Resarches

Acknowledge Enabled Secure Algorithm for Dynamically Updating Programs Installed in Wireless Sensor Nodes

International Journal of Computer Science and Telecommunications [Volume 4, Issue 9, September 2013] 29


                       Vishwa Pratap Singh, Kishore Mishra, Jay Shankar Sharma and Ankit shirivastava
                                         Indian Institute of Information Technology, Gwalior, India
                               Apex Institute of Engineering and Technology, Jaipur, Rajasthan, India
Vishwa.iiit@gmail.com,Kmishra16@gmail.com,jay.maharasi@yahoo.com,shirivastava20109@gmail.com

Abstract– There are several programs installed in wireless sensor nodes, time to time these programs need to update in secure manner, such that any unauthorized person could not update the programs. Sensor nodes have several constraints so we cannot use conventional cryptographic algorithms. In this paper we have proposed an algorithm for updating programs installed in wireless sensor nodes in secure manner. We have used distributed key approach and ECC. We have eliminated the shortcoming, “one sided communication between sensor nodes and base station”, present in algorithm from paper secure dynamic program update protocol for ZigBee using ECC by Vishwa Pratap Singh and Ashwini Saini and other weakness in a Dynamic Program Update Protocol for Wireless Sensor Networks by Peng Zeng, Zhenfu Cao, Kim-Kwang Raymond Choo, and Shengba Wang in IEEE transactions.
Index Terms– Wireless Sensor Networks, ZigBee, ECC and Distributed Key Approach

________________________________________________________________

Secure Dynamic Program Update Protocol for ZigBee Using ECC

Vishwa pratap singh 

Indian Institute of Information Technology and Management Gwalior, M.P., India Email:vishwa.iiit@gmail.com

Published In : International Journal of Engineering Research & Technology (IJERT), Malaysia  ISSN: 2278-0181  Vol. 1 Issue 5, August - 2012

Abstract— Wireless sensor networks are very low power network, comprises of several sensor nodes have low computational power and very limited storage. The nodes employed in hostile environment and generally unattended, they can be easily compromised and keys stored in nodes can be retrieved. We have proposed a new secure low power consumption scheme, dynamic program updates protocol for ZigBee using ECC on compromised sensor nodes. We have also identified the shortcoming in paper -Security Weakness in a Dynamic Program Update Protocol for Wireless Sensor Networks by Peng Zeng, Zhenfu Cao,Kim-Kwang Raymond Choo, and ShengbaoWang . We eliminate their shortcomings in our paper.

 

                                                                                                                                                                     I.   Introduction

Low power sensor networks[1] comprised of several distributed sensor nodes, which have very low computation power ,very less memory and run on battery .Sensor nodes are deployed in an area to monitor several environmental phenomena like humidity, temperate, pressure ,vibrations, light and physical Phenomena like pollutant gases, motion of certain size items etc .IEEE 802.15.4[2] is the basis for ZigBee and specifies the protocol and compatible interconnection for data communication devices using low-data-rate, low-power and low complexity, short-range radio frequency (RF) transmissions in a wireless personal area network (WPAN).ZigBee[3] is a suite of high level communication protocols for connecting small, low power digital radios, wide variety of low power sensor nodes and regulated by Zigbee Alliance.

ZigBee nodes are spread in wide area and have certain programs Installed in them. Nodes work according to the installed programs. Time to time programs installed in sensor nodes need to be updated , new security patches have to install according to our need ,as nodes are spread in wide area and thousands in number so it is very time consuming and tedious task to update each node manually. Nodes are deployed in hostile and harsh environment and mostly remain unattended and susceptible to many security threats. Data from the sensor nodes can be easily retrieved. Updating programs present in nodes dynamically is a major concern. ZigBee comes in two flavors ZigBee and ZigBee Pro, ZigBee pro is more secured version. ZigBee Pro[4] uses public and private key cryptography and define three types of keys[9] , link key, master key and network key. Whole of security depends on these three keys .If attacker get successful in capturing the node and retrieved all keys from that node; whole of the security architecture will fail. We cannot use public and   private key cryptography based on keys in dynamic program updating as nodes can be easily captured and cryptographic keys present in sensor nodes can be easily retrieved. We are proposing scheme based on ECC[7] to update program in captured ZigBee node dynamically. Our scheme updates ZigBee nodes unlimited number of times without concerning about cryptographic keys. In recent years many algorithm for dynamic updating have been proposed and mostly are based on public and private key cryptography and digital signature[10]. But if node gets compromised and attacker is able to retrieved cryptographic keys, whole of the scenario will fail.

 

                                                                                                                                                                    I.   RELATED WORK

In 2008 Das and Joshi[5] present protocols for dynamically updating sensor nodes using orthogonality[8] principle but there are  many flaws in their algorithm. All security in their algorithm depends on the parameter old needs to be reinstalled on all sensor nodes before deploying them in the field, and old must be dynamically updated by all sensor nodes whenever they accept a correct advertisement message. Thus, old acts as a dynamic secret key shared by the base station and all sensor nodes in the Das-Joshi scheme. This is, however, a design flaw as if attacker is able to compromised WSN node and get old. Attacker can successfully impersonate the base station to broadcast its own update[4].

To overcome security flaws in Das and Joshi scheme, Peng Zeng,Zhenfu Cao [6] had proposed a new algorithm based on orthogonality principle. Their scheme able to update WSN node in secure manner on compromised WSN node, Their scheme have two weaknesses first is limited number updates. They have taken Euclidean space V of dimension n and, after a singular value decomposition analysis, decompose V into two orthogonal subspaces V1 of dimension k and V2 of dimension n-k. The base station randomly selects an orthogonal basis of V1,  O1,O2, E  ,O ,k, and a vector Ci  ,V2 for each sensor node i. The orthonormal basis is known only to the base station. The vector Ci are installed node i before deploying it in the field. The numbers of updates are depending on the subspaces V1 . V1 is calculated using K, the number of updates is limited to K only. After K updates node have to be manually configured to update WSN node in secure manner. Second weakness is in acknowledgement. There is only one way communication. Server will never know about node is securely updated or not.

                                                  THE  PROPOSED SCHEME

In this section we present our proposed scheme to removes the weaknesses present in previous schemes. Our scheme has two phases. In setup phase all calculation and installation programs done before deploying ZigBee node in the field. In Dynamic updating phase base station sends the update to all ZigBee nodes. Zigbee nodes get the update, authenticate it and update program installed in it.

TABEL 1

NOTATION USED IN PROPOSED SCEME

*                additive multiplication of points over elliptic curve h                one way hash function M              program Madv(j)         advertisement send by base station Xpid           program  id Xver           program version tj                      time of sending advertisement j               advertisement number

A.    Assumptions

·             All ZigBee nodes are full function device, which is able to send and receive data.

·         Base station is fully secured and has very high computation power and large storage.

·         Attacker can get the data stored in the node but cannot change the stored data in Zigbee node.

B.    Setup Phase

Before deploying the ZigBee node in the field we have to install a_{1 ,} b₁ and hash function  in the ZigBee node. First of all we install hash function in the node then carry out following steps on base station to calculate a_{1 ,} b_1.

Step 1: Base station chooses an elliptic curve over GF(2ⁿ) with n should be very large.

Step 2: Base station choose a point e₁(x₁, y₁) on chosen elliptic curve.  

Step 3: Base station choose a random number d (using pseudo random number generator).

Step 4: Base station calculate hash of d to get D₁ using SHA.

Step 5: Base station calculate

                           e₂(x₂, y₂) = D₁∗e₁(x₁, y₁)

Multiplication above is multiple additions of points in GF (2ⁿ)[11]

Step 6: Let consider points

                                    e₁(x₁, y₁) as a₁

                                    e₂(x₂, y₂) as b₁

Step 7: Install a_{1 ,} b₁ in the Zigbee node.

Step 8: Deploy the ZigBee node in the field.

A.    Dynamic node update phase

     When base station want to send update to Zigbee node, following steps are carried out at server side.

Step 1: Base station calculates e₃(x₃, y₃), e₄(x₄, y₄) and   D₂  in

same manner as setup phase.

Step 2: Base station calculate hash of

                        ( j , t_j , M, X^pid , X^ver  , D₁ ,b₂,a₂)

Step 3: Base station keep D2 to itself and send update

                       M^adv(j)     to  all nodes.

  M^adv(j) =[( j , t_j , M, X^pid , X^ver  , D₁ ,b₂,a₂), h( j , t_j , M, X^pid , X^ver   , D₁ ,b₂,a₂)]

At node side

ZigBee node receive the adv M^adv(j)  and carry out following steps.

Step 1: Node calculate hash of

                     ( j , t_j , M, X^pid , X^ver  , D₁ ,b₂,a₂)

using hash function installed in r node and

compare with hash

                     h( j , t_j , M, X^pid , X^ver  , D₁ ,b₂,a₂)

stored in M^adv(j) to check the integrity of the M^adv(j). If the calculated hash is equal to the stored hash move to second

step, otherwise discard the M^adv(j).

Step 2: Validate tj with the local current time Clock. If the inequations

| Clock − tj | < △t

Holds, then proceed to next step, else reject the message. Here  △t denotes the time of the expected network delay which can be estimated according to different applications.

Step 3: Calculate b₁ using the a₁ preinstalled in node and

D₁ extracted from the M^adv(j) ,

                            b₁ = e₂(x₂, y₂) =D₁* e₁(x₁, y₁)

If calculated b₁ is equal to the installed b₁ in node move to

next step otherwise discard advertisement.

Step 4: Install the program M in the node and replace the new

a₂ and b₂ with  preinstalled a₁, b₁ in the node.

Step 5: Reply the base station with J, X^pid , X^ver.

                                                                                                                            SECURITY ANALYSIS 

  Update Authentication 

     Security in scheme lies in calculating D1 with known a1 and b1. Attacker can retrieve a1  and b1 from Zigbee node.Attacker must have to find a multiplier(D1) that creates b1 starting from point a1.Calculating D1 is an elliptic curve discrete logarithmic problem[12]. This problem can only be solved by Polard rho algorithm,which is infeasible if n and D in GF(2ⁿ) is large.Proposed scheme authenticate update with D installed in it,and if attacker is not able to find D in any mean then our scheme is secure.

Replay attack

      For each update scheme replace  an+1 and bn+1 with an, bn and changing  D attacker never able to replay  previous updates.

Update delay attack

       ZigBee node calculate time delay    using

            | Clock − tj | < △t

if the delay is more than  △t ZigBee node discard the update. 

Unlimited Number of Updates

 ZigBee nodes can be updated unlimited number of times as for each update base station calculate new a, b and D. a , b and D can be calculated any number of times.

                                                                                                                                           CONCLUSION

      We have removed the one weakness present in [6] as only limited numbers of updates are possible. We have presented a scheme which is able to update ZigBee node unlimited number of times in unsecured environment and restricted WSN. Secured acknowledgements of update by ZigBee node remain as future work.

References 

[1]  F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "A survey on sensor networks", IEEE Communications Magazine, vol.40, no.8, pp. 102-114, August 2002.

[2]   Gutierrez, J.A. and Naeve, M. and Callaway, E. and Bourgeois, M. and Mitter, V. and Heile, B, “IEEE 802.15. 4: a developing standard for low-power low-cost wireless personal area networks,” Network, IEEE, vol. 15,no.15, pp.12–19,2001.

[3]    IEEE Standard for Information Technology - Telecommunications     and  Information Exchange Between Systems - Local and Metropolitan Area Networks - Specific Requirement Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (WPANs) IEEE Std 802.15.4a-2007 (Amendment to IEEE Std 802.15.4-2006).pp1-203,2007

[4] Radmand, P. and Domingo, M. and Singh, J. and Arnedo, J. and Talevski, A. and Petersen, S. and Carlsen, S., “ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys,” P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2010 International Conference on,pp.465-470,2010.

[5] Manik Lal Das and Aakash Joshi’’ Dynamic Program Update in Wireless Sensor Networks Using Orthogonality Principle’’ in IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 6, pp 478-481,2008..

[6]  Peng Zeng, Zhenfu Cao, Kim-Kwang Raymond Choo, and Shengbao Wang’’ Security Weakness in a Dynamic Program Update Protocol for Wireless Sensor Networks’’ IEEE COMMUNICATIONS LETTERS, VOL. 13, NO. 6, JUNE 2009.

[7]     8.Vanstone, S.A. ; Zuccherato, R.J. “Elliptic curve cryptosystems using curves of smooth order over the ring Zn’’ Information Theory , IEEE Transactions on july 1997,page number 1231-1237,1997.

[8]    Sayed  , A.”orthogonality principle "Book Adaptive filters press ,Wiley IEEE press page number 67-77.

[9 ]  ZigBee, PRO,” Specification, 2007”, San Ramon, California: ZigBee Alliance (October 2007),2007.

[10]   S. Lee, H. Kim, and K. Chung, “Hash-based secure sensor network programming method without public key cryptography,” in Proc. the

Workshop on World-Sensor-Web at International Conference on Embedded Networked Sensor Systems, 2006.

[11]  Deschamps, J.-P. and Sutter, G..,” Elliptic-Curve Point-Multiplication over GF(2¹⁶³),” Programmable Logic, 2008 4th Southern Conference on.pp.25-30,march 2008.

[12]  Smart, N.P.,” The discrete logarithm problem on elliptic curves of trace one,” Journal of cryptology,vol.12.no.3.pp.193-196,1999.

  
_______________________________________________________________________________

Advanced Secure Bluetooth Communication Protocol   

Vishwa Pratap Singh¹, Divya Pal Singh², D. Bharath kumar³  

 ABV Indian Institute of Information Technology and Management Gwalior, India 

Published In: International Journal of Computer science and Information Technology, 2011 

ABSTRACT-Algorithm is proposed to transfer data more securely   along Bluetooth channel. To transfer data   confidentially     between paired devices a 128-bit stream cipher algorithm E0 is used in Bluetooth communication .E0 is vulnerable to certain types of security attacks. Vulnerabilities present in E0 and conditions are discussed. Proposed algorithm use AES for data encryption, which can be used as block cipher [E0 works in stream ciphering mode].The keys used in AES is encrypted using elliptic curve cryptography [ECC], most secure and fast algorithm use small size keys. It is almost unfeasible to attempt a brute force attack to break the cryptosystem using ECC.                                                     

Keywords -AES; EC, Bluetooth, E0;

I. INTRODUCTION

Bluetooth technology is short range, low power wireless communication technology. Bluetooth is designed to replace cables via wireless communication. Bluetooth is able to communicate in short range of 30m and with a decent data rate of about 1mbps.Bluetooth is mainly used for  communication between mobile devices and also in application we need small data rate and consume low power, Now a days Bluetooth is also used in wireless sensor networks due to its low power consumption property.

In section II is about Bluetooth technology pairing and encryption algorithms. Section III we discussed about vulnerabilities in present algorithm and section IV discussed proposed algorithm and comparative study.

 Bluetooth is an open standard for short-range radio frequency (RF) communication. Bluetooth technology is generally used to transfer data, establish connection in peer to peer [p2p] networks .Bluetooth technology has been integrated to many devices but mainly in mobile terminals like laptops, palmtops and mobile phones. This allows users to form ad hoc networks, Piconets between a wide variety of devices to transfer voice and data. Bluetooth technology and associated devices are susceptible to general wireless networking threats, such

 

as denial of service attacks, eavesdropping, man-in-the-Middle attacks, message modification, and resource misappropriation. Attacks against improperly secured Bluetooth implementations can provide attackers with unauthorized access to sensitive information and unauthorized usage of Bluetooth devices and other systems or networks to which the devices are connected. The Bluetooth technology use a stream cipher E0, E0 is vulnerable to certain types of attacks and some cases cracked by 0(2⁶⁴).In those application where data confidentiality is most important E0 is not a good option. In E0 a key stream output is exclusively or-ed with payload bits and sent to the receiving device. This key stream is produced using a cryptographic algorithm based on linear feedback shift registers (LFSR) The encryption function takes the following as inputs: the master identity (device address), the 128-bit random number , a slot number, and an encryption key, which combined initialize the LFSRs before the transmission of each packet, if encryption is enabled.

II. BLUETOOTH SECURITY FEATURES

A. Bluetooth security mechanism

Following are three security modes specified in Bluetooth specification

1) Basic Mode 1: It is the lowest security mode, no security is provides in this mode

2) Medium security mode: this is service-oriented security model. it starts after the establishment of the channel;

3) Highest security mode: link-oriented security model, which install and initial before communication link is established.

Bluetooth Technology standard provides safety precautions in the application layer and link layer, communication sides, sender and receiver achieve Authentication and encryption in the same way. Link layer uses following four entities to ensure the safety:

1) The Bluetooth device addresses which is of 48 bits decided by the IEEE;

2)128 bit authentication key for authenticating entities

3) 8 to 128 bit secret key for data encryption;

4) 128-bit random number.

In the initialization process two keys are generated and they do not opened, encryption key is generated later in certification process from the two previously generated authentication keys. The secret key is changed every time you activate encryption and calculated from same authentication key. The random number can be generated by merssene twister because of its property of non repeatability and random generation.

B. Process of encryption and authentication of Bluetooth

         Fig1.Process of Bluetooth encryption

Bluetooth security mechanism has three modules, first is key generation, second authentication and third is encryption. It uses four different algorithms E0, E1, E2, E3.E2 algorithms is used to get PIN code which is entered by user. Link keys are generated by E3 algorithms by using PIN code. E0 algorithm is used to encrypt the data. Following figure is the process of Bluetooth encryption.

The modules key generation, authentication and encryption in Fig 1 are as following:

1.      Key generation: user enter a 4 digit code which is used as input for E2 algorithm to generate link keys, then by using E3 algorithm encryption key is calculated by using link keys generated by E2 algorithm.

2.      Encryption: data is encrypted by E0 algorithm.

3.      Authentication: authentication process is carried out by using algorithm E1.

C. E0 algorithm

    E0 algorithm is used in Bluetooth link layer to encrypt data. E0 is a stream cipher .E0 algorithm takes the data stream and XOR with pseudorandom numbers. Encryption of each packet is done separately. The linear feedback shift registers are used to generate pseudorandom numbers. During decryption exclusive-or operation is conducted one more time to get the plain text.

III. VULNERABILITIES IN BLUETOOTH SECURITY MECHANISM

A.      Weakness of E0 stream cipher algorithm

The main weakness is with pseudo-random numbers, if pseudorandom number sequence makes a mistake, in this situation we will not get plain text in the process of decryption from the cipher text.

The security of E0 algorithm is based on internal mechanism of the secret key stream generator. If the input to E0 algorithm is sequence of 0’s then the cipher text we get is the plain text. If the input is 16 bit mode, then E0 algorithm is only an XOR, which is ignoring security. At last we can say that the security of E0 depends on the XOR operation and one time pad.

B.      Confined resources capability of  LFSR

Bluetooth technology standard defines E0 algorithm for Encryption which is somewhat   fragile, and it uses 128-bit key, in some cases, the complexity of their decoding is only 0.In E0 stream cipher uses 4 LFSR key stream generator. If any LFSR out of 4 LFSR key stream generators create a sequence of cycle is shorter than the key, then there is threat of divide and conquer technique used by the attacker to find keys. And software implementation of LFSR is not efficient. At the at the implementation time, it is required to refrain from the sparse feedback polynomials, because they are vulnerable to correlative attack, it is inefficient and ineffective to thickset feedback polynomial. In fact, the 

                        

software implementation of LFSR algorithm is slower than the proposed algorithm based on AES and ECC.

A.      Low Reliability of PIN

A PIN code of 4-digit and a variable is used in Bluetooth technology to generate link key and the key for encryption. A randomly chosen 4-digit code by user is only the real key transported in air. In the process of establishment of a link key, attacker can capture the communication data packet in the initial communication process. Attacker tries brute force attack on PIN to generate different types of related parameters, including the link key. If the PIN code is L bits, then in case of cipher text attack, an attacker can search the value of the PIN code through 2L times. Therefore, the reliability of the PIN code is very less; there are only 10,000 possibilities for 4 bits PIN code. We  can use 16-byte PIN code in place of 4-bit PIN code, it make difficult for attacker to find the encryption key, but in each secure connection establishment we have to enter a PIN code. So using longer PIN code is very inconvenient.

B.      Address Spoofing

Bluetooth technology standard recommends a unique address to every Bluetooth device. Its uniqueness gives rise to new problems. As the ID links to a particular fixed person, the activities performed by the person can be recorded and that person can be easily tracked. This violates the individual privacy.

All problems stated above shows that Bluetooth security systems are highly unsecure, but we generally use Bluetooth to transfer data that is not much sophisticated. Bluetooth standard are generally used in small networks as piconet where only 9 devices can be connected at same time, and securities technologies. As now a day’s Bluetooth technology is also used in sensor networks due to its low power consumption and adequate data rate property. Now Bluetooth nodes are more complex and multiple, the existing algorithms for key distribution and authentication cannot meet the demands. Bluetooth technology only provides security to small networks and small scale applications, it appears to be enough for these applications, but to use Bluetooth technology more widely, we have to use more complex and powerful algorithms like AES and ECC.

THE IDEA AND PROCESS OF PROPOSED ALGORITHM

 Advance Encryption Standard (AES) is a symmetric key encryption algorithm, it is a block cipher and available in 128,192,256 bits key size and block size of 128 bits. Advanced Encryption Standard (AES) symmetric encryption algorithm for high throughput application (audio or video).AES is computationally faster than ECC. So for data encryption we have used AES and Elliptic Curve Cryptography (ECC) which is used as a public key mechanism.AES is based on substitution permutation. It is not a fiestel cipher like DES. AES algorithm operations are conducted on a 4×4 matrix of bytes, termed the state .State is a version of Rijndael algorithm with a larger block size and have additional columns in the state). Most calculations of AES are done in a special finite field. The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of cipher text. Each round consists of several processing steps, including one that depends on the encryption key. A set of reveres rounds are applied to transform cipher text back into the original plaintext using the same encryption key .ECC is well suited for application in mobile communication. The ECC algorithm provides the same level of security as RSA but with a significantly shorter key length. Elliptic curve cryptography makes use of elliptic curves in which the variables and coefficients are all restricted to elements of a finite field. Elliptic curves are not ellipses. In ECC start with an affine point called Am(x, y). These points may be the Base point (G) itself or some other point closer to the Base point. Base point of elliptic curve implies that it has the smallest (x, y) coordinates, which satisfy the elliptic curve. Based on comparison of AES and ECC and using advantages of both of algorithms and avoiding their shortcomings in new algorithm. As to secure transfer of keys in key linking phase of ssp [secure simple pairing] we are using ECCDH. The key shared in that process using ECCDH are used in encryption,. Let the sender is Ua, the receiver is Ub. Ub’s public key is Pb, Ub's private key is Db, K is AES encryption session key.

A.  Encryption  -Data encryption is done using AES-128,A session key is generated by pseudo random number generator to generate a 128 bit session key and one session key is use only once to provide more 

security. Data to be sent is organized in 4×4 blocks and encrypted by AES. Then session key is encrypted using ECC, both encrypted key using ECC and encrypted data is sent to receiver. As the bits is encrypted in blocks and a session key in generation for every block, if error Accor it only affect a block not whole the message. And that block may be retransmitted

Algorithm
At Sender side

Step 1.Sender calculate two a random number R1 and R₂ using a random number generator, we have choose merssene twister to calculate random number because of its large period 2¹⁹⁹³⁷ – 1.

Step 2.Calculate session key Ks as

Ks =   h( R₁) h(R₂)

We are using 128 bit MD5 algorithm, 128 bit MD5 have two advantage first it converts the R to 128 bit code that can be easily used as 128 bit session key, second 128 bit hash make more difficult for attacker to guess the session key and we are calculating and the xor of hashed R₁  and R₂ to make prediction more difficult.

 Step 3.Sender encrypt the data D using the 128 bit as Encrypted data

De = E(Ks ,D)

Step 4.Calculate public key K_p using the ECDH

Step 5.Encrypt Ks using ECC encryption

K_a =E(K_p .Ks)

Step 6.Sender calculate hash of

( j , t_j , De ,Ka )

  j  is the sequence, t_j is the clock

Step 7.Sender calculate

[h( j , t_j , De ,Ka ), ( j , t_j , De ,Ka )

 Send to the receiver end.

                  Fig.2. Encryption of data using AES and encryption of key using ECC

B. Decryption

At receiver side

Step 1.Receiver U_b calculate the hash of

           ( j , t_j , De ,Ka )

 And compare with the stored hash in the message; if the hash matches accept the message otherwise discard.

Step 2.Validate tj with the local current time Clock. If the in equations

| Clock − tj | < △t

Holds, then proceed to next step, else reject the message. Here △t denotes the time of the expected network delay which can be estimated according to different applications

Step 3.Receiver decrypts key K_a   to get Ks as

             Ks = D( K_p ,Ka)

Step 4.Using the key Ks receiver decrypt the De to get data as

                        Data=D(Ks, De)

 

C. Advantages of proposed algorithm

·         Proposed algorithm removes the vulnerabilities present in Bluetooth security mechanism and with little overhead, It is more useful in applications where confidentiality is bigger issue

·         As the proposed algorithm used ECDH to create public keys there is no need to send AES keys before starting communication.

·         We only need to create public keys once by ECDH and we only have to maintain one key secrete.

·         We can also use ECDH as digital signature.

·         AES is much faster and secure then E0 also AES use small size key and provide better security then other existing algorithm.

D.     Safety analysis

Safety of proposed algorithm is based on the safety of ECDH and AES algorithms, operating efficiency of proposed algorithm depends upon the encryption and decryption by AES algorithm and hash function.

AES algorithm is available with key size 128, 192, 256.The strength of all key size algorithms is sufficient to protect our information up to secret level. Know attacks against AES are side –channel attacks, which works on some specific applications.AES algorithms is has the NIST/CSEC validation.

ECC is now a days a most promising for encryption, ECDH provide much higher level of security with same key size as RSA.ECDH is certified by NSA.

E.      Performance Analysis

Efficiency of proposed algorithm is less than the Bluetooth standard, as we are using AES in place of E0 algorithm. The proposed algorithm is more efficient than previously algorithms for Bluetooth security which use RSA or DES.AES can be efficiently implemented on both hardware and software, as in our algorithm we require software implementation .Most of Bluetooth device have low ram and low speed processor, our algorithm work well with low ram and provide fast speed 

V.  CONCLUSIONS

Bluetooth technology is new and has various applications. However, Security is not much emphasized in Bluetooth technology standard. As Bluetooth technology uses wireless networks and are vulnerable to more security attacks the fixed wired network, the security to data transfer is much more essential .Currently used security algorithms have many vulnerabilities, as discussed in our paper, while our proposed algorithm with AES and ECC provide much higher level of security to Bluetooth data transfer between devices in real time.

REFERENCES

[1] Jens Eliasson and Zheng Hu,”Network and Information security “, Peking: TsinghuaUniversity Pres,2006.

[2] Suri, P. R. ; Rani, S. Bluetooth security Need to increase                                                                                   the efficiency in pairing [J]. IEEE/ Southeastcon, 2008.

[3] Falk A. The IETF, the IRTF and the networking research community[C].Computer Communication Review, v35, n5, Oct .2005:6970.

[4] Vanstone, S.A. and Zuccherato, R.J, Elliptic curve         cryptosystems using curves of smooth order over the ring         Zn, Information Theory”, IEEE Transactions on, vol.43,       no.4, pp.1231-1237, 1997.

[5] Tian, X. and Benkrid, K., Merssene twister random number generation on FPGA, CPU and GPU, Adaptive Hardware and Systems, 2009. AHS 2009. NASA/ESA Conference , pp.460-464, 2009.

[6] Jens Eliasson and Jan van Deventer and Mathias       johanson,”An ad-hoc Bluetooth Sensor Network for      Automotive Testing,”, IEEE Consumer Communications and Networking Conference2008,January  PP-179-180. [9].IET Computing & Control Engineering December/January 2006/07.

[7] Zhihua Hu,” Progress in the Advanced Encryption    Standard ,”Intelligence Science and Information Engineering (ISIE), 2011 International Conference on,Aug 2011,pp 345-348.

[8] Sanchez-Avila, C.,”The Rijndael block cipher (AES proposal) : a comparison with DES”,security Technology, 2001 IEEE 35th International Carnahan Conference ,Oct 2001,pp229-234.

 

Glucose Bio-Sensor

The process was developed at NPL, New Delhi under DST sponsorship. The Corporation licensed the process to two firms  one in  Bangalore and the other in Faridabad. Since these firms encountered some problems in commencing their commercial production, the Corporation sponsored Rs. 6.00  lakhs (Rs.1.50 lakhs already released) to NPL for further improvement of the process. The two firms are now manufacturing the product based on the improved process and have achieved commercial success.   They have also started paying royalties.  Thus a technology which was heading for legal action was converted into a success by the technical and financial inputs from NRDC. Moreover, the product is available in the country at a much cheaper price than the imported product and the common people can afford to utilise the instrument very easily.