EFFICIENT AND SECURED DATA TRANSMISSIONIN … · EFFICIENT AND SECURED DATA TRANSMISSIONIN...
-
Upload
nguyenhanh -
Category
Documents
-
view
219 -
download
5
Transcript of EFFICIENT AND SECURED DATA TRANSMISSIONIN … · EFFICIENT AND SECURED DATA TRANSMISSIONIN...
International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 22 Issue 2 – MAY 2016.
226
EFFICIENT AND SECURED DATA
TRANSMISSIONIN DISRUPTION TOLERANT
OPPORTUNISTICNETWORK
PraisyRathna.G, and Senthilmurugan S.
Student M.E. Communication Systems, Valliammai Engineering College,Kattankulathur
Assistant Professor, Department of ECE, Valliammai Engineering College,Kattankulathur
Abstract-- This paper presents a secured communication of data
betweenmobile nodes in interminentenvironmentswhich suffers
from connectivity issues in an infrastructure less environment.
Disruption-tolerant network (DTN) technology is an upcoming
successful solution that offers the wireless devices to
communicate with each other and access the confidential
information or command reliably by exploiting external storage
dynamic nodes. Localization is done by Enhanced Position
Estimation based on RSSI Algorithm .DTNs introduce several
security and privacy challenges with regard to the attribute
revocation, key escrow, and coordination of attributes issued
from different authorities. This paper proposes a reliable route
selection on the basis of ImprovedProbabilistic Routing
Algorithm (IPRA) and the source encrypts the data using
Attribute SpecifiedIdentity Based Encryption Algorithm. The
DTN is used to authorize the nodesand DTN registers the node
details to Trust Authority. The Trust Authority generates Secret
Key and the route to transfer packet to destination.The time
stamp is added to the packet for updating the specific keys of the
nodes in the route. The unauthorized node is identified by the
time stamp and the wrong route selection. The secret key is also
automatically changed when the node joins a network and leaves
a network based on Fast Randomized Algorithm by which the
level of security is increased.
Index terms-- Disruption-tolerant network (DTN) technology,
Attribute specificIdentity based Encryption,IPRA ,Secret Key.
I INTRODUCTION
Network helps in sharing of data which have to be
done in a secured manner in the network to avoid
unauthorized usage. The network has several connectivity
issues due to disruption the environment. In case of Dynamic
nodes the case is very worst as the disruption rate is high and
the packet drop is also high. Disruption may occur because of
the limits of wireless radio range, scarcity of mobile nodes,
energy resources, attack, and noise .The connectivity is
necessary even in extreme environment conditions DTN
technologies are the trending solutions that allow nodes to
transmit information and communicate in these hostile regions
with security when there is no end to end connection[1]-
[3].With the challenging scenario of having dynamic nodes
localization is an issue as the security has to be maintained.
Using GPS makes the network under more risk. It has several
security and privacy challenges. The access control techniques
are enforced with cryptographic methods.[6]
This paper proposes a new strategy to reduce the
delay to make the network an efficient network. It also
proposes a strategy to overcome the security issues in
Disruption tolerant network technologies. The key revocation
is eliminated by node locating and continuous monitoring of
the node movement. The Routing path is also well defined by
the advanced routing algorithm. Immediate rekeying
procedure is done using Fast Randomized Algorithm. The key
escrow problem is eliminated by using ABE technique .[7]
The security is further increased by attaching a time stamp for
automatic change of key on timely basis.
II RELATED WORK
The Routing path selection based on the combination
of three AlgorithmsPRoPHET, Bubble and Spray and wait
algorithm. Two Hop Transmission and Multi hop
Transmission is done. The routing mechanisms that can
withstand disruptions need to be designed.In order to illustrate
the improvement of delivery ratio the differences are
considered AODV is for ad hoc wireless networks with
Symmetric Communication links whereas the ProPHet is for
heterogeneous sensor networks asymmetric ones.Identity-
based encryption (IBE) is an exciting alternative topublic-key
encryption, as IBE eliminates the need for a PublicKey
Infrastructure (PKI). The senders using an IBE donot need to
look up the public keys and the correspondingcertificates of
the receivers, the identities (e.g. emails or IPaddresses) of the
latter are sufficient to encrypt. Key escrow is inherent in
identity-based encryption (IBE). A curious key generation
Centre (KGC) can simply generate the user's private key to
decrypt a cipher text. Second, anew system architecture with
an anonymous private key generation protocol such that the
KGC can issue a private key to an authenticated user without
knowing the list of user‟s identities.This also better matches
International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 22 Issue 2 – MAY 2016.
227
the practice that authentication should be done with the local
registration authorities instead of the KGC.
In Cipher text-Policy Attribute-Based Encryption
(CP-ABE), a user secret key is associated with a set of
attributes, and the cipher text is associated with an access
policy over attributes[8]. The secret key is divided into two
shares, one share for the mediator and the other for the user.
To decrypt the data, the user must contact the mediator to
receive a decryption token. The mediator keeps an attribute
revocation list (ARL) and refuses to issue the decryption token
for revoked attributes.
This DTN architecture where multiple authorities
issue and manage their own attribute keys independently as a
decentralized DTN .
The main challenge is the security issues and the delay in
the DTN technology.
1. Attribute key revocation which occurs due to node
movement to other network which leads to the security
degradation in terms of the backward and forward secrecy.
The users such as soldiers may change their attributes
frequently, so the attribute keys are updated by periodic
rekeying backward secrecy.
2. To avoid hacking issue revocation is done which eliminates
the forward and backward secrecy. During revocation
bottleneck problem arises
3.Key escrow problem which occurs due to third party
interruption. Key escrow which is also known as a “fair”
cryptosystem is an arrangement in which the keys needed to
decrypt encrypted data are held in escrow so that, under
certain circumstances, an authorized third party may gain
access to those keys. Key disclosure law avoids some of the
technical issues and risks of key escrow systems, but also
introduces new risks like loss of keys and legal issues such as
involuntary self incrimination.
4. The other is the scalability problem.Opportunistic
Networking Environment”(ONE) with the transitivity of the
neighbor node
5. The Delay reduction will increase the efficiency of the
network. The Delay has to be reduced during the packet
transmission. The Delay is the main factor contributing to the
efficiency of the network. The Delay willlead to congestion.
The key authority periodically announces a key
update material by unicast at each time-slot so that all of the
non revoked users can update their keys. This results in the
problem, which means that the update of a single attribute
affects the whole non revoked users who share the
attribute.This could be a bottleneck for both the key authority
and all non revoked users.
IIIENHANCED MODEL
In this paper we propose a system to provide a
Delay Tolerant Disruption Network along with a secured data
transmission through mobile nodes in which by which the
node details are registered to a Trusted Authority which
monitor the details of the subnodes. The communication is
improved even in the interminent network environments by
using the Disruption tolerant Network technologies.[1] The
Delay parameter has to be reduced in the opportunistic
environment which will make the network an efficient
network. The nodes along with the basic details are stored in
the DTN nodes and the information is acknowledged from the
Trust Authority. The source nodes requests the Trust
Authority for data transmission in order to provide a trust
worthy fine grain access on the storage nodes
The router path is selected using Improved
Probabilistic routing algorithm which has reduced latency and
transitivity which makes the network efficient. IPRA
Algorithm is chosen as it based on knowledge base, similarity,
store and forward approach. This makes the selection of the
route that has minimum distance. The history of nodes is
collected and their similarity is checked. The history is
provided along with the distance by the improved by the
enhanced position estimation algorithm by RSSI .The node
details are matched with the information from the neighbor
nodes. The message is encrypted and accessed on the basis of
theAttributes and decrypted using Attribute specified Identity
basedencryption(CP-ABE ID). The key escrow problem is
fixed by using Trust Authority which assigns the basic keys.
The main aim is to provide a secured and guaranteed
transmission of data through the decentralized nodes without
packet drop. The mediator keeping the attribute list is revoked
and encrypted. A double layer encryption standard is provided
on the basis of identity and Attribute.
If the node travels in a route that is not mentioned or
if any node who is not having authorization over packet
transmission approaches for packet delivery then the
unauthorized node is found and the packet is not delivered.
This is done by the time stamp which is attached to the packet
delivered. The node that is transmitting has the knowledge of
the node that receives. The key changes automatically and the
previous node has the knowledge of the transmitting key. This
makes the security even more strong. Insertion of time stamp
has a challenge that the Average overhead has to be minimum
for an efficient network. The time stamp is of reduced size and
so the packet overhead ratio is low. Thus an efficient and
secured node is achieved.
International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 22 Issue 2 – MAY 2016.
228
Fig 1.Architecture of secure data retrieval in a disruption-
tolerant military network.
If a node is moved to opponent or any other
circumstances if the node disappears the key has to be
changed for security issues.Rekeying is done automatically by
the Trusted Authority which monitors the node movement.
Rekeying procedure eliminates the key escrow
problem.During rekeying the bottleneck problem is minimized
by fast randomized algorithm by which level of security is
improved.
A. System Description and Assumptions
As shown in Fig 1 the DTN architecture consists of the
following system entities
1)Trust Authorities: They are the main key generation centers
that generatePublic andsecret parameters for CP-ABE. The
trust authority is a central authority which manages all the sub
nodes. The initial setup and registration preprocessing along
with acknowledgement is obtained directly from the Trust
Authority. The local authority provides the Router selection
path which is decided by honest node path finding. The basic
misbehavior detection Algorithm gives history and details of
the neighboring nodes. This makes sure that the data is
travelled in a predetermined path selected by Trust Authority.
2) Storage node: This is anentity that stores data and also act
in the infrastructure less environmentand provide
corresponding access to users. It is either mobile or static.
They are external storage nodes.
3) Sender:This is an entity who owns confidential messages or
data (e.g., a commander) and wishes to store them into the
external data storage node for ease of sharing or for reliable
delivery to users in the extreme networking environments.A
sender is responsible for defining (attribute based) access
policy and enforcing it on its own data by encrypting the data
under the policy before storing it to the storage node.
4) User:This is a mobile node who wants to access the data
stored at the storage node (e.g., a soldier). If a user possesses a
set of attributes satisfying the access policy of the encrypted
data defined by the sender, and is not revoked in any of the
attributes, then he will be able to decrypt the cipher text and
obtain the data.
B. Modules Description
1) Network Construction
In this concept, first we have to construct a network
which consists of „N‟ number of Nodes. All nodes are
registered in the network. Network is used to store all the
Nodes information like Node Id and other information. The
nodes can request data from other nodes in the network. Since
the Nodes have the mobility property, they can move across
the network. Also network will monitor all the Nodes
Communication for security purpose.
2)Localization of Mobile Nodes
` Initialize the position estimation as whereas x and y
are the positions.
𝑓 𝑥, 𝑦 = 𝑥 − 𝑥𝑖 + 𝑦 − 𝑦𝑖 − 𝑟2𝑖
3
𝑖=1
2
Received signal strength estimated from the beacon node or
Anchor Node (distance), Three beacon nodes are considered
for the calculation.
αf(x, y) =∂ f (x, y)/ ∂x βf(x, y) =∂ f (x, y)/ ∂y
Update the position estimate
a.Compute the constraint from the anchor node
b. Intersect the constraint with the current position estimation
to get the new position estimate as
(x_, y_) = (x-λα(x, y), y-λβ(x, y)).
If the position is improved then the position is broadcasted to
all neighbors
3)Secret Key Assignment and Data transmission
Message is encrypted for secured transmission using
Attribute specific Identity based encryption. Trust Authority
Assigns the Public Keys. Trust Authority generates the secret
key (private key) based on Attribute specific Identity based
Encryption. Public key generation is common (ex. Mail-id)
and it is known to everyone. Private Key generation on
identity basis and access key created based on attribute
positioning. Source node in network send data to destination
means, before it sends the packet to Trust Authority. The
packet includes source node id, intermediate node id,
destination node id, packet size and time. After receiving that
packet Trust Authority (TA) finds which node act as
intermediate node. Then it sends request to all nodes for
identifying intermediate node information.
Based on that request each node sends the response to
TA. Trust Authority finds which node act as intermediate
node. TA audits the information for identifying intermediate
International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 22 Issue 2 – MAY 2016.
229
node trust worthiness. Routing path is identified by TA and
packet transfer alert is given.
4) Data Transmission
On the basis of TA verification each node identifies
the intermediate node behavior using Improved Probabilistic
Routing algorithm. By using this algorithm Reduced End-
End Delay, Reduced Average Overhead , Increased Delivery
Rate , Increased Throughput is achieved. The attribute and
identity is thus assigned using the analysis of the node
behavior. The source node encrypts data with destination
public key and securely transmits the data to destination node
via honest intermediate nodes. Finally destination node
decrypts the data with its private key based on id based
encryption algorithm.
5) Attaching Time Stamp for Key Changing
The data is transmitted in the selected path. Nodes in
the routing path are intimated about the information of packet
delivery. The transmitted data packet contains a timestamp
which is attached to it. The node that is transmitting has the
knowledge of the node that receives. The key changes
automatically and the previous node has the knowledge of the
transmitting key. This makes the security even more strong.
Insertion of time stamp has a challenge that the Average
overhead has to be minimized for an efficient network. Thus
an efficient and secured node is achieved. The packet is
transmitted and the time stamp will update the keys. This will
increase the security and reduce the delay. Identifying the
unauthorized node
6)Rekeying based on Node movement
The nodes are located and monitored in this module
and if the source node moves to other network then it suffers
from secret key being revealed. The existing network
completely changes each nodes private key for security
purpose (hacking using old private key). Fast Randomized
Algorithm is used to avoid bottleneck during the rekeying
procedure. But this private key changed so it didn‟t access
previous network data. By this algorithm for Rekeying Key
Escrow problem is eliminated, The attributes are properly
coordinated.
C. Advantages
a. Immediate attribute revocation enhances backward/forward
secrecy of confidential data by reducing the windows to
vulnerability.
b. The Disruption Tolerant is added with a feature of Delay
tolerant network.
c. Encryptors can define a fine-grained access policy using
any monotone access structure under attributes issued from
any chosen set of authorities.
d.The key escrow problem is resolved by an escrow-free key
issuing protocol that exploits the characteristic of the
decentralized DTN architecture.
e.Thus, users are not required to fully trust the authorities in
order to protect their data to be shared.
f. The data confidentiality and privacy can be
cryptographically enforced against any curious key authorities
or data storage nodes in the proposed scheme.
f. It radically eliminates the non-uniformity of energy
consumption among sensors.
g. It works well not only in a connected network, but also in a
disconnected network. The moving path of each mobile
collector acts as virtual links among separated sub-networks.
h. Attaching time stamp increases the security. The average
overhead is also reduced by the IPRA algorithm which makes
the system effective and efficient.
IV SIMULATION PARAMETERS
The network simulator tool is used to study the
function and performance of DTN Tolerant Network scheme.
We employ the IEEE 802.11 MAC with a channel data rate of
20 Mb/s.
The nodes are selected randomly and message is transferred to
the destination nodes .
A. Delay
Delay during the packet transfer is reduced. When the
node moves to the next region immediate rekeying is done
without any delay using fast randomized algorithm. The delay
is reduced from 20ms to less than 10ms. This makes the
network an efficient network
Fig 2 Delay Estimation
B. Efficiency
It is defined as the total amount of data transmitted to the
destination from the source divided to the time taken for the
packet to reach destination.The packets deliveredis measured
International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 22 Issue 2 – MAY 2016.
230
using the acknowledgement data.The message delivery ratio
defines the efficiency of the entire system.
The data is transferred securely using Attribute Specific
Identity Based algorithm. Theunauthenticated packet is not
deliverd and packet is completely dropped.Using the IPRA
Algorithm the unauthorized nodes are completely ignored.
The trust Authority continuously monitors the Area/ The
Security levels in increased to more than 80% which is shown
in Fig 3
Fig 3Efficiency
C. Average overhead
Overhead is a combination of excess or indirect computation
time or memory, bandwidth or other resources. Increased
overhead decreases the efficiency. The Average overhead is
reduced in the Disruption Tolerant Network.
Fig 4AverageOverhead
V CONCLUSION
The confidential data is securely and efficiently
managed and distributed in the decentralized disruption-
tolerant military network. DTN technologies allow wireless
devices to communicate with each other and access the
confidential information reliably by exploiting external
storage nodes .The CPABE-ID overcomes major security
issues providing more confidentiality in data transfer. The
monitoring of nodes and locating of positions avoids of
hacking of data. The IPRA reduces the delay avoids
unnecessary packet drops. Fast randomized algorithm avoids
key revocation issues and bottleneck problem within it.
Attaching the time stamp thus increases the efficiency and
security.
REFERENCES
[1] Hur And Kang,” Secure Data Retrieval For Decentralized
Disruption-tolerant Military Networks” ICM IEEE Transc, Feb 2014
[2] M. Chuah and P. Yang, “Node density-based adaptive routing scheme for disruption tolerant networks,” in Proc. IEEE
MILCOM, 2006, pp.1–6
[3] M. M. B. Tariq, M. Ammar, and E. Zequra, “Mesage ferry route
design for sparse ad hoc networks with mobile nodes,” in Proc.
ACM MobiHoc, 2006, pp. 37–48.
[4] M. Chuah and P. Yang, “Performance evaluation of content-
basedinformation retrieval schemes for DTNs,” in Proc. IEEE MILCOM,2007, pp. 1–7.
[5] L. Cheung and C. Newport, “Provably secure ciphertext policy ABE,” in Proc. ACM Conf. Comput. Commun. Security, 2007, pp.
456–465.
[6] R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-based
encryption with non-monotonic access structures,” in Proc. ACM
Conf. Comput.Commun. Security, 2007, pp. 195–203.
[7] D. Huang and M. Verma, “ASPE: Attribute-based secure policy
enforcement in vehicular ad hoc networks,” Ad Hoc Netw., vol. 7, no. 8, pp. 1526–1535, 2009.
[8] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, “Mediated ciphertext-policy attribute-based encryption and its
application,” in Proc. WISA, 2009, LNCS 5932, pp. 309–323.
[9] A. Lewko and B. Waters, “Decentralizing attribute-based
encryption,” Cryptology ePrint Archive: Rep. 2010/351, 2010.
[10] V.Goyal, A. Jain,O. Pandey, andA. Sahai, “Bounded cipher text
policy attribute-based encryption,” in Proc. ICALP, 2008, pp. 579–
591 [11] A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption
with efficient revocation,” in Proc. ACM Conf. Comput. Commun.
Security, 2008, pp. 417–426.