Computational Complexity. In Section IV, it was shown that the protocol defined in Algorithm 1 compares favorably to Xxxxxxxxx and Xxxxxxx’x group key agreement protocol in terms of the number of transmissions. While communications is typically the most significant factor in energy consumption in wireless sen- sor networks [42], computation is also important in power- constrained devices. In this section, we show that our protocol also compares favorably to the BD protocol in terms of computation.
Computational Complexity. For the key agreement process, the sensor node needs to conduct an ordering data operation that contains authentication, parameter exchange, and shared key computation. The computational complexity comparison is presented in Table 2. The main computational overhead is composed of four multiplications and four hash functions. Compared with other lightweight schemes, the computational cost of our scheme marginally increases. Our scheme sacrifices low computational resource for increased security.
Computational Complexity. In the naive implementation of MVNE, each optimization iteration takes O(d|V |2) time where |V | is the total number of nodes and d is dimension of embedding space. However, in typical applications, G is usually very sparse. In this case the time complexity of one optimization iteration using adjacency list based representation of the adjacency matrices [15] is O(|V | + |E|) (with d assumed to be constant), where |E| denotes the total number of edges across all of the views.
Computational Complexity. Security Analysis Bilinear graph plays an important role in significant cryptography problems like in Bilinear Xxxxxx- Xxxxxxx (BDH) problem which was presented by Xxxxx and Xxxxxxxx and explained in [13]. Security of our proposed protocol is based on a type of this assumption. Assume 𝐺 and 𝐺𝑇 as cyclic groups of the order q and 𝑒: 𝐺 × 𝐺 → 𝐺𝑇 is a bilinear graph consider these computational assumptions: • BDH: for each 𝑎 ∈𝑅 𝑍𝑞∗, 𝑏 and 𝑐 and considering the given 𝑎𝑃, 𝑏𝑃 and 𝑐𝑃, computing (𝑃, 𝑃)𝑎𝑏𝑐 is difficult. • Decisional Bilinear Xxxxxx-Xxxxxxx (DBDH): for each 𝑎, 𝑏 𝑎𝑛𝑑 𝑐 ∈𝑅 𝑍𝑞∗, differentiating (𝑎𝑃, 𝑏𝑃, 𝑐𝑃, 𝑒(𝑃, 𝑃)𝑎𝑏𝑐) and (𝑎𝑃, 𝑏𝑃, 𝑐𝑃, 𝑒(𝑃, 𝑃)𝑟) is difficulty. Theorem 1: The present scheme gives entity anonymity. Proof: In this protocol, the anonymity of entity is found by the hash function and the BDH problem. The key management phase, secure connection and key agreement phase are done through each identity’s corresponding 𝐼𝐷 and hashing its real 𝐼𝐷, Only Sink has access to real 𝐼𝐷𝑆 of cluster heads and nodes. Even if the intruder finds the transmitted messages in the secure connection and key agreement phase he can never induce the real 𝐼𝐷𝑆 . Theorem 2: The present protocol cannot disclose the agreed on session keys. Proof: Consider the confidentiality of the private key set. The key set is a combination of the corresponding 𝐼𝐷𝑆 with the encrypted amount. It means that the intruder must know both data to get access to the private key set. But even if the intruder hacks Sink, there’s no way for him to find the two data. Also, in order to get the session keys, the intruder must try to induce 𝑠𝑘1 and 𝑠𝑘2 from each {𝑅1, 𝑀𝐴𝐶1} and {an encrypted data packet, MAC2} the encrypted data packet. But there is no way for him to hack any entity. Theorem 3: The present protocol supports the freshness of the session key and as a result can avoid the replay attack. Proof: The freshness in the secure connection and key agreement phase means it guarantees the freshness of the session key. To achieve freshness, we use an r1 with MAC1 to generate session keys sk1 and sk2. But because of the BDH problem, there’s no possible way for the intruder to generate session keys but the intruder has no way to generate session keys because of the BDH even if he could hack an entity. Therefore, because of the freshness of session keys the proposed protocol is immune against the replay attack.
Computational Complexity. The SOCP problem (2.45)–(2.46) is a small-scale problem involving 2 n-dimensional variables, 4 SOC constraints and 2 linear constraints. It is solved very efficiently, re- xxxxxxx at most O(n3.5) arithmetic operations, by modern interior-point algorithms [31]. There exist freely-distributed software packages, e.g. [33], that use interior- point algorithms to yield the optimal solution of such problems. The number of SOCP problems that needs to be solved to determine the Pareto- optimal pair of beamforming vectors that corresponds to a point on the Pareto boundary is very small. This is because the bisection algorithm converges expo- nentially fast to the desired accuracy, since the search interval is halved in every iteration. Note that the sought value corresponds to an SINR value; hence, the accuracy of the solution need not be very high. Typically, a handful of iterations suffices to find a solution that is good-enough from engineering perspective.
Computational Complexity. In evaluating the computational complexity, we look at the number of passes and the number of computations each party has to perform in order to carry out the key agree- ment. In the proposed protocol, each party is required to perform three scalar point multiplications (m), evaluate two bilinear pairings (p), and make one pairing exponen- tiation (e). Generally, point multiplications and pairing exponentiations are much faster to compute than pairings. Thus, the efficiency of pairing-based protocols is essentially measured by the number of pairings each party has to compute. Many of the operations used in a protocol can be performed outside a protocol run. Such operations may include the hash of a peer identity or generating a short-term key 5This factor is just an estimate as implementations may also store other elements such as the iden- tity/identifier of the public key owner. Protocol type no precomputation precomputation Smart[58, 15] Xxxx-Xxxxx[15] #2’ Shim[57, 61] Choie-Xxxxx-Xxx[19] #2 ID ID ID ID 2p + 2m + 1e 1p + 4m 1p + 0x 0x + 0x 0x + 0x 0x + 0x 0x + 1m 1p + 2m + 1e Xx-Xxxxxx-Xxxxxxxx[1] Proposed protocol CL CL 4p + 2m + 1e 2p + 3m + 1e 4p + 1m 2p + 2m Table 3: Computation comparison pair to be used in some future session. Hence, when talking about efficiency, we often differ between precomputation and no precomputation. Protocols that allow precomputa- tion keep the operations required during on-line interaction to a minimum, and can thus significantly improve the response time. However, one drawback of using precomputa- tion is that precomputed values can be compromised by an adversary if they are stored insecurely. Table 3 shows the computation required by a selection of certificateless and identity- based key agreement protocols. In comparing the computation used in each protocol, only heavy operations are considered. In the proposed protocol, it is possible to pre- compute the short-term key pair as well as the pairing exponentiation. However, as the public keys are not known before a first-time protocol run between two entities, opera- tions requiring the knowledge of these cannot be precomputed. On the other hand, once public keys have been exchanged, the computation required by each entity can be re- duced to only one pairing and one scalar point mulitiplication. Thus, the performance of certificateless protocols can be competitive to that of identity-based protocols. Note from Table 3 that our protocol only needs to compute two pair...
