Energy Efficient Partial Permutation Encryption on Network Coded MANETs

Mobile Ad Hoc Networks (MANETs) are composed of a large number of devices that act as dynamic nodes with limited processing capabilities that can share data among each other. Energy efficient security is the major issue in MANETs where data encryption and decryption operations should be optimized to consume less energy. In this regard, we have focused on network coding which is a lightweight mechanism that can also be used for data confidentiality. In this paper, we have further reduced the cost of network coding mechanism by reducing the size of data used for permutation. The basic idea is that source permutes only global encoding vectors (GEVs) without permuting the whole message symbols which significantly reduces the complexity and transmission cost over the network. We have also proposed an algorithm for key generation and random permutation confusion key calculation.The proposed scheme achieves better performance in throughput, encryption time, and energy consumption as compared to previous schemes.


Introduction
Mobile Ad Hoc Networks (MANETs) have dynamic topology, which means, on requirement, devices act as nodes and establish a network for communication (Figure 1).All nodes are battery powered [1].As MANETs do not need any infrastructure, nodes move freely in arbitrary direction, so nodes easily enter and leave the network at any moment.There is a possibility when a node cannot send information to another node directly within its communication range.To overcome this issue some intermediate nodes are used for routing the information from one node to another by multiple hops [2].
MANETs were thought as one of the most innovative and challenging wireless networking paradigms [3] at its evolution.Potentials of MANETs made ad hoc networking a key area for building Forth-Generation (4G) wireless networks and hence MANETs gained thrust and resulted in remarkable innovation for mobile network paradigm [4].With advances in research, MANET becomes essential communication technology in military tactical environment to help in military deployment among soldiers, vehicles, and operational command centers [5].MANET applications can also be used in law enforcement, other security sensitive environments, emergency relief scenarios, public meetings, and virtual class rooms.
Network encoding is used to transmit the maximum flow of data in a message by using encoding mechanism.It achieves transmission and reduction in communication overhead and better throughput instead of just storing and forwarding as in traditional routing.The traditional routing where the routers typically store and forward the information cannot be overlaid.Network coding, as introduced by the pioneers Ahlswede et al. [6], shows how information is encoded at intermediate or source nodes for efficient transmissions.The basic concept of network coding can be easily understood by butterfly network as explored in Figure 2. In this butterfly network topology a source () wants to transmit information to two nodes acting as destinations  and .Each edge is represented as error-free channel which has the ability to deliver a single bit per channel use.The source sends two bits  and , but instead of routing one and blocking the other, node  transmits their XOR.Node  receives  and  ⊕ .Since  ⊕ ( ⊕ ) = , node  can recover   both  and .By using coding operation at bottleneck node and then decoding at sink nodes, the multicast throughput has been enhanced to 2 bits, beyond what can be done in conventional routing.Network coding has advantages like enhancing better throughput [7], network robustness [8], and reducing network congestion [9].Network coding has applications in many areas such as Ad Hoc Network [10], delay tolerant networks [11], P2P network [12], wireless sensor network [13], and content distribution network [14].
The main problem in the conventional routing approach is highlighted when a message is transmitted through a number of intermediate nodes.At one point as depicted in the butterfly network, the intermediate node  is the bottleneck as it receives multiple packets but has a single channel to forward the packets.It results in network congestion.Secondly nodes also receive redundant data from different other nodes which can be removed by using network coding.
This paper presents an encryption scheme for MANETs which fully takes advantage of the security property of network coding.As global encoding vectors (GEVs) are essential for decoding so reordering the components in a GEV randomly makes significant confusion for the eavesdropper to get meaningful information.In the paper, we studied energy efficient encryption by merely permuting the components of GEVs, without manipulating the entire messages during encryption.We refer to the proposed scheme as partial permutation based encryption scheme.A similar idea has been considered in a scheme in [15], which randomly permutes the whole message of length  with ! possibilities and uses AES for encryption.Instead of permuting the whole message of length , we permuted only the components in GEVs of length ℎ which gives much lower computational complexity as ℎ ≪ .It reduces the complexity of the scheme and energy consumption and is thus a more efficient encryption scheme.To further enhance the security of the message, we proposed an algorithm for dynamic random permutation key generation of the key.
The paper is organized as follows: Section 2 discusses the related work; Section 3 explores the proposed partial permutation based encryption scheme on network coded MANETs.Section 4 evaluates the performance and Section 5 concludes the work.

Related Work
The transmission energy reduction in network coding applications has received a lot of attention.We have explored different schemes in this context to identify the network coding mechanisms that claim to achieve efficient energy consumption.In this regard, Wu et al. [16] explores the solution to finding minimum energy of multicast tree expressed as linear program that is solved in polynomial time encoding at intermediate nodes.This is in contrast to the fact that the same problem is NP-complete in the case of traditional routing as investigated by Čagalj et al. [17].Fragouli et al. [18] investigated efficient broadcasting problem in MANET and proposed probabilistic algorithms.Energy saving is done by lowering number of transmissions, as illustrated in Figure 3, where nodes are allowed to do the encoding of packets.Suppose there are six nodes where every node communicates only with both sides of its neighbors.Every node has to broadcast a message to other nodes.
It shows that without using network coding (NC), every message will need four broadcasts but with NC transmissions per message has decreased to three.So in this way 25% energy is saved in transmission only.The same problem is considered by Li et al. [19], where authors proposed deterministic approach based on PDP (Partial Dominant Pruning).The algorithm depends on two hop neighbors and opportunistic listening to encode packets.
(3) (4) Other than minimizing energy consumption during transmission in MANETs, network coding also has security properties as follows.Bhattad and Narayanan [20] introduced weak security, which means that a system is secured if adversary cannot get any meaningful information from the adversarial attack.Authors showed that random linear network coding is weakly secured with high probability when coding is applied on a large finite field.Lima et al. [21], after considering the threats of the intermediate nodes, developed a security criterion to access intrinsic security provided by network coding.Authors observed that security is directly dependent on the network topology as well by deriving the relationship between security level and field size.Based on this weak security research model, Wang et al. [22] designed a polynomial time deterministic code to secure linear network coding.They showed that optimal throughput between a single source and a paired destination for multiple streams is achieved by using this algorithm.
Many secure NC based cryptographic schemes have been proposed.A signature based scheme proposed by Yu et al. [23] detects and filters out the polluted messages.It used homomorphic signature function by source to delegate signing authorities to the forwarders that means intermediate nodes can generate signature for their output messages without contacting the source.SPOC (Secure Practical Network Coding), an end-to-end lightweight security scheme, is proposed by Vilela et al. [24], in which source encrypts GEVs of every message after performing random linear coding with an additional set of GEVs for network coding.Receiver recovers source messages by using decode-decryptdecode steps.Fan et al. [25] proposed another similar scheme using HEF (Homomorphic Encryption Function) as introduced by Benaloh [26].In this proposed scheme, the coding coefficients used HEF approach for encryption.Linear combinations can be performed directly on these encrypted coefficients because of the homomorphic nature of HEF.This result does not need additional coding coefficients by SPOC.
Wei et al. [27] proposed an efficient encryption scheme that used permutation function that randomizes the message vectors to make confusion for the adversary.Zhang et al. [15] introduced a permutation coding scheme, called P-Coding, which is a lightweight encryption above network coding in MANETs.Their scheme significantly reduced energy consumption because of minimizing the security cost.Their scheme also exploits intrinsic property of security in network coding by using simple permutation encryption.In P-Coding scheme GEVs and message symbols are permuted together.Its complexity is significantly large as compared to the proposed scheme which only permutes components of GEVs.As data needs to be protected at every node in MANETs, energy efficiency can be achieved by the more efficient encryption and decryption processes in the proposed scheme.The conventional approach of encrypting the information is to use a symmetric key algorithm.We proposed a dynamic random permutation key that uses symmetric parameters.
Researchers have given considerable attention towards the energy efficient schemes.Energy efficient scheme, which is also termed as green computing, is one of the most important areas of research these days.Dutta and Culler [28] proposed a mechanism to reduce the energy utilization of mobile wireless nodes by reducing idle listening time of the nodes.Energy efficiency has also been the focal point of routing protocols.An OSLR based routing algorithm is proposed by Tan et al. [29] in which during node selection process different trust levels are used.Venkanna et al. [30] proposed a route splitting algorithm in which a solution to battery faults is provided by the persistent performance adapting the nodes.Another exclusive method for power consumption is proposed by Takeuchi et al. [31] which provides high performance in the dynamic environment based on creating assurance network.The energy consumption has made critical requirement to adopt effective green computing in wireless communication.Our work contributes to green computing from two facets: it saves energy in wireless environment during secure data transmission and introduces energy efficient partial permutation based encryption.

Preliminaries
We adopt the similar system model discussed by Zhang et al. in [15].Let  be a sequence containing each element of set (1, . . ., ℎ) once and only once as a permutation with length ℎ.Let () be the th element of .The product of two permutations  1 and  2 , defined by Definition 1.Consider a sequence a = ( 1 ,  2 , . . .,  ℎ ) over a finite field F  and a permutation  on (1, . . ., ℎ).The Permutation Encryption Function (PEF) using key  on a is defined in In the same way, we define permutation decryption function on a ciphertext  using key  as   (), satisfying   (  (a)) = a.
There is a Key Distribution Center (KDC), responsible for establishing symmetric key so that source and destinations share a PEF key at the initial stage of the scheme.For effectiveness of PEF, the encryption key should be generated randomly.In the existing scheme [15], the generated session key sharing process uses AES encryption key management technique which is not resource efficient in MANETs.Any node, in a MANET consisting of  nodes, can act as a source.MANET can be modeled as an acyclic directed graph represented by (, ) where  denotes the set of nodes and  the set of links of unit capacity, that is, transmitting one packet per link use.Let D − (V) be the set of terminating links at V whereas let D + (V) be the set of originating links from V. We assume that each link  ∈  has the capacity of one packet per unit time and y() is the packet carried on it.Here a packet is defined as a row vector of  elements from finite field F  .A unique source  sends a series of packets x i , . . ., x ℎ to a set of sinks  ⊂ .Every source packet x  is a row vector of length  over a finite field F  and can be divided into two parts [a  m  ]: the header vector a  consists of ℎ elements and the message vector consists of  − ℎ elements.Initially, the header vector a  in the packet x  is just the unit vector u  of length ℎ.
The vector matrix of source packet is defined as X = (x   , . . ., x  ℎ )  , where X has all packets of the source as its rows.Let D − () denote the set consisting of ℎ imaginary links ẽ1 , . . ., ẽℎ with y(ẽ  ) = x i .For any  ∈ D + (V), V ∉ , linearly combining the incoming packets of V, and () is calculated as illustrated in In this equation,    are from which is called LEV (Local Encoding Vector) of the link .By induction, y() is represented as the linear combination of source packets.
Assume that ℎ packets y( 1 ), . . ., y( ℎ ) are received by a sink node V from links  1 , . . .,  ℎ incoming to V. Then by (3) we have the packets Y received by V as follows: where G is referred to as global encoding matrix (GEM) of V. When G is invertible, then the source packets X can be reconstructed by using X = G −1 Y.

Partial Permutation Based Encryption (PPE) Scheme
The main idea of the proposed scheme, called PPE, is that only GEVs are permuted instead of the whole packets at the source.This makes sufficient confusion for an adversary to locate GEVs in order to get meaningful information.As we are permuting only GEVs, this significantly reduces the complexity and making the scheme more efficient.On the other hand, as the header length may not be long enough for permutation to achieve sufficient security, we additionally propose using random encryption key on message to further increase the security of the proposed scheme against adversarial attacks.A list of notations to be used to introduce the PPE scheme is provided in Table 1. Figure 4 briefly illustrates the PPE scheme.Initially, the source has ℎ original messages m 1 , m 2 , . . ., m ℎ of length  − ℎ, each of which is padded with a unit vector u  as the header.Then, it performs linear combinations on the packets to generate ℎ linearly independent packets.Subsequently, the PPE scheme will conduct encryption on the ℎ packets.First, GEVs are permuted based on some permutation key  and then the message is encrypted using dynamic random key encryption based on a key   , whose generation will be discussed in detail in the following subsections.
A typical MANET scenario involves a source node, intermediate nodes, and sink nodes.Figure 5 depicts the data transmission in a MANET based on the proposed PPE scheme and network coding and the PPE scheme is only performed at the source nodes for encryption and at the sink nodes for decryption, and the intermediate nodes perform recoding of the message packets.Step ( 1)- (3).Key size  is declared.Function   gets the key size as its argument.Initialization function is used to call key size .
Step ( 4)- (7).A random value between  and  is stored in .The permutation function takes this random value as a seed to generate a value as [].The loop ends on  − 1.
Step ( 8)- (11).Initialization function has values from  to  where  is stored as [] and loop ends at q.
In Algorithm 2, we use symmetric encryption for secured transmission of the secret key from source node to sink.We propose partial permutation data generation key.In this scenario, instead of using the same generation data stream, some data elements remain at their original position.In the proposed scheme, source randomly selects the length of data packet and makes a generation.On the basis of shared random value for partial permutation and confusion key, both ends have the ability to generate common session key on a distributed manner.In this scenario, we assume that secret parameter has been distributed by a trusted authority between source and sink as illustrated in Figure 6.To guard against replay attacks, we have used dynamic random key generation.Dynamic keys are the cryptographic keys that are not the same for the whole network lifetime.Instead, it is established either periodically or on demand.This helps increase the network survivability by revoking keys of the compromised nodes in the process of rekeying.Dynamic Source Routing (DSR) protocol is simple and efficient routing mechanism designed typically for multihop MANETs.It makes the network completely self-configuring and self-organizing without requiring any existing infrastructure.As DSR is source initiated link state routing the nodes dynamically discover an efficient route to send the packet by multiple network hopping till the destination which makes it be the loop-free packet routing.The DSR protocol consists of two mechanisms: one is route discovery and the other is route maintenance.Based on this scenario, we adopt dynamic key for each data generation (  ) to handle replay attack in MANET.Based on the sharing parameters at both ends, source generates dynamic key for each generation.Suppose we have key () then the  () =  (1) ,  (2) , . . .,  () where (  ) represents the number of dynamic keys distributed for each generation and  () is dynamic key.
As discussed in [15], traditional cryptographic technique like AES for end-to-end encryption cannot be used due to the limited resource capabilities of MANETs.This work contributes to generate lightweight encryption key as shown in Algorithm 2, which introduces a random number and updating key for each data generation to enhance security and reduce computation and communication overheads from source to destination in MANETs.
Steps ( 1)- (3).Set random number  used to generate the value of ℎ for permutation.In this step,  represents the number of generations and  is the total data length that is divided into generations like   1 and   2 where  is chunk size to produce a single generation.The value of ℎ can vary from 4 bits to 32 bits where ℎ ≪  and it is used for permutation.Moreover, () represents the set of keys where   1 represents key for the first generation.Other parameters are initialization factor (ℎ), packet length (), and random division of perturb-vectors ( = (0, ℎ! − 1)).
Steps ( 4)- (8).Loop for generation from 1 to  where () is the index of generation and calculated as chunk over permutation length ℎ is used in Steps ( 5) and ( 6) for calculating confusion key and ciphertext which is generated as a function of data generation and confusion key.After the loop ends we will get ciphertext.
Steps ( 11)- (14).Confusion key   () is generated for an end-to-end communication which consists of a perturbing key and a random number.The perturbing function  is calculated by subtracting the sum of 1 and indexed confusion function, which will continue till the end of the permutation length.

Performance Analysis
We take into account typical cryptanalysis on permutation cipher which is a case of transposition cipher and evaluate how effectively a permutation encryption can be broken.This is based on nonuniform occurrences of - combinations named as -.Taking an example, the frequency of bigram "" in English is much higher as compared to bigram "."The ability of guessing permutation  is accessed by using - frequency statistics: first large cipher texts are decrypted by using inverse of permutation  and then evaluated on the basis of how close the statistics of - decrypted messages are as compared to statistics of underlying languages.Then we find the permutation of other letters that have better ability by searching "" neighborhood with good ability until key  is found.Although this is rather effective in transposition ciphers breaking, we contend that for the case of our permutation encryption it does not work fine.(1) First we permuted GEVs; then we introduced dynamic random encryption key on message.This double encryption makes it much stronger against replay attack.So this means that, as compared with transposition cipher, the proposed scheme requires a lot of time to access the ability of permutation.(2) A small change of permutation, for example, change of just two positions, will give different encryption that would decode information into totally different messages.This resulted in the fact that permutation has good ability so by searching in the neighborhood of the permutation we do not expect to get permutations with better ability.As dynamic random encryption key is distributed at initial stage, permutation operation (encryption at source and decryption at destination) will give less computational overhead.So permutation encryption is lightweight in terms of computation.
The performance analysis of the proposed scheme is analyzed in built-in classes of Java.It uses managed packaging for AES, DES, and Blowfish which is available in http://java.cypto.com.The existing schemes used traditional cryptographic methods of cipher class that provide functionality of different cryptographic techniques used for encrypting and decrypting of data.It forms the core of the JCE framework.Simulation parameters are given in Table 2.

Storage Analysis.
The proposed scheme is based on secret credentials to encrypt perturbing methods and acts as secure shared session key between end nodes.The pseudo random number generator (PRNG), a confusion function (), permuting of selective data ((/ℎ)) portion, and time stamp () are used as secret credentials.The memory overhead of the confusion key depends on the selective bits of data and other parameters.To overcome memory and computation overhead, the proposed scheme uses 32-bit key size which has lesser overhead from traditional cryptographic techniques like DES, AES, 3DES, and Blowfish.The application payload is 32 bits, which include 16 bits of session key and 16 bits of the random challenge.The performance analysis of Algorithms 1 and 2 shows the proposed scheme is efficient from traditional schemes and suitable for resource constrains devices.Performance comparison of different schemes is done on the basis of parameters like encryption time, encryption/decryption throughput, and energy consumption as shown in Table 3.We considered well known symmetric key encryption techniques for comparison with the proposed scheme.Data encryption standard (DES) has 128-bit key size and 64-bit block size.3DES, which is an enhancement of DES, uses three 64-bit keys which makes 192-bit key size and has a 64-bit block size as well.AES has variable key lengths of 128, 192, or 256 bits and has a data block size of 128 bits.We consider 128-bit key.Finally Blowfish uses variable key lengths of 32 bits to 448 bits and 64-bit data block size.We used 64-bit key size.The appraisal is intended to assess the results by using block ciphers.Consequently, the load data (plaintext) is divided into smaller data generation size as per algorithm settings given in Table 3. De Meulenaer et al. [32] evaluated energy of wireless nodes in terms of communication cost, whereas Abdul Elminaam et al. [33] evaluated various symmetric cryptography algorithms used in MANETs in terms of energy cost.The energy is calculated by using the following equation:  =  × , where  is the energy in joules,  is the nominal power in watts, and  is the time duration in seconds.Operation cost and transmission of 1 byte is 5.76 J, reception of 1 byte is 6.48 J, and AES-128 encryption of 16 bytes is 42.88 J.On the basis of these assumptions we have computed energy consumption at processing and transmission level of proposed scheme.In addition, we analyzed the key size as in Figure 7.

Throughput.
As the encryption time decreases, more data can be processed which results in larger throughput.Encryption time has to be considered while calculating throughput of an encryption algorithm.The throughput of an algorithm is obtained by dividing plain text in kilobytes by encryption time in milliseconds.From the graphical illustration of encryption and decryption throughput in Figure 8, the proposed scheme outperforms other schemes in terms of throughput.The gap between the proposed scheme and AES, DES, and 3DES is significantly large because of their higher  encryption time.Data throughput on encryption and decryption is depicted in graphical presentation.The throughput of the proposed scheme is calculated and then compared with other schemes according to the formula throughput = plain text size/encryption time.We have calculated the encryption and decryption time of various algorithms as per the throughput formula.We considered plaintext size to be the average of plain text size and the average time taken.So 1598.7 kbytes/374 ms = 4.174 Mbytes/s for AES while for our proposed scheme it is calculated as 1598.7 kbytes/31 ms = 56 Mbytes/s.In the same way, the decryption throughput is calculated via dividing the plain text size by decryption time.

Encryption Time.
Encryption time is calculated as time taken by any device in executing the encryption algorithm.Encryption time is calculated by taking into account the size of plain text, key size, and block size.We consider the algorithm key sizes as given in Table 3. From Figure 9 we can clearly see that the proposed scheme has very less encryption time as compared with Blowfish algorithm which is a light weight encryption scheme.From Table 3 we can clearly see that when the key size increases, time for encryption increases as well.As for the proposed scheme the key size as well as the block size is smaller than the other algorithms, that is, 32 bits; the encryption time comes out to be 31 ms, which is significantly lower than other schemes.

Energy Consumption.
The energy consumption is calculated as the average energy consumed during the process by an algorithm.The cost of the proposed scheme is based on energy consumption during encoding, transmitting, and receiving cost of data at sinks.On the basis of [32] we elaborate energy consumption of the proposed scheme and compare it with the existing techniques.Less time taken for encryption means there are few cycles which gives lower energy consumption.As described before, the proposed scheme has less encryption time as compared with other encryption schemes.As shown in Figure 10, the energy consumption of the proposed scheme comes out to be 0.2 J which is significantly lower as compared with other schemes.The energy consumption is calculated by considering block size in bytes, and multiplying it with energy consumption for symmetric key comes out to be 0.8 J/bit.As described in the scheme, confusion key plays a vital role in the proposed scheme in which secret credentials are used for the session key.A node has to compute 16-bit PRNG, 8-bit time stamp, and 8-bit permuting of selective data to secure perturbing function.On the assumption of [32] the computation cost is 0.25 J/bit and our proposed scheme needs to compute 32-bit data for confusion key which means total energy is 32 × 0.25 = 8.0 J.In this scheme the confusion key computation cost depends on the random amount of selective data from -bit data length.We assume that the proposed scheme computes on 32-bit block generation of data.

Conclusion
In this paper, we proposed a partial permutation encryption algorithm for network coded MANETs.Instead of permuting the whole packet as in the previous P-Coding scheme, the proposed scheme permutes only GEVs which decreases the computational complexity, making it an efficient encryption scheme in terms of energy, computation, and cost.To guarantee that the proposed scheme is secure against various attacks, we proposed dynamic key generation mechanism for our random key generation.We analyzed the proposed scheme by taking into account different parameters and concluded that our partial permutation scheme is efficient and lightweight.The proposed scheme outperforms other analyzed schemes in terms of efficiency and cost.The proposed scheme has lower encryption time and greater throughput which resulted in 117% improvement from the Blowfish algorithm for MANETs.Blowfish algorithm has 5 times greater throughput than DES.The proposed scheme has 16 times lesser energy consumption than the Blowfish algorithm that makes it an efficient encryption technique for energy constraint devices.

Figure 6 :
Figure 6: Dynamic key generation by a Key Distribution Center (KDC).

Figure 7 :Figure 8 :
Figure 7: Key size of the storage analysis.

Figure 9 :
Figure 9: Data encryption time in milliseconds.
4.1.Dynamic Random Key Generating Algorithm.In a scenario where source needs to transmit huge data volume one node to other nodes, source should first divide data into generations and use perturbing key on each data generation.If a single perturbing key is used in the course of transmission then there is a chance that this key would be disclosed, which will result in compromising security of the whole data volume.This is known as single generation failure.Assume the following steps are performed by source on th data generation   , and key   is generated.
from (c) Encrypt   based on   and the encrypted data generation is sent from source node to all participant nodes that can update key.Algorithm 1 explains the perturbing function for GEVs and is also used to generate dynamic random key.(1) [] / * size  * / (2) Function Key Gen (integer ) (3) Initialization() (4) For  ← 1 to  − 1 (5)  ← rand() / * between  to  * /

Table 3 :
Performance comparison of schemes.