NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks

  • Piotr Szczechowiak
  • Leonardo B. Oliveira
  • Michael Scott
  • Martin Collier
  • Ricardo Dahab
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4913)


By using Elliptic Curve Cryptography (ECC), it has been recently shown that Public-Key Cryptography (PKC) is indeed feasible on resource-constrained nodes. This feasibility, however, does not necessarily mean attractiveness, as the obtained results are still not satisfactory enough. In this paper, we present results on implementing ECC, as well as the related emerging field of Pairing-Based Cryptography (PBC), on two of the most popular sensor nodes. By doing that, we show that PKC is not only viable, but in fact attractive for WSNs. As far as we know pairing computations presented in this paper are the most efficient results on the MICA2 (8-bit/7.3828-MHz ATmega128L) and Tmote Sky (16-bit/8.192-MHz MSP-430) nodes.


Wireless Sensor Networks Elliptic Curve Cryptography pairings cryptographic primitives implementation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Estrin, D., Govindan, R., Heidemann, J.S., Kumar, S.: Next century challenges: Scalable coordination in sensor networks. In: MobiCom 1999. Mobile Computing and Networking, Seattle, WA USA, pp. 263–270 (1999)Google Scholar
  2. 2.
    Akyildiz, I.F., Su, W., Sankarasubramaniam, Y., Cayirci, E.: Wireless Sensor Networks: a survey. Computer Networks 38(4), 393–422 (2002)CrossRefGoogle Scholar
  3. 3.
    Karlof, C., Wagner, D.: Secure routing in Wireless Sensor Networks: Attacks and countermeasures. Elsevier’s AdHoc Networks Journal, Special Issue on Sensor Network Applications and Protocols 1(2–3), 293–315 (2003) (Also apeared in 1st IEEE International Workshop on Sensor Network Protocols and Applications)Google Scholar
  4. 4.
    Wood, A.D., Stankovic, J.A.: Denial of service in sensor networks. IEEE Computer 35(10), 54–62 (2002)Google Scholar
  5. 5.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: Security protocols for sensor networks. Wireless Networks 8(5), 521–534 (2002) (Also appeared in MobiCom 2001)MATHCrossRefGoogle Scholar
  6. 6.
    Karlof, C., Sastry, N., Wagner, D.: Tinysec: A link layer security architecture for Wireless Sensor Networks. In: 2nd ACM SensSys., pp. 162–175 (2004)Google Scholar
  7. 7.
    Watro, R.J., Kong, D., fen Cuti, S., Gardiner, C., Lynn, C., Kruus, P.: Tinypk: securing sensor networks with public key technology. In: SASN 2004. 2nd ACM Workshop on Security of ad hoc and Sensor Networks, Washington, DC, pp. 59–64 (2004)Google Scholar
  8. 8.
    Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Malan, D.J., Welsh, M., Smith, M.D.: A Public-Key Infrastructure for key distribution in TinyOS based on Elliptic Curve Cryptography. In: SECON 2004. 1st IEEE Intl’ Conf. on Sensor and Ad Hoc Communications and Networks (2004)Google Scholar
  10. 10.
    Oliveira, L.B., Aranha, D., Morais, E., Daguano, F., López, J., Dahab, R.: TinyTate: Computing the TinyTate in resource-constrained nodes. In: 6th IEEE International Symposium on Network Computing and Applications, Cambridge,MA (2007)Google Scholar
  11. 11.
    Miller, V.: Uses of elliptic curves in cryptography, advances in cryptology. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  12. 12.
    Koblitz, N.: Elliptic curve cryptosystems. Mathematics of computation 48, 203–209 (1987)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Scott, M.: MIRACL—A Multiprecision Integer and Rational Arithmetic C/C++ Library. Shamus Software Ltd, Dublin, Ireland (2003),
  14. 14.
    Zhou, L., Haas, Z.J.: Securing Ad Hoc Networks. IEEE Network 13(6), 24–30 (1999)CrossRefGoogle Scholar
  15. 15.
    Hubaux, J.P., Buttyán, L., Capkun, S.: The quest for security in mobile ad hoc networks. In: 2nd ACM international symposium on Mobile ad hoc networking & computing, pp. 146–155. ACM Press, New York (2001)CrossRefGoogle Scholar
  16. 16.
    Eschenauer, L., Gligor, V.D.: A key management scheme for distributed sensor networks. In: CCS 2002. 9th ACM conf. on Computer and communications security, pp. 41–47 (2002)Google Scholar
  17. 17.
    Zhu, S., Setia, S., Jajodia, S.: LEAP: efficient security mechanisms for large-scale distributed sensor networks. In: CCS 2003. 10th ACM conference on Computer and communication security, pp. 62–72. ACM Press, New York (2003)CrossRefGoogle Scholar
  18. 18.
    Pietro, R.D., Mancini, L.V., Mei, A.: Random key-assignment for secure Wireless Sensor Networks. In: SASN 2003. 1st ACM workshop on Security of ad hoc and sensor networks, pp. 62–71 (2003)Google Scholar
  19. 19.
    Kannan, R., Ray, L., Durresi, A.: Security-performance tradeoffs of inheritance based key predistribution for Wireless Sensor Networks. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, Springer, Heidelberg (2005)Google Scholar
  20. 20.
    Çamtepe, S.A., Yener, B.: Combinatorial design of key distribution mechanisms for Wireless Sensor Networks. In: Samarati, P., Ryan, P.Y A, Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 293–308. Springer, Heidelberg (2004)Google Scholar
  21. 21.
    Liu, D., Ning, P., Li, R.: Establishing pairwise keys in distributed sensor networks. ACM Transactions on Information and System Security (TISSEC) 8(1), 41–77 (2005)(Also appeared in ACM CCS 2003)CrossRefGoogle Scholar
  22. 22.
    Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: A pairwise key pre-distribution scheme for Wireless Sensor Networks. ACM Transactions on Information and System Security 8(2), 228–258 (2005) (Also appeared in ACM CCS 2003)CrossRefGoogle Scholar
  23. 23.
    Oliveira, L.B., Wong, H.C., Dahab, R., Loureiro, A.A.F.: On the design of secure protocols for hierarchical sensor networks. International Journal of Networks and Security (IJSN) 2(3/4), 216–227 (2007) (Special Issue on Cryptography in Networks)CrossRefGoogle Scholar
  24. 24.
    Oliveira, L.B., Ferreira, A., cca, M.A.V., Wong, H.C., Bern, M., Dahab, R., Loureiro, A.A.F.: Secleach-on the security of clustered sensor networks. Signal Process 87(12), 2882–2895 (2007)CrossRefGoogle Scholar
  25. 25.
    Hwang, J., Kim, Y.: Revisiting random key pre-distribution schemes for Wireless Sensor networks. In: 2nd ACM workshop on Security of ad hoc and sensor networks, pp. 43–52. ACM Press, New York (2004)CrossRefGoogle Scholar
  26. 26.
    Liu, A., Kampanakis, P., Ning, P.: Tinyecc: Elliptic Curve Cryptography for sensor networks (ver. 0.3) (2007),
  27. 27.
    Guajardo, J., Bluemel, R., Krieger, U., Paar, C.: Efficient implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x family of microcontrollers. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  28. 28.
    Wang, H., Sheng, B., Li, Q.: Elliptic Curve Cryptography based access control in sensor networks. International Journal of Security and Networks (IJSN). Special Issue on Security Issues on Sensor Networks 1(3/4), 127–137 (2006)Google Scholar
  29. 29.
    Polastre, J., Szewczyk, R., Culler, D.: Telos: enabling ultra-low power wireless research. In: IPSN 2005. 4th international symposium on Information processing in sensor networks, p. 48. IEEE Press, Piscataway, NJ, USA (2005)Google Scholar
  30. 30.
    Zhang, Y., Liu, W., Lou, W., Fang, Y.: Securing sensor networks with location-based keys. In: WCNC 2005. IEEE Wireless Communications and Networking Conference (2005)Google Scholar
  31. 31.
    Oliveira, L.B., Dahab, R.: Pairing-based cryptography for sensor networks. In: 5th IEEE International Symposium on Network Computing and Applications, Cambridge, MA (fast abstract) (2006)Google Scholar
  32. 32.
    Doyle, B., Bell, S., Smeaton, A.F., McCusker, K., O’Connor, N.: Security considerations and key negotiation techniques for power constrained sensor networks. The Computer Journal 49(4), 443–453 (2006)CrossRefGoogle Scholar
  33. 33.
    McCusker, K., O’Connor, N., Diamond, D.: Low-energy finite field arithmetic primitives for implementing security in Wireless Sensor Networks. In: 2006 Intl. Conf. on Communications, Circuits and systems. Computer, Optical and Broadband; Communications; Computational Intelligence, vol. III, pp. 1537–1541 (2006)Google Scholar
  34. 34.
    Bellare, M., Namprempre, C., Neven, G.: Unrestricted aggregate signatures. Cryp- tology ePrint Archive, Report 2006/285 (2006),
  35. 35.
    Oliveira, L.B., Dahab, R., Lopez, J., Daguano, F., Loureiro, A.A.F.: Identity-based encryption for sensor networks. In: PERCOMW 2007. 5th IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 290–294 (2007)Google Scholar
  36. 36.
    Segars, S.: ARM7TDMI power consumption. IEEE Micro 17(4), 12–19 (1997)CrossRefGoogle Scholar
  37. 37.
    López, J., Dahab, R.: An overview of Elliptic Curve Cryptography. Technical Report IC-00-10, Institute of Computing – UNICAMP (2000)Google Scholar
  38. 38.
    Menezes, A., Okamoto, T., Vanstone, S.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory 39(5), 1639–1646 (1993)MATHCrossRefMathSciNetGoogle Scholar
  39. 39.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: SCIS 2000. Symposium on Cryptography and Information Security, pp. 26–28 (2000)Google Scholar
  40. 40.
    Joux, A.: A one round protocol for tripartite diffie-hellman. J. Cryptology 17(4), 263–276 (2004) (Proceedings of ANTS-IV, 2000)MATHCrossRefMathSciNetGoogle Scholar
  41. 41.
    Galbraith, S.: Pairings. In: Blake, I., Seroussi, G., Smart, N. (eds.) Advances in Elliptic Curve Cryptography. London Mathematical Society Lecture Notes, pp. 183–213. Cambridge University Press, Cambridge (2005)Google Scholar
  42. 42.
    Atmel: ATmega128(L) datasheet (2006),
  43. 43.
    TI: MSP 430F1611, Datasheet (2002),
  44. 44.
    Crossbow Technology, Inc. 41 Daggett Dr., San Jose, CA 95134: MPR/MIB Mote Hardware Users Manual – Document 7430-0021-05 (2003)Google Scholar
  45. 45.
    Moteiv: Tmote Sky datasheet (2006),
  46. 46.
    Levis, P., Madden, S., Polastre, J., Szewczyk, R., Whitehouse, K., Woo, A., Gay, D., Hill, J., Welsh, M., Brewer, E., Culler, D.: TinyOS: An operating system for Wireless Sensor Networks. In: Weber, W., Rabaey, J., Aarts, E. (eds.) Ambient Intelligence, Springer, New York (2004)Google Scholar
  47. 47.
    Gay, D., Levis, P., von Behren, J.R., Welsh, M., Brewer, E.A., Culler, D.E.: The nesC language: A holistic approach to networked embedded systems. In: ACM Conf. on Programming Language Design and Implementation, pp. 1–11 (2003)Google Scholar
  48. 48.
    Scott, M., Szczechowiak, P.: Optimizing multiprecision multiplication for Public Key Cryptography. Cryptology ePrint Archive, Report 2007/299 (2007)Google Scholar
  49. 49.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2004)MATHGoogle Scholar
  50. 50.
    Scott, M.: Optimal irreducible polynomials for GF(2m) arithmetic. Cryptology ePrint Archive, Report 2007/192 (2007)Google Scholar
  51. 51.
    Scott, M.: Implementing cryptographic pairings (2006)Google Scholar
  52. 52.
    Barreto, P.S.L.M., Galbraith, S., hEigeartaigh, C.O., Scott, M.: Efficient pairing computation on supersingular abelian varieties. In: Designs Codes And Cryptography, Boston/Norwell (USA) (2006)Google Scholar
  53. 53.
    Scott, M.: Computing the Tate Pairing. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 293–304. Springer, Heidelberg (2005)Google Scholar
  54. 54.
    Hess, F., Smart, N., Vercauteren, F.: The Eta Pairing revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)CrossRefMathSciNetGoogle Scholar
  55. 55.
    Arazi, O., Qi, H.: Load-balanced key establishment methodologies in Wireless Sensor Networks. International Journal of Security and Networks (IJSN). Special Issue on Security Issues on Sensor Networks 1(3/4), 158–166 (2006)Google Scholar
  56. 56.
    Blaß, E.O., Zitterbart, M.: Towards Acceptable Public-Key Encryption in Sensor Networks. In: The 2nd Int’l Workshop on Ubiquitous Computing, ACM SIGMIS (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Piotr Szczechowiak
    • 1
  • Leonardo B. Oliveira
    • 2
  • Michael Scott
    • 1
  • Martin Collier
    • 1
  • Ricardo Dahab
    • 2
  1. 1.Dublin City UniversityIreland
  2. 2.UNICAMPBrazil

Personalised recommendations