Martin Collier

NanoECC: testing the limits of elliptic curve cryptography in sensor networks

By using Elliptic Curve Cryptography (ECC), it has been recently shown that Public-Key Cryptography (PKC) is indeed feasible on resource-constrained nodes. This feasibility, however, does not necessarily mean attractiveness, as the obtained results are still not satisfactory enough. In this paper, we present results on implementing ECC, as well as the related emerging field of Pairing-Based Cryptography (PBC), on two of the most popular sensor nodes. By doing that, we show that PKC is not only viable, but in fact attractive for WSNs. As far as we know pairing computations presented in this paper are the most efficient results on the MICA2 (8-bit/7.3828-MHz ATmega128L) and Tmote Sky (16-bit/8.192-MHz MSP-430) nodes.

On the application of pairing based cryptography to wireless sensor networks

Recent research results have shown that Elliptic Curve Cryptography (ECC) is feasible on resource constrained sensor nodes. In this work we demonstrate that the related but more complex primitives of Pairing Based Cryptography(PBC) are also well suited for sensor devices. We present the first in-depth study on the application and implementation of PBC to Wireless Sensor Networks (WSNs). Our implementations are all the fastest yet reported, and have been implemented across a range of WSN processors. On a system level we investigate the application of a simple non-interactive key exchange scheme that is particularly suitable for many WSN scenarios. We also present a novel variant of the key exchange protocol which can be useful in even more demanding applications, and which partially solves the problem of node compromise attacks.

On the Problem of Energy Efficiency of Multi-Hop vs One-Hop Routing in Wireless Sensor Networks

The hop distance strategy in wireless sensor networks (WSNs) has a major impact on energy consumption of each sensor mote. Long-hop routing minimizes reception cost. However, a substantial power demand is incurred for long distance transmission. Since the transceiver is the major source of power consumption in the node, optimizing the routing for hop length can extend significantly the lifetime of the network. This paper explores when multi-hop routing is more energy efficient than direct transmission to the sink and the conditions for which the two-hop strategy is optimal. Experimental evidence is provided in to support of these conclusions. The tests showed that the superiority of the multi-hop scheme depends on the source-sink distance and reception cost. They also demonstrated that the two- hop strategy is most energy efficient when the relay is at the midpoint of the total transmission radius. Our results may be used in existing routing protocols to select optimal relays or to determine whether it is better to send packets directly to the base station or through intermediate nodes.

Should QoS routing algorithms prefer shortest paths

Multimedia traffic and real-time e-commerce applications can experience quality degradation in traditional networks such as the Internet. These difficulties can be overcome in networks which feature dynamically set up paths with bandwidth and delay guarantees. The problem of selecting such constrained paths is the task of quality of service (QoS) routing. This paper considers link-state routing, and the choice of cost metric used to implement QoS routing. There are two schools of thought regarding the choice of link cost. It is commonly assumed that QoS routing algorithms should limit hop count so as to conserve resources for future connections. Others advocate load balancing mechanisms so as to increase overall network utilisation. This paper investigates which of these approaches gives the better performance. We show that there is no one general answer to this question. We also point out the dangers of drawing general conclusions about routing algorithm performance based on the study of only a limited set of network topologies.

The Green Abstraction Layer: A Standard Power-Management Interface for Next-Generation Network Devices

In telecommunications networks, distributed power management across heterogeneous hardware requires a standardized representation of each systems capabilities to decouple distributed high-level algorithms from hardware specifics. The Green Abstraction Layer (GAL) provides this interface between high-level algorithms and a lower level representing the hardware and physical resources that directly exert energy management and actions in a network.

Original Research Paper: Computationally secure self-healing key distribution with revocation in wireless ad hoc networks

This paper introduces a novel self-healing technique for key distribution with revocation and demonstrates how it improves the efficiency over the previous approaches while using the existing idea of secret sharing or revocation polynomial in designing self-healing key distribution schemes with revocation. Unlike the existing approaches, our self-healing mechanism does not need to send the history of revoked users and consequently enables better performance gain over the previous approaches in terms of storage, communication and computation complexity. We propose and analyze a generalized self-healing key distribution using a vector space access structure in order to reach more flexible performance of the scheme. We describe three efficient constructions for scalable self-healing key distribution with t-revocation capability. We provide a rigorous treatment of the security of our constructions in an appropriate security framework and show that they are computationally secure and achieve both forward and backward secrecy.

TinyIBE: Identity-based encryption for heterogeneous sensor networks

The area of security for Heterogeneous Sensor Networks (HSNs) is still an open research field that requires new cryptographic solutions. Recent results have demonstrated that Elliptic Curve Cryptography (ECC) and Pairing-Based Cryptography (PBC) are computationally feasible on sensor devices. This allows a wide range of novel security mechanisms, like Identity-Based Encryption (IBE), to be considered for Wireless Sensor Networks (WSNs). In this paper we present an efficient security bootstrapping mechanism for HSNs that uses IBE and exploits the enhanced capabilities of high-end cluster heads. Our asymmetric security scheme provides authenticated key distribution without using expensive certificates. It also achieves significant savings in communication overhead and in the number of keys stored on sensor devices. We also present TinyIBE, which is to our knowledge, the first implementation of a complete identity-based encryption scheme for sensor networks. Our evaluation results and comparison with the state of the art show that TinyIBE is a superior security scheme for HSNs which provides affordable public key cryptography without requiring hardware acceleration. With this work we prove that ID-based encryption is not only possible on sensor nodes but is an attractive security solution in this application space.

Path allocation in a three-stage broadband switch with intermediate channel grouping

A method for path allocation for use with three-stage ATM switches that feature multiple channels between the switch modules in adjacent stages is described. The method is suited to hardware implementation using parallelism to achieve a very short execution time. This allows path allocation to be performed anew in each time slot. A detailed description of the necessary hardware is presented. This hardware counts the number of cells requesting each output module, allocates a path through the intermediate stage of the switch to each cell, and generates a routing tag for each cell, indicating the path assigned to it.<<ETX>>

Transparent and scalable client-side server selection using Netlets

Replication of web content in the Internet has been found to improve service response time, performance and reliability offered by web services. When working with such distributed server systems, the location of servers with respect to client nodes is found to affect service response time perceived by clients in addition to server load conditions. This is due to the characteristics of the network path segments through which client requests get routed. Hence, a number of researchers have advocated making server selection decisions at the client-side of the network. In this paper, we present a transparent approach for client-side server selection in the Internet using Netlet services. Netlets are autonomous, nomadic mobile software components which persist and roam in the network independently, providing predefined network services. In this application, Netlet based services embedded with intelligence to support server selection are deployed by servers close to potential client communities to setup dynamic service decision points within the network. An anycast address is used to identify available distributed decision points in the network. Each service decision point transparently directs client requests to the best performing server based on its in-built intelligence supported by real-time measurements from probes sent by the Netlet to each server. It is shown that the resulting system provides a client-side server selection solution which is server-customisable, scalable and fault transparent.

A northbound interface for power management in next generation network devices

Recently, a number of approaches based on dynamic power management techniques have been proposed to reduce the energy consumption of telecommunication networks and devices. They are able to optimize the trade-off between network performance and energy requirements. It is possible to execute and extend these techniques to the whole network, by using local control policies together with energy-aware routing and traffic engineering. However, the lack of a standardized representation of the energy-aware capabilities of heterogeneous networking equipment makes their deployment confusing and impractical. To this aim, we have proposed a novel framework, the green abstraction layer (GAL), whose purpose is to define a multi-layered abstraction interface for the hardware and physical resources, where energy management actions are directly performed. Therefore, the GAL syntax can be exposed to the platform-independent logical representation commonly used in network control protocols. Given the internal architectural complexity and heterogeneity of many network devices, the GAL approach is based on a hierarchical decomposition, where each level provides an abstract and aggregated representation of internal components.