Beruflich Dokumente
Kultur Dokumente
ASSESSED COURSEWORK
School of Technology
TO BE COMPLETED BY STUDENT(S) Department: Module No: School of Technology P00011 Module Title: Assignment Title or No: Research and Study Methods Mini Project
If this is a group assignment, please enter all group members nos., names, and if relevant, group no. or name.
Group:
Statement of Compliance: We declare that the work submitted is our own and that the work we submit is fully in accordance with the University regulations regarding assessments (see overleaf). Student Signature(s): signed MB Date: 25 Nov 2009
Markers Name:
Markers Signature:
Date:
School of Technology
P00011 Data security for Wireless Communication Systems: A study of various popular crypto algorithms and their suitability. - This topic should cover various popular crypto algorithms based on block, stream, and public key ciphers and their suitability for mobile communication devices in terms power, speed of operation, chip area requirement, reliability, etc. This should include techniques based on, for example, ECC, RSA, AES, Kasumi, etc.
School of Technology
Abstract
In our days Nowdays/Recent trend suggests, it is crystal clear that security issues are becoming an everyday worry for a wide group of electronic systems that control, store, access and communicate important and sensitive data. In recent years the role of wireless communication systems has broadened significantly and the total knowledge dealing with them has grown a great deal as well. However, security policies for wireless systems need to focus attention to additional areas that are not always addressed for wired systems, because of the special characteristics make wireless systems distinguish from any other electronic systems. In this study, the main issues for security applied on communication systems are reviewed in the context of satisfaction of security requirements and provision of security services being available to mitigate the potential threats for any kind of network. Additionally, cryptographic algorithms -the core of security systems are discussed, their major categories are listed, the most popular ciphers as of block, stream and public key ones are described in detail with figures, as well as many evaluations in terms of power, speed of operation, chip area requirement and reliability are illustrated. With a lot of security approaches for wireless systems have been suggested till now, potential improvements of security for wireless devices with low processing power and small size and memory capacities are more than challenging in our days.
Para. 3 Para. 2 Para. 1 wordy=
School of Technology
Table of Contents
1. Introduction... 1 2. Fundamentals.....1 2.1 Security requirements... 1 2.2 Basic Terminology....... 2 2.3 Security Services...... 2 3. Cryptographic Algorithms... 3 3.1 Asymmetric key algorithms..... 3 3.2 Symmetric key algorithms....4 3.2.1 Block and Stream ciphers....... 4 3.3 Hash algorithms....7 4. Suitability of cryptographic algorithms.. 7 4.1 Hardware and software implementation...... 8 4.2 Power management.. 8 5. Conclusions.... 11 References... 12
School of Technology
List of Abbreviations
AES DES DH DSA ECC MAC RC4 RSA SHA SSL WEP 3DES 3G Advanced Encryption Standard Data Encryption Standard Diffie-Hellman Digital Signature Algorithm Elliptic Curve Cryptography Message Authentication Code Rivest Cipher 4 Rivest, Shamir and Adleman Secure Hash Algorithm Secure Sockets Layer Wired Equivalency Protocol triple-Data Encryption Standard Third Generation
School of Technology
1. Introduction
The very last years Recently/In recent years, wireless systems technology, which actually coexists with, extends, and even competes with wired communication services, has provided high quality connectivity and communication services with previously unknown flexibility and mobility characteristics. However the commercialization of wireless communications resulted in the rise of the potential for adversarial interactions, which are motivated by various harming concerns. In the modern business world for example, vital information needs to be exchanged between parties for the successful completion of a transaction and current business practices are dependent on extensive use of computers and the Internet. In response to the rise of security problems, the technical community has developed a collection of basic technologies for addressing network security. Many of the same problems, design approaches, and even protocols that have been developed for wired network security can be applied to wireless network security too, in a way that it could simply be considered as a subtopic of general network security. On the other hand, cryptographic algorithms are still troublesome for wireless systems because of kind of difficulties in their implementation. Many scientists believe that a number of cryptographic algorithms have been proven unsuitable for wireless systems devices -especially for handheld devices, because these devices operate in a different way and their specific limitations as of power consumption and chip area requirements for example, affect a great deal the network security features. The impact of those parameters on existing security systems should not be disregarded as many studies for this topic have been developed and apparently will be discussed on the following paragraphs of this study.
2. Fundamentals
2.1 Security requirements
The objective of communication security, which wireless systems should satisfy as well, is the preservation of the three following principles [4]: Confidentiality: the communication data are only released to authorized parties of the network. Integrity: the data in the communication process retain their completeness and are not able to be modified by any unauthorized party.
1
School of Technology
Availability: authorized parties are allowed timely access and adequate bandwidth to access the data.
School of Technology
not any unplanned eavesdropper is able to read the contents of the message it sent. Replay protection ensures that undesirable replaying of previous messages can not be committed. Sequence of replayed messages captured during a legitimate transaction can block the receiver partys processing, so that receiver to refuse services to legitimate parties.
3. Cryptographic Algorithms
As it has already been mentioned above, cryptographic algorithms require cryptographic material in order security services to be provided successfully. Generally, both communicating parties possess and use in common cryptographic keys which management over the time is one of the most significant and complex field of security procedure for wireless systems [1]. Cryptographic algorithms usually define the security characteristics of the key management system, but at the same time they can be roughly divided, depending on the number of keys are used during the encryption process, into two main types which will be discussed comprehensively in the following paragraphs [1], [3].
School of Technology
Rivest, Shamir and Adleman (RSA) is the most popular of the category and is based on the difficulty of integer resolving [2], [7]. It is usually used to secure wed traffic and e-mail in the Secure Sockets Layer (SSL) protocol [7]. Diffie-Hellman (DH) is based on that of the discrete logarithm problem in integer fields [2]. Elliptic Curve Cryptography (ECC) algorithm is based on difficulty of solving the discrete logarithm problem in integer fields. Related to RSA algorithm, ECC achieves better storage efficiencies, lower power consumption, higher speed and security per key bit. These advantages explain why ECC is used in mobile devices which processor power, energy availability, bandwidth, and storage are limited [7].
Further division of symmetric algorithms can be achieved considering the way the cryptographic algorithm processes the plaintext, either bit by bit or block by block. So, the two basic subcategories are presented below, as well as the most typical examples are discussed above: Block ciphers In this case, fixed-size plaintext blocks considered as input are encrypted into ideally equal ciphertext fixed-size blocks considered as output. Additionally, the process
School of Technology
requires the data to be passed through sequence of operations which are usually called rounds [2]. They are more popular than stream ciphers, are used in many Internet standards as well as 3G mobile communications and last but not least they constitute fundamental building blocks for wireless internet security [1]. Advanced Encryption Standard (AES) algorithm can use independently 128, 192 or 256 bits either for input-output or keys. Figure 1 above illustrates its structure on encryption and decryption procedure, and Figure 2 its block diagram respectively [7].
School of Technology
Kasumi is the base cipher for data origin authentication and confidentiality services of Third Generation (3G) mobile communications. Kasumi encrypts blocks of 64-bits and uses 128-bit key with eight operation rounds [4], [7]. Figure 3 illustrates an indicial block diagram of Kasumi algorithm [7].
DES algorithm operates on 64-bit block of data, uses a 56-bit key and there are sixteen rounds of identical operations [7]. If the DES
6
School of Technology
operation is performed three consecutive times the algorithm referred as 3-DES, the security level increases, but on the contrary, the performance reduces because 48 round operations are required. Figure 4 illustrates the block diagram of DES algorithm [7].
Stream ciphers
The plaintext is transformed to ciphertext on a bit-by-bit or byte-by-byte basis. There are used in cases where buffering is very limited or when incoming traffic is processed on a byte-by-byte basis [1]. There are not detailed internet standards for stream ciphers but on the other hand they are specialized and usually provided under particular requirements [1]. Rivest Cipher 4 (RC4) is the most popular cipher of this category. It is used in many protocols (SSL, WEP) and is characterized for its high speed in software and its simplicity [8].
School of Technology
authentication code (MAC), which are developed a great deal in Internet security protocols for data origin authentication [1]. Secure Hash Algorithm-1 (SHA-1) is one of the most common hash functions in Internet security protocols. It is used for example to calculate message digests and for several other applications. Finally, it is noted that in order a SHA-1 message digest to be calculated only the bits of the message are required and not any kind of key [1].
School of Technology
In terms of speed of operation, stream ciphers seems to be faster than block ciphers [1], asymmetric algorithms tend to require more complex arithmetic processing and to be considerably slower than symmetric key algorithms [1]. Additionally, RC4 is a good choice of algorithm for high speed applications, because of its high speed operation and good performance [2]. Last but not least, it is noted that ECC algorithm achieves higher speed than that of RSA algorithm [7].
Figure 5: Energy consumed by secure wireless data transmission of 64KB data using (a) DES and (b) 3DES encryption [6]
Furthermore, Figure 6 illustrates power consumption for various symmetric algorithms as a result of a specific study [2], from where the following observations have been derived from and are discussed above: RC4 is a good choice of algorithm for high speed applications, but its energy cost it relatively high to AES algorithm for example. AES algorithm offers a good combination of security and energy efficiency (both key setup and encryption).
9
School of Technology
Additional outcomes related to the power consumption from different studies are presented above [2], [6]: Power consumed by AES algorithm in software is five times less than that is required by 3DES [6], as illustrated in Table 1.
Encryption software implementation 3DES (192-bit) Energy/bit (J) Throughput (Mbps) 0.3349 4.976 128-bit 0.0666 25.963 AES 192-bit 0.07 24.58 256-bit 0.075 24.1
Table 1: Energy consumed by optimized software implementations of 3DES and AES encryption [6]
The amount of power required for symmetric algorithms performance is not critically affected by the size of the key, contrary to that of asymmetric algorithms [2]. Table 2 illustrates the energy consumption of the AES algorithm for various key sizes.
School of Technology
The amount of energy consumption of symmetric algorithms is related to the key-setup cost. The level of security services provided by a cryptographic algorithm can be compromised for power supplies by the key size and number of rounds. Particularly, symmetric algorithms are the best example of this trade-off philosophy [2].
ECC algorithm achieves lower power consumption than that of RSA algorithm [7].
Last but not least, potential solutions suggested by many researchers so that wireless devices to reduce the power levels consuming during encryption procedure include adapting communication according to the application requirements, regulating of energy used by the mobile transmitter during active communication, alterations between different modes of operation, and finally delaying of unit operation during idle periods [6].
5. Conclusions
Well written
In this study the basic concepts and characteristics of security for communication systems have been discussed. An interesting start to design a reliable security system is to designate the security services that are basically required and then to evaluate the cryptographic algorithm and material that their implementation will provide the security requirements. In addition to all above-mentioned, we examined the basic cryptographic algorithms suitability for mobile communication devices in relation to their limitations (energy, speed of operation, hardware and software) and reached the following conclusions:
bullet 1.High scale variations in power consumption are recorded between points
cryptographic algorithms of same category. 2. Performance of asymmetric algorithms consumes the highest amount of power in relation to other algorithms, i.e sometimes five times more than that
11
School of Technology
symmetric ones consume. On the contrary, hash algorithms require the lowest amount of power. 3. The amount of power required for symmetric algorithms performance is not critically affected by the size of the key. On the contrary, asymmetric algorithms power consumption is highly related to the key size. 4. The level of security services provided by a cryptographic algorithm can be compromised for power supplies by parameters as the key size and number of rounds. 5. Asymmetric algorithms have generally lower performance in term of speed of operation, and 6. Last but not least, stream ciphers seem to be faster than block ciphers as well as they have usually simpler circuitry and consequently lower chip area requirements. Furthermore, we did not omit to present a number of interesting suggestions submitted by researchers and constitute potential solutions (e. g scalable encryption) to wireless devices limitations, as well as future work for study in the field of cryptographic algorithms.
Words: 2884 (figures, tables and reference list are not included)
References
1. Kempf, J. Wireless internet security. Architecture and Protocols. New York: Cambridge University Press, 2008. 2. Potlapally, N. et all. A study of the Energy Consumption Characteristics of Cryptographic Algorithms and Security Protocols. IEEE Transactions on Mobile Computing 5 (2), 2006, pp.128 142. 3. Gritzalis, S. Basic Cryptographic Topics. Samos: University of Aigaon, 2002. 4. Giannattasio, G. et all. A guide to the Wireless Engineering Body of Knowledge. New Jersey: John Wiley and Sons, 2009. 5. Sklavos, N. Zhang, X. Wireless Security and Cryptography. Specifications and Implementations. Boca Raton: CRC Press, 2007. 6. Karri, R. Mishra, P. Minimizing Energy Consumption of Secure Wireless Session with QoS Constraints. Proceedings, IEEE International Conference on Communication, New York, 2002. 7. Howon, K. Sunggu L. Design and Implementation of a Private and Public Key Crypto Processor and its Application to a Security System. IEEE Transactions on Consumer Electronics 50 (1), 2004, pp.214-224.
12
School of Technology
Bibliography
Stallings, W. Cryptograpgy and Network Security. USA: Person Education, Inc, 2006.
13