7.7. PROPOSED ALGORITHM 109
We observe that code updating in a sensor cloud generally happens in a cluster where the
sensors are typically one hop away from each other. e energy intensive tasks such as decryption
of packets can therefore be performed in a distributed manner. us, instead of every sensor
decrypting all the code, each sensor can decrypt a few packets which will result in conservation of
a large amount of energy. is process, however, makes it necessary that nodes within a cluster are
protected against malicious code injection from each other. To accomplish this, the base station
creates another hash tree on the same dissemination contents, which we call the Horizontal
Hash Tree (HHT). For this hash tree, each page of the code is hashed and the hashes of the
pages h.Page/ are used as leaf nodes. e root hash of HHT is encrypted using the session
key (S
n
) and included in the signature packet. e code dissemination algorithm is given in
Algorithm 7.11. e VHT and the HHT are illustrated in Figure 7.5. Just before beginning the
code dissemination, BS broadcasts the next authentication key (A
i
), which was used to create
the HMAC in the pre-dissemination phase.
Algorithm 7.11 Code Dissemination
1: Populate BF by hashing the functions in CFL.
2: Create Index on CFLjjBFjjNewCodejjRK
i
jjK
i
.
3: Create session key S
n
D g
n
.CK/.
4: Encrypt packets of IndexjjCFLjjBFjjNewCodejjRK
i
jjK
i
using S
i
.
5: Hash the encrypted packets and create VHT with Page 0.
6: Hash the pages and create HHT.
7: Create the signature packet.
8: Broadcast Authentication Key A
i
.
9: Disseminate Code.
7.7.4 ACTIVITY ON THE NODES
After receiving the next authentication key (A
i
), the nodes verify this key by determining or not
whether h.A
i
/ = A
i1
. e one way property of the hash chain ensures that any malicious node,
which has obtained previous authentication keys, A
i1
,A
i2
; : : : ; etc. cannot predict the key
A
i
, with non-negligible probability. is implies that an adversary that makes any changes to
the contents of the pre-dissemination packet, will be caught with a very high probability, which
ensures the delivery of both the un-tampered h.RK
i
/ and h.CFL/. e h.RK
i
/ and h.CFL/
would be used to verify the re-encryption key and the CFL, which would be explained later in
this subsection.
After the pre-dissemination phase is complete, the cluster for which the code dissemi-
nation was intended receives the encrypted contents. e contents are authenticated using the
Vertical Hash Tree, in a manner similar to that used by Seluge [116]. e session key (S
n
) is de-
rived by using the PRF g./ on the cluster key CK, with nonce n received in the signature packet.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.214.32