The use of signature-based broadcast authentication for code and data dissemination in wireless sensor networks (WSNs) cannot be avoided. It increases security but requires high computation. Adversaries can exploit the latter condition as an opportunity to send many false signatures. Filtering methods can overcome this vulnerability. Cipher Puzzle is a filtering method that has low storage overhead along with high security, especially against denial of service (DoS) attacks. However, its number of hash iterations cannot be bounded, which causes sender-side delay. This paper proposes a Dynamic Cipher Puzzle (DCP), which uses a threshold function to limit the number of hash iterations. Hence, time at the sender-side can be used more efficiently. Besides, its dynamic puzzle-strength increases the obscurity of the transmitted packet. Simulation and experimental results were analyzed with Arduino 2560. The theoretical results show that the quadratic function outperformed the compared methods. The scheme decreased sender-side delay by 94.6% with a guarantee of zero solution probability in 1.728 × 10 - 13 . The experimental results show that the consumption of resources at the sensor node increases with an acceptable value. Moreover, DCP increases the complexity for the attacker to implement probability and signature-based DoS attacks.
Keywords: Dynamic Cipher Puzzle; broadcast authentication; signature based DoS.