mini project (bempenis m., 09099225)
TRANSCRIPT
-
8/3/2019 Mini Project (Bempenis m., 09099225)
1/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
TO BE COMPLETED BY STUDENT(S)
Department: School of Technology
Module No: P00011 Module Title: Research and Study Methods
Assignment Title or No: Mini Project
If this is a group assignment, please enter all group members nos., names, and if relevant, group no. or name.
Student No(s): Student Name(s): (Surname , first name)
09099225 Bempenis, Michail Group:
Statement of Compliance:
We declare that the work submitted is our own and that the work we submit is fully in accordance with the
University regulations regarding assessments (see overleaf).Student Signature(s):
signed MB Date: 25 Nov 2009
TO BE COMPLETED BY SCHOOL
Received by: Date Received by School:
Markers Name: Markers Signature:
Weighting of this assignment as a % of the whole module:
Areas of achievement:
Areas for further development:
Grade / mark (unmoderated): Date:
FORM: LT1 Assessed Coursework Coversheet Version: September 2009
-
8/3/2019 Mini Project (Bempenis m., 09099225)
2/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Module Number: P00011
Project Title:Data security for Wireless Communication Systems: A study of
various popular crypto algorithms and their suitability. - This
topic should cover various popular crypto algorithms based on
block, stream, and public key ciphers and their suitability for
mobile communication devices in terms power, speed of
operation, chip area requirement, reliability, etc. This should
include techniques based on, for example, ECC, RSA, AES,
Kasumi, etc.
Student Name: Bempenis Michail
Student Number: 09099225
Proposed by: Dr. Abusaleh Jabir
Date of submission: 25 November 2009
-
8/3/2019 Mini Project (Bempenis m., 09099225)
3/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
AbstractIn our daysNowdays/Recent trend suggests, it is crystal clear that security issues are
becoming an everyday worry for a wide group of electronic systems that control,
store, access and communicate important and sensitive data. In recent years the role of
wireless communication systems has broadened significantly and the total knowledge
dealing with them has grown a great deal as well. However, security policies for
wireless systems need to focus attention to additional areas that are not always
addressed for wired systems, because of the special characteristics make wireless
systems distinguish from any other electronic systems.
In this study, the main issues for security applied on communication systems are
reviewed in the context of satisfaction of security requirements and provision of
security services being available to mitigate the potential threats for any kind of
network. Additionally, cryptographic algorithms -the core of security systems are
discussed, their major categories are listed, the most popular ciphers as of block,
stream and public key ones are described in detail with figures, as well as many
evaluations in terms of power, speed of operation, chip area requirement and
reliability are illustrated.
With a lot of security approaches for wireless systems have been suggested till now,
potential improvements of security for wireless devices with low processing power
and small size and memory capacities are more than challenging in our days.
Para. 1wordy=
Para. 2
Para. 3
-
8/3/2019 Mini Project (Bempenis m., 09099225)
4/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Table of Contents
1. Introduction... 1
2. Fundamentals.....1
2.1 Security requirements... 1
2.2 Basic Terminology....... 2
2.3 Security Services...... 2
3. Cryptographic Algorithms... 3
3.1 Asymmetric key algorithms..... 3
3.2 Symmetric key algorithms....4
3.2.1 Block and Stream ciphers.......4
3.3 Hash algorithms....7
4. Suitability of cryptographic algorithms.. 7
4.1 Hardware and software implementation...... 8
4.2 Power management.. 8
5. Conclusions.... 11
References... 12
-
8/3/2019 Mini Project (Bempenis m., 09099225)
5/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
List of Abbreviations
AES Advanced Encryption Standard
DES Data Encryption Standard
DH Diffie-Hellman
DSA Digital Signature Algorithm
ECC Elliptic Curve Cryptography
MAC Message Authentication Code
RC4 Rivest Cipher 4
RSA Rivest,ShamirandAdleman
SHA Secure Hash Algorithm
SSL Secure Sockets Layer
WEP Wired Equivalency Protocol
3DES triple-Data Encryption Standard
3G Third Generation
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivest -
8/3/2019 Mini Project (Bempenis m., 09099225)
6/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
1. Introduction
The very last years Recently/In recent years, wireless systems technology, which
actually coexists with, extends, and even competes with wired communication
services, has provided high quality connectivity and communication services withpreviously unknown flexibility and mobility characteristics.
However the commercialization of wireless communications resulted in the rise of the
potential for adversarial interactions, which are motivated by various harming
concerns. In the modern business world for example, vital information needs to be
exchanged between parties for the successful completion of a transaction and current
business practices are dependent on extensive use of computers and the Internet.
In response to the rise of security problems, the technical community has developed a
collection of basic technologies for addressing network security. Many of the same
problems, design approaches, and even protocols that have been developed for wired
network security can be applied to wireless network security too, in a way that it
could simply be considered as a subtopic of general network security.
On the other hand, cryptographic algorithms are still troublesome for wireless systems
because of kind of difficulties in their implementation. Many scientists believe that a
number of cryptographic algorithms have been proven unsuitable for wireless systems
devices -especially for handheld devices, because these devices operate in a different
way and their specific limitations as of power consumption and chip area
requirements for example, affect a great deal the network security features. The
impact of those parameters on existing security systems should not be disregarded as
many studies for this topic have been developed and apparently will be discussed on
the following paragraphs of this study.
2. Fundamentals
2.1 Security requirements
The objective of communication security, which wireless systems should satisfy as
well, is the preservation of the three following principles [4]:
Confidentiality: the communication data are only released to authorized parties
of the network.
Integrity: the data in the communication process retain their completeness and
are not able to be modified by any unauthorized party.
1
Does not contain an overview the article. Organization of the paper/report/article..
-
8/3/2019 Mini Project (Bempenis m., 09099225)
7/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Availability: authorized parties are allowed timely access and adequate
bandwidth to access the data.
2.2 Basic Terminology Plaintext is the initial message or initial data to be encrypted. Its form is
understandable by all every parties [2].
Ciphertext is the text produced as a result of encryption process. Its form is
secret for everybody other than the valid communicating parties [2].
Encryption: the process which through implementation of a cryptographic
algorithm and the use of cryptographic material (mainly cryptographic keys)
transforms the plaintext to ciphertext [2]. Encryption or cryptographic algorithm is the formula that performs the
necessary transformations so that the plaintext to be encrypted [2].
Decryption: the inverse procedure than that encryption performs [2].
Cryptographic key is the main part of the provisioned cryptographic material
that is typically used for the cryptographic algorithm. Key or keys are strictly
delivered to the legitimate communicating parties only [1].
Security protocol: includes a formal sequence of steps to be followed by twoor more parties of a network and decides which encryption algorithms should
be used, so that security services to be carried out successfully [2].
2.3 Security Services
Security services orsecurity objectives have been developed to counter the potential
threats against the security system. They have many uses in general network security
and are an important part of wireless network security. The three main categories aretraced as follows [1]:
Data origin authentication orintegrity protection ensures that the receiver of a
message is able to ascertain that the received message originated from an
authorized party as well as that its contents were not changed during
transmission.
Confidentiality protection is the most popular security service. Confidentiality
protection allows the sender party to know that only a designated receiver and
2
-
8/3/2019 Mini Project (Bempenis m., 09099225)
8/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
not any unplanned eavesdropper is able to read the contents of the message it
sent.
Replay protection ensures that undesirable replaying of previous messages can
not be committed. Sequence of replayed messages captured during a legitimatetransaction can block the receiver partys processing, so that receiver to refuse
services to legitimate parties.
3. Cryptographic Algorithms
As it has already been mentioned above, cryptographic algorithms require
cryptographic material in order security services to be provided successfully.
Generally, both communicating parties possess and use in common cryptographickeys which managementover the time is one of the most significant and complex field
of security procedure for wireless systems [1].
Cryptographic algorithms usually define the security characteristics of the key
management system, but at the same time they can be roughly divided, depending on
the number of keys are used during the encryption process, into two main types which
will be discussed comprehensively in the following paragraphs [1], [3].
3.1 Asymmetric key algorithms
Public key or asymmetric algorithms use different keys, especially a pair of keys,
namelypublic key andprivate key for encryption and decryption, respectively [2], [3].
In order asymmetric algorithms to be performed, confidential material is not required
to be transmitted as well as disposal in advance of secret material to the both parties.
Instead, communicating parties originate a pair of keys, one private not available to
any other party and one public, which is not confidential and can be transmitted
through open links of the network to the communicating parties [1].
They are not based on simple operations with bits as symmetric algorithms do, but on
tough computational mathematical functions -namely algorithmical [3].
Furthermore, it is noted that asymmetric key algorithms are widely developed for data
origin authentication services and key delivery/exchange purposes [1].
The most typical examples asymmetric key algorithms are discussed above:
3
-
8/3/2019 Mini Project (Bempenis m., 09099225)
9/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Rivest,ShamirandAdleman (RSA) is the most popular of the category and is
based on the difficulty of integer resolving [2], [7]. It is usually used to secure
wed traffic and e-mail in the Secure Sockets Layer (SSL) protocol [7].
Diffie-Hellman (DH) is based on that of the discrete logarithm problem ininteger fields [2].
Elliptic Curve Cryptography (ECC) algorithmis based on difficulty of solving
the discrete logarithm problem in integer fields. Related to RSA algorithm,
ECC achieves better storage efficiencies, lower power consumption, higher
speed and security per key bit. These advantages explain why ECC is used in
mobile devices which processor power, energy availability, bandwidth, and
storage are limited [7].
3.2 Symmetric key algorithms
Conventional, shared, secret key orsymmetric algorithms use the same key on both
encryption and decryption process [2], [3]. The key is a high entropy random bit
cryptographic pattern that is combined with the plaintext to produce the ciphertext [1].
The key should be kept secret from all other parties except from the communicating
ones. In case of its revelation, the eavesdropper unfortunately will be able to perform
the identical cryptographic operations that had been considered to be performed only
by the legitimate parties [1]. Consequently, the not-legitimate party could play the
role of a legitimate one, or to decrypt encrypted messages legitimate parties sent.
Last but not least, it is noted that symmetric algorithms are mainly used to provide
confidentiality protection services [2].
3.2.1 Block and Stream ciphers
Further division of symmetric algorithms can be achieved considering the way the
cryptographic algorithm processes the plaintext, either bit by bit or block by block.
So, the two basic subcategories are presented below, as well as the most typical
examples are discussed above:
Block ciphers
In this case, fixed-size plaintext blocks considered as input are encrypted into ideally
equal ciphertext fixed-size blocks considered as output. Additionally, the process
4
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adleman -
8/3/2019 Mini Project (Bempenis m., 09099225)
10/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
requires the data to be passed through sequence of operations which are usually called
rounds [2].
They are more popular than stream ciphers, are used in many Internet standards as
well as 3G mobile communications and last but not least they constitute fundamental
building blocks for wireless internet security [1].
Advanced Encryption Standard (AES) algorithm can use independently
128, 192 or 256 bits either for input-output or keys. Figure 1 above
illustrates its structure on encryption and decryption procedure, and
Figure 2 its block diagram respectively [7].
Figure 1: AES cipher structure [7]
5
-
8/3/2019 Mini Project (Bempenis m., 09099225)
11/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Figure 2: Block diagram of AES [7]
Kasumi is the base cipher for data origin authentication and
confidentiality services of Third Generation (3G) mobile
communications. Kasumi encrypts blocks of 64-bits and uses 128-bit
key with eight operation rounds [4], [7]. Figure 3 illustrates an indicial
block diagram of Kasumi algorithm [7].
Figure 3: Block diagram of Kasumi argorithm [7]
DES algorithm operates on 64-bit block of data, uses a 56-bit key and
there are sixteen rounds of identical operations [7]. If the DES
6
-
8/3/2019 Mini Project (Bempenis m., 09099225)
12/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
operation is performed three consecutive times the algorithm referred
as 3-DES, the security level increases, but on the contrary, the
performance reduces because 48 round operations are required. Figure
4 illustrates the block diagram of DES algorithm [7].
Figure 4: Block diagram of DES algorithm [7]
Stream ciphers
The plaintext is transformed to ciphertext on a bit-by-bit or byte-by-byte basis. There
are used in cases where buffering is very limited or when incoming traffic is
processed on a byte-by-byte basis [1]. There are not detailed internet standards for
stream ciphers but on the other hand they are specialized and usually provided under
particular requirements [1].
RivestCipher 4 (RC4) is the most popular cipher of this category. It is
used in many protocols (SSL, WEP) and is characterized for its high
speed in software and its simplicity [8].
3.3 Hash Algorithms
A cryptographic hash function is actually a noninvertible function that maps the bytes
in a message to a unique message digest. When a shared key is an argument to the
function in addition to the bytes of the message, a cryptographic hash function is often
called a keyed hash. A message digest formed using a keyed hash from both the
message and a secret key shared between two parties is called a message
7
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivest -
8/3/2019 Mini Project (Bempenis m., 09099225)
13/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
authentication code (MAC), which are developed a great deal in Internet security
protocols for data origin authentication [1].
Secure Hash Algorithm-1 (SHA-1) is one of the most common hash
functions in Internet security protocols. It is used for example tocalculate message digests and for several other applications. Finally, it
is noted that in order a SHA-1 message digest to be calculated only the
bits of the message are required and not any kind of key [1].
4. Suitability of cryptographic algorithms
The various above-mentioned cryptographic algorithms can achieve and provide
similar security functionalities and services respectively. However, the difficulties inimplementation of cryptographic algorithms on wireless communication devices
maintain their selection as an open issue.
For this reason in this section, their suitability is being evaluated in terms of some
vital characteristics for mobile communication devises, as those of power
consumption, hardware area requirements, speed of operation and reliability.
4.1 Hardware and Software Implementation
On one hand, cipher implementations in hardware are highly suggested, because
software solutions may be easier but not acceptable for real time, high-speed and low-
power consumption applications in wireless communication devices [5], [7].
On the other hand, many researchers suggest solutions in software, because the huge
amount of calculations of cryptographic algorithm require extra chip area for
hardware, not usually available on mobile or handheld devices for example [5].
Considering existing literature and many studies accumulated so far to evaluate the
various algorithms, the following outputs could be argued:
In terms of hardware, stream ciphers for example have usually simpler
circuitry and consequently lower chip area requirements [1].
In terms ofsoftware, 3DES algorithm for example is slow for software
implementations related to DES and other block ciphers. This characteristic
actually constitutes the main drawback of 3DES ciphers, as well.
8
-
8/3/2019 Mini Project (Bempenis m., 09099225)
14/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
In terms ofspeed of operation, stream ciphers seems to be faster than block
ciphers [1], asymmetric algorithms tend to require more complex arithmetic
processing and to be considerably slower than symmetric key algorithms [1].
Additionally, RC4 is a good choice of algorithm for high speed applications,because of its high speed operation and good performance [2]. Last but not
least, it is noted that ECC algorithm achieves higher speed than that of RSA
algorithm [7].
4.2 Power management
Many studies have been carried out in the field of wireless communication energy
management, especially of the power consumed by a handheld device. This is normal
if we take into consideration the high scale variations recorded in power consumed by
cryptographic algorithms of the same category.
Generally, it can be noted that energy consumed by these devices is a function of the
size of data transmitted, and the security level of the service as illustrated for example
in Figure 5 [6].
Figure 5: Energy consumed by secure wireless data transmission of 64KB data using (a) DES
and (b) 3DES encryption [6]
Furthermore, Figure 6 illustrates power consumption for various symmetric
algorithms as a result of a specific study [2], from where the following observations
have been derived from and are discussed above:
RC4 is a good choice of algorithm for high speed applications, but its energy
cost it relatively high to AES algorithm for example.
AES algorithm offers a good combination of security and energy efficiency(both key setup and encryption).
9
-
8/3/2019 Mini Project (Bempenis m., 09099225)
15/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
Figure 6: Power consumption for various symmetric algorithms [2]
Additional outcomes related to the power consumption from different studies are
presented above [2], [6]:
Power consumed by AES algorithm in software is five times less than that is
required by 3DES [6], as illustrated in Table 1.
Encryption software implementation
3DES (192-bit)AES
128-bit 192-bit 256-bit
Energy/bit (J) 0.3349 0.0666 0.07 0.075
Throughput (Mbps) 4.976 25.963 24.58 24.1
Table 1: Energy consumed by optimized software implementations
of 3DES and AES encryption [6]
The amount of power required for symmetric algorithms performance is not
critically affected by the size of the key, contrary to that of asymmetric
algorithms [2]. Table 2 illustrates the energy consumption of the AES
algorithm for various key sizes.
Key size
(bits)
Key setup
(J)
Average power of various
operating modes (J/B)
10
-
8/3/2019 Mini Project (Bempenis m., 09099225)
16/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
128 7.83 1.59
192 7.87 1.9075
256 9.92 2.0725
Table 2: Energy costs of AES variants [2]
The amount of energy consumption of symmetric algorithms is related to the
key-setup cost.
The level of security services provided by a cryptographic algorithm can be
compromised for power supplies by the key size and number of rounds.
Particularly, symmetric algorithms are the best example of this trade-off
philosophy [2].
ECC algorithm achieves lower power consumption than that of RSA algorithm[7].
Last but not least, potential solutions suggested by many researchers so that wireless
devices to reduce the power levels consuming during encryption procedure include
adapting communication according to the application requirements, regulating of
energy used by the mobile transmitter during active communication, alterations
between different modes of operation, and finally delaying of unit operation during
idle periods [6].
5. Conclusions
In this study the basic concepts and characteristics of security for communication
systems have been discussed. An interesting start to design a reliable security system
is to designate the security services that are basically required and then to evaluate the
cryptographic algorithm and material that their implementation will provide the
security requirements. In addition to all above-mentioned, we examined the basic
cryptographic algorithms suitability for mobile communication devices in relation to
their limitations (energy, speed of operation, hardware and software)
and reached the following conclusions:
1. High scale variations in power consumption are recorded between
cryptographic algorithms of same category.
2. Performance of asymmetric algorithms consumes the highest amount of power
in relation to other algorithms, i.e sometimes five times more than that
11
bullet
points
Wellwritten
-
8/3/2019 Mini Project (Bempenis m., 09099225)
17/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
symmetric ones consume. On the contrary, hash algorithms require the lowest
amount of power.
3. The amount of power required for symmetric algorithms performance is not
critically affected by the size of the key. On the contrary, asymmetric
algorithms power consumption is highly related to the key size.
4. The level of security services provided by a cryptographic algorithm can be
compromised for power supplies by parameters as the key size and number of
rounds.
5. Asymmetric algorithms have generally lower performance in term of speed of
operation, and
6. Last but not least, stream ciphers seem to be faster than block ciphers as well
as they have usually simpler circuitry and consequently lower chip area
requirements.
Furthermore, we did not omit to present a number of interesting suggestions
submitted by researchers and constitute potential solutions (e. g scalable encryption)
to wireless devices limitations, as well as future work for study in the field of
cryptographic algorithms.
Words: 2884 (figures, tables and reference list are not included)
References
1. Kempf, J. Wireless internet security. Architecture and Protocols. New York:
Cambridge University Press, 2008.
2. Potlapally, N. et all. A study of the Energy Consumption Characteristics of
Cryptographic Algorithms and Security Protocols. IEEE Transactions on Mobile
Computing5 (2), 2006, pp.128 142.
3. Gritzalis, S.Basic Cryptographic Topics. Samos: University of Aigaon, 2002.
4. Giannattasio, G. et all. A guide to the Wireless Engineering Body of Knowledge.New Jersey: John Wiley and Sons, 2009.
5. Sklavos, N. Zhang, X. Wireless Security and Cryptography. Specifications and
Implementations. Boca Raton: CRC Press, 2007.
6. Karri, R. Mishra, P. Minimizing Energy Consumption of Secure Wireless Session
with QoS Constraints. Proceedings, IEEE International Conference on
Communication, New York, 2002.
7. Howon, K. Sunggu L. Design and Implementation of a Private and Public Key
Crypto Processor and its Application to a Security System . IEEE Transactions onConsumer Electronics 50 (1), 2004, pp.214-224.
12
-
8/3/2019 Mini Project (Bempenis m., 09099225)
18/18
Oxford Brookes University ASSESSED COURSEWORK School of Technology
8. RC4. Wikipedia. Available at: http://en.wikipedia.org/wiki/RC4 (Accessed: 23
November 2009).
Bibliography
Stallings, W. Cryptograpgy and Network Security. USA: Person Education, Inc,
2006.
13
http://en.wikipedia.org/wiki/RC4http://en.wikipedia.org/wiki/RC4http://en.wikipedia.org/wiki/RC4