How to Simulate Cryptography in NS2

To implement the Identity-Based Cryptography (IBC) is a form of public key cryptography in which the public key of a user is developed from its single identity, like their email address, name, or IP address. It removes require for the digital certificates and simplifies the public key infrastructure (PKI). The private key is created by a believed third party named a Private Key Generator (PKG). In the simulation environment NS2, we can be replicated an identity-based cryptography by executing key generation, encryption, and decryption processes. We provide stepwise approach to replicating IBC in NS2:

Step-by-Step Implementation:

  1. Set Up NS2

Make certain NS2 is installed on the computer. If not, install it then using the below command:

sudo apt-get install ns2

  1. Define the Network Topology

Describe a simple network topology with a sender, receiver, and a Private Key Generator (PKG) that will be created private keys for every node rely on their identity.

set ns [new Simulator]

set tracefile [open identity_crypto.tr w]

$ns trace-all $tracefile

# Create sender, receiver, and PKG nodes

set sender [$ns node]

set receiver [$ns node]

set pkg [$ns node]  ;# Private Key Generator node

# Create links between sender, receiver, and PKG

$ns duplex-link $sender $pkg 1Mb 10ms DropTail

$ns duplex-link $pkg $receiver 1Mb 10ms DropTail

  1. Simulate Identity-Based Key Generation

In Identity-Based Cryptography, the private key is generated according to the identity of the user (e.g., IP address, email, or any unique identifier). The PKG makes the private key for every single user depends on its public identity.

(A) Generate Private Key for Each Node

Replicate key generation by allocating a private key to each node rely on their identity. The PKG will handle this approach.

# Simulate identities for sender and receiver

set sender_identity “sender@example.com”

set receiver_identity “receiver@example.com”

# Function to simulate private key generation by PKG

proc generate_private_key {identity} {

puts “Generating private key for identity: $identity”

return “priv_key_$identity”  ;# Return a simulated private key

}

# Generate private keys for sender and receiver

set sender_private_key [generate_private_key $sender_identity]

set receiver_private_key [generate_private_key $receiver_identity]

  1. Encrypt Messages Using Identity-Based Public Key

In IBC, the public key is derived directly from the user identity. The sender will encode the message using the receiver identity as the public key.

(A) Encrypt Message with Identity

Mimic encryption by using the receiver’s identity as the public key. It removes require for a detached public key exchange.

# Simulate message encryption using the receiver’s identity as the public key

proc encrypt_message {message receiver_identity} {

puts “Encrypting message: ‘$message’ using receiver’s identity: $receiver_identity”

return “encrypted_$message_with_$receiver_identity”  ;# Simulate the encrypted message

}

# Encrypt a message at 1 second using receiver’s identity

$ns at 1.0 “set encrypted_message [encrypt_message ‘Hello Receiver!’ $receiver_identity]”

  1. Decrypt Messages Using Private Key

By using the private key made by the PKG, the receiver will decode the message.

(A) Decrypt Message with Private Key

Replicate decryption using the receiver’s private key that were generated by the PKG rely on the receiver’s identity.

# Simulate message decryption using the receiver’s private key

proc decrypt_message {encrypted_message private_key} {

puts “Decrypting message: ‘$encrypted_message’ using private key: $private_key”

return “decrypted_message”  ;# Simulate the decrypted message

}

# Decrypt the message at the receiver node

$ns at 1.5 “set decrypted_message [decrypt_message $encrypted_message $receiver_private_key]”

  1. Set Up Data Transmission Between Sender and Receiver

Here, configure the data transmission using CBR (Constant Bit Rate) traffic generator to replicate encrypted message transmission among the receiver and the sender. The message is encrypted using the receiver’s identity and also decrypted at the receiver using the private key generated by the PKG.

# Set up UDP agents for sender and receiver

set udp_sender [new Agent/UDP]

set udp_receiver [new Agent/UDP]

set null_receiver [new Agent/Null]

$ns attach-agent $sender $udp_sender

$ns attach-agent $receiver $null_receiver

$ns connect $udp_sender $null_receiver

# Create a CBR traffic generator to simulate message transmission

set cbr_sender [new Application/Traffic/CBR]

$cbr_sender set packetSize_ 512

$cbr_sender set rate_ 1Mb

$cbr_sender attach-agent $udp_sender

# Encrypt message and send it at 2.0 seconds

$ns at 2.0 “set encrypted_message [encrypt_message ‘Secure Message’ $receiver_identity]”

$ns at 2.0 “$cbr_sender start”

# Decrypt message at the receiver

$ns at 2.5 “set decrypted_message [decrypt_message $encrypted_message $receiver_private_key]”

  1. Log the Encryption and Decryption Process

We can be recorded the encryption and decryption process to mimic the security features of the communication.

# Log the encryption and decryption process

proc log_encryption {message encrypted_message} {

puts “Original message: ‘$message’ was encrypted as: ‘$encrypted_message'”

}

proc log_decryption {encrypted_message decrypted_message} {

puts “Encrypted message: ‘$encrypted_message’ was decrypted as: ‘$decrypted_message'”

}

# Log the encryption and decryption process

$ns at 2.0 “log_encryption ‘Secure Message’ $encrypted_message”

$ns at 2.5 “log_decryption $encrypted_message $decrypted_message”

  1. Run the Simulation

When the script is done then run the simulation using NS2:

ns your_script.tcl

  1. Analyze Results

After running the simulation, verify the trace file (identity_crypto.tr) and support the result to check:

  • The private keys were appropriately generated by the PKG depends on the identity.
  • Messages were encrypted using the receiver’s identity.
  • Messages were decrypted using the receiver’s private key.

Also we can use the NAM (Network Animator) to envision the safeguard message transmission among the sender and receiver.

  1. Extend the Simulation

We can extend this simulation by:

  • Simulating key revocation: Append the functionality for the PKG to revoke private keys if a user’s identity is compromised.
  • Implementing key escrow: In the IBC, the PKG might save a copy of the private key for recovery or observing the purposes. Replicate key escrow mechanisms.
  • Adding more nodes: Append more nodes to mimic a larger network in which various users communicate securely using identity-based encryption.
  • Introducing network attacks: Mimic attacks like eavesdropping or man-in-the-middle to examine the security of the identity-based cryptographic system.

Therefore, we had presented the implementations steps for Identity-based Cryptography within NS2 that were replicated and executed. Also we will provide additional insights regarding this topic as required. Share with us all your research details we are ready to help you.