Reauthentication scheme for mobile wireless sensor networks

Sustainable Computing: Informatics and Systems 23 (2019) 158–166

Contents lists available at ScienceDirect

Sustainable Computing: Informatics and Systems journal homepage: www.elsevier.com/locate/suscom

Reauthentication scheme for mobile wireless sensor networks Vandana Mohindru a,∗ , Ravindara Bhatt b , Yashwant Singh c a

Department of Computer Science and Engineering, Chandigarh Group of Colleges – College of Engineering, Landran, Mohali, India Department of Computer Science and Engineering, Jaypee University of Information Technology, Waknaghat, Solan, H.P., India c Department of Computer Science and Information Technology, Central University of Jammu, Jammu & Kashmir, India b

a r t i c l e

i n f o

Article history: Received 8 October 2018 Received in revised form 4 June 2019 Accepted 29 July 2019 Available online 13 August 2019 Keywords: Wireless Sensor Networks (WSNs) Mobile node Reauthentication Mobile Wireless Sensor Networks (MWSNs) Voronoi regions Mobile Healthcare Security

a b s t r a c t Wireless sensor networks consist of static as well as mobile sensor nodes. Due to deployment of the sensor nodes, generally in an unattended and hostile environment, it becomes a critical issue as well as a cumbersome task to safeguard these nodes against various kinds of security attacks. The mobility of sensor nodes is a significant issue because these nodes continuously move from one region to another region and reconnect to other sensor nodes. Reauthentication and locating the node movement are the primary security issues in Mobile Wireless Sensor Networks (MWSNs). Many previous security algorithms available in the literature only consider the issues of static sensor nodes. In this paper, we propose an energy efficient mobile node authentication algorithm. For mobile node authentication, we design the reauthentication approach for mobile nodes and also design an authentication framework for securing MWSNs. The proposed protocol is compared with existing mobile node authentication protocols available in the literature. We observe that the proposed protocol provides low overhead while achieving the security requirements for mobile wireless sensor networks. © 2019 Elsevier Inc. All rights reserved.

1. Introduction Mobile Wireless Sensor Networks (MWSNs) consists of spatially distributed static sensor nodes [1,2] and a fraction of mobile sensor nodes in the Region-of-Interest (RoI). The applications of the MWSNs can be widely divided into time-driven, event-driven, ondemand and tracking based applications. The fraction of mobile nodes is advantageous over a complete static wireless sensor network in terms of several Quality-of-Service parameters such as energy efficiency, coverage, connectivity etc. [3]. Further, security [4] is an important issue in MWSN due to the dynamic nature of the mobile nodes [5,6]. Node mobility is the main concern in several application scenarios such as the Intelligent Transportation System and healthcare scenario. In Mobile Healthcare (m-healthcare) applications nodes move from one region to another during the lifetime of a mobile node [7]. Therefore, the topology in a wireless sensor network based health scenario changes due to the mobility of nodes. This, in turn, leads to an increase in data management, topology management, and security issues in healthcare applications [8].

∗ Corresponding author. E-mail address: [email protected] (V. Mohindru). https://doi.org/10.1016/j.suscom.2019.07.010 2210-5379/© 2019 Elsevier Inc. All rights reserved.

Therefore, our motivation is to present an energy-efficient, low overhead reauthentication scheme approach [9,10]. Reauthentication of the mobile sensor nodes is required as these nodes are constrained to change their regions with the passage of time. In this paper, we present the Reauthentication approach for mobile nodes in the network. In this work, we design an authentication framework for securing MWSN [11]. The proposed protocol is compared with existing mobile node authentication protocols available in the literature [12,13]. We observe that the proposed protocol provides low overhead while achieving the security requirements for mobile wireless sensor networks. The contribution towards our work can be summarized as follows: Our reauthentication scheme is based on the schemes of Jiang et al. [14] and Kim et al. [15]. In order to reduce the communication overhead of the mobile nodes, our scheme is similar to Jiang et al. [14]. Our scheme is based on the hierarchical architecture in which we divide the regions into Voronoi regions [16]. The centre of the region in each of the Voronoi region is given by Voronoi Cluster Heads (VCH). The proposed scheme works for non-neighbour cluster heads (CH) and neighbours cluster heads. Compared to the work of Kim et al. [15] our scheme does not depend on the base station for routing of packets for non-neighbor cluster heads. The routing of packets for non-neighbor cluster heads is done on-demand basis by the VCH [16].

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

The rest of the paper is summarized as follows: In section 2 we discuss the related work in the field of authentication of wireless sensor networks. In section 3 we provide the notation along with the definitions used in our work. In section 4, we present the proposed protocol for the reauthentication scheme for mobile wireless sensor networks. Section 5 discusses the comparison with existing schemes. We present the conclusion of the work in Section 6. 2. Related work In this section, we present our related work from mobility and application point of view. The section is further divided into reauthentication schemes in mobile wireless sensor networks and m-healthcare applications. Several researchers assume wireless sensor network in a static scenario and present suitable authentication and key distribution schemes. Reauthentication for static nodes may be done periodically by the same set of sensor nodes. However, these schemes are not suitable for mobile node reauthentication in WSN [17].This is due to the fact that mobile node reauthentication on a frequent basis by cluster head leads to significant overhead in terms of communication and computational overhead [17]. 2.1. Reauthentication scheme for MWSN The authors Jiang et al. presents a reauthentication scheme for a Voronoi graph based network model [18]. Jiang et al. [14] investigate the reauthentication of mobile WSN with the help of hash function and the pair-wise key between the mobile node and the cluster head. The adjacent clusterheads communicate with each other either directly or with the help of relay nodes. The scheme preserves the privacy while consuming less energy compared to the previous schemes. However, the scheme assumes neighbor roaming of the mobile nodes which may not be suitable for a practical scenario. The authors Kim et al. [15] assume non-neighbor roaming which is suitable for a practical scenario. The scheme depends on the base station for routing of packets for non-neighbor cluster heads. Therefore, the routing is done with prior established routes in MWSN with the help of base station and clusterheads. However, in a dynamic topology, this may not be suitable for several practical scenarios. In practical scenarios, on-demand routing is suitable where routing paths are established only when needed. 2.2. mHealthcare Wireless sensor networks have opened up new opportunities in mobile healthcare systems. Wireless medical sensor networks (WMSNs) monitor the patient data with the help of distributed sensors. These sensors have the capability to monitor vital body parameters and send the readings to the base station or the sink. The authors J. Srinivas et al. [19] investigate the privacy and security requirements in Wireless Medical Sensor Networks. The authors propose a lightweight symmetric key-based authentication protocol for WMSN environment. The authors K. Zhang et al. [20] investigates the security and privacy in mobile healthcare networks. Thus adequate privacy protections are necessary so as to accept applications of the mobile healthcare networks. The authors present the architecture of mobile healthcare networks. The authors observe that it is challenging to achieve the trade-off between the security and complexity of data processing. The authors D. Kotz et al. [21] presents various challenges of privacy in mobile healthcare scenario. The authors observe that the efficient, effective, and practical techniques need to be developed to protect secure mobile healthcare technology.

159

Table 1 Notations. Mm

The identity of mth mobile node M

Vi tm tk t j MAC(K, m) E(K, m) H() H(Mm ) ⊕ || xmi KViMm R1/ Ri / Rj  ij

Identification of ith Voronoi cluster head time stamp generated by mobile node Mm time stamp of the forward message by Vk node time stamp of a return message by Vk node message authentication code with the key K encrypt the message m with the key K hash function the hash value of Mm operation XOR operation OR the shared secret key between Mm and Vi session key of Vi and Mm random numbers Number of hops from Voronoi CH Vi to Vj

The authors Vasudeva and Sood [22] present a survey on the most promising techniques by various researchers to defend WSN. The authors [23] present a novel coverage control algorithm for WSN based on Particle Swarm Optimization (PSO). The authors discuss a new framework for indoor localization under mobile edge computing environment. In one of the recent works the authors propose a particle swarm optimization based clustering algorithm with mobile sink for wireless sensor network [24]. Mobile devices performing video coding and streaming over wireless and pervasive communication networks are limited in energy supply [25]. The authors adjust the computational complexity and energy consumption for energy constraints wireless video sensors under various scenarios [25]. The authors discuss authentication protocols for Internet of Things (IoT) [26]. The authentication protocols use three ideas, random numbers, timestamp, and hash function [26]. 3. Preliminaries In this section, for better readability, we present notations along with the definitions used in our work. Table 1 provides the Notations used in our work. 3.1. Definitions Home Cluster (Vi ): Each of the mobile nodes is assigned to its Voronoi CH during initialization. The CH is referred to as the home cluster for the assigned mobile node. Foreign Cluster (Vj ): During its lifetime the mobile node moves out of its home cluster Vi . These new cluster head may be adjacent or non-adjacent to home cluster Vi . Network Diameter (ND): ND is defined as the longest path among all computed shortest path in the network. 4. System model 4.1. Hierarchical architecture The sensor nodes are organized into Voronoi based cluster architecture. The members of the Voronoi based clusters are static nodes or mobile nodes. The cluster head is responsible for management activities in its Voronoi regions. The activities include coordination with members, coordination with neighbor Voronoi CH, and sending data to the Base Station. Hierarchical architecture helps to achieve better scalability compared to a flat architecture where all the nodes are peers. Let VCH = {V1 ,V2 , . . ., Vk } be a finite set of k cluster heads (CHs) randomly deployed in a two-dimensional plane [16]. Voronoi based cluster approach divides the plane into k convex polygon regions where each region is represented as VR(Vi ). Voronoi holds an impor-

160

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

tor table whereas previous CH of a mobile node updates its home table. • Whenever the foreign mobile node leaves the Voronoi region the CH deregisters the node entry from its foreign table. Further, each Voronoi region (say ith region) is headed by a Voronoi based cluster head (Vi ). We assume that Base station (BS) is considered to be immune from the adversary attack. We also assume that the Cluster Head for each of the Voronoi regions are powerful enough and immune from the adversary attack. However, normal static and mobile nodes are vulnerable to the attacks. The above-mentioned assumptions are a reasonable assumption in the WSN based healthcare networks. Voronoi based network architecture has the following advantage:

Fig. 1. Voronoi diagram Vor(VCH ) for a set of nine cluster-heads (CH).

tant property in the Voronoi regions such that all points in VR(Vi ) are closer to site Vi than any other site in VCH . The Vor(SCH ) is the union of all Voronoi sites VR(si ) as shown in Eq. (1). Vor(V CH ) =VR(V 1 )UVR(V 2 ). . .UVR(V k )

(1)

Fig. 1 illustrates the Voronoi based cluster heads Vor(VCH ) = VR(V1 ) U VR(V2 ) . . . U VR(V9 ) with nine cluster heads. Fig. 2 presents a two-tier clustered hierarchy in Voronoi regions. With two-tier hierarchical architecture in place, the first tier is responsible for Intra-Cluster management whereas second tier responsibilities are inter-cluster management and sending the gathered data to the Voronoi cluster head. Fig. 2 presents the static and mobile nodes along with CH. The network consists of static nodes and CHs which in turn are also static. However the mobile node moves over the deployment region on-demand basis. The responsibilities of the second tier include Inter-cluster management such information exchange about event among neighbor CH, mobile movement coordination, and to send the collected data to the Base Station. The nodes and the CH are deployed with well-known distribution schemes. WSN flat architecture may be inefficient for large networks. In such scenarios, the network is divided into a multi-level architecture for efficient management. The static nodes form an intra-cluster network with CH node as a leader. Each of the static or mobile nodes connects to a corresponding CH either in the single hop or multi-hop architecture. 5. The proposed protocol for mobile node reauthentication 5.1. Mobile node management Mobile nodes are distributed over a deployment area with well-known mathematical schemes. These nodes can be distributed either randomly over a deployment area or follow Poisson, Exponential, Gaussian deployment. For an effective mobile-node management each CH maintains two tables. The first table is known as the home table and the second is the visitor table. Home table maintains the list of all the mobile nodes which are assigned to a Voronoi region. Visitor table keeps track of the entire mobile nodes visitor to a particular Voronoi region. Inter-cluster communication among CH performs effective management of the mobile nodes. Coordination among Voronoi node includes messages about the movement of mobile nodes and other control or data messages exchanges. The following steps are typical for a mobile node: • Mobile node moves on-demand basis to the different Voronoi region and connects itself to the CH. CH then updates the visi-

– – Event handling is done by Voronoi based cluster head CH in coordination among neighboring Voronoi based CH. This saves a considerable amount of communication energy. – Each mobile node authenticates or re-authenticates itself with the nearest Voronoi based Cluster head. – The mobility of the nodes is an only On-demand basis where mobile nodes provide coverage and connectivity in the network. – The event handling is the responsibility of the Voronoi based CH in which Voronoi region an event has occurred. Security mechanism in mobile nodes is an important concern in MWSNs. Initially, the mobile node authenticates itself to the home cluster. Further, during movement in the other Voronoi regions, the mobile node needs to re-authenticate itself. The following section presents the registration and reauthentication phase for the mobile nodes in the Voronoi based tiered architecture. 5.2. Network setup phase The network divides the Region-of-Interest into Voronoi cells where each Voronoi head is designated as the Voronoi region clusterhead. Let Vi and Vj be the cluster heads for ith and jth Voronoi regions respectively. The Voronoi cluster heads are deployed based on well-known deployment techniques available in the literature. Further, the neighbor list for ith Voronoi cluster head Vi is given by NGH(Vi ). During the network setup phase base station distributes a set of IDs to each of the Voronoi Region cluster heads (CHs) using a secure channel. 5.3. Registration phase of the mobile node The mobile node first registers at the home cluster head of the corresponding Voronoi region say Vi . The mobile node obtains its identification (Mm ), the hash value H(Mm ), a random number (Ri ), a shared secret key (xmi ) and a pairwise session key (KViMm ) from Vi via offline distribution in a secure manner. (1) Initialization: The mobile node sends its identification Mm along with the hash value H(Mm ) to home cluster Vi . The mobile node Mm starts the process of joining the network by sending the following message to Vi : Exmi {Vi || Mm || KViMm }. (2) On receipt of the message from Mm , Vi computes Dxmi Exmi {Vi || Mm || KViMm }. The entries for the mobile node Mm is searched for the pre-register identifier in Vi . If the match is found the step (3) executes else exit. (3) The Voronoi node Vi sends Exmi {Vi || Mm || KViMm || R1} to Mm . (4) Mm receives the message and recovers the following values: Vi || Mm || KViMm || R1.

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

161

Fig. 2. Two-tier clustered hierarchy in Voronoi regions.

(5) The mobile nodes have the information Mm , H(Mm ), pairwise session key KViMm , a random number R1, Ri after being authenticated from home cluster Vi . 5.4. Mobile reauthentication phase The mobile node can now reside in its home cluster Vi or move to foreign cluster Vj in the network. Further, Vj can be an immediate neighbor or  hop neighbor of Vi . In case, Vj is  hops neighbor of Vi , Vj is reachable from Vi . We observe that based on the movement of the mobile node (Mm ) three conditions are possible: Case 1. Mm lies in the same Voronoi region. The mobile node communicates with the network using the authentication code: MAC(KViMm ,m). Case 2. Mm lies in the different Voronoi region Vj . Vj is  hops (0 << network diameter) from Vi in a connected network. Case 3. Mm lies in the different Voronoi region Vj . Vj is not connected from Vi . This case arises in due to a break in the connectivity of the network. Since Mm is mobile it moves to adjoin Voronoi region for reauthentication and communication with the network. Case 1 is the authentication in the same home cluster as stated in the registration phase of the mobile node. We now explain Case 2 in detail where Vj is  hops (0 <  < network diameter) from Vi in a connected network. On visiting a foreign region Vj the mobile node (Mm ) tries to re-authenticate with the cluster Vj . The reauthentication phase is carried out whenever a mobile node visits a foreign network and wants to gain access to the network via foreign cluster head Vj . Fig. 3 presents Flow chart of Mobile Reauthentication phase. 5.5. On-demand route setup phase The mobile node moves into Voronoi region Vj and sends the reauthentication request to Vj node. The hello message is passed to Vj along with (Mm || Vi ) values. Upon receipt of the message, the routing path is searched in Vj . If the routing path is not found in Vj then route setup for on-demand basis is made from Vj to Vi

node. Upon successful route setup reply message is passed to the mobile node in a single hop. The route setup from Vj to Vi node involves overhead. However, BS is not involved in setting up the route from Vj to Vi node. The route setup process is followed by the reauthentication phase by Vj node. 5.6. Reauthentication phase 1) The mobile node in the Voronoi region Vj starts the reauthentication process. The mobile node (Mm ) send the message 1 to Vj node. The message 1 includes the following details: Mm || Vi ||tm || MACm . The details include the identification of mobile node (Mm ), identification of home cluster (Vi ), timestamp(tm ) of the mobile node Mm , and the message authentication code of the message1 (MACm ). The MACm includes the following details: MACm = (KViMm , Mm || Vi || tm || H(R1)). Mm → Vj : Mm || Vi || tm || MACm 2) When the Voronoi cluster (Vj ) receives the message 1 from mobile node firstly it checks whether tm is a valid timestamp or not. If the message is received in a specified threshold value (trec - tm ) then the message is a valid message. If message 1 is a valid message foreign cluster Vj passes the message along the routing path from Vj to Vi . Let ( ji ) be the number of hops from Vj toVi .  ji is computed during On-demand route setup phase by foreign cluster head Vj node. The foreign cluster (Vj ) sends the message 2 to Vk : Mm || Vi ||  ji || tj || tm || MACm || MACj . The MACj includes the following details: MACj =(KVjVk , Mm || Vi || tj || tm || MACm ). Vj → Vk : Mm || Vi ||  ji || tj || tm || MACm || MACj 3) When the Voronoi cluster (Vk ) receives the message 2 from Vj cluster firstly it checks whether tj is a valid timestamp or not. Vk also checks whether MACj is valid or not. If the message is received in a specified threshold value (trec - tj ) is considered to be a valid message. If message 2 is a valid message (both time stamp and MACj are valid) foreign cluster Vk forwards the message along the routing path from Vk to Vi . Let ( ki ) be the number of hops from Vk toVi .

162

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

Fig. 3. (a): Flow chart of sender, (b): Flow chart of receiver.

The foreign cluster (Vk ) sends the message 3 along its routing table to Vk+1 : (Mm || Vi ||  ki || tk || tm || MACm || MACk ). The MACk includes the following details: MACk = (KVkVk+1 , Mm || Vi || tk || tm || MACm ). Vk → Vk+1 : Mm || Vi ||  ki || tk || tm || MACm || MACk 4) The message is forwarded along the number of hops to cluster (Vk+1 ). Firstly validity of time stamp and message authentication code is checked. If the results are valid then the routing table is checked for next hop Voronoi cluster head. Further, the hop distance along the routing path is decremented by one. The process continues till hop count is reduced to 0. 5) When the hop count is reduced to 0, the message is delivered to Vi from the Voronoi cluster head say Vi-1 . Upon receipt of the message from Vi-1 the home cluster head first checks the validity of the time stamp (trec – ti-1 ) and message authentication code. The Voronoi node (Vi-1 ) sends the following message to Vi : (Mm || Vi || 1 || ti-1 || tm || MACm || MACi-1 ). The MACi-1 includes the following details: MACi-1 = (KVi-1Vi , Mm || Vi || ti-1 || tm || MACm ). Vi-1 →Vi : Mm || Vi || 1|| ti || tm || MACm || MACi-1 6) The home cluster checks the message authentication code MACm . The MAC is verified and then following encrypted message is generated: e(Vi )= (KViVi-1 , H(R1) || H(Ri)). The following message is send back along the received route from Vi toVi-1 : Vi →Vi-1 : t i || e(Vi ) || MAC i The MAC i includes the following details: MAC i = (KVi Vi-1 , t i ||e(Vi )). 7) Upon receipt of the message by node Vi-1 the following is validated by Vi-1 : t i is a valid timestamp. The MAC i is verified and then using the pairwise key KViVi-1 message is decrypted to generate H(R1) and H(Ri). The following message is send back along the received route from Vi-1 to Vi-2 :

(a) and (b): Mobile Reauthentication phase

Vi-1 → Vi-2 : t i-1 || e(Vi-1 ) || MAC i-1 , where e(Vi-1 )= (KVi-1Vi-2 , H(R1) || H(Ri)). The MAC i-1 includes the following details: MAC i-1 = (KVi-1Vi-2 ,  t i-1 ||e(Vi-1 )).The process is repeated till message reaches node Vj . 8) Upon receipt of the message by Voronoi cluster head Vj the following is executed: The Cluster head Vj send the message to mobile node with the following details: Vj →Mm : t j || h1 || MAC j , where MAC j = (KVjMm , t j || h1 ||H(R1) || K VjMm ). The new session key K VjMm is shared key between Vj and Mm . The shared key generation is carried by the following procedure: The encrypted key KVjMm is given by = H (H(R1) || H(Ri) || Rj) and h1 = H(Ri) ⊕ Rj. Further, Rj is a random number generated by foreign cluster head Vj . 9) When mobile node Mm receives the message, it firstly checks for the time stamp t j is valid or not. If the result is valid then, mobile node checks MAC j . If MAC is valid then mobile node obtains KVjMm is authenticated from Voronoi foreign cluster Vj via home cluster Vi. Further, using the session key the parameters for the mobile node are authenticated. On receiving the message by the mobile node Mm the encrypted message is generated according to the following steps: KVjMm = H (H(R1) || H(Ri) || Rj). The H(R1) and H(Ri) is sent to the mobile node during authentication by the home cluster Vi. Further, the Rj is computed with the help of h1 = H (Ri) ⊕ Rj. The session key K VjMm is a shared a key between Vj and Mm . 6. Performance analysis In this section, we present the performance analysis of our proposed protocol. We present the communication passes, message size, energy consumption, and computation cost involved in the reauthentication process.

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

163

Table 2 Communication passes in various schemes during reauthentication.

Mobile node (Mm ) to Voronoi based cluster head (Vj) Voronoi based cluster heads Vj to Vi and Vi to Vj Voronoi based cluster head (Vj) to mobile node (Mm ) Base station to cluster head (Vj)

Han et. al., 2010 [17]

Jiang et. al., 2013 (adjacent Neighbor roaming) [14]

Kim et. al., 2017 (Non-neighbor roaming) [15]

Our scheme (adjacent Neighbor roaming)

Our scheme (Non-neighbor roaming)

2×









NGH (Vi)

2

2 ×  ji

2

2 × ji

1

1

1

1

1

—

—

----

-----

----

Fig. 4. # communication passes versus VR for non-neighbor nodes.

6.1. Communication pass Table 2 presents the communication pass required for reauthentication of the mobile node. During reauthentication mobile node does not communicate with the BS. The number of hops () refers to hop distance from Mm to Vj cluster head. The number of hops ( ji ) refers hop count from Voronoi foreign cluster to Voronoi home cluster. Table 2 presents the number of communication passes with various reauthentication schemes available in the literature. All of these schemes do not need to communicate with the base station during the reauthentication process. In Han et al. [17], scheme, all the authentication information is stored in neighbor cluster nodes which is not suitable for a scalable and dynamic WSN environment. In Jiang et al [14], the scheme works only for adjacent neighbor cluster heads nodes. However, in many practical scenarios neighbor roaming of the mobile node in the adjacent cluster may not be the only scenario and mobile node moves to the non-neighbor Vornoi region. Further, Kim et al. [15] assumes non- neighbor roaming of the mobile nodes. The scheme precomputes all the neighbor one hop information during handover candidate discovery or setup phase with the help of a base station. The one-hop neighbor information is available with the cluster heads. However, in order to compute routing path which may be at a distance of several hops away from Voronoi base cluster heads, such information may not be suitable. Further, in a dynamic environment routing path needs to be computed on-demand basis and need not be stored prior during setup for better scalability of the network. Fig. 4 presents the num-

Fig. 5. Message size in bytes versus VR for non-neighbor nodes.

ber of communication passes versus a number of Voronoi regions for nonneighbor voronoi regions. Our scheme works for adjacent neighbor as well as non-adjacent neighbor roaming scenario. Prior to reauthentication phase ondemand route setup phase establishes the routing path among foreign and home cluster heads. This leads to the better scalability of the network in a dynamic scenario. Further, on-demand route setup for mobile nodes reauthentication is better as compared to precomputed information during setup with the help of base station for better scalability of the network. However, our scheme leads to overhead for On-demand route setup phase. 6.2. Message size Similar to the work of several researchers we use the message settings size as follows: MAC size is 4 bytes, timestamp is 8 bytes, a random number is 8 bytes, identification is 1 byte and key size is 16 bytes [15]. Further, in our work we introduce an additional 1 byte for a number of hops from source to destination cluster heads. Here,  denotes the number of hops from mobile node to the foreign cluster head. Further, NGH (Vi) refers to the number of neighbor cluster around home cluster head (Vi). Fig. 5 presents the message size in bytes versus a number of Voronoi regions for nonneighborVoronoi regions. Table 3 presents the message size in various schemes during the reauthentication process. 6.3. Energy consumption Similar to the parameters of Kim et. al., (2017) [15] we compute transmission and reception energy as 16.25 ␮J/byte and 12.5

164

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

Table 3 Message sizes in various schemes during reauthentication.

Mobile node (Mm ) to Voronoi based cluster head (Vj) Voronoi based cluster heads Vj to Vi and Vi to Vj Voronoi based cluster head (Vj) to mobile node (Mm ) Base station to cluster head (Vj) Total message size

Han et. al., 2010 [17]

Jiang et. al., 2011 (adjacent Neighbor roaming) [14]

Kim et. al., 2017 (Non-neighbor roaming) [15]

Our scheme (adjacent Neighbor roaming)

Our scheme (NonNeighbor roaming)

48 

14 

14 

14 

14 

≥ 36 ×NGH (Vi)

53

54× ji

55

55× ji

86

20

20

20

20

–

–

–

–

–

≥ (48  + 36 NGH (Vi) + 86)

14  + 73

14  + 20 + (54× ji )

14  + 75

14  + 20 +(55× ji

Table 4 Energy consumption in various schemes during reauthentication.

Mobile node (Mm ) Total energy consumption

Kim et. al. 2017 [15] (Non-neighbor roaming)

Our scheme (Non Neighbor roaming)

477.5 ␮J 3812.5 ␮J

477.5 ␮J 3870 ␮J

Fig. 6. Energy consumption during reauthentication.

␮J/byte respectively. We compare only the non-neighbor case in the reauthentication case (Table 4). We observe that energy consumption for non-neighbor case (Kim et. al., 2017) [15] is comparable with our proposed scheme (Refer Fig. 6). Fig. 7 illustrates the process of reauthentication of the mobile node with the help of three Voronoi based cluster heads (Vj, Vk, and Vi). 1) Transmission: Mobile message to Foreign cluster Vj: (2 IDs + 1 time stamp + 1 MAC) = (2 + 8 + 4 = 14 bytes for transmission to Foreign cluster Vj) = 14 bytes * 16.25 ␮J/byte = 227.5 ␮J for transmission of message. Reception: Mobile message reception from Foreign cluster Vj: (1 time stamp + 1 MAC + 1 random number) = (8 + 4 +8) = 20 bytes for transmission to Foreign cluster Vj) = 20 bytes * 12.5 ␮J/byte = 250 ␮J for reception of message Energy consumption Mobile node = Transmission + reception energy = (227.5 ␮J + 250 ␮J) = 477.5 ␮J

2) Transmission: The transmission energy consumption be Vj cluster head to intermediate cluster head Vk : (2 ID + 1 hop count + 2 time stamp + 2 MAC) = (2 + 1 + 16 + 8) bytes = 27 bytes * 16.25 ␮J/byte = 438.75 ␮J Reception: The transmission energy consumption be Vj cluster head to intermediate cluster head Vk : (2 ID + 1 hop count + 2 time stamp + 2 MAC) = (2 + 1 + 16 + 8) bytes = 27 bytes * 12.5 ␮J/byte = 337.5␮J 3) Transmission: The transmission energy consumption be Vk cluster head to home cluster head Vi : (2 ID + 1 hop count + 2 time stamp + 2 MAC) = (2 + 1 + 16 + 8) bytes = 27 bytes * 16.25 ␮J/byte = 438.75 ␮J Reception: The transmission energy consumption be Vk cluster head to i homecluster head Vi: (2 ID + 1 hop count + 2 time stamp + 2 MAC) = (2 + 1 + 16 + 8) bytes = 27 bytes * 12.5 ␮J/byte = 337.5␮J 4) Transmission: The transmission energy consumption be Vi cluster head to intermediate node Vk : (1 time stamp + 1 key + 1 MAC) = (8 + 16 + 8) bytes = 32 bytes * 16.25 ␮J/byte 520␮J Reception: The transmission energy consumption be Vi cluster head to intermediate node Vk : : (1 time stamp + 1 key + 1 MAC) = (8 + 16 + 8) bytes = 32 bytes * 12.5 ␮J/byte 400␮J 5) Transmission: The transmission energy consumption be Vk cluster head to foreign node Vj : (1 time stamp + 1 key + 1 MAC) = (8 + 16 + 8) bytes = 32 bytes * 16.25 ␮J/byte 520␮J Reception: The transmission energy consumption be Vk cluster head to foreign node Vj : : (1 time stamp + 1 key + 1 MAC) = (8 + 16 + 8) bytes = 32 bytes * 12.5 ␮J/byte 400␮J consumption among Voronoi cluster Energy heads = Transmission + reception energy = 2* (438.75 ␮J + 337.5 ␮J) + 2 * (520␮J + 400 ␮J) = 3392.5␮J Totalenergyconsumption = Mobile + Voronoi = 3870␮J We observe that energy consumption is 57.5␮J more as compared to Kim et al.[15] Scheme. However, our scheme leads to a scalable architecture as compared to Kim et al. [15] scheme. This is due to one byte of hop count required from transmission of Voronoi foreign cluster head to Home cluster head. Further, in our scheme on-demand routing overhead is present due to dynamic nature of the WSN architecture. Thus scheme proposed by Kim et al. [15] is to find the entire possible routing path prior to the network setup with the help of base station is not suitable for scalable architecture. 6.4. Computation cost Reauthentication scheme consumes 2 Encryption/Decryption in node. Reauthentication scheme consumes 4Encryption/Decryption in total (Table 5).

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

165

Fig. 7. Reauthentication process of mobile sensor node.

Table 5 The number of cryptographic operations for Mobile node Mm with the help of 3 cluster head (Vj -> Vk -> Vi) and back (Vi -> Vk-> Vj).

Total number of Encryption/Decryption Encryption/Decryption in node Total number of MAC generation/verification MAC generation/verification in node

Jiang et al. 2011 [18]

Kim et al. 2017 [15]

Our Proposed

4

4

4

2

2

2

4

4

4

2

2

2

fessional relationships, affiliations, knowledge or beliefs) in the subject matter or materials discussed in this manuscript. Declaration of Competing Interest The authors whose names are listed immediately below certify that they have NO affiliations with or involvement in any organization or entity with any financial interest (such as honoraria; educational grants; participation in speakers’ bureaus; membership, employment, consultancies, stock ownership, or other equity interest; and expert testimony or patent-licensing arrangements), or non-financial interest (such as personal or professional relationships, affiliations, knowledge or beliefs) in the subject matter or materials discussed in this manuscript.

7. Conclusions Acknowledgements In this work, we propose an authentication framework for securing mobile nodes in WSN. The proposed framework ensures mobile node authentication for different cases. The first case is when a mobile node travels to an adjacent cluster region. The second case refers to when the mobile node moves to a non-neighbor cluster region which may be several hops away from the initial position of a mobile node. Further, performance analyses for our reauthentication scheme and provides the comparison with the other reauthentication scheme present in the literature. The analyses results show that our scheme has a comparable performance on communication overhead, message size, and computation cost compared with the schemes present in the literature. Further, the proposed scheme provides scalable architecture for MWSN. The authors whose names are listed immediately below certify that they have NO affiliations with or involvement in any organization or entity with any financial interest (such as honoraria; educational grants; participation in speakers’ bureaus; membership, employment, consultancies, stock ownership, or other equity interest; and expert testimony or patent-licensing arrangements), or non-financial interest (such as personal or pro-

None. No funding to declare. References [1] Vandana Mohindru, Yashwant Singh, Node authentication algorithm for securing static wireless sensor networks from node clone attack, Int. J. Inf. Comput. Secur. 10 (2-3) (2018) 129–148. [2] Ines Khoufi, Pascale Minet, Anis Laouiti, Saoucene Mahfoudh, Survey of deployment algorithms in wireless sensor networks: coverage and connectivity issues and challenges, Int. J. Auton. Adapt. Commun. Syst. 10 (4) (2017) 341–390. [3] Halil Yetgin, Kent Tsz Kan Cheung, Mohammed El-Hajjar, Lajos Hanzo Hanzo, A survey of network lifetime maximization techniques in wireless sensor networks.¨, Ieee Commun. Surv. Tutor. 19 (2) (2017) 828–854. [4] Harish Radhappa, Lei Pan, James Xi Zheng, Sheng Wen, Practical overview of security issues in wireless sensor network applications, Int. J. Comput. Appl. (2017) 1–12. [5] Hlabishi I. Kobo, Adnan M. Abu-Mahfouz, Gerhard P. Hancke, A survey on software-defined wireless sensor networks: challenges and design requirements, IEEE Access 5 (1) (2017) 1872–1899. [6] Aditi Rani, Sanjeet Kumar, A survey of security in wireless sensor networks, in: 2017 3rd International Conference on Computational Intelligence & Communication Technology (CICT), IEEE, 2017, pp. 1–5.

166

V. Mohindru et al. / Sustainable Computing: Informatics and Systems 23 (2019) 158–166

[7] Adam B. Noel, Abderrazak Abdaoui, Tarek Elfouly, Mohamed Hossam Ahmed, Ahmed Badawy, Mohamed S. Shehata, Structural health monitoring using wireless sensor networks: a comprehensive survey, IEEE Commun. Surv. Tutor. 19 (3) (2017) 1403–1423. [8] Ying Qiu, Jianying Zhou, Joonsang Baek, Javier Lopez, Authentication and key establishment in dynamic wireless sensor networks, Sensors 10 (4) (2010) 3718–3731. [9] Qing-Qing Xie, Shunrong Jiang, Liangmin Wang, Chin-Chen Chang, Composable secure roaming authentication protocol for cloud-assisted body sensor networks, IJ Netw. Secur. 18 (5) (2016) 816–831. [10] Pritam Banerjee, Tanusree Chatterjee, Sipra DasBit, LoENA: Low-overhead encryption based node authentication in WSN, 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (2015) 2126–2132. [11] Nabil Sabor, Shigenobu Sasaki, Mohammed Abo-Zahhad, Sabah M. Ahmed, A comprehensive survey on hierarchical-based routing protocols for mobile wireless sensor networks: review, taxonomy, and future directions, Wirel. Commun. Mob. Comput. (2017) (2017). [12] Zhou Zhiping, Shao Nannan, Zhuang Xuebo, A Novel Authentication Protocol for Mobile Nodes in Multi-Base-Station Wireless Sensor Network, 2014, 019-8. [13] S.Raja Rajeswari, V. Seenivasagam, Comparative study on various authentication protocols in wireless sensor networks, Sci. World J. (2016) (2016). [14] Shunrong Jiang, Jiapeng Zhang, Jing Jun Miao, Conghua Zhou, A privacy-preserving reauthentication scheme for mobile wireless sensor networks, Int. J. Distrib. Sens. Netw. 9 (5) (2013), 913782. [15] Bo Sung Kim, Joo Seok Song, An efficient and practical mobile node reauthentication scheme for mobile wireless sensor networks, Proceedings of the 3rd International Conference on Communication and Information Processing (2017) 326–331. [16] Tien-Wen Sung, Chu-Sing Yang, Voronoi-based coverage improvement approach for wireless directional sensor networks, J. Netw. Comput. Appl. 39 (2014) 202–213.

[17] Kyusuk Han, Kwangjo Kim, Taeshik Shon, Untraceable mobile node authentication in WSN, Sensors 10 (5) (2010) 4410–4429. [18] Shunrong Jiang, Jingjun Miao, Liangmin Wang, Mobile node authentication protocol for crossing cluster in heterogeneous wireless sensor network, in: 2011 IEEE 3rd International Conference on Communication Software and Networks (ICCSN), IEEE, 2011, pp. 205–209. [19] Jangirala Srinivas, Dheerendra Mishra, Sourav Mukhopadhyay, A mutual authentication framework for wireless medical sensor networks, J. Med. Syst. 41 (5) (2017) 80. [20] Kuan Zhang, Kan Yang, Xiaohui Liang, Zhou Su, Xuemin Shen, Henry H. Luo, Security and privacy for mobile healthcare networks: from a quality of protection perspective, Ieee Wirel. Commun. 22 (4) (2015) 104–112. [21] David Kotz, Carl A. Gunter, Santosh Kumar, Jonathan P. Weiner, Privacy and security in mobile health: a research agenda, Computer 49 (6) (2016) 22. [22] Amol Vasudeva, Sood Manu, Survey on sybil attack defence mechanisms in wireless ad hoc networks, J. Netw. Comput. Appl. 120 (2018) 78–118. [23] Jin Wang, Chunwei Ju, Yu Gao, Arun Kumar Sangaiah, Gwang-jun Kim, A PSO based energy efficient coverage control algorithm for wireless sensor networks, Comput. Mater. Cont. 56 (3) (2018) 433–446. [24] Wenjun Li, Zhenyu Chen, Xingyu Gao, Wei Liu, Jin Wang, Multi-model framework for indoor localization under mobile edge computing environment, IEEE Internet Things J. (2018), http://dx.doi.org/10.1109/JIOT. 2018.2872133, to be published. [25] Jin Wang, Yiquan Cao, Bin Li, Hye-jin Kim, Sungyoung Lee, Particle swarm optimization based clustering algorithm with mobile sink for WSNs, Future Gener. Comput. Syst. 76 (November) (2017) 452–457. [26] Zhihai He, Yongfang Liang, Chen Lulin, Ishfaq Ahmad, Dapeng Wu, Power-rate-distortion analysis for wireless video communication under energy constraints, IEEE Trans. Circuits Syst. Video Technol. 15 (May (5)) (2005) 645–658.