106 7. EFFICIENT AND SECURE CODE DISSEMINATION IN SENSOR CLOUDS
1. A
i
D h.A
iC1
/:
2. A
0
is the root of the chain, which is obtained by applying the hash function h./, t times
on A
t
.
For each sensor, some FIDs are randomly selected. e base station then generates a random
secret key K
0
and the corresponding elliptic curve public key Q
0
D K
0
T . e functions are
encrypted with this key Q
0
using the proxy re-encryption scheme EC-BBS. Pairs of FID and
the associated encrypted function (j , E
Q
0
.f
j
.//), authentication key A
0
, hash function h./, and
a pseudo random function (PRF) g./ are pre-deployed on the sensors. is process is shown in
Algorithm 7.9.
Algorithm 7.9 Pre-Deployment
1: Associate each function with a unique FID and build the function table.
2: Call Alg RAC to create L and rearrange application codes.
3: for each i in SN do
4: Randomly select k FIDs from L.
5: for each j in k do
6: Encrypt f
j
./ using Q
0
.
7: Store tuple (j , E
Q
0
.f
j
.//) on SN
i
.
8: end for
9: end for
7.7.2 PRE-DISSEMINATION
When the base station has to disseminate a new application code in the network, it first identifies
those functions of the new application which can be found in the network, stored on the nodes.
It then rearranges the functions of the new application code such that the common functions
reside in the same memory location as the code which was distributed in the network. e rest
of the code is then placed around these functions. is can be seen in Figure 7.3. e global
variables of this new application are also arranged according to the common functions’ need in
the :data and :bss sections. e base station then creates a list called the common functions list
(CFL) which is in the form of FIDs along with the size of the functions and their memory
location in the compiled code.
Before disseminating the code, the base station generates a random secret key K
i
and the
corresponding elliptic curve public key Q
i
D K
i
T for the i
th
iteration of code change. It then
computes the re-encryption key RK
i
from K
0
and K
i
as K
i
=K
0
. A pre-dissemination packet is
constructed which consists of an HMAC of hash of the re-encryption key concatenated with
hash of the CFL, i.e., HMAC
A
i
.h.RK
i
/jjh.CFL//. e key A
i
used to generate the HMAC is the
next key in the authentication key chain. e HMAC is then disseminated in the network just
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.219.22.169