**2. Cryptographic schemes for WSNs**

In WSNs, choosing the best cryptographic technique is essential since cryptography provides all security functions. The code size, data size, processing time, and power consumption of cryptographic techniques used in WSNs should all be taken into consideration together with the sensor node limits. We concentrate on the choice of cryptography in WSNs in this section. We first discuss public key cryptography, then delve into systems that use symmetric keys for their cryptographic functions.

#### **2.1 Public key cryptographic mechanisms in WSNs**

Many experts think that public key protocols such as the Diffie-Hellman key exchange [30] or RSA [31], should not be used in WSNs because of the code complexity, data size, processing time, and power consumption these algorithms involve.

A single security operation typically requires dozens or even millions of multiplication instructions, which makes public key methods like RSA computationally demanding. Furthermore, the number of CPU cycles needed to execute an instruction for the multiplication operation is a critical factor in determining a microprocessor's efficiency for a public key method [32].

In resource-constrained wireless devices, Brown et al. discovered that public key methods like RSA typically take some minutes to execute cryptographic operations

such as encryption and decryption. This is a long enough time for an adversary to launch denial of service (DoS) attacks [33]. Carman et al. observed that a basic 128-bit operation of multiplication often requires thousands of nano-joules from a microprocessor [32].

As opposed to public key methods, the algorithms of hash functions and symmetric keys involve substantially lower processing overhead. An AES block of 128-bit size typically consumes an energy of 0.104 mJ, which is substantially lower than the anticipated energy consumption for a 1024-bit block when utilizing RSA on the MC68328 DragonBall CPU [32].

By employing the appropriate choice of parameters in the algorithms and optimized approaches that consume lower power for execution, research has demonstrated that it is possible to deploy public key-based protocols in WSNs [34–36]. Elliptic Curve Cryptography (ECC) [37, 38], Ntru-Encrypt [39], RSA [31], and Rabin's Scheme [40] are some of the public key algorithms that have been studied for this purpose. The RSA and ECC algorithms are the subjects of most studies in the literature. ECC is appealing because it is highly secure even with smaller keys. Hence, the use of ECC decreases the requirement of processing and transmission costs. While RSA with 1024-bit keys offers a degree of security that is currently acceptable for many applications, the same level of security is achieved using ECC with a 160-bit key (ECC-160) [41]. As per the new recommendation, a key size of 2048 bits is used in the RSA protocol as the minimum size of the key. This is similar to the 224-bit ECC protocol [42].

On an Atmel ATmega128 CPU, Wander et al. evaluated the amount of energy required in RSA and ECC protocols for authentication and key exchange [36]. The Elliptic Curve Digital Signature Algorithm (ECDSA) generates and verifies the ECCbased signature [43]. The handshake in the secured socket layer (SSL) requires two entities: a client that initiates the session, and a server that responds to the request [44]. The key exchange scheme is a more compact form of this handshake. Each sensor in the WSN is presumed to have a certificate that has been signed using the private key of the trusted authority. The two parties validate their respective certificates during the handshake phase and agree on the session key that will be used for communication. The findings indicate that compared to RSA signatures, ECDSA signatures are much less expensive. Additionally, on the server side, the ECC protocol has superior performance, while the RSA protocol performs better on the client side. However, the two protocols do not exhibit any significant difference in the power requirement in carrying out the key exchange operation. Additionally, as the key size grows, ECC outperforms RSA in terms of relative performance.

The use of encryption operations in RSA and ECC on Mica2 motes demonstrated the viability of the use of public key protocols in WSNs [45]. The design of the TinyPK system proposed by Watro et al. uses the TinyOS development environment to build the RSA system on Mica2 motes [46]. The authors have shown that this technique effectively implements authentication and key agreement protocol in sensor nodes with limited resources. Another ECC-based technique called TinyECC [47] has been created and put into use on Mica2. Malan et al. also carried out similar work using ECC on Mica2 [45]. A single symmetric key was distributed via ECC for the TinySec module's link-layer encryption.

While sensor nodes could be able to perform public key cryptography, the cost of private key operations remains high. In some cases, the [35, 45] assumptions might not be true. For instance, [35, 45] solely focused on the public key activities, presuming a base station or outside party would handle the private key operations. The operation time of the public key may be made to be very quick by choosing the right

parameters, for instance, by utilizing the tiny number *e* = 216 + 1 as the public key, while the operation time of the private key remains constant. Several public key operations are not available in this framework due to the restriction of operations using private keys exclusively at a base station. Peer-to-peer authentication and secure data are two examples of such services.

#### **2.2 Symmetric key cryptography in WSNs**

As symmetric key cryptography approaches involve less computational overhead than public key cryptographic mechanisms, most research studies for WSNs concentrate on their utilization. A single shared key between the two communicating hosts is employed by symmetric key cryptographic techniques and is used for both encryption and decryption. But efficiently and securely distributing a common key to two nodes for secure communication is a significant barrier to the widespread use of symmetric key encryption. Given that it might not always be possible to pre-distribute the key, this is a challenging topic.

Five well-known encryption techniques were tested on six different microprocessors, with word sizes ranging from 8 bits (Atmel AVR), 16 bits (Mitsubishi M16C), and 32 bits (StrongARM, XScale) in [48]. These included RC4 [49], RC5 [50], IDEA [49], SHA-256 [51], and MD5 [49, 52]. For each algorithm and platform, execution time and code memory size were assessed. The studies showed that each encryption class and architectural class had a consistent cryptographic cost. While support for the Instruction Set Architecture (ISA) is only confined to certain impacts on specific protocols, the influence of caches was minimal. Additionally, hashing techniques (like MD5 and SHA-1) are found to consume more resources in comparison to RC4 and IDEA encryption algorithms.

Law et al. studied the performance of the RC5 and TEA symmetric key algorithms in [53]. On the MSP430F149 from IAR Systems, six additional block ciphers are also assessed [53]. These block ciphers are Rijndael, Camellia, KASUMI, RC6, and RC5. The benchmarking criteria were CPU cycles, data RAM, and code.

For WSN security services to be provided, the proper cryptography mechanism for sensor nodes must be chosen. The capability of the sensor nodes for calculation and transmission, however, determines the outcome. Hardware design and encryption algorithms are both active areas of study.

As mentioned earlier, studies have observed the viability of public key-based protocols in WSNs even if they have higher resource requirements. Private key operations can still not be completed in a sensor node due to the high computational and energy costs involved. Further research is needed on the use of operations using symmetric keys shared among the nodes in a WSN. In terms of speed and low energy consumption, symmetric key cryptography is preferable to public key cryptography. However, key distribution methods using shared symmetric keys are not flawless. Designing effective and adaptable key distribution strategies is necessary. To meet the growing demands on computing and communication in sensor nodes, it is also anticipated that stronger motes will need to be developed.
