A Novel Verifiable Multisecret Sharing Scheme in Wireless Multimedia Sensor Networks

This paper presents a secure and practical verifiable multi-secret sharing scheme with application on multimedia sensor networks. By utilizing the merits of biometric cryptography, the proposed scheme can reliably conceal private information and overcome the shortcoming of the traditional cryptography. Security analysis shows that the proposed scheme provides secure, robust, and trustworthy verification of dealer and participants over insecure wireless multimedia sensor networks.


Introduction
Wireless multimedia sensor networks (WMSNs) have started to receive a lot of attention very recently due to their potential to be deployed flexibly in various applications with lower costs [1,2]. As WMSNs are widely deployed in remote and hostile environments to transmit sensitive information by broadcast, sensor nodes are prone to node compromise attacks and security issues such as data confidentiality and integrity are extremely important. Hence, security becomes a very serious concern in WMSNs protocols. But unfortunately sensor nodes have limited power, computation, storage, and communication capabilities; they impose several constraints on the algorithm and protocol that can be effectively deployed for such systems. In this scenario, most of the traditional security mechanisms are useless. Thus, the research of new efficient security techniques is needed [3][4][5].
In order to keep the secret efficiently and safely, in 1979, Shamir [6] and Blakley [7] first developed the concepts of the secret sharing (SS) scheme, respectively. In such a scheme, the dealer splits the secret into shares among participants, and sends the share to the corresponding participant. As a result, any out of the participants can cooperate to resume the secret, but any less than out of the participants cannot get any useful information about the secret by any way. A threshold secret sharing scheme has many practical applications, such as opening a bank vault, launching a nuclear, or authenticating an electronic funds transfer. Later, several multisecret sharing schemes were proposed [8][9][10][11][12]. In a multisecret sharing scheme, there are multiple secrets to be shared during one secret sharing process. In 2004, Yang et al. (YCH) [13] proposed a novel multisecret sharing (MSS) scheme, which is based on a two-variable oneway function. Besides efficient computation for practice, the scheme has the following merits: (1) several secrets can be shared during one secret sharing process; (2) the dealer need not redistributes a fresh shadow after the secrets have been reconstructed. But YCH scheme does not have the property of verification. That is to say, neither dealer nor participants cheating can be detected. As for dealer cheating, the dishonest dealer can prevent any certain participant from obtaining the true secret by distributing a fake shadow to him/her [14]; and the participants cheating, a malicious participant may provide a fake shadow to other participants, which makes the malicious participant the only one who gets to reconstruct the true secret [15]. In a secret sharing involving multiple dealers, the property of verifiability is more desirable since these dealers are mutually distrusted.
In 2005, Shao and Cao (SC) [16] proposed a verifiable multisecret sharing (VMSS) based on YCH and the intractability of the discrete logarithm. However, the speed of SC scheme is not competitive [17]. In 2007, Zhao et al. International Journal of Distributed Sensor Networks (ZZZ) [18] proposed another practical VMSS based on YCH. ZZZ scheme perform the verification phase by utilizing RSA cryptosystem and a Diffie-Helman key agreement method. Though ZZZ scheme significantly reduced the computation costs of the whole system, it is required that the dealer reconstructs a RSA cryptosystem once the secrets have been reconstructed. Later on, Dehkordi and Mashhadi (DM) [17] proposed an efficient VMSS scheme to improve the performance of SC scheme. Compared to ZZZ scheme, DM scheme just constructs one RSA cryptosystem in the whole system and the dealer verification is not required. But any participant has to compute − 1 modular exponential computing to verify others' secret shadow. It is still very time-consuming. In addition, it is difficult to protect private keys from attackers in the password-based verification system [19].
To overcome the drawback and pitfall of only-passwordbased verification of YCH scheme, in this paper, we present an efficient and practical VMSS by using biometric data, for example, palmprint, with application on wireless multimedia sensor networks. In the verification phase of the proposed scheme, the time consuming modular exponentiation computations, for example, Diffie-Hellman or RSA, are eliminated. This scheme allows participants and dealer to cooperate in choosing secret shadows. It can effectively perform dealer and participants' verification. Moreover, the computation cost, security, and efficiency of the presented scheme are embarking for the real application in the practical environment.
Rest of the paper is organized as follows: Section 2 briefly reviews YCH scheme. Section 3 presents the efficient and practical palmprint-based VMSS scheme with application on wireless multimedia sensor networks. Section 4 performs performance analysis of the proposed scheme. Conclusions are given in Section 5.

Review of YCH Schemes
Function ( , ) denotes any two-variable one-way Hash function and ( 1 , 2 , . . . , ) denotes secrets to be shared among participants. Before the secret sharing, the dealer randomly chooses secret shadows 1 , 2 , . . . , and distributes them to every participant over a secret channel. Then the dealer performs the following steps.

The Proposed Palmprint-Based VMSS Scheme
In this section we will propose a new palmprint-based VMSS scheme with application on wireless multimedia sensor networks. The verification is based on matching of the palmprint template. The notations ( Figure 1 shows the developed architecture of the secure wireless multimedia sensor networks by utilizing the proposed biometric based VMSS. Each camera sensor node in the networks is battery-powered and has limited computation and wireless communication capabilities. The sink is a data collection and storage center equipped with sufficient computation and storage capabilities. Camera sensor nodes periodically send the captured images to the sink node. Then the sink nodes transport this information secretly with the data process server via carrier networks. The proposed scheme is mounting among the sink nodes. Figure 2 shows an overall flowchart of the initialization phase. For = 1, 2, . . . , participant first randomly chooses his private key and submits to the dealer D.

Initialization Phase.
also imprints his palmprint image at the camera sensor nodes, and then initialization system performs the following operations.
(2) Write , and = ( , ) ⊕ into the memory of the corresponding sink node, where is the palmprint template of . For more details on calculate = ( , ) ⊕ , the reader can refer to [20].

Construction Phase.
The dealer D chooses a random number and performs the following steps.

Performance Analysis
4.1. Security Analysis. The security of our proposed scheme is based on ( , ) Shamir scheme and palmprint cryptography.
In the rest of this section, some possible attacks will be raised and fought against to demonstrate the security of our scheme.
(1) If attacker Eve can use fewer points than to reconstruct the polynomial ℎ( ) mod , it is equal to Eve that has broken through the ( , ) Shamir's scheme successfully. In this point, it is infeasible to recovery the secret shares of the proposed scheme by fewer points than .
International Journal of Distributed Sensor Networks 5  (2) In this scheme, the dealer D cheating would be failed, because every secret shadow ( , ) is composed of the private key of participant { } =1 and the secret shadow of D, either subtle differences of the secret will change ( , ) significantly. This is based on the sensitivity to initial condition of Hash function ( , ).
(3) Suppose dishonest participant gives a fake share ( , ( , )) to prevent the shared secrets recovery, it will be detected by dealer D in verification phase.
(4) Replay of the former round secret share ( , ( , )) can be exposed, because is random selected in each round and Hash function ( , ) is sensitivity to initial condition.
(5) Any intruder cannot get ( , ) because they cannot match the palmprint from the sensor nodes.

Computation Quality.
Compared with the proposed YCH based VMSS schemes, such as DM scheme [17], ZZZ scheme [18] and SC scheme [16], the verification phase of our scheme is more efficient and suitable for using in the WMSNs. SC scheme requires some time consuming power products in the verification phase, so it is too complex to applicable on WMSNs. ZZZ scheme performs the verification phase by utilizing RSA cryptosystem and a Diffie-Helman key agreement method. It still requires + 1 exponentiations to verify the validity of the secret shadows. And DM scheme just needs − 1 modular exponential computing to verify others' secret shadow. The verification of our scheme is based on the collision-free one-way Hash function. Any participant requires only one chaotic Hash computation to verify his/her shadow's validity, and − 1 Hash computations to verify other participants' shadows. Therefore, our scheme is more convenient for application on the WMSNs devices. Table 1 is for the comparison of these schemes.

Conclusion
We have proposed a novel and complete biometric-based verifiable multisecret sharing scheme with application on WMSNs. This scheme can conceal the secret shadow by palmprint cryptography and provide perfect verification. Performance analyses demonstrate it can achieve more functionality and satisfies all criteria.