FPGA implementation of a wireless sensor node with built-in security coprocessors for secured key exchange and data transfer

Abstract

The technological advances in wireless sensor nodes and the appearance of the Internet of Things (IoT) concept have reinforced interest in wireless sensor networks (WSN), as one of the basic elements, the IoT relies on Bhoyar et al. (2019) [1]. However, the security of data exchanged between nodes, which are susceptible to several types of attack, is still one of the challenges WSNs face. The aim of this work is to design and implement, in a field-programmable gate array (FPGA) circuit, a wireless sensor node with some customised built-in coprocessors to make data transfer and key-exchange operations secure and, especially, faster. These coprocessors allow us to establish secure communication using symmetric and asymmetric cryptography. In addition, we implement a reliable key-exchange protocol, to authenticate a new node before sharing the symmetric encryption key with it. This key exchange is based on the Diffie Hellman protocol, and enhanced with a lightweight defence mechanism against man-in-the-middle (MITM) attacks. The implemented security coprocessors are: the Advanced Encryption Standard (AES-128), to perform the symmetric cryptography; elliptic-curve cryptography (ECC-163), to perform elliptic-curves operations for asymmetric cryptography; and a secure hash algorithm (SHA-256), to perform a hash function that can be used for digital signature, authentication, and random-keys generation. All these coprocessors are supervised by the soft-core processor MicroBlaze. The hardware implementation of these algorithms makes their execution times shorter, which allows us to reduce the time needed for key exchange significantly to less than 12 ms and to accelerate the data encryption. The developed wireless node is equipped with the nRF24L01 + 2.4 GHz transceiver module, implemented and tested in an Artix-7 XC7A35T FPGA with a maximum resources consumption of less than 55%.