Seluge++: A Secure Over-the-Air Programming Scheme in Wireless Sensor Networks

. 2014 Mar 11;14(3):5004–5040. doi: 10.3390/s140305004

Algorithm 2 Dissemination of the code update, including the Data Verification (DV) and Hash Verification (HV) Methods).

Base Station:

I \Leftarrow ⌈ \frac{NPPP \times | H (.) |}{B - | {MAC}_{S K} (.) |} ⌉

T ⇐ (p, a, b, G, n, h) elliptic curve domain parameters

d_S ⇐ random integer number (1 < d_S < n − 1)

N₀ ⇐ 160–bit random number

Q_S ⇐ d_SG

V_n ⇐ Version number

Sign V_n, I, N₀, Q_S using GK_Pri

Send Sign_{GK_Pri}({V_n, I, N₀, Q_S}) to node

10:

Node:

11:

(I, V_n, N₀, Q_S) ⇐ Verify_{GK_pub} (Sign_{GK_Pri}({V_n, I, N₀, Q_S}))

12:

if V_n ≤ previous V_n then

13:

Notify BS of an ongoing replay attack.

14:

Halt dissemination protocol for a pre-configured time.

15:

Exit

16:

end if

17:

previous V_n ⇐ V_n

18:

d_N ⇐ random integer number (1 < d_N < n − 1)

19:

Q_N ⇐ d_NG

20:

SK ⇐ H⁸⁰(d_NQ_S)

21:

Free memory reserved by d_N, Q_S

22:

N₁ ⇐ 160 – bit random number

23:

Execute Algorithm 3 (Input: N₁) {Optional}

24:

Send

{Q_{N}, E n c_{S K}^{80} (N_{1}), M A C_{S K}^{160} (Q_{N} \oplus N_{0})}

to BS

25:

Base Station:

26:

Pkt \Leftarrow {Q_{N}, E n c_{S K}^{80} (N_{1}), M A C_{S K}^{160} (Q_{N} \oplus N_{0})}

27:

SK ⇐ H⁸⁰(d_SQ_N)

28:

MSG ⇐ Pkt[0] ⨁ N₀ {Pkt[0] = Q_N}

29:

generated

MAC \Leftarrow M A C_{S K}^{160} (MSG)

30:

if generated MAC <> Pkt[2] then

31:

Exit.

32:

end if

33:

N_{1} \Leftarrow D e c_{S K}^{80} (E n c_{S K}^{80} (N_{1}))

34:

Execute Algorithm 3(Input: N₁) {Optional}

35:

Encrypt update image with SK

36:

Fragment encrypted data as shown in Figure 4

37:

for all Pkt_0,_i in Page0 do

38:

Send

{E n c_{S K}^{80} (P k t_{0, i}), M A C_{S K}^{160} (E n c_{S K}^{80} (P k t_{0, i}))}

to the node

39:

end for

40:

Node:

41:

Free memory reserved by Q_N

42:

while Receives

{E n c_{S K}^{80} (P k t_{0, i}), M A C_{S K}^{160} (E n c_{S K}^{80} (P k t_{0, i}))}

43:

new MAC ⇐ calculate MAC of encrypted Pkt₀_,i

44:

if new

MAC < > M A C_{S K}^{160} (E n c_{S K}^{80} (P k t_{0, i}))

then

45:

Drop packet

46:

end if

47:

P k t_{0, i} \Leftarrow D e c_{S K}^{80} (E n c_{S K}^{80} (P k t_{0, i}))

48:

Store Pkt_0,_i

49:

end while