Title: Cryptanalysis of an elliptic curve cryptosystem for wireless sensor networks

Authors: Kevin M. Finnigin, Barry E. Mullins, Richard A. Raines, Henry B. Potoczny

Addresses: 70th Intelligence Support Squadron, 9804 Love Road, Ft. Meade, MD 20755, USA. ' Department of Electrical and Computer Engineering, Air Force Institute of Technology, Wright-Patterson AFB, OH 45433-7765, USA. ' Department of Electrical and Computer Engineering, Air Force Institute of Technology, Wright-Patterson AFB, OH 45433-7765, USA. ' Department of Electrical and Computer Engineering, Air Force Institute of Technology, Wright-Patterson AFB, OH 45433-7765, USA

Abstract: We present a brute-force attack on an elliptic curve cryptosystem implemented on UC Berkley|s TinyOS operating system for Wireless Sensor Networks (WSNs). The attack exploits the short period of the Pseudorandom Number Generator (PRNG) used by the cryptosystem to generate private keys. In order to define failure in the event a brute-force attack takes too long to execute, we create a metric that relates the duty cycle of the mote to the compromise rate and the period of the key generation algorithm. Experimental results show that roughly 50% of the mote|s address space leads to a private key compromise in 25 min on average. Furthermore, approximately 32% of the mote address space leads to a compromise in 17 min on average, 11% in 6 min and the remaining 7% in 2 min or less. We examine two alternatives to the PRNG – our own design modified from a published algorithm and the new PRNG distributed with the beta release of TinyOS 2.0. Our design executes 12.47 times faster than the other alternative and requires 50 CPU cycles more than the original PRNG. In addition, our design is 6.3 times smaller than the other alternative and requires 106 additional bytes of memory. The period of our PRNG is uniform for all mote addresses and requires 6.6 years on average for a key compromise with the attack presented in this paper.

Keywords: code breaking; elliptic curve cryptography; computer security; random number generation; wireless sensor networks; WSNs; wireless networks; cryptanalysis; brute force attacks; key generation.

DOI: 10.1504/IJSN.2007.013179

International Journal of Security and Networks, 2007 Vol.2 No.3/4, pp.260 - 271

Available online: 11 Apr 2007 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article