA) which needs the high computation capability and
energy which limits its use. The third type is key pre-distribution scheme
where all keys are pre distributed to all mobile nodes prior to deployment.
In our proposed method takes the advantages of the public key
algorithm scheme and third key pre distribution scheme are combined together
to achieve an efficient key management scheme which will reduce the energy
consumption and communication overheads even with limited resources.
4.4.2 Various Keys used in ad hoc network
There are various communication patterns in ad hoc networks. The
following types of keys are used in WNs:
Network key: A key that is shared by all nodes in the network and
is used to encrypt and decrypt global messages. It cannot be used
for message authentication.
99
Cluster keys: A key shared by a cluster head node and its
neighbour nodes to encrypt and decrypt local broadcast messages.
It cannot be used for message authentication
Link keys: A key shared by two neighbour nodes (two mobile
nodes or mobile and base station) it provides protection for uni-cast
messages between neighbouring nodes. They can be used for
encryption, message authentication, and integrity protection. They
can also be used to set up other keys between neighbouring nodes (
e.g. Cluster keys)
Node keys: A key that is shared by the mobile node and the base
station. It is used to protect unicast messages exchanged between
the mobile node base stations that do not need in-networking
processing.
4.5 Proposed RSA-CRT Algorithm
It is difficult to identify the suitable cryptography for WNs because
of its inherent limitations in terms of energy, computational power and storage
capacity. Most previous schemes proposed for WNs security have used
symmetric cryptography (DES, AES, RC4) than asymmetric cryptography
(RSA, ELGAMAL, ECC) as asymmetric keys are used for key generation.
Table 4.3 is summarizes the advantages and disadvantages of a
symmetric over symmetric keys. In this thesis, an effort made to analysis
various asymmetric key algorithms ELGAMAL, RSA (Rivest Shamir
100
Adelman), Public Key Encryption (PKE), Public Key Cryptography (PKC),
Elliptic Curve Cryptography (ECC) which are used for key distribution as well
as encryption/decryption in ad hoc network for authenticated message
broadcast.
The analysis shows that RSA is better than ELGAMAL and PKE.
But comparing ECC the effort needed for RSA is rather too much and so ECC
is better than RSA for security in WNs. This thesis proposed a method to
enhance and improve the performance of RSA by applying Chinese
Remainder Theorem (CRT) in the decryption phase of RSA. This concept of
applying CRT in the decryption phase of RSA is utilized in Hardware fault
attacks and shows better performance.
Table 4.3 Comparison of symmetric and asymmetric keys
Symmetric Asymmetric
Single key approach WN need to store n-1
keys in mobile node for network size n.
Complicated one way key chain
Two key approach one public, one private
key. Also reduced key storage.
Large computations required more energy. Less computation, so less energy
Need key distribution. No need for n-1 key pre distribution. Since
Secrete key is private, inverse calculation
is not possible, so more secure.
Fixed key length. The variable key length provides data CIA,
and supports group key management
Complicated, needs key sharing No pairwise key sharing, More flexible and
simple interface suitable for WN
101
This concept has been tested in hardware like CPU, RAM, EPROM,
Smart card processors fault attacks and shows improvement in speed and
reduced computational time and space for the RSA cryptography algorithm.
The same concept of applying CRT in the decryption phase of RSA algorithm
used for message authentication in WN will give advantages over the methods
studied (ELGAMAL, RSA, PKE) with respect to energy, computation time,
storage space, speed of processing in turn reduces the communication
overheads.
RSA operations are modular exponentiations of large integers with
a typical size of 512 to 2048 bits. RSA encryption, generates a cipher text C
from a message M based on a modular exponentiation using equation 4.1 and
Decryption regenerates the message by computing using equation 4.2
C = Me mod n (4.1)
M = Cd
mod n (4.2)
Among the several techniques that are used to accelerate RSA [Ko
et al, 1994]. In this thesis, specifically focused on those applicable under the
constraints of mobile nodes.
The RSA private-key operations, namely decryption and signature
generation, can be accelerated using the Chinese Remainder Theorem (CRT).
RSA chooses the modulus n as the product of two primes p and q, where p and
q are on the order of √n (e.g. for a 1024-bit n, p and q are on average 512 bits
long).
102
Using the CRT, a modular exponentiation for decryption is using
equation 4.3 can be decomposed into two modular exponentiations are
showing in the equations 4.4 and 4.5
M = Cd
mod n (4.3)
M1 = C1d1
modp (4.4)
And M2 = C2d2
mod q, (4.5)
The message (M) in the existing RSA is one word in the length of
actual message; it is divided in the proposed method as M1 and M2 in the
word length of half of the actual message. In order to test the performance, the
proposed method further divides the M into four pattern of each M/4 size, i.e.
M1 to M4 and then into eight pattern of each M/8 size, i.e. M1 to M8, the
result of the various proposed key pattern and the subsequence performance is
represented in the table 3.4 to 3.12.
In which, when the number of sub-division is increased then there
are many advantages like better storage complexity and optimal energy
efficiency, also there are few pit-falls like time consumption and key
management. In order to optimize better performance in all aspects like
storage complexity, energy consumption, time complexity, and key
management, a trade off condition is required. Therefore, the number of sub-
division of M is fixed as 2, of size M/2 which is [log2(n)]/2; modular
multiplications can be computed in roughly 1/4 of the time as m-bit modular
103
multiplications. Thus the CRT reduces computation time through Montgomery
multiplication by nearly 3/4 resulting in up to a 4x speedup.
4.6 Result and Performance Analysis
The proposed RSA-CRT is implemented in the network simulator
(NS2), and the performance of proposed algorithm is compared with existing
algorithm. The configuration of internal mobile and data sheet of mobile node
which used in our simulation environment are given here under.
The orientation range of the internal mobile is 360°; accelerometer
range is ± 5; A/D resolution is 16bits; orientation accuracy is ± 0.5°in static
mode and ± 2.0° in dynamic mode. The output modes are acceleration, angular
rate, magnetic field, Euler angles and clock info. The mobile node has
standard (USB and RS232) interface and the supply voltage are 16 to 32V.
The weight of the mobile is 23 gram which will operate in the -40°C to +65°
C.
The result of performance comparison based on storage space
requirement, energy consumption and time consumption are listed in the table
4.4, 4.5 and 4.6. The performance of proposed algorithm and the comparison
with existing algorithm are also shown in figure 4.3 to 4.6. In table 4.4, the
storage space requirements of existing and proposed methodologies are
shown.
104
The ELGAMAL is using large control packets whereas the PKC is
using lesser control packets. To improve the authentication, RSA is better than
ELGAMAL and PKC. But the control packet size is higher than PKC. The
proposed methodology is using RSA for encryption and CRT for decryption.
Therefore the size of the control packet and number of key requirement are
reduced in the proposed RSA-CRT.
Table 4.4 Storage Space Required (in MB) in ‘M/2’ pattern
No of Nodes ELGAMAL RSA PKC Proposed
20 0.30 0.20 0.10 0.15
40 0.39 0.26 0.13 0.20
60 0.51 0.34 0.17 0.25
80 0.63 0.42 0.21 0.32
100 0.79 0.53 0.26 0.40
120 0.99 0.66 0.33 0.50
140 1.19 0.79 0.40 0.59
160 1.43 0.95 0.48 0.71
180 1.71 1.14 0.57 0.86
200 1.88 1.25 0.63 0.94
105
Table 4.5 Time Consumption (in ms) in ‘M/2’ pattern
The scalability of the proposed algorithm also proved using
experimental result which is shown in the table 4.5; in all existing methods,
the time consumption of the concern method is increased much more when
number of nodes incremented, whereas in the proposed system it is less than a
minutes.
If the time consumption of the algorithm increases more than a
second, then it may be treated as data lost or sleep mode. Therefore in the
ELGAMAL, more than 200nodes is not wise architecture; in the PKC, more
than 890nodes is not wise architecture; in the RSA, more than 1200nodes is
not wise architecture; but in the proposed method, more than 2000 nodes is
supported without any loss.
No of Nodes ELGAMAL RSA PKC Proposed
200 1120 273.8 412.3 102.7
400 1321.60 350.46 527.74 126.32
600 1559.49 448.59 675.51 155.37
800 1840.20 574.20 864.66 191.11
1000 2355.45 734.98 1106.76 235.07
1200 3014.98 940.77 1416.65 289.13
1400 3859.17 1204.19 1813.31 355.63
1600 5132.70 1541.36 2321.04 437.43
1800 6826.49 1972.94 2970.93 538.04
2000 9079.23 2525.36 3802.80 661.78
106
Table 4.6 Time Consumption for Key Exchange in client and server side
(in bits) in ‘M/2’ pattern
Key
Size (in
bits)
Time Consumption for Key
Exchange in Server
Time Consumption for Key Exchange
in Client
ELGAMAL RSA PKC Proposed ELGAMAL RSA PKC Proposed
160 3 3 4 3 1.32 1.23 1.78 1.11
256 9 7 11 8 4.80 4.30 5.20 4.06
512 17 16 18 15 8.28 7.37 8.62 7.01
1024 26 22 28 19 11.76 10.44 12.04 9.96
2048 161 166 178 122 15.24 13.51 15.46 12.91
Table 4.7 Storage Space Required (in MB) in ‘M/4’ pattern
No of Nodes ELGAMAL RSA PKC Proposed
20 0.24 0.16 0.08 0.12
40 0.31 0.21 0.10 0.16
60 0.40 0.27 0.13 0.20
80 0.50 0.33 0.17 0.25
100 0.62 0.42 0.21 0.32
120 0.78 0.52 0.26 0.39
140 0.94 0.62 0.32 0.47
160 1.13 0.75 0.38 0.56
180 1.35 0.90 0.45 0.68
200 1.48 0.99 0.50 0.74
107
Table 4.8 Time Consumption (in ms) in ‘M/4’ pattern
Table 4.9 Storage Space Required (in MB) in ‘M/8’ pattern
No of Nodes ELGAMAL RSA PKC Proposed
200 1251 306 460 115
400 1476 391 589 141
600 1742 501 754 174
800 2055 641 966 213
1000 2631 821 1236 263
1200 3367 1051 1582 323
1400 4310 1345 2025 397
1600 5733 1722 2592 489
1800 7624 2204 3318 601
2000 10141 2821 4247 739
No of Nodes ELGAMAL RSA PKC Proposed
20 0.23 0.15 0.08 0.12
40 0.30 0.20 0.10 0.15
60 0.39 0.26 0.13 0.19
80 0.48 0.32 0.16 0.25
100 0.61 0.41 0.20 0.31
120 0.76 0.51 0.25 0.38
140 0.91 0.61 0.31 0.45
160 1.10 0.73 0.37 0.55
180 1.31 0.88 0.44 0.66
200 1.45 0.96 0.48 0.72
108
Table 4.10 Time Consumption (in ms) in ‘M/8’ pattern
Figure 4.3. Comparison of Storage Space Requirement between
(ELGAMAL, RSA, PKC) vs Proposed System
No of Nodes ELGAMAL RSA PKC Proposed
200 1397 342 514 128
400 1649 437 658 158
600 1945 560 843 194
800 2296 716 1079 238
1000 2938 917 1381 293
1200 3761 1174 1767 361
1400 4814 1502 2262 444
1600 6403 1923 2895 546
1800 8516 2461 3706 671
2000 11326 3150 4744 826
109
Figure 4.4. Comparison of Energy Consumption between
(ELGAMAL, RSA, PKC) vs Proposed System
Figure 4.5 Comparison of Time Consumption for key exchange in
server side between (ELGAMAL, RSA, PKC) vs Proposed System
110
Figure 4.6 Comparison of Time Consumption for key exchange in client
side between (ELGAMAL, RSA, PKC) vs Proposed System in bits
Figure 4.7 Storage Requirement of Proposed System with exponential
trend line in MB
4.7 Conclusion
WN security is a very important issue motivated towards ensuring
security under strict constraints. While analyzing the various attacks in the
111
network layer of WNs there are two issues multi path routing support and
node specific key pre-distribution support is taken in consideration in this
thesis. These are the two possible countermeasures identified for the attacks
like Neglect, Hallo-flooding, Sybil attack in the network layer of WNs and a
new key management scheme need to be implemented.
In this view, this thesis proposed a new, efficient key management
scheme RSA-CRT algorithm to support both multi path and node specific key
pre-distribution for authentication of message broadcast on Wireless Networks
(WNs). The proposed method takes the advantages of the self-enforcing
scheme ie., public key algorithm and key pre distribution scheme and are
combined together to further improve the key management scheme which will
reduce the energy consumption and communication overheads even with
limited resources than a popular key management scheme for WNs.
Further, the proposed algorithm RSA-CRT enhances the
performance of RSA, which can be used for the encryption (RSA) and
decryption (CRT) for authenticated message broadcast on wireless ad hoc
networks along with key pre distribution.
The simulated results and the output graphs indicate that our
proposed RSA-CRT algorithm compared with the existing algorithms shows
better performance, scalability and reduced communications overheads.