research article a novel digital certificate based remote data...

Research ArticleA Novel Digital Certificate Based Remote Data AccessControl Scheme in WSN

Wei Liang1 Zhiqiang Ruan2 Hongbo Zhou1 and Yong Xie1

1Department of Software and Engineering Xiamen University of Technology Xiamen Fujian 361024 China2Department of Computer Science Minjiang University Fuzhou Fujian 350108 China

Correspondence should be addressed to Zhiqiang Ruan rzq 911163com

Received 12 November 2014 Accepted 17 April 2015

Academic Editor Fei Yu

Copyright copy 2015 Wei Liang et al This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

A digital certificate based remote data access control scheme is proposed for safe authentication of accessor in wireless sensornetwork (WSN)The scheme is founded on the access control scheme on the basis of characteristic expression (namedCEB scheme)Data is divided by characteristics and the key for encryption is related to characteristic expression Only the key matching withcharacteristic expression can decrypt the data Meanwhile three distributed certificate detection methods are designed to preventthe certificate from being misappropriated by hostile anonymous users When a user starts query the key access control methodcan judge whether the query is valid In this case the scheme can achieve public certificate of users and effectively protect queryprivacy as well The security analysis and experiments show that the proposed scheme is superior in communication overheadstorage overhead and detection probability

1 Introduction

TheWSN is a dynamic wireless network formed by multiplemicrosensor nodes It can be used for continuous envi-ronment monitoring The nodes have the features of lowconsumption and low cost Furthermore they can realizedata collection data interaction data transmission anddistributed cooperation [1ndash3] However WSN has someshortages such as intrinsic vulnerability limit sensor nodesrandom deployed nodes dynamic change of network topol-ogy and unstable wireless channel Furthermore since WSNis always deployed in rugged environment uninhabitedarea or enemy positions some unique security risks existsuch as intercept leakage denial of service false injectiontampering and replay attacks [4 5]

In this case it is an important issue to create a safe andreliable working scene for WSN which relates to practica-bility and promotion of WSN The features of sensor nodesare seriously limited in terms of calculating speed powersupply energy communication ability and storage spaceConsequently it is necessary to design an effective securitymechanism under the limit conditions In this way the datastored in sensor nodes will be complete confidential andreliable and have the ability against intercept and capture

in data transmission The unauthorized query and sensitiveinformation leakage of users are prevented

Recently data collection in sensor network needs usersto pay for the access Meanwhile the privacy of data accessis an inevitable problem For instance some users are notwilling to leak the information about the time of accessinginteresting data type and retrieved nodes The identitiesare expected to be unknown to network owner and otherusers In this way they can protect their benefits from beingdamaged by potential competitors Therefore it is importantto realize public user authentication while satisfying useranonymous requirement So far anonymous authentication iswidely concerned but only on authentication problem If theidentity verification is successful the nodes will provide datafor user without considering anonymity SPYC [6] is the firstanonymous access control scheme by collecting data throughone or several base stations He et al [7] present a distributedaccess control with privacy support in wireless sensor net-works All of users are divided into groups Each group hasvarious grades In user query the request is sent with groupidentity It can authenticate userrsquos validity and also protectprivacy of userrsquos identity However this way reveals userrsquosprivacy in dividing process Since the number of groups is

Hindawi Publishing CorporationJournal of SensorsVolume 2015 Article ID 928174 11 pageshttpdxdoiorg1011552015928174

2 Journal of Sensors

limited userrsquos identity and his interesting data can be deducedbynetwork providerwith exhaustive analysismethod It is nota real distributed algorithm Bethencourt et al [8] proposea ciphertext policy attribute based encryption called BSWscheme Secret sharing method is employed in encryptionfor strict access control The private key is related withcharacteristic set in BSW An access structure is implicatedin ciphertext If the characteristic of private key satisfies theaccess structure the private key can be used for decryptionIn BSW polynomial interpolation is required to reconstructthe keyThereforemany operations of complexmatching andexponentiation should be performed in decryption Wangand Li [9] present an authorization method based on accesscontrol list (ACL) User will obtain ACL and certificate inadvance (119899 119905) threshold method is used in authenticationThe signature employs the asymmetric encryption If userobtains authentication signatures from 119905 (119905 lt 119899) nodes thequery request will be transmitted The node with query datawill verify and respond to the request However the schemeis low efficient and without expandability Long distance datatransmission faces various potential attacks Cheung andNewport [10] replace secret sharing by random elements inencryption for strict access control The scheme is namedCN There are two shortages On one hand it only supportssimple logic combination strategy with low descriptivenessOn the other hand the sizes of ciphertext and key growlinearly with the increase of the number of characteristicswhich degrades efficiency Ruan et al [11] present a group-based anonymous scheme to conceal themessage transmittedbetween source node and target nodeThey further proposeda proxy signature scheme to protect the access of data [12]However they focus on the privacy of data but not the privacyof users which will be solved in this paper

In our work each user should get certificate before datacollection and the certificate should ask for or buy fromnetwork provider User can access data with the certificatein the network The sensor node will verify validity of thecertificate and then provide the requested data to user Eachsensor node can verify validity of the certificate but userrsquosidentity is unknown to all entities In our scheme the networkprovider can prevent unauthorized user access and protectuser privacy The generation of certificate is based on blindsignature [13] In traditional digital signature schemes signerknows all information about his signature But signer cannotget what he signed in blind signature system The proxyblind signature is generated on proxy signature and blindsignature which is widely applied in payment of electroniccurrency and greatly protects userrsquos benefits Meanwhile theproxy blind signature is suitable for the proposed applicationscenarios However anonymity of blind signature may beutilized by hostile users for unlimited access Consequently anovel safe access control algorithm based on digital certificateis proposed from the view of security requirement It canaddress the security issues in access control

2 Network Model and Hypothesis

As shown in Figure 1 suppose that there are a networkservice provider 119875 an intermediate proxy 119860 and some

ProviderDeploy

AgentSensor node

User

ProxyQuery

Reply

WSN

Register

Advertise

Figure 1 Distributed network access structure

users 119880 in WSN 119873 nodes in WSN continuously monitortarget environment and provide interesting data to usersNo reliable base station in network will connect intranetwith outside network The collected data will be restoredin local nodes or other nodes Therefore user can obtaindata directly from nodes The nodes are supposed to knowtheir geographical location information by existing locatingalgorithm

We suppose users can conspire forge a certificate andeven capture part of nodes to obtain their interesting infor-mation Users are not willing to reveal their identities andthe way to access data but want to obtain information aboutother users as much as possible Of course they will have asharp practice if it is profitable Different from that of generalwireless sensor network users will not sponsor denial ofservice (DoS) since it is no good for data acquisition Userswill not escape access control and collect data by directlycapturing many nodes since enormous costs and efforts arerequired On the contrary users will capture a small part ofnodes for reuse of certificate

3 User Authentication and Privacy Protection

31 Scheme Description User access control includes threestages proxy stage certificate generation and verificationThe symbol description is stated as follows

119901 119902 two big prime numbers satisfying 119902 | 119901minus1 119902 and119901 minus 1 being relatively prime

119892 an element with rank 119902 in 119885lowast119901 named generator

119898 message needed to be signed

119898119908 a valid evidence of authorized intermediary

proxy including identity information about networkprovider intermediary proxy type of signedmessageauthorized scope and valid date

119909119875 119909119860

isin 119885lowast119901 respective private keys of network

provider and intermediary proxy

Journal of Sensors 3

119910119875

= 119892119909119875(mod 119901) 119910119860

= 119892119909119860(mod 119901) respectivepublic keys of network provider and intermediaryproxy

119867(sdot) ℎ(sdot) hash function with high security in cryp-tology

connection string

311 Proxy Stage Four steps are included in this stage

(1) 119880 sent registration information (without userrsquos iden-tity) to 119875

(2) 119875 randomly selects data 119896isin119877119885lowast119901and calculates 119870 =

119892119896(mod119901) 119904 = 119909119875+ 119896 sdot 119867(119898

119908 119870)(mod 119902)

(3) 119875 transmits (119870 119904) and119898119908to proxy119860 in a safe channel

(4) 119860 receives (119870 119904) and verifies if 119892119904 =

119910119875119870119867(119898119908119870)(mod 119901) is satisfied if done 119860 accepts

proxy task and further calculates proxy key with1199041015840 = 119904 + 119909

119860

312 Certificate Generation In this stage the intermediaryproxy 119860 needs to do the following work


119892120582+119909119860(mod119901)

(2) 119860 sends (119870 119905) to user 119880 (user with certificate canaccess data on nodes)

(3) 119880 receives the information and randomly selects data119886 119887 isin 119885lowast

119901and calculates the following values

120583 = 119905119886

(119910119875119910119860119870119867(119898119882119870))

119886119887

(mod119901)

119890 = ℎ (119898 120583) (mod119902)

1198901015840

= 119886minus1

119890 + 119887 (mod119902)

(1)

If 119906 = 0 repeat step (3) until 119906 = 0 After that 1198901015840 issent to 119860

(4) 119860 receives 1198901015840 and computes 11990410158401015840 = 11989010158401199041015840 + 120582 + 119909119860as a

signature of message 11990410158401015840 is sent to 119880

(5) 119880 receives 11990410158401015840 and computes 120593 = 11989211990410158401015840119886(mod 119901) (119898

119898119908 120593 119890 119870) is regarded as proxy blind signature of

message119898 called certificate

313 Verification Each sensor node has 119910119875and 119910

119860before

deployment Network provider can dynamically update 119910119875

and 119910119860

by using method in [14] Once the certificateis obtained by user 119880 can access the WSN and collectdata from nodes Any node 119873

119894that receives certificate

(119898119898119908 120593 119890 119870) will verify whether the equation 119890 = ℎ(119898

120593(119910119875119910119860119870119867(119898119882119870))

minus119890

(mod 119902) is satisfied According to 119890 =

ℎ(119898 120583)(mod 119902) we only need to prove whether 120583 =

120593(119910119875119910119860119870119867(119898119882119870))

minus119890

(mod119902) is satisfied We have the fol-lowing deduction process

120593 (119910119875119910119860119870119867(119898119882119870))

minus119890

= 11989211990410158401015840119886

(119910119875119910119860119870119867(119898119882119870))

minus119890

= (11989211989010158401199041015840+120582+119909119860)

119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119892(119886minus1119890+119887)1199041015840119886

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 1198921198901199041015840

sdot 1198921199041015840119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119904+119909119860)119890

sdot (119892119904+119909119861)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119909119875+119896119867(119898119882119870)119892

119909119860)119890

sdot (119892119909119875+119896119867(119898119882119870)119892

119909119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119910119875119870119867(119898119882119870)119910

119860)119890

sdot (119910119875119870119867(119898119882119870)119910

119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

119886119887

= 120583

(2)

The above expression proves the validity of certificate(119898119898

119908 120593 119890 119870) After that119873

119894will check again Only the two

steps are successful node 119873119894will provide data to user 119880

according to the certificate

32 Certificate Detection Algorithm Each certificate(119898119898

119908 120593 119890 119870) consists of simple characters or digital

number which are unable to track Hostile users mayreuse their certificates and may not fear being caughtTherefore node should verify whether the certificate is usedbefore responding called certificate detection It performsbefore using certificate and after signature verification Thewitness node is introduced for verifying abused certificateseffectively

Suppose the certificate is successfully used by user 119880 for119886minus1 119886 ge 1 times Now119880 attempts to use the uncompromisednode119873

119894at 119886th timeThe certificate (119898119898

119908 120593 119890 119870) is authen-

ticated by the node 119873119894and should be verified if it is used 119875

represents the probability of certificate (119898119898119908 120593 119890 119870) being

abused in 119886th use (assume it is successfully used for 119886 minus

1 times) 119862 denotes the communication cost for each data


transmission 119872 is the storage cost in 119886th use 119873 119903 119888 andℎ are respectively nodes number communication rangenumber of compromised nodes and the average hops num-ber between two nodes In this section three methods arepresented to verify the use of certificate

(1) Geography Mapping Geography mapping (GM) is usedin the first method The way for selecting storage nodes isreferencedWe randomly select a number of nodes as witnessnodes GPSR [13] is used to find witness nodes Node 119873

119894

receives certificate (119898119898119908 120593 119890 119870) after that we randomly

select 119887witness nodeswithGPSR for certificate detectionThepositions of witness nodes are calculated by119867(119898 119909) = 119897

119894120573

119894=1

Here 119867 is the hash function and 119909 is the random numberNode 119873

119894will send 119898 to 119887 witness nodes and set the longest

round-trip time ofmessage Eachwitness node119908119894will judge if

119898 is stored after receiving119898 If not certificate (119898119898119908 120593 119890 119870)

will be stored in local memory Otherwise 119908119894will respond to

a passive message to node119873119894

Now we will evaluate detection probability of GMmethod 119887 witness nodes are required to verify certificate(119898119898

119908 120593 119890 119870)119909

119894denotes the generated randomnumber for

determining witness position at 119894th time One node may beselected in many times of selecting witness nodes Assumethe generated randomnumber119909

119894in each time is independent

After the certificate being used for 119886 minus 1 times the number ofwitness nodes is 119873

119908(119886 minus 1) The probability of one node not

being selected in 119886 minus 1 times is denoted by (1 minus 119887119873)119886minus1 In

this case the probability for one node being selected for onetime at least will be 1 minus (1 minus 119887119873)119886minus1 Consequently we have119873119908(119886 minus 1) = 119873(1 minus (1 minus 119887119873)

119886minus1

) If 119887119873 ≪ 1 is satisfied wehave119873

119908(119886 minus 1) asymp 119873(1 minus (1 minus 119887(119886 minus 1)119873))

The nodes that are selected as witness nodes are unknownto user119880 He can only capture some nodes randomly Assumethere are 119888 nodes being compromised and 119888 lt 119873 Theprobability for witness node being compromised is 119888(1 minus

(1 minus 119887119873)119886minus1

) asymp (119886 minus 1)119887119888119873 119887(119886 minus 1)(1 minus 119888119873) nodes arenot compromised If none of them is being selected as witnessnodes 119886th certificate detection fails and the probability is(1 minus 119887119873)

119887(119886minus1)(1minus119888119873)Consequently in GSmethod the probability for verifying

119886th certificate abuse is

119901 = 1 minus (1 minus119887

119873)

(119886minus1)119887(1minus119888119873)

=1198872 (119886 minus 1) (119873 minus 119888)

1198732

(119886 ge 2)

(3)

119886th detection requires 119862 = (119887 + 120596)ℎ message transmis-sions Here 120596 is the number of uncompromised nodes thatsend passive message to node119873

119894 If (119886minus1)119887witness nodes are

uncompromised the probability for each node responding toa passive message is 119887119873 In this case there are totally 120596 =

(119886minus1)1198872119873 passivemessagesWe have119862 = (1+(119886minus1)119887119873)119887ℎFurthermore the storage cost is119872 asymp 119886119887

(2) Path Feedback The second method employs path feed-back (PF) It is founded on GM and realized by using thebroadcast feature of wireless signal In the procedure of

sending certificate (119898119898119908 120593 119890 119870) for detection request all

nodeswithin communication radius of transmission path canreceive requestmessage If one node finds119898 is stored by itselfit will send a passive message to source node With the samenumber of 119887 PF can greatly improve detection probabilityof certificate For example assume that node 119908

119894is one of 119887

witness nodes selected by node 119873119894at 119886th time and it is not

selected in 119886 minus 1 times In this case 119908119894will record 119898 119881

is supposed to be a node at path which acts as witness ofcertificate and can receive the detection request from node119873119894to 119908119894 Different from GM method PF allows node 119881 at

path to send a passive message to node119873119894

Now we calculate detection probability of PF methodThe hops number between arbitrary two nodes is ℎ Forsimplification we assume 119873 nodes are randomly deployedwithin the area 119878 and there are ℎ + 1 nodes on each detectionpath from node 119873

119894 The area of circular is 119878

119903= 1205871199032 The

intersect area of two adjacent circulars is S1015840 = (4120587minus3radic3)11990326The area formed by119867 hops path is 119878

ℎ= ℎ119878119903minus (ℎminus1)1198781015840 There

are 119887 witness nodes so the number of request messages is 119887Therefore the total area formed by 119887 paths can be calculatedby

119878119887= 119887119878ℎminus (119887 minus 1) 119878

119903

=61205871199032 + (2 (ℎ minus 1) 120587 + 3radic3 (ℎ minus 1)) 119887119903

2

6

(4)

Similarly there are 119888nodes being captured 119888 lt 119873 and theprobability is 119888(1minus (1 minus 119887119873)

119886minus1

) asymp (119886minus1)119887119888119873 The remain-ing 119887(119886 minus 1)(1 minus 119888119873) witness nodes are uncompromised Ifnone of them has received the request message 119886th detectionis failure and the probability is (1 minus 119878

119887119878)119887(119886minus1)(1minus119888119873) Conse-

quently we have

119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(5)

Similar to that of GMmethod the communication cost ofPF is119862 = (119887+120596)ℎ 119886 ge 1 If none of (119886minus1)119887witness nodes arecaptured one passive message will always respond with theprobability of 119878

119887119878 That is the number of passive messages

is 120596 = (119886 minus 1)119878119887119887119878 So we have 119862 = (1 + (119886 minus 1)119878

119887119887119878)119887ℎ

In addition the storage cost is the same as that of GM119872 asymp

119886119887 Obviously PF has higher detection probability and lowercommunication cost and storage cost by comparing to GM

119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(6)

(3) Crossline The third method is based on crossline theorycalled CLmethod GM and PF have a common characteristicof compromise among detection probability communicationcost and storage cost More witness nodes will improvedetection probability but also cause large communicationcost and storage cost and vice versa However it is different inCLmethod CLmethod is based on crossline technology [15]


Data storage is along with one direction called ldquocopy pathrdquobut not in one node or several isolated nodes User querytowards another direction is called ldquoquery pathrdquo If two pathsare crossed user can query expected data

In CL method certificate is regarded as a unique datatype and message to be copied or queried If certificate isreceived each node will send a detection request along withany fixed vertical path If the request is intersected withuncompromised witness nodes which have certificate recordthewitness nodeswill respondwith passivemessage to sourcenode Otherwise the certificate will be regarded as new Thesource node will select any horizontal path and copy thecertificate to all nodes on the path for storage

Node 119873119894randomly generates a position 119867(119898 119909

1) after

receiving certificate (119898119898119908 120593 119890 119870) 119909

1is arbitrary random

number A proxy query request message with m will be sentto the node at 119867(119898 119909

1) by using GPSR The node which

receives the proxy query request and is near to 119867(119898 1199091)

is called proxy query node of 119873119894 denoted by 119880

1 If 119898 is

stored in node 1198801 1198801will send a passive message to node

119873119894 Otherwise 119880

1will send the query request messages

respectively along the horizontal and vertical directionsIf node 119873

119894receives an abused passive message before the

timer expired the use of certificate (119898119898119908 120593 119890 119870) is refused

Otherwise the certificate (119898119898119908 120593 119890 119870) is unused Node119873

119894

will generate a random number 1199092(different with 119909

1) and

send a copied proxy query request message including 119898 tonodes nearby 119867(119898 119909

2) The node 119880

2 which is closest to

119867(119898 1199092) is regarded as the copied proxy node of 119873

119894after

receiving the request message Then1198802stores and sends two

copy paths towards horizontal direction All nodes on copypath will store119898

Now we analyze the detection probability of CL methodThe certificate (119898119898

119908 120593 119890 119870) is used for 119886 minus 1 times

Therefore there are 119886 minus 1 copy paths randomly generatedin network At least one node can receive request messagefor detection We assume only one node receives the requestmessage There are 119886 minus 1 cross nodes Since the query pathof node119873

119894is unpredictable user119880 attempts to use certificate

(119898119898119908 120593 119890 119870) at 119886th time by randomly capturing a number

of nodes If 119888 nodes are compromised by 119880 the probabilityof each cross node being captured is 119888119873 If all of the crossnodes are compromised 119886th certificate detection is failureThe probability is (119888119873)

119886minus1 So we have

119901 = 1 minus (119888

119873)119886minus1

(7)

The communication cost evaluation should consider twocases 119886th detection is successful or failure For the first casecommunication cost includes query cost119862

1and copy cost119862

2

1198621consists of the cost of transmitting proxy query request

and the cost of sending two query requests from proxy querynode 119862

2consists of the cost of transmitting proxy copy

request and the cost of sending two copy requests from proxyquery nodeThe hops at horizontal and vertical direction arerespectively 119871 and 119882 The average hops number betweenarbitrary two nodes is ℎ Consequently we have

119862 = 1198621+ 1198622= (ℎ +119882) + (ℎ + 119871) = 2ℎ +119882 + 119871 (8)

If 119886th detection is failure 119862 is a sum of 1198621and the sent

passive messages If 119886 minus 1 cross nodes are uncompromised119886 minus 1 passive messages will respond to node119873

119894 In this case

119862 = ℎ +119882 + (119886 minus 1)ℎ So we have

119862 = (1 minus 119901) (2ℎ + 119871) +119882 + 119901 (119886ℎ +119882) (9)

In addition the storage cost of CL method is

119872 = (119886 minus 1) 119871 + (1 minus 119901) 119871 = (119886 minus 119901) 119871 (10)

33 Security and Performance Evaluation Data access con-trol is necessary to ensure authorized access since illegalaccess to sensitive data may cause disastrous consequencesFrom the view of protected object security evaluation ofdata access control is classified into accessor security andaccess object security The implementation of our method isanalyzed as follows

(1) Effective access control the master key in each stageis realized by encryption of a set of characteristicsSince the key chain is one-way attackers cannotobtain the key for data encryption without the masterkey Encryption on the master key has provablesecurity under the BDH hypothesis It demonstratesthat attackers cannot decrypt the master key exceptthat they have expectant access structure Thereforethe method makes the data only be accessed byauthorized user

(2) Constraining the collusion attack the collusive userswant to obtain the master key for data decryptionActually the method has provable security to selectmessage attack under BDH hypothesis The masterkey is encrypted as 119870119890(119892 119892)119910119904 User can get 119870 onlyby eliminating 119890(119892 119892)

119910119904 The only way to construct119890(119892 119892)

119910119904 is 119890(119892(119910minus119887)120573 119892120573119904) = 119890(119892 119892)119910119904

119890(119892 119892)119887119904 Then

119890(119892 119892)119887119904 can be calculated For each user 119887 is ran-

domly selected from 119885119901 The key of an unauthorized

user is no use for other users to calculate 119890(119892 119892)119887119904(3) Limit impact of node capture each sensor node only

stores the key for current data encryption The keyused before will be erased Due to the one-way featureof key attackers cannot deduce previous keys by usingcurrent key Each node encrypts data independentlywhich is not useful to capture other nodes

(4) Performance and functionality analysis a sensor nodeis responsible for the following operations (1) gen-erate and encrypt the master key with the proposedmethod (2) generate the key for data encryption byusing themaster key (3) encrypt data of sensor nodesThese operations are deployed to various stagesConcretely one node at one stage performs at mostone dot product of scalar at elliptic curve a one-wayhash algorithm and a symmetry data encryption

In data request procedure each node responds to data⟨119862V 119863119870119905⟩ at 119905th period of Vth stage119862V includes 119891119894 +1 groupmembers in 119866

1and a group element in 119866

119879 119863119870119905

is data


2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL

(a) Detection probability

Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost

(b) Communication overhead

Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost

(c) Storage overhead

Figure 2 The relationship of detection rounds with detection probability communication overhead and storage overhead

segment In data cancel process TP only needs to broadcasta group element in 119866

2to all of sensor nodes

Table 1 compares the functionalities of our method tothose of BSW [8] and CN [10] BSW has only designedthreshold by simple combination of keys without networkscalability and user revocation and it can not withstandcollusion attacks CN is resilient to collusion attack andcan resist some other attacks The proposed method has

scalability ability against collusion attack and user cancelMeanwhile the descriptiveness is better and functionality ismore comprehensive

4 Experiments and Analysis

Simulations have been performed in NS-2 (Network Sim-ulator version 2) developed by UC Berkeley University to


0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL


Figure 3 The relationship of witness nodes with detection probability communication overhead and storage overhead

Table 1 Functionality comparison of various methods

Method Scalability Descriptiveness Ability against collusion attacks User cancelProposed No Normal No NoCN No Bad Yes NoCEB Yes Good Yes Yes


evaluate the efficiency of the proposed scheme The settingsfor experiments are as follows There are 1000 nodes inWSN deployed in the area with the size of 1000 times 1000The communication radius of nodes is 50m The numbersof witness nodes (119887) in GM and PF are respectively 50 and5 The reason of choosing different 119887 lies in their differentdetection probability The number of compromised nodes isset to 100 Assume that no package loss or conflict occursin data transmission In Figure 2 every point represents theaverage usage of a certificate among 100 random nodes Forthe use of each certificate we randomly capture nodes for 100times and calculate the average value In addition differentnetwork topology and random certificate are simulated Theevaluation indicators include detection probability commu-nication cost and storage cost [15]

Figure 2(a) compares the detection probability of threemethods as a function of the round of certificate used Asseen the detection probability increases as 119886 When 119886 isgreater than 2 it can be completely detected Since CL selectstwo cross curves to store and verify certificate if the crosspoint is not captured detection will be successful But thedetection probability is the minimum On the contrary theselection of target nodes in GM is totally random It is notthe optimized way for selection since a part of nodes may becaptured and certificate usage can be detected more than 8times By comparing to GM scheme PF can realize feedbackby using nodes on the path Since 119887 nodes will produce 119887paths it is unable to capture nodes on all paths Consequentlythe detection accuracy is higher than that of GM schemewhile requiring less witness nodes

Figures 3(a) 3(b) and 3(c) compare the communicationoverhead and storage overhead of three detection schemesseparately As we can see the communication overhead in CLis lower than that of PF but the storage overhead is oppositeIn GM scheme communication and storage overhead arelarger than those of PF This is because the witness nodesin GM are fixed and the number of witness nodes is morethan that in PF Since PF depends on other nodes andwitness nodes on the path and requires less witness nodes thecommunication and storage overhead are lower than those ofGM

Figure 3 demonstrates the effect of 119887 on GM and PF Dueto the fact that we concern certificate use at the first time119886 = 2 is set Additionally 119887 has no impact on CL schemeFor comparison it is also shown As seen the detectionprobabilities respectively in GM and PF are growing as 119887The communication and storage overhead show the sametend When 119887 = 10 PF can detect the first abuse ofcertificatewith the probability of 09 But inGM the detectionprobability is less than 05 even 119887 = 100 Since PF letsother nodes on the path responding to a passive messageto the source node when detecting a message it introduceshigher communication overhead than GM Moreover when119887 is larger than 20 the detection probability of PF is close to 1The communication and storage overhead are grown contin-uously aswell Consequently a compromise should be chosenamong detection probability communication overhead andstorage overhead

0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of compromised nodes

GMPFCL

Figure 4 The relationship between detection probability andcompromised nodes

Figure 4 shows the detection probabilities in threeschemes with increase of compromised nodes We set 119886 = 2

and 119887 = 50 inGMand 119887 = 10 in PF In Figure 3 three schemesare affected by c since the number of witness nodes is randomFor instance CL can detect certificate being abused firstlywith the probability of119901 = 98Becausemany nodes on copypath may receive detection request message it demonstratesthat the scheme has good effect on capturing attacks

In the followingwe simulate various performance indica-tors after applying our scheme including length of ciphertextkey generation time and time overhead on encryption anddecryption These indicators are compared to BSW and CNIn finite field a super singular ellipse curve 1199102 = 1199093 + 119909The time to match with PCB library is 55ms The time ofselection random elements from 119866

1and 119866

2are 16ms and

16ms respectivelyFigures 5(a)ndash5(d) show the comparison with length of

ciphertext key generation time encryption time and decryp-tion time Ciphertext includes ID head and data block Thehead consists of characteristic collection 119891 a group elementin 1198662 and |119891| group elements in 119866

1

As we can see the length of ciphertext key generationtime and encryption time linearly increase as the number ofcharacteristics in all three schemes But the decryption time isnot linear Since the decryption time is related to the numberof characteristics and access trees different access tree mayinclude different access structure Moreover the indicators inCEB are superior to that of other schemes Because secretsharing is employed in encryption of BSW serious accesscontrol is realized Polynomial interpolation is required toconstruct key Many complex matching and exponentiationoperations are required in decryption Although CN schemereplaces secret sharing with random elements in encryptionthe length of ciphertext and key linearly increase as the


200

400

600

800

1000

1200

1400

10 15 20 25 30 35 40 45 50Number of features

Ciph

erte

xt si

ze

BSWCNCEB

(a) Length of ciphertext

02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB

(b) Key generation time

0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time

Figure 5 The comparison of various schemes

number of system characteristics It causes low efficiency ofCN scheme However our scheme encrypts and stores dataperiodicallyThe data of each node is encrypted by symmetricencryption algorithm Meanwhile the keys in encryption arelinked as a one-way key chain One key is used in a period

The abilities against collusion attacks of three schemesare compared in Figure 6 Simply we assume each node only

generate one data unit at each phase of per round The totalnumber of users in current network is supposed to be 100The collusion users vary from 10 to 50Then we simulate dataleaking rate of three schemes

As a note the purposes of collusion users are to obtainmore data with the key By comparing with directly capturingnode and intercepting attacks collusion can save overhead


10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)

The number of collusive users

BSWCNCEB

Figure 6 The comparison of abilities against collusion attacks forthree schemes

and is hard to be detected [16] As shown in Figure 6three schemes have almost the same abilities against attackswhen there are few collusion users With the growth ofcollusion users data security of BSW and CN decreasesrapidly while that of our scheme shows a gentle declineWhen the number of collusion users is greater than 40 datasecurity of BSW scheme drops more dramatically than thatof CN As mentioned above although CN generates key byutilizing the way of random number actually the numberbelongs to pseudorandom number Attack can be realizedwith exhaustivemethod easilywithmore collusion usersTheproposed scheme has eliminated the above advantages Themaster key is continuously updated Oncemalicious users arefound we will cancel the operation In this case collusionusers can only obtain their own data without obtaining dataof other nodes Therefore the interference caused by attackswill be restricted to be the minimum

5 Conclusion

To address the issue on security of access object and accessorwe proposed a digital certificate based remote data accesscontrol scheme It is founded on access control scheme withcharacteristic expression Our scheme has two features Onone hand the network data is divided by characteristic andconnected with key When user requires query the accesscontrol strategy which is related to key will judge the validityof the query In this way data access control is realizedOn theother hand anonymous authentication is realized for securityof accessor Moreover three distributed certificate detectionmethods are designed for preventing certificate being abusedby malicious anonymous users The security analysis andexperiments show that our scheme has the ability againstcollusion attacks and higher detection probability The next

work is to perfect our scheme and apply it on real sensornodes The experiments are summarized as follows GM haslower detection probability or higher communication andstorage overhead are required to achieve some detectionprobability PF has higher detection probability but growsas witness nodes and successful use times of certificateMeanwhile the communication and storage overhead of PFare within a reasonable range The case of CL scheme issimilar to that of PF

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgments

This work is supported by the China Postdoctoral Sci-ence Foundation funded project (Grant no 140778) theNatural Science Foundation of Fujian Province (Grant no2014J05079) the Young and Middle-Aged Teachers Educa-tion ScientificResearchProject of Fujian province (Grant nosJA13248 and JA14254) the special scientific research fundingfor colleges anduniversities fromFujianProvincial EducationDepartment (Grant no JK2013043) the Scientific ResearchProject of Minjiang University (Grant no YKQ13003) andthe Research Project supported by Xiamen University ofTechnology (YKJ13024R XYK201437)

References

[1] I F Akyildiz W Su Y Sankarasubramaniam and E CayircildquoWireless sensor networks a surveyrdquo Computer Networks vol38 no 4 pp 393ndash422 2002

[2] P Levis S Madden J Polastre et al ldquoTinyos an operating sys-tem for sensor networksrdquo in Proceedings of the 6th InternationalConference on Mobile Data Management (MDM rsquo05) pp 115ndash148 IEEE Nara Japan 2005

[3] S Bhatti J Carlson H Dai et al ldquoMantis os an embeddedmultithreaded operating system for wireless micro sensorplatformsrdquoMobile Networks and Applications vol 10 no 4 pp563ndash579 2005

[4] C Han R Kumar R Shea et al ldquoA dynamic operatingsystem for sensor networksrdquo in Proceedings of the 3rd Interna-tional Conference on Mobile Systems Applications and Services(MobiSys rsquo05) pp 163ndash176 Seattle Wash USA 2005

[5] C Karlof and D Wangner ldquoSecure routing in wireless sensornetworks attacks and countermeasuresrdquo inProceedings of the 1stIEEE International Workshop on Sensor Network Protocols andApplications pp 113ndash127 IEEE Anchorage Alaska USA May2003

[6] B Carbunar Y Yu L Shi M Pearce and V Vasudevan ldquoQueryprivacy in wireless sensor networksrdquo in Proceedings of the 4thAnnual IEEE Communications Society Conference on SensorMesh and Ad Hoc Communications and Networks (SECON rsquo07)pp 203ndash212 June 2007

[7] D He J Bu S Zhu S Chan and C Chen ldquoDistributed accesscontrol with privacy support in wireless sensor networksrdquo IEEETransactions on Wireless Communications vol 10 no 10 pp3472ndash3481 2011


[8] J Bethencourt A Sahai and B Waters ldquoCiphertext-policyattribute-based encryptionrdquo in Proceedings of the IEEE Sympo-sium on Security and Privacy (SP rsquo07) pp 321ndash334 BerkeleyCalif USA May 2007

[9] H Wang and Q Li ldquoDistribuled user access control in sensornetworksrdquo in Proceedings of the International Conference onDistributed Computing in Sensor Systems (DCOSS rsquo06) pp 305ndash320 Berlin German 2006

[10] L Cheung and C Newport ldquoProvably secure ciphertext policyABErdquo in Proceedings of the 14th ACM Conference on Computerand Communications Security (CCS rsquo07) pp 456ndash465 Alexan-dria Va USA November 2007

[11] Z Ruan W Liang D Sun H Luo and F Cheng ldquoAn efficientand lightweight source privacy protecting scheme for sensornetworks using group knowledgerdquo International Journal ofDistributed Sensor Networks vol 2013 Article ID 601462 14pages 2013

[12] Z Ruan X Sun and W Liang ldquoSecuring sensor data storageand query based on k-out-of-n codingrdquo International Journal ofCommunication Systems vol 26 no 5 pp 549ndash566 2013

[13] B Karp and H T Kung ldquoGPSR greedy perimeter statelessrouting for wireless networksrdquo in Proceedings of the 6th AnnualInternational Conference on Mobile Computing and Networking(MobiCom rsquo00) pp 243ndash254 ACM BostonMass USA August2000

[14] Z-W Tan Z-J Liu and C-M Tang ldquoA proxy blind signaturescheme based on DLPrdquo Journal of Software vol 14 no 11 pp1931ndash1935 2003

[15] R Sarkar X Zhu and J Gao ldquoDouble rulings for informationbrokerage in sensor networksrdquo IEEEACM Transactions onNetworking vol 17 no 6 pp 1902ndash1915 2009

[16] N Subramanian K Yang W Zhang et al ldquoEllips privacypreserving scheme for sensor data storage and queryrdquo in Pro-ceedings of the IEEE Conference on Computer Communications(INFOCOM rsquo09) pp 936ndash944 Rio de Janeiro Brazil 2009

International Journal of

AerospaceEngineeringHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

RoboticsJournal of

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014


Active and Passive Electronic Components

Control Scienceand Engineering

Journal of



RotatingMachinery


Hindawi Publishing Corporation httpwwwhindawicom

Journal ofEngineeringVolume 2014

Submit your manuscripts athttpwwwhindawicom

VLSI Design



Shock and Vibration


Civil EngineeringAdvances in

Acoustics and VibrationAdvances in



Electrical and Computer Engineering

Journal of

Advances inOptoElectronics


Volume 2014

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

SensorsJournal of


Modelling amp Simulation in EngineeringHindawi Publishing Corporation httpwwwhindawicom Volume 2014


Chemical EngineeringInternational Journal of Antennas and

Propagation




Navigation and Observation



DistributedSensor Networks



limited userrsquos identity and his interesting data can be deducedbynetwork providerwith exhaustive analysismethod It is nota real distributed algorithm Bethencourt et al [8] proposea ciphertext policy attribute based encryption called BSWscheme Secret sharing method is employed in encryptionfor strict access control The private key is related withcharacteristic set in BSW An access structure is implicatedin ciphertext If the characteristic of private key satisfies theaccess structure the private key can be used for decryptionIn BSW polynomial interpolation is required to reconstructthe keyThereforemany operations of complexmatching andexponentiation should be performed in decryption Wangand Li [9] present an authorization method based on accesscontrol list (ACL) User will obtain ACL and certificate inadvance (119899 119905) threshold method is used in authenticationThe signature employs the asymmetric encryption If userobtains authentication signatures from 119905 (119905 lt 119899) nodes thequery request will be transmitted The node with query datawill verify and respond to the request However the schemeis low efficient and without expandability Long distance datatransmission faces various potential attacks Cheung andNewport [10] replace secret sharing by random elements inencryption for strict access control The scheme is namedCN There are two shortages On one hand it only supportssimple logic combination strategy with low descriptivenessOn the other hand the sizes of ciphertext and key growlinearly with the increase of the number of characteristicswhich degrades efficiency Ruan et al [11] present a group-based anonymous scheme to conceal themessage transmittedbetween source node and target nodeThey further proposeda proxy signature scheme to protect the access of data [12]However they focus on the privacy of data but not the privacyof users which will be solved in this paper

In our work each user should get certificate before datacollection and the certificate should ask for or buy fromnetwork provider User can access data with the certificatein the network The sensor node will verify validity of thecertificate and then provide the requested data to user Eachsensor node can verify validity of the certificate but userrsquosidentity is unknown to all entities In our scheme the networkprovider can prevent unauthorized user access and protectuser privacy The generation of certificate is based on blindsignature [13] In traditional digital signature schemes signerknows all information about his signature But signer cannotget what he signed in blind signature system The proxyblind signature is generated on proxy signature and blindsignature which is widely applied in payment of electroniccurrency and greatly protects userrsquos benefits Meanwhile theproxy blind signature is suitable for the proposed applicationscenarios However anonymity of blind signature may beutilized by hostile users for unlimited access Consequently anovel safe access control algorithm based on digital certificateis proposed from the view of security requirement It canaddress the security issues in access control

2 Network Model and Hypothesis

As shown in Figure 1 suppose that there are a networkservice provider 119875 an intermediate proxy 119860 and some

ProviderDeploy

AgentSensor node

User

ProxyQuery

Reply

WSN

Register

Advertise

Figure 1 Distributed network access structure

users 119880 in WSN 119873 nodes in WSN continuously monitortarget environment and provide interesting data to usersNo reliable base station in network will connect intranetwith outside network The collected data will be restoredin local nodes or other nodes Therefore user can obtaindata directly from nodes The nodes are supposed to knowtheir geographical location information by existing locatingalgorithm

We suppose users can conspire forge a certificate andeven capture part of nodes to obtain their interesting infor-mation Users are not willing to reveal their identities andthe way to access data but want to obtain information aboutother users as much as possible Of course they will have asharp practice if it is profitable Different from that of generalwireless sensor network users will not sponsor denial ofservice (DoS) since it is no good for data acquisition Userswill not escape access control and collect data by directlycapturing many nodes since enormous costs and efforts arerequired On the contrary users will capture a small part ofnodes for reuse of certificate

3 User Authentication and Privacy Protection

31 Scheme Description User access control includes threestages proxy stage certificate generation and verificationThe symbol description is stated as follows

119901 119902 two big prime numbers satisfying 119902 | 119901minus1 119902 and119901 minus 1 being relatively prime

119892 an element with rank 119902 in 119885lowast119901 named generator

119898 message needed to be signed

119898119908 a valid evidence of authorized intermediary

proxy including identity information about networkprovider intermediary proxy type of signedmessageauthorized scope and valid date

119909119875 119909119860

isin 119885lowast119901 respective private keys of network

provider and intermediary proxy


119910119875

= 119892119909119875(mod 119901) 119910119860



connection string




119892119896(mod119901) 119904 = 119909119875+ 119896 sdot 119867(119898

119908 119870)(mod 119902)





119860



119892120582+119909119860(mod119901)




120583 = 119905119886

(119910119875119910119860119870119867(119898119882119870))

119886119887

(mod119901)

119890 = ℎ (119898 120583) (mod119902)

1198901015840

= 119886minus1

119890 + 119887 (mod119902)

(1)








119860before


and 119910119860




120593(119910119875119910119860119870119867(119898119882119870))

minus119890



120593(119910119875119910119860119870119867(119898119882119870))

minus119890


120593 (119910119875119910119860119870119867(119898119882119870))

minus119890

= 11989211990410158401015840119886

(119910119875119910119860119870119867(119898119882119870))

minus119890

= (11989211989010158401199041015840+120582+119909119860)

119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119892(119886minus1119890+119887)1199041015840119886

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 1198921198901199041015840

sdot 1198921199041015840119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119904+119909119860)119890

sdot (119892119904+119909119861)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119909119875+119896119867(119898119882119870)119892

119909119860)119890

sdot (119892119909119875+119896119867(119898119882119870)119892

119909119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119910119875119870119867(119898119882119870)119910

119860)119890

sdot (119910119875119870119867(119898119882119870)119910

119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

119886119887

= 120583

(2)


119908 120593 119890 119870) After that119873









119908 120593 119890 119870) is authen-








119894



119894120573

119894=1








119908 120593 119890 119870)119909








119886minus1




(1 minus 119887119873)119886minus1




119901 = 1 minus (1 minus119887

119873)

(119886minus1)119887(1minus119888119873)

=1198872 (119886 minus 1) (119873 minus 119888)

1198732

(119886 ge 2)

(3)








119894is one of 119887







119903= 1205871199032 The




119878119887= 119887119878ℎminus (119887 minus 1) 119878

119903


2

6

(4)


119886minus1



quently we have

119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(5)




119887119887119878)119887ℎ



119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(6)






1) after







1 If 119898 is


119873119894 Otherwise 119880






119894


1) and


2) The node 119880



119894after










119901 = 1 minus (119888

119873)119886minus1

(7)



2





119862 = 1198621+ 1198622= (ℎ +119882) + (ℎ + 119871) = 2ℎ +119882 + 119871 (8)



119894 In this case


119862 = (1 minus 119901) (2ℎ + 119871) +119882 + 119901 (119886ℎ +119882) (9)







119910119904 is 119890(119892(119910minus119887)120573 119892120573119904) = 119890(119892 119892)119910119904

119890(119892 119892)119887119904 Then








119879 119863119870119905

is data


2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL


Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost


Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation










119910119875

= 119892119909119875(mod 119901) 119910119860



connection string




119892119896(mod119901) 119904 = 119909119875+ 119896 sdot 119867(119898

119908 119870)(mod 119902)





119860



119892120582+119909119860(mod119901)




120583 = 119905119886

(119910119875119910119860119870119867(119898119882119870))

119886119887

(mod119901)

119890 = ℎ (119898 120583) (mod119902)

1198901015840

= 119886minus1

119890 + 119887 (mod119902)

(1)








119860before


and 119910119860




120593(119910119875119910119860119870119867(119898119882119870))

minus119890



120593(119910119875119910119860119870119867(119898119882119870))

minus119890


120593 (119910119875119910119860119870119867(119898119882119870))

minus119890

= 11989211990410158401015840119886

(119910119875119910119860119870119867(119898119882119870))

minus119890

= (11989211989010158401199041015840+120582+119909119860)

119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119892(119886minus1119890+119887)1199041015840119886

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 1198921198901199041015840

sdot 1198921199041015840119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119904+119909119860)119890

sdot (119892119904+119909119861)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119892119909119875+119896119867(119898119882119870)119892

119909119860)119890

sdot (119892119909119875+119896119867(119898119882119870)119892

119909119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= (119910119875119870119867(119898119882119870)119910

119860)119890

sdot (119910119875119870119867(119898119882119870)119910

119860)119886119887

sdot 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

minus119890

= 119905119886

sdot (119910119875119910119860119870119867(119898119882119870))

119886119887

= 120583

(2)


119908 120593 119890 119870) After that119873









119908 120593 119890 119870) is authen-








119894



119894120573

119894=1








119908 120593 119890 119870)119909








119886minus1




(1 minus 119887119873)119886minus1




119901 = 1 minus (1 minus119887

119873)

(119886minus1)119887(1minus119888119873)

=1198872 (119886 minus 1) (119873 minus 119888)

1198732

(119886 ge 2)

(3)








119894is one of 119887







119903= 1205871199032 The




119878119887= 119887119878ℎminus (119887 minus 1) 119878

119903


2

6

(4)


119886minus1



quently we have

119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(5)




119887119887119878)119887ℎ



119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(6)






1) after







1 If 119898 is


119873119894 Otherwise 119880






119894


1) and


2) The node 119880



119894after










119901 = 1 minus (119888

119873)119886minus1

(7)



2





119862 = 1198621+ 1198622= (ℎ +119882) + (ℎ + 119871) = 2ℎ +119882 + 119871 (8)



119894 In this case


119862 = (1 minus 119901) (2ℎ + 119871) +119882 + 119901 (119886ℎ +119882) (9)







119910119904 is 119890(119892(119910minus119887)120573 119892120573119904) = 119890(119892 119892)119910119904

119890(119892 119892)119887119904 Then








119879 119863119870119905

is data


2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL


Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost


Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation












119894



119894120573

119894=1








119908 120593 119890 119870)119909








119886minus1




(1 minus 119887119873)119886minus1




119901 = 1 minus (1 minus119887

119873)

(119886minus1)119887(1minus119888119873)

=1198872 (119886 minus 1) (119873 minus 119888)

1198732

(119886 ge 2)

(3)








119894is one of 119887







119903= 1205871199032 The




119878119887= 119887119878ℎminus (119887 minus 1) 119878

119903


2

6

(4)


119886minus1



quently we have

119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(5)




119887119887119878)119887ℎ



119901 = 1 minus (1 minus119878119887

119878)(119886minus1)119887(1minus119888119873)

(6)






1) after







1 If 119898 is


119873119894 Otherwise 119880






119894


1) and


2) The node 119880



119894after










119901 = 1 minus (119888

119873)119886minus1

(7)



2





119862 = 1198621+ 1198622= (ℎ +119882) + (ℎ + 119871) = 2ℎ +119882 + 119871 (8)



119894 In this case


119862 = (1 minus 119901) (2ℎ + 119871) +119882 + 119901 (119886ℎ +119882) (9)







119910119904 is 119890(119892(119910minus119887)120573 119892120573119904) = 119890(119892 119892)119910119904

119890(119892 119892)119887119904 Then








119879 119863119870119905

is data


2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL


Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost


Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation













1) after







1 If 119898 is


119873119894 Otherwise 119880






119894


1) and


2) The node 119880



119894after










119901 = 1 minus (119888

119873)119886minus1

(7)



2





119862 = 1198621+ 1198622= (ℎ +119882) + (ℎ + 119871) = 2ℎ +119882 + 119871 (8)



119894 In this case


119862 = (1 minus 119901) (2ℎ + 119871) +119882 + 119901 (119886ℎ +119882) (9)







119910119904 is 119890(119892(119910minus119887)120573 119892120573119904) = 119890(119892 119892)119910119904

119890(119892 119892)119887119904 Then








119879 119863119870119905

is data


2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL


Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost


Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation










2 4 6 8 10 12 14 16 18 2000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Round

GMPFCL


Round

GMPFCL

2 4 6 8 10 12 14 16 18 2010

100

1000

10000

Com

mun

icat

ion

cost


Round

GMPFCL

2 4 6 8 10 12 14 16 18 201

10

100

1000

10000

Stor

age c

ost










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation










0 10 20 30 40 50 60 70 80 90 10000

02

04

06

08

10

Det

ectio

n pr

obab

ility

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 10010

100

1000

10000

Com

mun

icat

ion

cost

Number of targets

GMPFCL


0 10 20 30 40 50 60 70 80 90 1001

10

100

1000

10000

Stor

age c

ost

Number of targets

GMPFCL










0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation














0 50 100 150 20000

02

04

06

08

10

Det

ectio

n pr

obab

ility


GMPFCL





1and 119866

2are 16ms and



1



200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation










200

400

600

800

1000

1200

1400


Ciph

erte

xt si

ze

BSWCNCEB


02

04

06

08

1

12

14

16

18

Tim

e to

gene

rate

priv

ate k

ey (s

)


BSWCNCEB


0

05

1

15

2

3

25

Tim

e to

encr

ypt f

eatu

res (

s)


BSWCNCEB

(c) Encryption time

Tim

e to

decr

ypt f

eatu

res (

s)

200 40 60 80 100002

003

004

005

006

007

008

009

01

011

012

Number of features

BSWCNCEB

(d) Decryption time







10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation










10 20 30 40 5000

01

02

03

04

Dat

a disc

lose

d (

)


BSWCNCEB



5 Conclusion





Acknowledgments


References




















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation





















RoboticsJournal of





Journal of



RotatingMachinery





VLSI Design



Shock and Vibration







Journal of



Volume 2014


SensorsJournal of





Propagation









research article a novel digital certificate based remote data...

Documents