SlideShare a Scribd company logo

Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices

Nigerian Space Research and Development Agency
Nigerian Space Research and Development Agency

A THESIS SUBMITTED TO THE DEPARTMENT OF ELECTRONIC ENGINEERING FACULTY OF ENGINEERING, UNIVERSITY OF NIGERIA, NSUKKA

Science
1 of 73
Download to read offline
Omowa Edward PG/M.Sc./06/41742 PG/M. Sc/09/51723 Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices ELECTRONIC ENGINEERING A THESIS SUBMITTED TO THE DEPARTMENT OF ELECTRONIC ENGINEERING FACULTY OF ENGINEERING, UNIVERSITY OF NIGERIA, NSUKKA Webmaster Digitally Signed by Webmaster’s Name DN : CN = Webmaster’s name O= University of Nigeria, Nsukka OU = Innovation Centre AUGUST, 2010
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices By Omowa Edward PG/M.Sc./06/41742 A PROJECT SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN ENGINEERING DEPARTMENT OF ELECTRONIC ENGINEERING FACULTY OF ENGINEERING UNIVERSITY OF NIGERIA, NSUKKA August, 2010 APPROVAL PAGE
This is to certify that the project entitled “Performance and Power Consumption Analyses of Symmetric Encryption Algorithms in Wireless Devices” was submitted to the department of Electronic Engineering, University of Nigeria, Nsukka for the award of Degree of Master of Science in Engineering (with option in Digital Electronics and Computer Specialization). EDWARD OMOWA DATE (AUTHOR) DR THOMAS NWODOH DATE (SUPERVISOR) VEN. PROF. T.C. MADUEME DATE (HEAD OF DEPARTMENT) EXTERNAL SUPERVISOR DATE
DECLARATION I, Edward Omowa, declare that this project work is my own work and that to the best of my knowledge, it contains no materials previously published , or accepted for publication for the award of any Degree or Diploma at any institution, except where due acknowledgment is made in the text. EDWARD OMOWA DATE
ACKNOWLEDGEMENT I am heartily thankful to my supervisor, Dr. T.A. Nwodoh, whose encouragement, guidance and bright contributions from the initial stage of this work to the final had enabled me to develop an understanding of the subject. I would also like to express my profound appreciation to Prof. C.C. Osuagwu, Dr. Bolu, Director, ICT Centre, University of Nigeria, and other Staff members of the Department of Electronic Engineering, University of Nigeria, Nsukka, for their constructive criticism and advice. My thanks also go to my colleagues, Mr. Etim Eyo and Mr. Aneke Joseph for their encouragement. Finally, I put forward my regards and blessings to my wife, Oluwayemisi, and my son, Pamilerin for their encouragement, unmitigated love and understanding, and my amiable parents for making my dream come true. Edward Omowa.
DEDICATION I dedicate this work to the Almighty GOD for His supremacy over the power of the devil and his minions in matters concerning my destiny.
Abstract The importance of security in data communications and networking cannot be over- emphasized. Security in networking is based on cryptography, the science and art of transforming messages to make them secure and free from attacks and all sorts of eavesdropping. Cryptography has diverse applications in network security. Encryption algorithms are known to be computationally intensive. They consume a significant amount of computing resources such as CPU time, memory, and battery power. A wireless device, usually with very limited resources, especially battery power, is subject to the problem of energy consumption due to encryption algorithms. Designing energy efficient security protocols first requires an understanding of and data related to the energy consumption of common encryption schemes. This paper gives an experimental analysis of performance of a number of symmetric or private-key encryption algorithms: DES, 3DES, RC2, RC6, Blowfish and AES. In order to design energy efficient security protocols, there is need to critically study and understand encryption schemes within the context of performance metrics like varying sizes of data blocks, different key sizes, battery power consumption and encryption/decryption speeds. In this experiment, several performance metrics are collected and analyzed: encryption time, throughput, battery power and transmission time. TABLE OF CONTENTS Page Title Page: -- -- -- -- -- -- -- -- -- -- i Approval Page: -- -- -- -- -- -- -- -- -- ii Declaration: -- -- -- -- -- -- -- -- -- -- iii Acknowledgement: -- -- -- -- -- -- -- -- -- iv Dedication: -- -- -- -- -- -- -- -- -- -- v Abstract: -- -- -- -- -- -- -- -- -- -- vi Table of Contents: -- -- -- -- -- -- -- -- -- vii List of Figures: -- -- -- -- -- -- -- -- -- x List of Tables: -- -- -- -- -- -- -- -- -- -- xii
List of Acronyms: -- -- -- -- -- -- -- -- -- xiii Chapter I 1. Introduction -- -- -- -- -- -- -- -- -- 1 1.1 Motivation: -- -- -- -- -- -- -- -- 2 1.2 Scope of Research: -- -- -- -- -- -- -- 3 1.3 Thesis Outline: -- -- -- -- -- -- -- 3 Chapter 2 2. Background and Literature Review: -- -- -- -- -- -- 4 2.1 Network Security: -- -- -- -- -- -- -- 4 2.1.1 Confidentiality: -- -- -- -- -- -- 6 2.1.2 Authentication: -- -- -- -- -- -- 6 2.1.3 Integrity: -- -- -- -- -- -- -- 6 2.1.4 Non repudiation: -- -- -- -- -- -- 6 2.1.5 Encryption in Wireless Devices: -- -- -- -- 7 2.1.6 Energy Consumption of Encryption Algorithms on Wireless Devices:-- -- -- -- -- -- 7 2.1.7 Energy Efficiency of Communication Protocols: -- -- 8 2.2 Encryption Algorithms: -- -- -- -- -- -- 8 2.2.1 Symmetric Cryptographic Algorithms: -- -- 9 2.2.1.1 Types of Symmetric Ciphers: -- -- -- 11 2.2.1.1.1 Block Ciphers: -- -- -- -- 11 2.1.1.2 Stream Ciphers: -- -- -- -- -- 12 2.2.2 List of Encryption Algorithms Compared in this Experiment: -- -- -- -- -- -- 13 2.2.2.1 DES algorithm: -- -- -- -- -- -- 13 2.2.2.2 Triple-DES Encryption: -- -- -- -- -- 16 2.2.2.3 Blowfish Algorithm:-- -- -- -- -- 17 2.2.2.4 AES Algorithm: -- -- -- -- -- 17 2.2.2.5 RC2 Algorithm: -- -- -- -- -- 19 2.2.3 Asymmetric Cryptographic Systems: -- -- -- 20
2.2.3.1 RSA: -- -- -- -- -- -- -- 20 2.2.4 Hash Algorithms: -- -- -- -- -- -- 21 2.2.5 Cryptanalysis: -- -- -- -- -- -- 22 2.3 Security in the Internet: -- -- -- -- -- -- 22 2.3.1 IPSec: -- -- -- -- -- -- -- -- 23 2.3.2 SSL/TLS: -- -- -- -- -- -- -- -- 27 2.3.3 PGP:-- -- -- -- -- -- -- -- -- 32 2.3.4 VPN: -- -- -- -- -- -- -- -- 33 2.3.5 Firewalls: -- -- -- -- -- -- -- -- 37 2.3.6 WEP: -- -- -- -- -- -- -- -- 37 Chapter 3 3. Experimental Design: -- -- -- -- -- -- -- 40 3.1 Encryption Libraries -- -- -- -- -- -- -- -- 40 3.2 Methodology: -- -- -- -- -- -- -- -- -- 42 3.2.1 The Encryption Time Computation: -- -- -- -- -- 43 3.2.2 Energy Consumption Computation: -- -- -- -- 44 3.3 Wireless Environment-- -- -- -- -- -- -- -- 45 3.3.1 Data Transmission -- -- -- -- -- -- -- 46 3.3.2 Signal to Noise Ratio -- -- -- -- -- -- -- 46 3.3.3 Layer of Encryption -- -- -- -- -- -- -- 46 3.3.4 Changing Packet Size -- -- -- -- -- -- -- 46 Chapter 4 4. Results and Analyses: -- -- -- -- -- -- -- 47 4.1 The Effect of Changing Packet Size for Cryptographic Algorithms on Power Consumption -- -- -- -- -- -- -- -- -- 48 4.2 The effect of changing data type (JPEG) for cryptography algorithm on power consumption -- -- -- -- -- -- -- -- -- -- 48 4.2.1 CPU work load -- -- -- -- -- -- -- 48 4.2.2 Encryption Throughput -- -- -- -- -- -- 49
4.2.3 Power Consumption -- -- -- -- -- -- -- 49 4.2.4 Encryption with Transmission -- -- -- -- -- 49 4.3 The effect of changing data type (Audio files) for cryptography algorithm on power consumption -- -- -- -- -- -- -- -- -- -- 50 4.4 The effect of changing Data Type (Video files) for cryptographic algorithms on power consumption ---- -- -- -- -- -- -- -- -- 51 4.5 The effect of changing key sizes of AES on power consumption -- -- 52 4.6 The effect of Changing Number of Rounds of AES on power consumption -- 53 5. Conclusion: -- -- -- -- -- -- -- -- -- 55 Reference: -- -- -- -- -- -- -- -- -- -- 56 LIST OF FIGURES Page Figure 2.1: Encryption – decryption Technique: -- -- -- -- -- 9 Figure 2.2: Overview on the field of Cryptology:-- -- -- -- -- 9 Figure 2.3: Symmetric cryptosystems problem statement Illustration: -- -- 10 Figure 2.4: Symmetric-key model: -- -- -- -- -- -- 11 Figure 2.5: Principle of Stream Ciphers: -- -- -- -- -- -- 13 Figure 2.6: DES general model: -- -- -- -- -- -- -- 14 Figure 2.7: DES Computation path: -- -- -- -- -- -- 15 Figure 2.8: Triple – DES Computation path: -- -- -- -- -- 16 Figure 2.9: Triple Encryption example: -- -- -- -- -- -- 16
Figure 2.10: AES Block and Key Sizes: -- -- -- -- -- -- 17 Figure 2.11: AES Computation path: -- -- -- -- -- -- 19 Figure 2.12: RSA Encryption and Decryption: -- -- -- -- -- 21 Figure 2.13: TCP/IP protocol and IPSec: -- -- -- -- -- -- 23 Figure 2.14: Transport and Tunnel modes of IPSec: -- -- -- -- 23 Figure 2.15: Authentication Header (AH) protocol in Transport mode: -- -- 25 Figure 2.16: Encapsulation security payload in Transport mode: -- -- -- 25 Figure 2.17: Locations of SSL and TLS in the internet mode: -- -- -- 28 Figure 2.18: Creation of encryptographic secret in SSL: -- -- -- -- 29 Figure 2.19: Four SSL protocols: -- -- -- -- -- -- -- 31 Figure 2.20: Position of PGP in the TCP/IP protocol suite: -- -- -- 32 Figure 2.21: Virtual Private Network: -- -- -- -- -- -- 36 Figure 2.22: Firewall: -- -- -- -- -- -- -- -- 37 Figure 3.1: Experimental setup configuration: -- -- -- -- -- 40 Figure 4.1: Time Consumption, Throughput, and Power Consumption for Text encryptions: -- -- -- -- -- -- -- 47 Figure 4.2: Power Consumption for Text Files Encryption in Micro Joule/Byte with data transmission: -- -- -- -- -- 48 Figure 4.3: Time consumption for different JPEG File Encryption without data Transmission: -- -- -- -- -- -- -- 48 Figure 4.4: Throughput of each encryption algorithm: -- -- -- -- 49 Figure 4.5: Power consumption n for different JPEG Files Encryptions: -- -- 49 Figure 4.6: Comparative execution times for transmission of JPEG files using Different algorithms -- --- -- -- -- -- -- -- -- 50 Figure 4.7: Time consumption, Throughput, and power consumption for Text Encryption -- --- -- -- -- -- -- -- -- -- -- 50 Figure 4.8: Power consumption for Encrypt different Audio Files (u/Byte) with data transmission -- --- -- -- -- -- -- -- -- -- 51 Figure 4.9: Time consumption, throughput, and power consumption for Video Files Encryptions -- --- -- -- -- -- -- -- -- 51 Figure 4.10: Power consumption for Encrypt different Video Files (ųJoule/Byte) with data transmission -- --- -- -- -- -- -- -- -- 52 Figure 4.11: Percentage Battery Consumed with different Key Sizes for AES - -- 52
Figure 4.12: Time Consumption with Different Key Sizes for AES -- -- 53 Figure 4.13: Percentage battery consumed by different number of rounds for AES 128 bit-key Encryption -- --- -- -- -- -- -- -- 53 Figure 4.14: Time Consumed by different number of rounds for AES 128 bit-key encryption -- --- -- -- -- -- -- -- -- -- 54
LIST OF TABLES Table 2.1: Key lengths and number of rounds for Rijndael -- -- -- -- 18 Table 2.2: Speeds of the AES finalist in hardware and software -- -- -- 19 Table 2.3: IPSec Services -- -- -- -- -- -- -- -- 26 Table 2.4: PGP Algorithms ---- -- -- -- -- -- -- -- 33 Table 2.5: Private Networks reserved addresses -- -- -- -- -- -- 35
LIST OF ACRONYMS 3DES -- -- -- -- -- -- -- Triple-DES AES -- -- -- -- -- -- -- Advanced Encryption Standard AH -- -- -- -- -- -- -- Authentication Header ASCII -- -- -- -- -- -- -- American Standard Code for Information Interchange CBC ---- -- -- -- -- -- -- --- Cipher Block Chaining CFB -- -- -- -- -- -- -- -- -- Cipher Feedback CPU ---- -- -- -- -- -- -- Central Processing Unit DES -- -- -- -- -- -- -- -- Data Encryption Standard DoS -- -- -- -- -- -- -- -- Denial of Service DDoS -- -- -- -- -- -- -- -- Distributed Denial of Service IEEE -- -- -- -- -- -- -- Institute of Electrical and Electronics Engineers IEEE 802.11 -- -- -- -- -- -- The Institute of Electrical and Electronics Engineers’ specifications for wireless networking IETF -- -- -- -- -- -- -- Internet Engineering Task Force IPSec -- -- -- -- -- -- -- Internet Protocol Security IPv4 -- -- -- -- -- -- -- -- Internet Protocol version 4 IPv6 -- -- -- -- -- -- -- -- Internet Protocol version 6 LAN ---- -- -- -- -- -- -- Local Area Network MAC -- -- -- -- -- -- -- Message Authentication Codes NIST -- -- -- -- -- -- -- National Institute of Standards and Technology OFB -- -- -- -- -- -- -- Output Feedback TLS -- -- -- -- -- -- -- Transport Layer Security ESP -- -- -- -- -- -- -- Encapsulating Security Payload PGP -- -- -- -- -- --- -- Pretty Good Privacy PPP -- -- -- -- -- -- -- Point-to-Point Protocol HTTP -- -- -- -- -- -- -- Hypertext Transfer Protocol VPN -- -- -- -- -- -- -- Virtual Private Network OSI -- -- -- -- -- -- -- Open Systems Interconnection RTP -- -- -- -- -- -- -- Real-Time Protocol
TCP -- -- -- -- -- -- -- Transmission Control Protocol UDP -- -- -- -- -- -- -- User Datagram Protocol VoIP -- -- -- -- -- -- -- Voice over Internet Protocol WEP -- -- -- -- -- -- -- Wired Equivalent Privacy WLAN -- -- -- -- -- -- Wireless LAN SA -- -- -- -- -- -- -- Security Association SADB -- -- -- -- -- -- Security Association Database SSL -- -- -- -- -- -- -- Secure Socket Layer SSID -- -- -- -- -- -- -- Service Set Identifier Chapter 1 Introduction Over the past few years, Internet-enabled business, or e-business, has drastically improved companies’ efficiency and revenue growth. E-business applications such as e-commerce, supply-chain management, and remote access allow companies to streamline processes, lower operating costs, and increase customer satisfaction. Such applications require mission-critical networks that accommodate voice, video, and data traffic, and these networks must be scalable to support increasing numbers of users and the need for greater capacity and performance. However, as networks enable more and more applications and are available to more and more users, they become ever more vulnerable to a wider range of security threats. To combat those threats and ensure that e-business transactions and vital information are not compromised, security technology must play a major role in today's networks [1]. Both wired and wireless networks can claim advantages over the other; both represent viable options for home and other local area networks (LANs). In theory, wireless LANs are less secure than wired LANs, because wireless communication signals travel through the air and can easily be intercepted. The increasing importance of wireless systems provides malicious persons greater incentives to step up their efforts to gain unauthorized access to the information being exchanged over the wireless link [2]. The security risks in the wireless environment are particularly important because the wireless devices in the recent past have not been developed with security of the systems in mind [3]. Cryptography is the conversion of data into a secret code for transmission over a public network. The data is protected
(confidentiality) before transmission using an encryption algorithm to keep the data secure from an eavesdropper. Encryption is also essential for other security services such as authentication, data integrity and access control. Due to the intensive computation inherent in encryption algorithms, they tend to consume a substantial amount of energy or battery power. [4]. Studies have shown that the growth of wireless networks is being restricted by their perceived insecurity. Security protocols implement mechanisms through which security services can be provided.  The IEEE 802.11 standard uses the WEP protocol for security .It operates at the Data Link layer.  IP Security (IPSec) provides security at the Network Layer by extending the IP packet header (using additional protocol numbers, not options).  Secure Socket Layer (SSL) provides security at the Transport Layer for secure transmissions on the Internet. All the above-mentioned protocols rely on encryption to provide the security services. Encryption in this sense can be said to be the backbone of security services. The three protocols mentioned above have been designed for wired systems. In wireless networks, a security protocol needs to also consider the limited battery power, small memory and limited processing capabilities of the devices and the available bandwidth. Investigation of the energy consumption of the encryption algorithms in wireless devices is therefore fundamental in the design of energy efficient security protocols customized to the wireless environment. 1.1 Motivation The objective of network security is to protect networks and their applications against attacks, ensuring information availability, confidentiality and integrity. When organizations design their network security architectures to meet this objective, they must consider a number of factors. Not all networks and their associated applications have the same risks of attacks or possible costs of repairing attack damages. Therefore, companies must perform cost-benefit analyses to evaluate the potential returns on investment for various network security technologies and components versus the opportunity costs of not implementing those items. Usually, stronger security is achieved by using longer key sizes and stronger encryption algorithms. The stronger algorithms come at the cost of increased computational time and
energy consumption. Encryption algorithms are known to be computationally intensive. They consume a significant amount of computing resources such as CPU time, memory, and battery power. A wireless device, usually with very limited resources, especially battery power, is subject to the problem of energy consumption due to encryption algorithms. Due to the intensive computation expected in encryption algorithms, they tend to consume a considerable amount of energy or battery power. The battery can be quickly exhausted due to encryption, especially for a small wireless device. Increasing the security level would reduce the operation time of the device. Nevertheless, it is crucial to study the performance of the encryption algorithms in terms of energy consumption for various options like varying the key sizes, modifying the number of rounds, altering the amount of data blocks processed per packet and algorithms that can be used on the wireless devices before designing a secure wireless communication protocol. Knowledge of the tradeoffs would also aid in the design of systems that can adapt the security of the communication link based on the device being used and the battery left on it. A good number of researchers have put more efforts in carrying out experiments on the energy efficiency of wireless devices and encryption algorithms rather than critically studying and investigating the tradeoffs between security of wireless devices and energy consumption analysis of encryption algorithms. 1.2 Scope of Research The thesis focuses on evaluating the performance of encryption algorithms in terms of the energy consumed when implemented at the application layer through standard encryption libraries on wireless devices. The research aim and objective is to aid the design of energy efficient secure communication schemes for the wireless environment in the future. The research work has been divided into following tasks to achieve this purpose. First, gain knowledge and understanding of popular symmetric key schemes such as DES, AES, 3DES, Blowfish, and RC2. Third, study the effect of changing key size and number of rounds for AES. Fourth, study the effect of encryption and key size variation with transmission of data. This research does not provide any specific design optimized for the wireless environment and this task is left to the discretion of the systems engineer. 1.3 Thesis Outline The research focuses on the energy consumption characteristics of various encryption schemes under altering environmental condition in wireless devices such as laptops and Pocket PC. The first four chapters of the thesis have been organized in the following order.
Chapter 1 introduces the title of the thesis and gives an in-depth explanation of network security. Chapter 2 covers the literature as related to the thesis. It covers different encryption schemes from secret key to asymmetric-key systems and their security. It also covers topics like IP Security, and Wired Equivalent Privacy (WEP). Chapter 3 explains the experimental design. It explains how choices were made for the experiments and the measurements were taken. Chapter 4 explains the results obtained during the research work and provides some analyses of the results. Finally, Chapter 5 presents the summary and conclusion of the results and provides pointers for future research work.
Chapter 2 Background and Literature Review This chapter presents the theoretical background essential for the thesis. 2.1 Network Security The objective of network security is to protect networks and their applications against attacks, ensuring information availability, confidentiality and integrity. When organizations design their network security architectures to meet this objective, they must consider a number of factors. Not all networks and their associated applications have the same risks of attacks or possible costs of repairing attack damages. Therefore, companies must perform cost-benefit analyses to evaluate the potential returns on investment for various network security technologies and components versus the opportunity costs of not implementing those items. Networks carry all sorts of vital and confidential data, so security is a highly important part of any wireless network structure. Security ensures that the same level of data integrity and confidentiality as a wired network are maintained. Without properly implemented security measures, any wireless network adapter coming within range of another network adapter or access point can join the network. Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors, or even internal employees. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, IT managers should understand the many types of attacks that can be instigated and the damage that these attacks can cause to e- business infrastructures. The most common types of attacks include Denial of Service (DoS), password, and root access attacks. Even more malicious are Distributed Denial of Service (DDoS) attacks in which an attacker compromises multiple machines or hosts. Historically, password attacks, attacks in which a perpetrator gains unauthorized access to network passwords in order to penetrate confidential information, have been the most common type of attacks. When a hacker “cracks” the password of a legitimate user, he has access to that user’s network resources and typically a very strong platform for getting access to the rest of the network. Hackers can often easily obtain passwords because users typically choose common words or numbers as their passwords, enabling the hacker’s use of software programs to logically determine those passwords. Hackers also deploy social engineering techniques to gain access to passwords. Social engineering is the increasingly prevalent act of
obtaining confidential network security information through nontechnical means, such as posing as a technical support representative and making direct phone calls to employees to gather password information. From the early days of the Internet, when only e-mail servers were on the network, a hacker’s ultimate goal was to gain root access to the UNIX host that ran these applications. With root access, the hacker had full control of the system and could often collect enough information to gain access to the rest of the network and other partner networks. E-business application hosts have increased the number of targets for hackers. Hackers often exploit security vulnerabilities, or security holes, in the operating systems or applications of these hosts that system administrators have not safeguarded. Using buffer overflows, Trojan horses, and other common techniques, hackers gain control of hosts that can be used as platforms for launching other attacks. These practices often result in a full compromise of an organization's IS infrastructure and can lead to serious financial losses or legal liabilities. Network attacks cause organizations several hours or days of downtime and serious breaches in data confidentiality and integrity. Depending on the level of the attack and the type of information that has been compromised, the consequences of network attacks vary in degree from slightly annoying to completely devastating, and the cost of recovery from attacks can range from hundreds to millions of dollars. When application availability is compromised by attacks, companies can easily lose millions of dollars per hour. For example, companies that run e-commerce Web sites lose revenue as customers “shop” elsewhere for their products and services; informational Web sites can lose precious advertising time; and manufacturing organizations that use supply-chain management applications can be forced to shut down their lines because they cannot access information regarding their raw materials. When data confidentiality is compromised, the consequence to an organization is not always immediate but it can be costly. For example, if a hacker gains access to an organization's e- mail system, proprietary information that provides competitive advantage might be stolen resulting in a loss of research and development dollars spent in gaining that advantage. When data integrity is compromised, an organization must often incur prohibitive costs to correct the consequences of attacks. For instance, a malicious hacker might modify a Web site, replacing relevant information with nonsensical or offensive content. This compels the proprietor of the site to spend money not only to fix the site, but also to counter the resulting bad public relations. The legal ramifications of breaches in data confidentiality and integrity can also be extremely costly for organizations.
2.1.1 Confidentiality To make the information confidential, the data is modified in such a way that it would be infeasible for the attacker to guess the data. It is achieved by means of encryption algorithms. Encryption is done based on shared secret information between communicating parties. Only the receiver and in some cases the sender know how to decrypt the data after it has been encrypted. The data is generally encrypted with an encryption key and can be decrypted by using a decryption key. For a symmetric key scheme, the encryption and the decryption keys are the same. For public key schemes, they are different. The key used for encryption is called public key while the key for decryption is called the private key. 2.1.2 Authentication The authentication aspect of security services requires that a pair of communicating entities establishes its identity. Essentially, the authentication service tries to establish the identity by means of making sure that a secret is shared between the involved entities. Some protocols establish the authentication through the means of symmetric key schemes while others establish it through the means of public key schemes. For the users of a symmetric key authentication system the communication systems share a secret key between the two communicating parties. Authentication is generally achieved based on challenge and response procedure. 2.1.3 Integrity Data integrity means that assurance is needed that only legitimate entities can modify the message. Encrypting the message to some extent ensures that the attacker cannot modify the message. However there is a possibility of some malicious user sending random data to the receiver. The receiver would decrypt these messages to some incomprehensible data, which posses the possibility of some damage. One method of avoiding such situations is to add a checksum to the message before encrypting it. If the decrypted message and the checksum match then the received message can be assumed valid otherwise it is considered invalid. Such a scheme would provide authentication and confidentiality along with message integrity. 2.1.4 Non repudiation Non-repudiation is the concept of ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. Although this concept can be applied to any
transmission, including television and radio, by far the most common application is in the verification and trust of signatures. In the cryptographic literature, it is possible to find a good number of works that compare the relative performance of various security options available for client authentication, hashing algorithms, cryptography techniques, and digital signatures. A good number of researchers had conducted brilliant studies on performance optimization of cryptographic algorithms. To give more prospective about the performance of the compared algorithms, this section discusses the results obtained from other resources. 2.1.5 Encryption in Wireless Devices Many encryption algorithms are commonly available in wired networks. Generally, most encryptions used in wireless devices are based on symmetric key encryption. One such example is RC4. RC4 is a stream cipher designed by Ron Rivest in 1987 and it is widely used in many applications nowadays and in wireless networks such as IEEE 802.11 WEP [10] and CDPD [11]. RC4 is known to be fast and efficient. RC4 is standardized to provide security services in wireless local area networks (WLANs) using a protocol called Wired Equivalent Privacy (WEP) [12]. However, Fluhrer and many researchers have discovered several vulnerabilities in the RC4 algorithm [13]. The weaknesses in RC4 and loopholes in the WEP Protocol have resulted in a new standard for security in WLANs (IEEE 802.11i) proposing a new protocol based on the Advanced Encryption Standard (AES). AES encryption is fast and flexible, and it can be implemented on different platforms particularly in small devices and smart card [13]. DES, 3DES, Blowfish, RC2 and AES have different tradeoffs in terms of the choice of algorithms in WLANs. A study of energy consumption of these algorithms is essential to decide on their use in security protocols. 2.1.6 Energy Consumption of Encryption Algorithms on Wireless Devices Energy consumption of wireless devices has been extensively studied. In [14], an evaluation of power consumption of an itsy pocket computer was conducted. This study is only intended to evaluate power consumption of different parts of the pocket computer under normal operations. In [15], the computational complexity of public key encryption was studied on an embedded processor. The work concentrates on using several mathematical techniques to improve the performance of public key encryption in the secure socket layer (SSL) protocol. In Law et. al.[16] study of the energy consumption of encryption for sensor networks was carried out. In their investigation, the efficiency of code sizes and algorithms of RC5 and TEA were studied. Yuan and Qu [17] proposed an energy efficient technique using dynamic voltage scaling to reduce energy consumption of public key
encryption such RSA, DSA, and ElGamal. In Karri et. al. [18], an optimization of the energy consumption of SSL protocol was studied. Its technique was based on using a compression algorithm to reduce the size of the messages exchanged by the protocol in order to reduce the power consumed by encryption and transmission. 2.1.7 Energy Efficiency of Communication Protocols In the literature, one is likely to find several works on the energy efficiency of transmission protocols over wireless networks at different layers. In [19], performance measurements of energy consumption of the IEEE 802.11 network interfaces was conducted. It was shown that the significant cost of energy consumption is due to the overhead of the 802.11 MAC protocol for point-to-point links. In [20], the energy consumption of different variants of a TCP protocol was studied. It was shown that the congestion control algorithm of TCP could save energy by backing off when an error burst occurred during the transmission, but it worsened the transmission throughput. A comprehensive assessment of energy efficient communication protocols was presented in Jones et. al. [21]. 2.2 Encryption Algorithms Encryption forms the basic building block for various security services. Encryption algorithms take a plain text stream of data and an encryption key and generate a cipher text stream of data. There are several types of data encryptions which form the basis of network security. Encryption schemes are based on block or stream ciphers. The type and length of the keys utilized depend upon the encryption algorithm and the amount of security needed. In conventional symmetric encryption a single key is used. With this key, the sender can encrypt a message and a recipient can decrypt the message but the security of the key becomes problematic. In asymmetric encryption, the encryption key and the decryption key are different. One is a public key by which the sender can encrypt the message and the other is a private key by which a recipient can decrypt the message. The model of encryption can universally be depicted using the following diagram:
Figure 2.1: Encryption-Decryption Technique There are two broad classifications of encryption algorithms, split by whether they use the same key for encryption as for decryption:  Symmetric: this means that the same key is used for both encryption and decryption  Asymmetric: this means that there are more different keys for encryption than for decryption. Figure 2.2: Overview on the field of Cryptology 2.2.1 Symmetric Cryptographic Algorithms The most widely used symmetric encryption algorithms are 3DES and AES. These use shared keys, and are actually the algorithms responsible for the vast bulk of data transferred securely over the Encryption Decryption Ciphertext Encryption key Decryption key Plaintext Plaintext C=E (K enc , P) P=D (K dec , C) CRYPTOLOGY CryptanalysisCryptography Asymmetric-Key ProtocolsSymmetric-Key Block Cipher Stream Cipher RSA, etcBLOWFISH DES AES RC2 RC4 SEAL
Internet.. Some examples of popular symmetric algorithms include Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, TDES, and IDEA. Symmetric Ciphers Problem Statement: The fundamental idea behind symmetric cryptosystems is illustrated using the problem statement that follows: A and B want to communicate over an un-secure channel (e.g., the Internet, a LAN or a cell phone link). They want to prevent C (the bad guy) from listening. The solution to this is to use symmetric-key cryptosystems such that if C reads the encrypted version y of the message x over the un- secure channel, he will not be able to understand its content because x is what really was sent. Figure 2.3: Symmetric-key cryptosystem Problem Statement Illustration Some important definitions to illustrate symmetric-key algorithms: 1a) x is called the “plaintext” 1b) p = (xi,x2,….xp) is the (finite) “plaintext space” 2a) y is called the “ciphertext” 2b) c = (y1,y2,., yc) is the (finite) “ciphertext space” 3a) k is called the “key” 3b) k = (k1,k2,..kt) is the finite “key space” 4a) There are l encryption function eki : P C (or: eki (x) = y) 4b) There are l decryption function dki : P C (or: dki (y) = x) 4c) ek1 and dk2 are inverse functions if k1 = k2 : dki (y) = dki (eki (x) = x for all ki EK To illustrate the above-listed mathematical expressions, we consider a typical Data Encryption Standard (DES) algorithm  P = C = (0,1,2,….., 264 – 1) (each xi has 64 bits: xi = 010 .. 0110) C (bad) A (good) Encryption e () Decryption d () B (good) Key Generator Secure Channelk y k y
 K = (0, 1,2,…, 256 – 1) (each ki has 56 bits)  Encryption (ek) and decryption (dk) Figure 2.4: Symmetric-key model Two properties of symmetric-key algorithms: 1) The algorithm requires same secret key for encryption and decryption. 2) Encryption and decryption are essentially identical. Main problems with symmetric-key schemes are: 1) Symmetric Key Schemes require secure transmission of secret key. 2) In a network environment, each pair of users has to have a different key resulting in too many keys (n – 1) ÷ 2 key pairs). 2.2.1.1 Types of Symmetric Ciphers Symmetric-key algorithms can be divided into stream ciphers and block ciphers. Stream ciphers encrypt the bytes of the message one at a time, and block ciphers take a number of bytes and encrypt them as a single unit. 2.2.1.1.1 Block Ciphers A block cipher is an encryption algorithm that divides a message into blocks and encrypts each block. In other words, block ciphers convert a fixed-length block of plain text into cipher text of the same length, which is under the control of the secret key [6]. Block cipher is so called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same cipher text when using the same key in block cipher whereas the same plain text will encrypt to different cipher text in a stream cipher.Block ciphers include DES, IDEA, SAFER, Blowfish. e k d k X Y X k k
Block ciphers can operate in one of the following modes; Electronic codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plain text block to form a cipher text block. 1. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plain text is exclusively – ORed (xoRed) with the previous cipher text block prior to encryption. In this mode, two identical blocks of plain text never encrypt to the same cipher text. 2. Cipher Feedback (CFB) mode is a block cipher implementation as a self- synchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, each incoming character is placed into a shift register the same size block transmitted. At the receiving side, the cipher text is decrypted and the extra bits in the block are discarded. 3. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. CFB prevents the same plain text block from generating the same cipher text block by using an internal feedback mechanism that is independent of both the plain text and cipher text bit streams 2.1.1.2 Stream ciphers In cryptography, a stream cipher is a symmetric key cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (Xor) operation. In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption [7]. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, the digits are typically single bits or bytes. Stream ciphers represent a different approach to symmetric encryption from block ciphers. Block ciphers operate on large blocks of digits with a fixed, unvarying transformation. This distinction is not always clear-cut: in some modes of operation, a block cipher primitive is used in such a way that it acts effectively as a stream cipher. Stream ciphers typically execute at a higher speed than block ciphers and have lower hardware complexity. However, stream
ciphers can be susceptible to serious security problems if used incorrectly: see stream cipher attacks — in particular, the same starting state must never be used twice. This leads to the following block diagram for a stream cipher encryption/decryption: Figure 2.5: Principle of stream ciphers A machine realizing the functionality shown above was developed by Vernam for teletypewriters in 1917.  Stream ciphers are less popular than block ciphers in most application domains such as Internet security. There are exceptions, for instance the popular stream cipher RC4.  Stream ciphers are often used in mobile application, such as the A5 speech encryption algorithm of the GSM mobile network.  Stream ciphers generally require fewer resources (e.g., code size or chip area) for an implementation than block ciphers. They tend to encrypt faster than block ciphers.  The one-time pad is the only provable secure symmetric algorithm.  The one-time pad is highly impractical in most cases because the key length has to be equal to the message length.  The requirements for a cryptographically secure pseudo-random generator are far more demanding than the requirements for pseudo-random generators in other (engineering) applications such as simulation. 2.2.2 List of Encryption Algorithms Compared in this Experiment This subsection is intended to give necessary background to understand the major differences among the compared algorithms. 2.2.2.1 DES algorithm Data Encryption Standard or DES is a Feistel cipher which processes plaintext blocks of n = 64 bits, producing 64-bit ciphertext blocks [6]. The effective size of the secret key K is 56 XI ZI YI ZI XI
bits; more precisely, the input key K is specified as a 64-bit key, 8 bits of which (bits 8, 16… 64) may be used as parity bits. DES uses a 56-bit key with an additional eight parity bits to bring the block size up to 64 bits. It's an iterated block cipher using what's known as Feistel techniques where the text block being encrypted is split into two halves. The round function is applied to one half using a subkey and that output is then XORed with the other half; the two halves are then swapped and the process continues except that the last round is not swapped. DES uses 16 rounds. Figure 2.6: DES general model The main form of attack on DES is what's known as brute force or exhaustive key search, a repeated trying of keys until one fits. Given that DES uses a 56-bit key, the number of possible keys is 2 56 . With the growth in power of computer systems, this makes DES far less secure than it was when first implemented, although for practical purposes of a non-critical nature, it can still be considered adequate. Initial permutation Encryption 1 Encryption16 Final permutation … K1 K16
Figure 2.7: DES Computation Path 64-bit key Initial permutation Round 1 Round 2 Round 16 Final permutation Round Key Generator K1 K 2 K16 64-bit ciphertext 64-bit plaintext
2.2.2.2 Triple-DES Encryption Triple DES is simply another mode of DES operation. It takes three 64-bit keys, for an overall key length of 192 bits [6]. Consequently, Triple DES runs three times slower than standard DES, but is much more secure if used properly. Triple DES was developed to address the obvious flaws in DES without designing a whole new cryptosystem. It simply extends the key size of DES by applying the algorithm three times in succession with three different keys. Figure 2.8: Triple-DES Computation Path Figure 2.9: Triple Encryption example DES ENCRYPTION Plaintext Ciphertext Key 3 Key 2 Key 1 DES DECRYPTION DES ENCRYPTION e e e k1 k2 k3 YX Z
2.2.2.3 Blowfish Algorithm Blowfish is a symmetric block cipher that can be effectively used for encryption and safeguarding of data. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for securing data. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. 2.2.2.4 AES Algorithm The Rijndael, whose name is based on the names of its two Belgian inventors, Joan Daemen and Vincent Rijmen, is a Block cipher. It takes an input block of a certain size, usually 128, and produces a corresponding output block of the same size. The transformation requires a second input, which is the secret key. It is important to know that the secret key can be of any size (depending on the cipher used) and that AES uses three different key sizes: 128, 192 and 256 bits. To encrypt messages longer than the block size, a mode of operation is chosen. While AES supports only block sizes of 128 bits and key sizes of 128, 192 and 256 bits, the original Rijndael supports key and block sizes in any multiple of 32, with a minimum of 128 and a maximum of 256 bits. Figure 2.10: AES Block and Key Sizes  Both block size and key length of Rijndael are variable. Sizes shown above are the ones required by the AES Standard. The number of rounds (or iterations) is a function of the key length: Rijindael 128 128 x y 128/192/256 k
Table 2.1: Key lengths and number of rounds for Rijndael Key lengths (bits) nr = # rounds 128 10 192 12 256 14  However, Rijndael also allows block sizes of 192 and 256 bits. For those block sizes the number of rounds must be increased. Rijndael does not have a Feistel structure. Feistel networks do not encrypt an entire block per iteration (e.g., in DES, 64/2 = 32 bits are encrypted in one iteration). Rijndael encrypts all 128 bits in one iteration. As a consequence, Rijndael has a comparably small number of rounds. Rijndael uses three different types of layers. Each layer operates on all 128 bits of a block: Chronology of the AES Process  Development announced on January 2, 1997 by the National Institute of Standards and Technology (NIST).  15 candidate algorithms accepted on August 20th, 1998.  5 finalists announced on August 9th, 1999. - Mars, IBM Corporation. - RC6, RSA Laboratories. - Rijndael, J. Daemen & V. Rijmen. - Serpent, Eli Biham et al. - Twofish, B. Schneier et al.  Monday October 2nd, 2000, NIST chooses Rijndael as the AES. A lot of work went into software and hardware performance analysis of the AES candidate algorithms. Here are representative numbers:
Table 2.2: Speeds of the AES Finalists in Hardware and Software Algorithm Pentium-Pro @ 200 MHz (Mbit/sec) FPGA Hardware (Gbit/sec) [EYCP01] MARS 69 - RC6 105 2.4 Rijndael 71 2.1 Serpent 27 4.9 Twofish 95 1.6 . Figure 2.11: AES Computation Path 2.2.2.5 RC2 Algorithm The RC2 algorithm is a block cipher that uses a 64 bit block size and variable key length. The key size ranges from 8 to 256 bits. RC2 uses a source-heavy Feistel network with 16 rounds of mixing and 2 rounds of mashing. Round 1 Round 2 Round Key Generator K1 K 2 K10 Round 10Round 10 128-bit Key 128-bit ciphertext 128-bit plaintext
2.2.3 Asymmetric Cryptographic Systems It looks as though public-key schemes can provide all functionality needed in modern security protocols such as SSL/TLS. However, the major drawback in practice is that encryption of data is extremely computationally demanding with public-key algorithms. Many block and stream ciphers can encrypt 1000 times faster in software than public-key algorithms. On the other hand, symmetric algorithms are poor at providing digital signatures and key establishment/transport functionality. Hence, most practical protocols are hybrid protocols which incorporate both symmetric and public-key algorithms. Mechanisms that can be realized with public-key algorithms are: 1) Key establishment protocols (e.g., Diffie-Hellman key exchange) and key transport protocols (e.g., via RSA) without prior exchange of a joint secret. 2) Digital signature algorithms (e.g., RSA, DSA or ECDSA) 3) Encryption 2.2.3.1 RSA In cryptography, RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations.The RSA algorithm involves three steps: key generation, encryption and decryption. A few general remarks on RSA are as follows: 1) Most popular public-key cryptosystem. 2) Invented by Rivest/Shamir/Adleman in 1977 at MIT. 3) Was patented in the USA (not in the rest of the world) until 2000. 4) The main application of RSA are: a) Encryption and, thus, for key transport b) Digital signature RSA Set-up Stage 1) Chose two large primes p and q. 2) Compute n = p.q 3) Compute Ф (n) = (p – 1). 4) Choose random b; 0 < b < Ф (n), with gcd (b, Ф (n)) = 1
Note that b has inverse in Z Ф(n). 5) Compute inverse a = b-1 mod Ф (n): B . a ≡ 1 mod Ф (n). 6) Public key: kpub = (n,b). Private key: kpr = (p,q,a). Encryption: done using public key, kpub. Decryption: done using private key, kpr. Figure 2.12: RSA Encryption and Decryption 2.2.4 `Hash Algorithms A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional modification to the data will change the hash value. The data to be encoded is often called the "message", and the hash value is sometimes called the message digest or simply digests. The ideal cryptographic hash function has four main or significant properties: I. it is easy to compute the hash value for any given message, II. it is infeasible to find a message that has a given hash, III. it is infeasible to modify a message without changing its hash, IV. it is infeasible to find two different messages with the same hash. y = ekpub (x) = xb mod n. x E Zn = (0,1,…, n – 1). x = dkpr (y) = ya mod n.
Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for functions with rather different properties and purposes. All well-known hash functions, including MD4, MD5, SHA-1 and SHA-2 are built from block-cipher-like components designed for the purpose, with feedback to ensure that the resulting function is not bijective. A standard block cipher such as AES can be used in place of these custom block ciphers; this generally carries a cost in performance, but can be advantageous where a system needs to perform hashing and another cryptographic function such as encryption that might use a block cipher, but is constrained in the code size or hardware area it must fit into, such as in some embedded systems like smart cards. 2.2.4 Cryptanalysis Cryptanalysis is the science of breaking a cipher without the knowledge of the key used. Its goal is either to recover the plaintext of the message or to deduce the decryption key so that other messages encrypted with the same key can be decrypted. One of the more obvious attacks is to try every possible key (i.e. the finite set of possible keys, known as the keyspace) until the result yields some intelligible data. This kind of attack is known as a brute force attack. Clearly, the greater the keyspace, the greater the immunity to a brute force attack. 2.3 Security in the Internet Internet security involves the protection of a computer's Internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computer's data. Security concerns are in some ways peripheral to normal business working, but serve to highlight just how important it is that business users feel confident when using IT systems. Security will probably always be high on the IT agenda simply because cyber criminals know that a successful attack can be very profitable. This means they will always strive to find new ways to circumvent IT security, and users will consequently need to be continually vigilant.
2.3.1 IPSecurity IPSecurity (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. IPSec helps to create authenticated and confidential packets for the IP layer as shown in Figure2.13 below: Figure 2.13: TCP/IP protocol and IPSec IPSec operates in one of two different modes: the transport mode or the tunnel mode as shown in Figure 2.14. Tunnel mode Transport mode Figure 2.14: Transport mode and tunnel modes of IPSec protocol In the transport mode, IPSec protects what is delivered from the transport layer to the network layer. In other words, the transport mode protects the network layer payload, the payload to be encapsulated in the network layer. The transport mode is normally used when Underlying physical networks Applications IP UDP, TCP, or SCTP IPSec is designed to provide security at the network layer. IPSec-T Transport layer Transport layer Payload Network layer IPSec IPSec-H IPSec payload IPSec-TIP-H IPSec-T Network layer IPSec IP-H IP payload IPSec payload IP-H New IP-H IP payload
we need host-to-host or end-to-end protection of data. The sending host uses IPSec to authenticate and/or encrypt the payload delivered from the transport layer. The receiving host uses IPSec to check the authentication and/or decrypt the IP packet and deliver it to the transport layer. In the tunnel mode, IPSec protects the entire IP packet. It takes an IP packet, including the header, applies IPSec security methods to the entire packet, and then adds a new IP header. In other words, we use the tunnel mode when either the sender or the receiver is not a host. The entire original packet is protected from intrusion between the sender and the receiver. It’s as if the whole packet goes through an imaginary tunnel. IPSec defines two protocols-the Authentication Header (AH) Protocol and the Encapsulating Security Payload (ESP) Protocol-to provide authentication and/or encryption for packets at the IP level. The Authentication Head (AH) Protocol is designed to authenticate the source host and to ensure the integrity of the payload carried in the IP packet. The protocol uses a hash function and a symmetric key to create a message digest; the digest is inserted in the authentication header. The AH is then placed in the appropriate location based on the mode (transport or tunnel). The AH Protocol provides source authentication and data integrity, but no privacy. Figure below shows the fields and the position of the authentication header in the transport mode. 1. An authentication header is added to the payload with the authentication data field set to zero. 2. Padding may be added to make the total length even for a particular hashing algorithm. 3. Hashing is based on the total packet. However, only those fields of the IP header that do not change during transmission are included in the calculation of the message digest (authentication data). 4. The authentication data are inserted in the authentication header. 5. The IP header is added after the value of the protocol field is changes to 51.
Data used in calculation of authentication data (except those fields in IP header changing during transmission) Figure 2.15: Authentication Header (AH) Protocol in transport mode ESP provides source authentication, data integrity, and privacy. The AH Protocol does not provide privacy, only source authentication and data integrity. IPSec later defined an alternative protocol that provides source authentication, integrity, and privacy called Encapsulating Security Payload (ESP): ESP adds a header and trailer. Note that ESP’s authentication data are added at the end of the packet which makes its calculation easier. Encapsulation Security Payload (ESP) Protocol in transport mode. Figure 2.16: Encapsulation Security Payload (ESP) Protocol in Transport mode When an IP datagram carries an ESP header and trailer, the value of the protocol field in the IP head is 50. A field inside the ESP trailer (the next-header field) holds the original value of the protocol field. The ESP procedure follows these steps: 1. An ESP trailer is added to the payload. IP header Transport layer payload ReservedPayload lengthNext header Security parameter index Sequence number Padding Authentication data (digest) (variable length) 8 bits 8 bits 16 bits AH IP header ESP header Transport layer payload ESP trailer Authentication data (variable length) 32 bits Security parameter index Sequence number Pad length Next header Padding 8 bits 8 bits 32 bits Authenticated Encrypted
2. The payload and the trailer are encrypted. 3. The ESP header is added. 4. The ESP header, payload, and ESP trailer are used to create the authentication data. 5. The authentication data are added to the end of the ESP trailer. 6. The IP header is added after the protocol value is changed to 50. IPSec supports both IPv4 and IPv6. In IPv6, however, AH and ESP are part of the extension header. The ESP Protocol was designed after the AH Protocol was already in use. ESP does whatever AH does with additional functionality which is privacy. The two protocols, AH and ESP can provide several security services for packets at the network layer. The following table shows the list of services available for each protocol. Table 2.3: IPSec services Access control Yes Yes Message authentication (message integrity) Yes Yes Entity authentication (data source authentication) Yes Yes Confidentiality No Yes Replay attack protection Yes Yes Access Control: IPSec provides access control indirectly by using a Security Association Database (SADB). When a packet arrives at a destination, and there is not security association already established for this packet, the packet is discarded. Message Authentication: The integrity of the message is preserved in both AH and ESP by using authentication data. A digest of data is created and sent by the sender to be checked by the receiver. Entity Authentication: The security association and the keyed-hashed digest of the data sent by the sender authenticate the sender of the data in both AH and ESP. Confidentiality: The encryption of the message in ESP provides confidentiality. AH, however, does not provide confidentiality. Security association is a very important aspect of IPSec. Using security association, IPSec changes a connectionless protocol; IP, to a connection-oriented protocol. We can say that when sender and receiver agree upon a set of security parameters between them, they have Services AH ESP
established a logical connection between themselves and this is called association. However, they may not use this connection all the time. After establishing the connection, sender can send a datagram to receive today, another datagram a few days later, and so on. The logical connection is there and ready for sending a secure datagram. Certainly, they can break the connection, or they can establish a new one after a while which is a more secure way of communication. Each of three protocols (IPSec, SSL /TLS, and PGP) needs a set of security parameters before it can be operative. In IPSec, the establishment of the security parameters is done via a mechanism called Security Association (SA). IP is a connectionless protocol: Each datagram is independent of the others. For this type of communication, the security parameters can be established in one of the three ways. 1. Security parameters related to each datagram can be included in each datagram. The designer of IPSec did not choose this option probably because of overhead. Adding security parameters to each datagram creates a large overhead, particularly if the datagram is fragmented several times during its journey. 2. A set of security parameters can be established for each datagram. This means that before each datagram is transmitted, a set of packets needs to be exchanged between the sender and receiver to establish security parameters. 3. IPSec uses the third choice. A set of security parameters can be established between a sender and a particular receiver the first time the sender has a datagram to send to that particular receiver. The set can be saved for future transmission of IP packets to the same receiver. 2.3.2 Secure Socket Layer/Transport Layer Security (SSL/TLS) A transport layer security provides end-to-end security services for applications that use a reliable transport layer protocol such as TCP. The design is to provide security services for transactions on the Internet. Two protocols are foremost today for providing security at the transport layer: the Secure Sockets Layer (SSL) Protocol and the Transport Layer Security (TLS) Protocol. The latter is actually an IETF version of the former. Figure below shows the position of SSL and TLS in the Internet model. For instance, when a buyer makes an online purchase, the following security services are desired: 1. The buyer needs to be sure that the server belongs to the actual vendor, not an imposter. Likewise the vendor needs to authenticate the buyer. This is called entity authentication.
2. The buyer and the vendor need to be sure that the contents of the message are not modified during transition. This is called message integrity. 3. The buyer and the vendor need to be sure that an imposter does not intercept sensitive and confidential information such as a credit card number. This is confidentiality aspect of security service. Secure Socket Layer (SSL) is designed to provide security and compression services to data generated from the application layer. Characteristically, SSL can receive data from any application layer protocol, but usually the protocol is HTTP. The data received from the Application are compressed (optional), signed, encrypted. The data are then passed to a reliable transport layer protocol such as TCP. Netscape developed SSL in 1994. Versions 2 and 3 were released in 1995. Figure 2.17: Location of SSL and TLS in the Internet model Fragmentation: First, SSL divides the data into blocks of 214 bytes or less. Compression: Each fragment of data is compressed by using one of the lossless compression methods negotiated between the client and server. It should be noted that this service is optional. Message Integrity: To preserve the integrity of data, SSL uses a keyed-hash function to create a MAC. Confidentiality: To provide confidentiality, the original data and the MAC are encrypted using symmetric-key cryptography. Framing: A header is added to the encrypted payload. The payload is then passed to a reliable transport layer protocol. Security Parameters: There are no SAs, but there are cipher suites and cryptographic secrets that together make the security parameters. Applications IP TCP Underlying physical networks SSL/TLS is designed to provide security at the transport layer.
Cipher Suite: The combination of key exchange, hash, and encryption algorithms defines a cipher suite for each SSL session. Each suite starts with the term SSL, followed by the key- exchange algorithm. The word WITH separate the key exchange algorithm from the encryption and hash algorithms. For example, SSL_DHE_RSA_WITH_DES_CBC_SHA defines DHE_RSA (ephemeral Diffie-Hellman with SRA digital signature) as the key exchange with DES_CBC as the encryption algorithm and SHA as the hash algorithm. Note that DH is fixed Diffie-Hellman, DHE is ephemeral Diffie-Hellman, and DH-anon is anonymous Diffie-Hellman. Cryptographic Secrets: The second part of security parameters is often referred to as cryptographic secrets. To achieve message integrity and confidentiality, SSL needs six cryptographic secrets, four keys, and two IVs. The client and the server have six different cryptography secrets. The process of creating these secrets is shown in Figure below. The client needs one key for message authentication, one key for encryption, and one IV for block encryption. The server needs the same. SSL requires that they keys for one direction be different from those for the other direction. If there is an attack in one direction, the other direction is not affected. These parameters are generated by using a negotiation protocol. Figure 2.18: Creation of cryptographic secrets in SSL I II III IV V VI Key-exchange handshaking Premaster secret A complex algorithm using SHA-1 and MD5 Master Secret A complex algorithm using SHA-1 and MD5 Random number Random number I - Client authentication key II - Server authentication key III - Client encryption key IV - Server encryption key V - Client initiation vector VI - Server initiation vector Some constants Some constants Server Client
1. The client and server exchange two random numbers; one is created by the client and the other by the server. 2. The client and server exchange one premaster secret by using one of the key exchange algorithms discussed previously. 3. A 48-byte master secret is created from the premaster secret by applying two hash functions (SHA-1 and MD5). 4. The master secret is used to create variable –length secrets by applying the same set of hash functions and prepending with different constants. Sessions and Connections: The description of IP and TCP protocol is different. IP is a connectionless protocol; TCP is a connection-oriented protocol. An association in IPSec transforms the connectionless IP to a connection-oriented secured protocol. TCP is already connection-oriented. However, the designer of SSL decided that they needed two-levels of connectivity: session and connection. A session between two systems is an association that can last for a long tine; a connection can be established and broken several times during a session. Some of the security parameters are created during the session establishment and are in effect until the session is terminated (for example, cipher suite and master key). Some of the security parameters must be recreated (or occasionally resumed) for each connection (for example, six secrets). SSL defines four protocols in two layers, as shown in Figure 22 . The Record Protocol is the carrier. It carries messages from three other protocols as well as the data coming from the application layer. Messages from the Record Protocol are payloads to the transport layer, normally TCP. The Headshake Protocol provides security parameters for the Record Protocol. It establishes a cipher set and provides keys and security parameters. It also authenticates the server to the client and the client to the server, if needed. The ChangeCipherSpec Protocol is used for signaling the readiness of cryptographic secrets. The Alert-Protocol is used to report abnormal conditions.
Figure 2.19: Four SSL protocols Handshake Protocol: The Handshake Protocol uses messages to negotiate the cipher suite, to authenticate the server to the client and the client to the server (if needed), and to exchange information for building the cryptographic secrets. ChangeCipherSpec Protocol: It has been shown that the negotiation of the cipher suite and the generation of cryptographic secrets are formed gradually during the Handshake protocol. The question now is, when can the two parties use these parameter secrets? SSL mandates that the parties not use these parameters or secrets until they have sent or received a special message, the ChangeCipherSpec message, which is exchanged during the Handshake Protocol and defined in the ChangeCipherSec Protocol. Before the exchange of any ChangeCipherSpec messages, only the pending columns have values. Alert Protocol: SSL uses the Alert Protocol for reporting errors and abnormal conditions. It has only one message type, the alert message, which describes the problem and its level (warning or fatal). Record Protocol: The Record Protocol carries messages from the upper layer (Handshake Protocol, ChangeCipherSec protocol, Alert Protocol, or application layer). The message is fragmented and optionally compressed; a MAC is added to the compressed message by using the negotiated hash algorithm. The compressed fragment and the MAC are encrypted by using the negotiated encryption algorithm. Finally, the SSL header is added to the encrypted message. The process at the receiver is reversed. Handshake Protocol ChangeCipherSpec Protocol Alert Protocol Record Protocol Application layer Transport layer SSL
2.3.3 PGP One of the protocols to provide security at the application layer is Pretty Good Privacy (PGP). PGP is designed to create authenticated and confidential e-mails. Figure 23 shows the position of PGP in the TCP/IP protocol suite. Figure 2.20: Position of PGP in the TCP/IP protocol suite Sending an e-mail is a one-time activity. In IPSec or SSL, it assumes that the two parties create a session between themselves and exchange data in both directions. In e-mail, there is no session. Sender and receiver cannot create a session. Sender sends a message to receiver sometime later; receiver reads the message and may or may not sent a reply. In PGP, the sender of the message needs to include the identifiers of the algorithms used in the message as well as the values of the keys. Services: PGP can provide several services based on the requirements of the user. An e-mail can use one or more of these services. Plaintext: The simplest case is to send the e-mail message in plaintext (no service). The sender, composes a message and sends it to the receiver. The message is stored in receiver mailbox until it is retrieved by him. Message Authentication: The next improvement is to let the sender sign the message. He creates a digest of the message and signs it with his private key. He (the receiver) receives the message and verifies the message by using the sender’s public key. Two keys are needed for this scenario. A further improvement is to compress the message and digest to make the packet more compact. This improvement has no security benefit, but it eases the traffic. Confidentiality with One-Time Session Key: Confidentiality in an e-mail system can be achieved by using conventional encryption with a one-time session key. Sender can create a session key, use the session key to encrypt the message and the digest, and send the key itself Applications (e-mail) UDP, TCP, or SCTP IP Underlying physical networks PGP is designed to provide security at the application layer.
with the message. However, to protect the session key, sender encrypts it with receiver’s public key. Code Conversion: Another service provided by PGP is code conversion. Most e-mail systems allow the message to consist of only ASCII characters. To translate other characters not in the ASCII set, PGP uses Radix 64 conversion. Each character to be sent (after encryption) is converted to Radix 64 code. Segmentation: PGP allows segmentation of the message after it has been converted to Radix 64 to make each transmitted unit the uniform size allowed by the underlying e-mail protocol. PGP Algorithms: The algorithms used in PGP are shown in Table 4. The list is not complete; new algorithms are constantly added. Table 2.4: PGP Algorithms Algorithm ID Description Public key 1 RSA (encryption or signing) 2 RSA (for encryption only) 3 RSA (for signing only) 17 DSS (for signing) Algorithm ID Description Hash 1 MD5 2 SHA-1 Encryption 3 RIPE-MD 0 No encryption 1 IDEA 2 Triple DES (3 DES) 9 AES 2.3.4 Virtual Private Network A common use of IPSEC is the construction of a Virtual Private Network (VPN), where multiple segments of a private network are linked over a public network using encrypted tunnels. This allows applications on the private network to communicate securely without any local cryptographic support, since the VPN routers perform the encryption and decryption. IPSEC is well suited for this environment, more so than tunnelling PPP over SSL
or SSH, since it operates directly on the IP packets and preserves a one-to-one correspondence between packets inside and outside the network. In the case of tunnelling PPP over an encrypted TCP connection, any packet loss in the public network would trigger a TCP retransmission, stalling the link until the packet was delivered. In particular, running Voice over IP (VoIP) traffic through a TCP/PPP tunnel would largely defeat the RTP protocol used for VoIP; IPSEC is better suited in this case. VPN is a technology that is presently famous among large organizations that utilize the global Internet for both intra – and interorganization communication, but require privacy in their internal communications. VPN is being considered here because it uses the IPSec Protocol to apply security to the IP datagram. Private Networks: A private network is designed for use inside an organization. It allows access to shared resources and, at the same time, provides privacy. Two frequently used terms are involved here: Intranet: An intranet is a private network (LAN) that uses the Internet model. However, access to the network is restricted to the users inside the organization. The network uses application programs defined for the global Internet, such as HTTP, and may have Web servers, print servers, file servers, and so on. Extranet: An extranet is the similar to an internet with one major difference: Some resources may be accessed by specific groups of users outside the organization under authorized customers’ access to product specifications, availability, and online ordering. A university or a college can permit distance learning students access to the computer lab after passwords have been checked. Addressing: A private network that uses the Intranet model must use IP addresses. Three choices are available: 1. The network can apply for a set of addresses from the Internet authorities and use them without being connected to the Internet. This strategy has an advantage. If in the future the organization decides to be connected to the Internet, it can do so with relative ease. However, there is also disadvantage: The address space is wasted in the meantime. 2. The network can use any set of addresses without registering with the Internet authorities. Because the network is isolated, the addresses do not have to be unique.
However, this strategy has a serious drawback: Users might mistakenly confuse the addresses as part of the global Internet. 3. To overcome the problems associated with the first and second strategies, the Internet authorities have reserved three sets of addresses, shown in the Table 2.5 below: Any organization can use an address out of this set without permission from the Internet authorities. Everybody knows that these reserved addresses are for private networks. They are unique inside the organization, but they are not unique globally. No router will forward a packet that has one of these addresses as the destination address. Table 2.5: Private networks reserved addresses. Prefix Range Total 10/8 10.0.0.0 to 101255.255.255 224 172.16/12 172.16.0.0 to 172.31.255.255 220 192.168/16 192.168.0.0 to 192.168.255.255 216
Internet Site x Site y R2R1 Figure 2.21: Virtual Private Network VPN Technology: VPN technology, Figure 2.21,uses IPSec in the tunnel mode to prove authentication, integrity, and privacy. Tunneling: To guarantee privacy and other security measures for an organization, VPN can use the IPSec in the tunnel mode. In this mode, each IP datagram destined for private use in the organization is encapsulated in another datagram. 2.3.5 Firewalls A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices which is configured to permit or deny computer applications based upon a set of rules and other criteria. It may succinctly be described as a computer, router or other communication device that filters access to the protected network [18]. Cheswick and Bellovin [6] define a firewall as a collection of components or a system that is placed between two networks and possesses the following properties:  All traffic from inside to outside, and vice-versa, must pass through it.  Only authorised traffic, as defined by the local security policy, is allowed to pass through it.  The firewall itself is immune to penetration. Firewalls can be implemented in either hardware or software, or a combination of both. They are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. There are several types of firewall techniques:
1. Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. It is susceptible to IP spoofing. 2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose performance degradation. 3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. 4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses. All previous security measures cannot prevent hacker from sending a harmful message to a system. To control access to a system, we need firewalls. Figure 2.22 shows a firewall. Outgoing Incoming Global Internet Internal network(s) Firewall Figure 2.22: Firewall For example, a firewall may filter all incoming packets destined for a specific host or a specific server such as HTTP. A firewall can be used to deny access to a specific host or a specific service in the organization. 2.3.6 Wired Equivalent Privacy (WEP) WEP is a security protocol that adds security to wireless local area networks (WLANs) based on the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11. It is an OSI Data Link layer (Layer 2) security technology. And it is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN. A wired local area network (LAN) is generally protected by physical security mechanisms (controlled access to a building for example) that are effective for a controlled physical environment, but may be ineffective for WLANs because radio waves are not necessarily
bound by the walls containing the network. WEP seeks to establish similar protection to that offered by the wired network's physical security measures by encrypting data transmitted over the WLAN. It uses RC4 encryption, which is the same as that used by the security built into standard web browsers (SSL). In a WEP protected network, all packets are encrypted using the stream cipher RC4 under a common key, the root key.RC4 utilizes a combination of secret user keys and system-generated values. The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total). Research has shown that 40-bit WEP encryption is too easy to decode, and consequently product vendors today employ 128-bit encryption (having a key length of 104 bits, not 128 bits) or better (including 152-bit and 256-bit WEP systems). Regardless of how it is implemented on a wireless LAN, WEP represents just one element of an overall WLAN security strategy. A research group from the University of California at Berkeley recently published a report citing "major security flaws" in WEP that left WLANs using the protocol vulnerable to attacks (called wireless equivalent privacy attacks). In the course of the group's examination of the technology, they were able to intercept and modify transmissions and gain access to restricted networks. 802.11 Authentication: The 802.11 standard defines several services that govern how two IEEE 802.11 devices communicate. The following events must occur before an 802.11 Station can communicate with an Ethernet network through an access point: 1. Wireless station is turned on. 2. The station listens for messages from any access points that are in range. 3. The station finds a message from an access point that has a matching SSID. 4. The station sends an authentication request to the access point. 5. The access point authenticates the station. 6. The station sends an association request to the access point. 7. The access point associates with the station. 8. The station can now communicate with the Ethernet network through the access point. An access point must authenticate a station before the station can associate with the access point or communicate with the network. The IEEE 802.11 standard defines two types of authentication: Open System and Shared Key.
 Open System Authentication allows any device to join the network, assuming that the device SSID matches the access point SSID. Alternatively, the device can use the "ANY" SSID option to associate with any available Access Point within range, regardless of its SSID. The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. 2. The access point authenticates the station. 3. The station associates with the access point and joins the network.  Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. The following steps occur when two devices use Shared Key Authentication: 1. The station sends an authentication request to the access point. 2. The access point sends challenge text to the station. 3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and sends the encrypted text to the access point. 4. The access point decrypts the encrypted text using its configured WEP Key that corresponds to the station's default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP Key and the access point authenticates the station. 5. The station connects to the network. If the decrypted text does not match the original challenge text (the access point and station do not share the same WEP Key), then the access point will refuse to authenticate the station and the station will be unable to communicate with either the 802.11 networks or Ethernet network.
Chapter 3 Experimental Design The setup for the experiment is as shown in Figure 3.1. The server is connected to the access point with 100 Mbps Ethernet link. The wireless devices considered in the experiment are laptop and Pocket PC. The wireless devices are used one at a time and never all at the same time. Transmission of data is from the wireless devices to the server through the wireless link using TCP/IP protocol. For encryption the libraries considered were OpenSSL and Crypto++. Cisco Aironet 1230AG series 802.11/a/b/g Access Ponit Athlon 1.3 GHz server with 384 MB RAM and Windows XP Operating System Toshiba Satellite L300-20D laptop with an Intel CPU T1600 @ 1.66GHz Compaq IPAQ Pocket PC H3800 with Expansion Slot H3600 with Windows CE 3.0 Figure 3.1: Experimental Setup Configuration 3.1 Encryption Libraries Many encryption libraries are available supporting most of the cryptographic algorithms. It is always wise to use full-featured, source-available cryptographic libraries because building a security toolkit is hard, and making the source available makes it easier to find and fix problems. New systems should be built with a library whose source is available to the public for inspection. Most of these libraries have approximately the same crypto functions and encodings. All seem to be reasonably well documented, although openssl is trailing a little. Choice of one over another is largely a matter of language and license. All libraries are
generally up-to-date with the latest development in number theory that helps faster mathematical operation. Crypto++ was the basic library selected for encryption since it has a sample benchmark published on its website. The choice was primarily based on ease of use, availability of benchmarks for verification, algorithms supported. Some of the popular libraries are as follows: I. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. It has implementations for AES, DES, Triple-DES, IDEA, RC2, RC4, RC5, SAFER, DH, RSA, and DSA. OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache- style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions. II. Cryptix is Java cryptographic library implemented in Java and Perl. Since 1995 the Cryptix project has been instrumental in getting strong cryptography to Java platform (and some to the Perl platform as well). In fact, while nowadays strong cryptography is widely available, this has not always been the case. At a time when export controls on cryptography were still in effect, Cryptix was the first available cryptographic library for Java. Cryptix was initiated and at first sponsored by Systemics, later on the independent Cryptix Foundation ltd was incorporated. It has implementations for Blowfish, CAST5, DES, IDEA, MARS, RC2, RC4, RC6, and Rijndael (AES), Serpent, SKIPJACK, Square, Triple-DES, Twofish, RSA, DH, and ElGamal. III. Crypto++ is a free C++ class library by published and maintained Wei Dai. This free C++ class library is a class hierarchy with an API defined by the base abstract classes. It handles a large number of cryptographic schemes (including public key cryptography) and cipher modes. In no particular order, here's a list of some stuff supported: RC6, MARS, Rijndael, Twofish, Serpent, IDEA, DES, Triple DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, CBC padded, CBC ciphertext stealing (CTS), CFB, OFB, counter
mode,It has implementation for most of the popular Cryptographic algorithms. It has implementation for AES, IDEA, DES, Triple-DES, RC2, RC5, Blowfish, TEA, SAFER, 3- WAY, GOST, SHARK, CAST-128, SEAL, RSA, ElGamal, , ECIES. The dedicated author Wei Dai actively maintains the library. IV. Cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. The high- level interface provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details that make the encryption or authentication work. Because of this, cryptlib dramatically reduces the cost involved in adding security to new or existing applications. At the highest level, cryptlib provides implementations of complete security services such as S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping. Since cryptlib uses industry-standard X.509, S/MIME, PGP/OpenPGP, and SSH/SSL/TLS data formats, the resulting encrypted or signed data can be easily transported to other systems and processed there, and cryptlib itself runs on virtually any operating system - cryptlib doesn't tie you to a single system. This allows email, files, and EDI transactions to be authenticated with digital signatures and encrypted in an industry-standard format. 3.2 Methodology This section describes the techniques and simulation choices made to evaluate the performance of the selected algorithms. In these experiments, the laptop encrypts different sizes of data blocks (0.5MB to 20MB) using the encryption libraries. Five encryption algorithms that are selected in the experiment are AES (key size:256 bits),DES(key size:64 bits),RC2(key size:64 bits), Blowfish(key size:256 bits), and 3DES(key size:192 bits). These implementations are thoroughly tested and are optimized to give the maximum performance for each algorithm. The results are checked and tested for AES that supposed to be the best encryption algorithm by a different implementations program to give the maximum performance for the algorithms and make sure the results are the same using multiple platforms [27].Then for transmission of data, the
laptop and the pocket pc are connected wirelessly. Data is transmitted from the first laptop to the pocket pc through the wireless link using TCP/IP protocol. the experiment are applied in two mode of wireless LANs connection (BSS and ad hoc mode).Using IEEE 802.11 standard, data is transmitted using the two different types of authentication. Firstly, data is transmitted using Open System Authentication (no encryption). Secondly, data is transmitted using Shared Key Authentication (WEP encryption). Using IEEE 802.11i, data is transmitted using Open System Authentication (no encryption) and data is transmitted using WPA. The effects of different signal to noise conditions and its effect on transmission of data (under relatively excellent signals and poor signals) are studied. Hardware Descriptions for this Experimental Setup A. Compaq iPAQ H3600 Series  CPU - Intel Strong ARM SA1110 processor  32 MB of SDRAM and 16MB of flash  Serial and slave USB via cradle  115Kbps and 4Mbps IrDA  Expansion packs B. Toshiba L300-20D Laptop  Intel CPU T1600 @ 1.66GHz  32-bit Windows Operating System  160 GB Hard disk  1GB RAM In this experiment, several performance metrics are collected and analyzed: 1. Encryption time 2. Throughput 3. Battery power 4. Transmission time. 3.2.1 Encryption time Computation The encryption time is considered the time that an encryption algorithm takes to produce a cipher text from a plaintext. Encryption time is used to calculate the throughput of an
encryption scheme. It indicates the speed of encryption. The throughput of the encryption scheme is calculated as the total plaintext in bytes encrypted divided by the encryption time. The throughput of the encryption scheme is calculated as the total plaintext in bytes encrypted divided by the encryption time. The CPU process time is the time that a CPU is committed only to the particular process of calculations. It reflects the load of the CPU. 3.2.2 Energy Consumption Computation Energy consumption of security systems can be measured in many ways. For computation of the energy cost of encryption (micro joule/byte), the same techniques as described in is adopted [24]. A basic cost of encryption represented by the product of the total number of clock cycles taken by the encryption and the average current drawn by each CPU clock cycle is presented. The basic encryption cost is in unit of ampere-cycle. The methods used in this experiment are briefly discussed as follows: The first method used to measure energy consumption is to assume that an average amount of energy is consumed by normal operations and to test the extra energy consumed by an encryption algorithms. The battery life consumed in percentage for one run = runsofnumberthe lifebatteryinChange Average battery Consumed per iteration= N IterationsumedPerBatteryCon N  1 The second method of security parameters can also be measured by counting the amount of computing cycles which are used in computations related to cryptographic operations. In other words the second method used to measure energy consumption is to assume that an average amount of energy is consumed by normal operations and to test the extra energy consumed by an encryption algorithms. This method simply monitors the level of the percentage of remaining battery. The experiments note the number of iteration or runs over the file and the battery life. Change in battery life divided by the number of runs gives the battery life consumed in percentage for one run. The second method for computation of the energy cost of encryption. For computation of the energy cost of encryption, the same techniques is used as described in [30], [32] using the following equations. Bcost_encryption (ampere-cycle) = τ * I Tenergy_cost (ampere-seconds) =
ec)F(cycles/s cycle)-(ampereB ptioncost_encry Ecost (Joule) = Tenergy_cost (ampere-seconds)*V Where Bcost_encryption: is a basic cost of encryption (ampere-cycle). τ: the total number of clock cycles. I: the average current drawn by each CPU clock cycle. Tenergy_cost: the total energy cost (ampere-seconds). F: clock frequency (cycles/sec). Ecost (Joule): the energy cost (consumed). By using the cycles, the operating voltage of the CPU, and the average current drawn for each cycle, the energy consumption of cryptographic functions are computed. For example, on average, each cycle consumes approximately 270 mA on an Intel 486DX2 processor [30] or 180 mA on Intel Strong ARM [31]. For a sample calculation, with a 700 MHz CPU operating at 1.35 Volt, an encryption with 20,000 cycles would consume about 5.71 x 10-3 mA-second or 7.7 μ Joule. So, the amount of energy consumed by program P to achieve its goal (encryption or decryption) is given by E= VCC × I × N × τ Where N: the number of clock cycles. τ: the clock period. VCC: the supply voltage of the system I: the average current in amperes drawn from the power source for T seconds. Since for a given hardware, Both VCC and τ are fixed, E α I × N. However, at the application level, it is more meaningful to talk about T than N, and therefore, we express energy as E α I × T. [30]Since for a given hardware Vcc are fixed. 3.3 Wireless Environment Some perspective of the effect of changing wireless environment may serve to be useful while designing wireless communication systems. With this in mind factors like changing the signal to noise ratio, packet size, and layer where encryption is performed are considered in these experiments.
3.3.1 Data Transmission All algorithms considered above need to be considered when the data that is encrypted by them is transmitted over the wireless network. Initially the effect of signal to noise ratio is removed by keeping the device very close to the access point to have excellent signal conditions. The effect of the algorithm and key size variations under data transmission is evaluated. 3.3.2 Signal to Noise Ratio Reduced signal to noise ration causes retransmission and transmissions under lower signal to noise ratio are more demanding on the battery. To understand the comparison of battery cost for encryption and transmission with varying signal to noise conditions measurements are taken transmission for data transfer with and without encryption under different signal to noise conditions. 3.3.3 Layer of Encryption One of the goals of this study is to determine the effect of moving the encryption process to application level. So data transmission is done with encryption enabled at the link level by WEP and then same data is transmitted with WEP disabled and encryption at application level using AES. 3.3.4 Changing Packet Size In 802.11b environment the TCP transmissions involve transmission of packets over which the TCP, IP and Ethernet headers are added. So the transmission of 128 bits data leads to and inefficient transmission mechanism. Also waiting for acknowledgements leads to reduction in effective throughput. The purpose of this set of experiments is to determine the change in performance observed by switching from 128 bits transmission to 1024 bytes transmission.
Chapter 4 Results and Analyses 4.1 The Effect of Changing Packet Size for Cryptographic Algorithms on Power Consumption Encryption time is used to compute the throughput of an encryption algorithm. In this subsection, CPU work load, encryption throughput and power consumption for text encryption without transmission are calculated to prove which encryption algorithm has better performance. 0 5 10 15 20 25 30 RC2 DES 3DES AES BLOWFISH Duration Time(milliseconds/100) Throughput(MB/Sec) Power Consumption (Microjoules) Figure 4.1: Time Consumption, Throughput, and power consumption for Text encryptions. The effect of changes when transmission of data is taken in consideration under different scenario such as transmission of data by using two different architectures (BBS, and ADhoc mode) was equally studied.
0 2 4 6 8 10 12 PowerConsumption (Microjoule/Byte) No Enc AES 3DES DES RC2 BF Cryptographic Algorithms Adhoc mode/Excellent signal/Open Key Authentication(without encryption) Adhoc/Excellent signal/Shared Key Authentication(WEP) Poor Signals BBS/WPA BBS/Open Key Authentication(without encryption) Figure 4.2: Power consumption for Text Files Encryption in Micro joule/Byte with data transmission 4.2 The effect of changing data type (JPEG) for cryptography algorithm on power consumption. Figures 4, 5 and 6 respectively depict the experimental results obtained when a comparison between different JPEG images was carried out to know which one has better performance. 4.2.1 CPU work load Figure 4.3: Time consumption for different JPEG Files Encryption without data Transmission
4.2.2 Encryption Throughput Throughput of each encryption algorithm to encrypt different text data without data transmission is shown in Figure 5. Figure 4.4: Throughput of each encryption algorithm (Kilobytes/Second) 4.2.3 Power Consumption The Power consumption to encrypt different text data with a different data block size in micro joule/bytes are shown in Figure 4.5. Figure 4.5: Power consumption for different JPEG Files Encryptions 4.2.4 Encryption with Transmission The Figure 4.6 depicts effects of changes on results when transmission of data is taken in consideration.
0 0.5 1 1.5 2 2.5 3 3.5 4 ComparativeExecution TimesforTransmission ofEncryptionAlgorithms BF 3DES RC2 DES AES No Enc Cryptographic Algorithms Adhoc/Excellent signals/open key Authentication w ithout encryption Adhoc/Excellent signals/shared key Authentication(WEP) Poor signals BBS/Excellent signals/WPA Figure 4.6: Comparative execution times for transmission of JPEG files using different algorithms In case of data transmission, it was found there is insignificant difference in performance of different symmetric key schemes (most of the resources are consumed for data transmission rather than computation). 4.3 The effect of changing data type (Audio files) for cryptography algorithm on power consumption. 0 10 20 30 40 50 60 Values BLOWFISH AES DES 3DES RC2 Cryptographic Algorithms Power consumption in microjoules Throughput(MB/Sec) Duration Time in Seconds Figure 4.7: Time consumption, Throughput, and power consumption for Text Encryption
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices
Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices

Recommended

Ch5-Computer Security
Ch5-Computer SecurityCh5-Computer Security
Ch5-Computer Security
Attaporn Ninsuwan
 
Ijetr042327
Ijetr042327Ijetr042327
Ijetr042327
Engineering Research Publication
 
Brkcrt 2214
Brkcrt 2214Brkcrt 2214
Brkcrt 2214
Mac An
 
Digital underground cable fault locator (dufcl).
Digital underground cable fault locator (dufcl).Digital underground cable fault locator (dufcl).
Digital underground cable fault locator (dufcl).
ITODO Victory
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
ijceronline
 
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATIONSIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
Ricky Drk
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
Energetic key for protected communication in wireless
Energetic key for protected communication in wirelessEnergetic key for protected communication in wireless
Energetic key for protected communication in wireless
eSAT Publishing House
 

Recommended

Ch5-Computer Security
Ch5-Computer SecurityCh5-Computer Security
Ch5-Computer Security
Attaporn Ninsuwan
 
Ijetr042327
Ijetr042327Ijetr042327
Ijetr042327
Engineering Research Publication
 
Brkcrt 2214
Brkcrt 2214Brkcrt 2214
Brkcrt 2214
Mac An
 
Digital underground cable fault locator (dufcl).
Digital underground cable fault locator (dufcl).Digital underground cable fault locator (dufcl).
Digital underground cable fault locator (dufcl).
ITODO Victory
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
ijceronline
 
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATIONSIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
SIMPLIFIED SECURED WIRELESS RAILWAY / AIRWAY FOR RESERVATION
Ricky Drk
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
Energetic key for protected communication in wireless
Energetic key for protected communication in wirelessEnergetic key for protected communication in wireless
Energetic key for protected communication in wireless
eSAT Publishing House
 
Energetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor networkEnergetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor network
eSAT Journals
 
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
IRJET Journal
 
Design and Implementation of JPEG CODEC using NoC
Design and Implementation of JPEG CODEC using NoCDesign and Implementation of JPEG CODEC using NoC
Design and Implementation of JPEG CODEC using NoC
IRJET Journal
 
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
faydah yahya
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Swapnil Jagtap
 
Accessory authentication on NFC enabled product using three pass AES algorithm
Accessory authentication on NFC enabled product using three pass AES algorithmAccessory authentication on NFC enabled product using three pass AES algorithm
Accessory authentication on NFC enabled product using three pass AES algorithm
IRJET Journal
 
Secure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfigurationSecure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfiguration
eSAT Journals
 
Secure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfigurationSecure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfiguration
eSAT Publishing House
 
Wireless body area network
Wireless body area network Wireless body area network
Wireless body area network
subhradeep mitra
 
Signal Classification and Identification for Cognitive Radio
Signal Classification and Identification for Cognitive RadioSignal Classification and Identification for Cognitive Radio
Signal Classification and Identification for Cognitive Radio
IRJET Journal
 
Lightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate arrayLightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate array
IJECEIAES
 
gsmackay-en3602-project
gsmackay-en3602-projectgsmackay-en3602-project
gsmackay-en3602-project
Gerard Mackay
 
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
cscpconf
 
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
IRJET Journal
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
John Bernal
 
Implementation of Low Bit Rate Vocoder for Speech Compression
Implementation of Low Bit Rate Vocoder for Speech CompressionImplementation of Low Bit Rate Vocoder for Speech Compression
Implementation of Low Bit Rate Vocoder for Speech Compression
IRJET Journal
 
Performance Analysis of Wireless Trusted Software Defined Networks
Performance Analysis of Wireless Trusted Software Defined NetworksPerformance Analysis of Wireless Trusted Software Defined Networks
Performance Analysis of Wireless Trusted Software Defined Networks
IRJET Journal
 
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
IRJET Journal
 
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
IRJET Journal
 
Digital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptxDigital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptx
MohamedFarag457087
 
GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)
Areesha Ahmad
 

More Related Content

Similar to Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices

Energetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor networkEnergetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor network
eSAT Journals
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Swapnil Jagtap
 
Secure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfigurationSecure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfiguration
eSAT Journals
 
Wireless body area network
Wireless body area network Wireless body area network
Wireless body area network
subhradeep mitra
 
Lightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate arrayLightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate array
IJECEIAES
 
gsmackay-en3602-project
gsmackay-en3602-projectgsmackay-en3602-project
gsmackay-en3602-project
Gerard Mackay
 
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
cscpconf
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
John Bernal
 

Similar to Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices (20)

Energetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor networkEnergetic key for protected communication in wireless sensor network
Energetic key for protected communication in wireless sensor network
 
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
IRJET- AODV and DSR Routing Protocol Performance Comparison in MANET using Ne...
 
Design and Implementation of JPEG CODEC using NoC
Design and Implementation of JPEG CODEC using NoCDesign and Implementation of JPEG CODEC using NoC
Design and Implementation of JPEG CODEC using NoC
 
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
A Hypothetical Situation Illustrating the Topology of an Enterprise Network U...
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
Cluster-based Wireless Sensor Network (WSN) Methods for Secure and Efficient ...
 
Accessory authentication on NFC enabled product using three pass AES algorithm
Accessory authentication on NFC enabled product using three pass AES algorithmAccessory authentication on NFC enabled product using three pass AES algorithm
Accessory authentication on NFC enabled product using three pass AES algorithm
 
Secure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfigurationSecure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfiguration
 
Secure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfigurationSecure remote protocol for fpga reconfiguration
Secure remote protocol for fpga reconfiguration
 
Wireless body area network
Wireless body area network Wireless body area network
Wireless body area network
 
Signal Classification and Identification for Cognitive Radio
Signal Classification and Identification for Cognitive RadioSignal Classification and Identification for Cognitive Radio
Signal Classification and Identification for Cognitive Radio
 
Lightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate arrayLightweight ANU-II block cipher on field programmable gate array
Lightweight ANU-II block cipher on field programmable gate array
 
gsmackay-en3602-project
gsmackay-en3602-projectgsmackay-en3602-project
gsmackay-en3602-project
 
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
PERFORMANCE ANALYSIS OF SYMMETRIC KEY CIPHERS IN LINEAR AND GRID BASED SENSOR...
 
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
IRJET- Revisiting Security Aspects of Internet of Things for Self-Managed...
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
 
Implementation of Low Bit Rate Vocoder for Speech Compression
Implementation of Low Bit Rate Vocoder for Speech CompressionImplementation of Low Bit Rate Vocoder for Speech Compression
Implementation of Low Bit Rate Vocoder for Speech Compression
 
Performance Analysis of Wireless Trusted Software Defined Networks
Performance Analysis of Wireless Trusted Software Defined NetworksPerformance Analysis of Wireless Trusted Software Defined Networks
Performance Analysis of Wireless Trusted Software Defined Networks
 
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
IRJET - A Secure AMR Stganography Scheme based on Pulse Distribution Mode...
 
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
© 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal ...
 

Recently uploaded

Digital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptxDigital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptx
MohamedFarag457087
 
Call Girls Ahmedabad +917728919243 call me Independent Escort Service
Call Girls Ahmedabad +917728919243 call me Independent Escort ServiceCall Girls Ahmedabad +917728919243 call me Independent Escort Service
Call Girls Ahmedabad +917728919243 call me Independent Escort Service
shivanisharma5244
 
Exploring Criminology and Criminal Behaviour.pdf
Exploring Criminology and Criminal Behaviour.pdfExploring Criminology and Criminal Behaviour.pdf
Exploring Criminology and Criminal Behaviour.pdf
rohankumarsinghrore1
 

Recently uploaded (20)

Digital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptxDigital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptx
 
GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)
 
FAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceFAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical Science
 
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and SpectrometryFAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
 
Selaginella: features, morphology ,anatomy and reproduction.
Selaginella: features, morphology ,anatomy and reproduction.Selaginella: features, morphology ,anatomy and reproduction.
Selaginella: features, morphology ,anatomy and reproduction.
 
Velocity and Acceleration PowerPoint.ppt
Velocity and Acceleration PowerPoint.pptVelocity and Acceleration PowerPoint.ppt
Velocity and Acceleration PowerPoint.ppt
 
Site Acceptance Test .
Site Acceptance Test .Site Acceptance Test .
Site Acceptance Test .
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
Molecular markers- RFLP, RAPD, AFLP, SNP etc.
Molecular markers- RFLP, RAPD, AFLP, SNP etc.Molecular markers- RFLP, RAPD, AFLP, SNP etc.
Molecular markers- RFLP, RAPD, AFLP, SNP etc.
 
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
 
Call Girls Ahmedabad +917728919243 call me Independent Escort Service
Call Girls Ahmedabad +917728919243 call me Independent Escort ServiceCall Girls Ahmedabad +917728919243 call me Independent Escort Service
Call Girls Ahmedabad +917728919243 call me Independent Escort Service
 
300003-World Science Day For Peace And Development.pptx
300003-World Science Day For Peace And Development.pptx300003-World Science Day For Peace And Development.pptx
300003-World Science Day For Peace And Development.pptx
 
module for grade 9 for distance learning
module for grade 9 for distance learningmodule for grade 9 for distance learning
module for grade 9 for distance learning
 
Dr. E. Muralinath_ Blood indices_clinical aspects
Dr. E. Muralinath_ Blood indices_clinical aspectsDr. E. Muralinath_ Blood indices_clinical aspects
Dr. E. Muralinath_ Blood indices_clinical aspects
 
PATNA CALL GIRLS 8617370543 LOW PRICE ESCORT SERVICE
PATNA CALL GIRLS 8617370543 LOW PRICE ESCORT SERVICEPATNA CALL GIRLS 8617370543 LOW PRICE ESCORT SERVICE
PATNA CALL GIRLS 8617370543 LOW PRICE ESCORT SERVICE
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
 
Exploring Criminology and Criminal Behaviour.pdf
Exploring Criminology and Criminal Behaviour.pdfExploring Criminology and Criminal Behaviour.pdf
Exploring Criminology and Criminal Behaviour.pdf
 
Clean In Place(CIP).pptx .
Clean In Place(CIP).pptx .Clean In Place(CIP).pptx .
Clean In Place(CIP).pptx .
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 

Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices

  • 1.
  • 2. Omowa Edward PG/M.Sc./06/41742 PG/M. Sc/09/51723 Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices ELECTRONIC ENGINEERING A THESIS SUBMITTED TO THE DEPARTMENT OF ELECTRONIC ENGINEERING FACULTY OF ENGINEERING, UNIVERSITY OF NIGERIA, NSUKKA Webmaster Digitally Signed by Webmaster’s Name DN : CN = Webmaster’s name O= University of Nigeria, Nsukka OU = Innovation Centre AUGUST, 2010
  • 3. Performance and Power Consumption Analysis of Symmetric Encryption Algorithms in Wireless Devices By Omowa Edward PG/M.Sc./06/41742 A PROJECT SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN ENGINEERING DEPARTMENT OF ELECTRONIC ENGINEERING FACULTY OF ENGINEERING UNIVERSITY OF NIGERIA, NSUKKA August, 2010 APPROVAL PAGE
  • 4. This is to certify that the project entitled “Performance and Power Consumption Analyses of Symmetric Encryption Algorithms in Wireless Devices” was submitted to the department of Electronic Engineering, University of Nigeria, Nsukka for the award of Degree of Master of Science in Engineering (with option in Digital Electronics and Computer Specialization). EDWARD OMOWA DATE (AUTHOR) DR THOMAS NWODOH DATE (SUPERVISOR) VEN. PROF. T.C. MADUEME DATE (HEAD OF DEPARTMENT) EXTERNAL SUPERVISOR DATE
  • 5. DECLARATION I, Edward Omowa, declare that this project work is my own work and that to the best of my knowledge, it contains no materials previously published , or accepted for publication for the award of any Degree or Diploma at any institution, except where due acknowledgment is made in the text. EDWARD OMOWA DATE
  • 6. ACKNOWLEDGEMENT I am heartily thankful to my supervisor, Dr. T.A. Nwodoh, whose encouragement, guidance and bright contributions from the initial stage of this work to the final had enabled me to develop an understanding of the subject. I would also like to express my profound appreciation to Prof. C.C. Osuagwu, Dr. Bolu, Director, ICT Centre, University of Nigeria, and other Staff members of the Department of Electronic Engineering, University of Nigeria, Nsukka, for their constructive criticism and advice. My thanks also go to my colleagues, Mr. Etim Eyo and Mr. Aneke Joseph for their encouragement. Finally, I put forward my regards and blessings to my wife, Oluwayemisi, and my son, Pamilerin for their encouragement, unmitigated love and understanding, and my amiable parents for making my dream come true. Edward Omowa.
  • 7. DEDICATION I dedicate this work to the Almighty GOD for His supremacy over the power of the devil and his minions in matters concerning my destiny.
  • 8. Abstract The importance of security in data communications and networking cannot be over- emphasized. Security in networking is based on cryptography, the science and art of transforming messages to make them secure and free from attacks and all sorts of eavesdropping. Cryptography has diverse applications in network security. Encryption algorithms are known to be computationally intensive. They consume a significant amount of computing resources such as CPU time, memory, and battery power. A wireless device, usually with very limited resources, especially battery power, is subject to the problem of energy consumption due to encryption algorithms. Designing energy efficient security protocols first requires an understanding of and data related to the energy consumption of common encryption schemes. This paper gives an experimental analysis of performance of a number of symmetric or private-key encryption algorithms: DES, 3DES, RC2, RC6, Blowfish and AES. In order to design energy efficient security protocols, there is need to critically study and understand encryption schemes within the context of performance metrics like varying sizes of data blocks, different key sizes, battery power consumption and encryption/decryption speeds. In this experiment, several performance metrics are collected and analyzed: encryption time, throughput, battery power and transmission time. TABLE OF CONTENTS Page Title Page: -- -- -- -- -- -- -- -- -- -- i Approval Page: -- -- -- -- -- -- -- -- -- ii Declaration: -- -- -- -- -- -- -- -- -- -- iii Acknowledgement: -- -- -- -- -- -- -- -- -- iv Dedication: -- -- -- -- -- -- -- -- -- -- v Abstract: -- -- -- -- -- -- -- -- -- -- vi Table of Contents: -- -- -- -- -- -- -- -- -- vii List of Figures: -- -- -- -- -- -- -- -- -- x List of Tables: -- -- -- -- -- -- -- -- -- -- xii
  • 9. List of Acronyms: -- -- -- -- -- -- -- -- -- xiii Chapter I 1. Introduction -- -- -- -- -- -- -- -- -- 1 1.1 Motivation: -- -- -- -- -- -- -- -- 2 1.2 Scope of Research: -- -- -- -- -- -- -- 3 1.3 Thesis Outline: -- -- -- -- -- -- -- 3 Chapter 2 2. Background and Literature Review: -- -- -- -- -- -- 4 2.1 Network Security: -- -- -- -- -- -- -- 4 2.1.1 Confidentiality: -- -- -- -- -- -- 6 2.1.2 Authentication: -- -- -- -- -- -- 6 2.1.3 Integrity: -- -- -- -- -- -- -- 6 2.1.4 Non repudiation: -- -- -- -- -- -- 6 2.1.5 Encryption in Wireless Devices: -- -- -- -- 7 2.1.6 Energy Consumption of Encryption Algorithms on Wireless Devices:-- -- -- -- -- -- 7 2.1.7 Energy Efficiency of Communication Protocols: -- -- 8 2.2 Encryption Algorithms: -- -- -- -- -- -- 8 2.2.1 Symmetric Cryptographic Algorithms: -- -- 9 2.2.1.1 Types of Symmetric Ciphers: -- -- -- 11 2.2.1.1.1 Block Ciphers: -- -- -- -- 11 2.1.1.2 Stream Ciphers: -- -- -- -- -- 12 2.2.2 List of Encryption Algorithms Compared in this Experiment: -- -- -- -- -- -- 13 2.2.2.1 DES algorithm: -- -- -- -- -- -- 13 2.2.2.2 Triple-DES Encryption: -- -- -- -- -- 16 2.2.2.3 Blowfish Algorithm:-- -- -- -- -- 17 2.2.2.4 AES Algorithm: -- -- -- -- -- 17 2.2.2.5 RC2 Algorithm: -- -- -- -- -- 19 2.2.3 Asymmetric Cryptographic Systems: -- -- -- 20
  • 10. 2.2.3.1 RSA: -- -- -- -- -- -- -- 20 2.2.4 Hash Algorithms: -- -- -- -- -- -- 21 2.2.5 Cryptanalysis: -- -- -- -- -- -- 22 2.3 Security in the Internet: -- -- -- -- -- -- 22 2.3.1 IPSec: -- -- -- -- -- -- -- -- 23 2.3.2 SSL/TLS: -- -- -- -- -- -- -- -- 27 2.3.3 PGP:-- -- -- -- -- -- -- -- -- 32 2.3.4 VPN: -- -- -- -- -- -- -- -- 33 2.3.5 Firewalls: -- -- -- -- -- -- -- -- 37 2.3.6 WEP: -- -- -- -- -- -- -- -- 37 Chapter 3 3. Experimental Design: -- -- -- -- -- -- -- 40 3.1 Encryption Libraries -- -- -- -- -- -- -- -- 40 3.2 Methodology: -- -- -- -- -- -- -- -- -- 42 3.2.1 The Encryption Time Computation: -- -- -- -- -- 43 3.2.2 Energy Consumption Computation: -- -- -- -- 44 3.3 Wireless Environment-- -- -- -- -- -- -- -- 45 3.3.1 Data Transmission -- -- -- -- -- -- -- 46 3.3.2 Signal to Noise Ratio -- -- -- -- -- -- -- 46 3.3.3 Layer of Encryption -- -- -- -- -- -- -- 46 3.3.4 Changing Packet Size -- -- -- -- -- -- -- 46 Chapter 4 4. Results and Analyses: -- -- -- -- -- -- -- 47 4.1 The Effect of Changing Packet Size for Cryptographic Algorithms on Power Consumption -- -- -- -- -- -- -- -- -- 48 4.2 The effect of changing data type (JPEG) for cryptography algorithm on power consumption -- -- -- -- -- -- -- -- -- -- 48 4.2.1 CPU work load -- -- -- -- -- -- -- 48 4.2.2 Encryption Throughput -- -- -- -- -- -- 49
  • 11. 4.2.3 Power Consumption -- -- -- -- -- -- -- 49 4.2.4 Encryption with Transmission -- -- -- -- -- 49 4.3 The effect of changing data type (Audio files) for cryptography algorithm on power consumption -- -- -- -- -- -- -- -- -- -- 50 4.4 The effect of changing Data Type (Video files) for cryptographic algorithms on power consumption ---- -- -- -- -- -- -- -- -- 51 4.5 The effect of changing key sizes of AES on power consumption -- -- 52 4.6 The effect of Changing Number of Rounds of AES on power consumption -- 53 5. Conclusion: -- -- -- -- -- -- -- -- -- 55 Reference: -- -- -- -- -- -- -- -- -- -- 56 LIST OF FIGURES Page Figure 2.1: Encryption – decryption Technique: -- -- -- -- -- 9 Figure 2.2: Overview on the field of Cryptology:-- -- -- -- -- 9 Figure 2.3: Symmetric cryptosystems problem statement Illustration: -- -- 10 Figure 2.4: Symmetric-key model: -- -- -- -- -- -- 11 Figure 2.5: Principle of Stream Ciphers: -- -- -- -- -- -- 13 Figure 2.6: DES general model: -- -- -- -- -- -- -- 14 Figure 2.7: DES Computation path: -- -- -- -- -- -- 15 Figure 2.8: Triple – DES Computation path: -- -- -- -- -- 16 Figure 2.9: Triple Encryption example: -- -- -- -- -- -- 16
  • 12. Figure 2.10: AES Block and Key Sizes: -- -- -- -- -- -- 17 Figure 2.11: AES Computation path: -- -- -- -- -- -- 19 Figure 2.12: RSA Encryption and Decryption: -- -- -- -- -- 21 Figure 2.13: TCP/IP protocol and IPSec: -- -- -- -- -- -- 23 Figure 2.14: Transport and Tunnel modes of IPSec: -- -- -- -- 23 Figure 2.15: Authentication Header (AH) protocol in Transport mode: -- -- 25 Figure 2.16: Encapsulation security payload in Transport mode: -- -- -- 25 Figure 2.17: Locations of SSL and TLS in the internet mode: -- -- -- 28 Figure 2.18: Creation of encryptographic secret in SSL: -- -- -- -- 29 Figure 2.19: Four SSL protocols: -- -- -- -- -- -- -- 31 Figure 2.20: Position of PGP in the TCP/IP protocol suite: -- -- -- 32 Figure 2.21: Virtual Private Network: -- -- -- -- -- -- 36 Figure 2.22: Firewall: -- -- -- -- -- -- -- -- 37 Figure 3.1: Experimental setup configuration: -- -- -- -- -- 40 Figure 4.1: Time Consumption, Throughput, and Power Consumption for Text encryptions: -- -- -- -- -- -- -- 47 Figure 4.2: Power Consumption for Text Files Encryption in Micro Joule/Byte with data transmission: -- -- -- -- -- 48 Figure 4.3: Time consumption for different JPEG File Encryption without data Transmission: -- -- -- -- -- -- -- 48 Figure 4.4: Throughput of each encryption algorithm: -- -- -- -- 49 Figure 4.5: Power consumption n for different JPEG Files Encryptions: -- -- 49 Figure 4.6: Comparative execution times for transmission of JPEG files using Different algorithms -- --- -- -- -- -- -- -- -- 50 Figure 4.7: Time consumption, Throughput, and power consumption for Text Encryption -- --- -- -- -- -- -- -- -- -- -- 50 Figure 4.8: Power consumption for Encrypt different Audio Files (u/Byte) with data transmission -- --- -- -- -- -- -- -- -- -- 51 Figure 4.9: Time consumption, throughput, and power consumption for Video Files Encryptions -- --- -- -- -- -- -- -- -- 51 Figure 4.10: Power consumption for Encrypt different Video Files (ųJoule/Byte) with data transmission -- --- -- -- -- -- -- -- -- 52 Figure 4.11: Percentage Battery Consumed with different Key Sizes for AES - -- 52
  • 13. Figure 4.12: Time Consumption with Different Key Sizes for AES -- -- 53 Figure 4.13: Percentage battery consumed by different number of rounds for AES 128 bit-key Encryption -- --- -- -- -- -- -- -- 53 Figure 4.14: Time Consumed by different number of rounds for AES 128 bit-key encryption -- --- -- -- -- -- -- -- -- -- 54
  • 14. LIST OF TABLES Table 2.1: Key lengths and number of rounds for Rijndael -- -- -- -- 18 Table 2.2: Speeds of the AES finalist in hardware and software -- -- -- 19 Table 2.3: IPSec Services -- -- -- -- -- -- -- -- 26 Table 2.4: PGP Algorithms ---- -- -- -- -- -- -- -- 33 Table 2.5: Private Networks reserved addresses -- -- -- -- -- -- 35
  • 15. LIST OF ACRONYMS 3DES -- -- -- -- -- -- -- Triple-DES AES -- -- -- -- -- -- -- Advanced Encryption Standard AH -- -- -- -- -- -- -- Authentication Header ASCII -- -- -- -- -- -- -- American Standard Code for Information Interchange CBC ---- -- -- -- -- -- -- --- Cipher Block Chaining CFB -- -- -- -- -- -- -- -- -- Cipher Feedback CPU ---- -- -- -- -- -- -- Central Processing Unit DES -- -- -- -- -- -- -- -- Data Encryption Standard DoS -- -- -- -- -- -- -- -- Denial of Service DDoS -- -- -- -- -- -- -- -- Distributed Denial of Service IEEE -- -- -- -- -- -- -- Institute of Electrical and Electronics Engineers IEEE 802.11 -- -- -- -- -- -- The Institute of Electrical and Electronics Engineers’ specifications for wireless networking IETF -- -- -- -- -- -- -- Internet Engineering Task Force IPSec -- -- -- -- -- -- -- Internet Protocol Security IPv4 -- -- -- -- -- -- -- -- Internet Protocol version 4 IPv6 -- -- -- -- -- -- -- -- Internet Protocol version 6 LAN ---- -- -- -- -- -- -- Local Area Network MAC -- -- -- -- -- -- -- Message Authentication Codes NIST -- -- -- -- -- -- -- National Institute of Standards and Technology OFB -- -- -- -- -- -- -- Output Feedback TLS -- -- -- -- -- -- -- Transport Layer Security ESP -- -- -- -- -- -- -- Encapsulating Security Payload PGP -- -- -- -- -- --- -- Pretty Good Privacy PPP -- -- -- -- -- -- -- Point-to-Point Protocol HTTP -- -- -- -- -- -- -- Hypertext Transfer Protocol VPN -- -- -- -- -- -- -- Virtual Private Network OSI -- -- -- -- -- -- -- Open Systems Interconnection RTP -- -- -- -- -- -- -- Real-Time Protocol
  • 16. TCP -- -- -- -- -- -- -- Transmission Control Protocol UDP -- -- -- -- -- -- -- User Datagram Protocol VoIP -- -- -- -- -- -- -- Voice over Internet Protocol WEP -- -- -- -- -- -- -- Wired Equivalent Privacy WLAN -- -- -- -- -- -- Wireless LAN SA -- -- -- -- -- -- -- Security Association SADB -- -- -- -- -- -- Security Association Database SSL -- -- -- -- -- -- -- Secure Socket Layer SSID -- -- -- -- -- -- -- Service Set Identifier Chapter 1 Introduction Over the past few years, Internet-enabled business, or e-business, has drastically improved companies’ efficiency and revenue growth. E-business applications such as e-commerce, supply-chain management, and remote access allow companies to streamline processes, lower operating costs, and increase customer satisfaction. Such applications require mission-critical networks that accommodate voice, video, and data traffic, and these networks must be scalable to support increasing numbers of users and the need for greater capacity and performance. However, as networks enable more and more applications and are available to more and more users, they become ever more vulnerable to a wider range of security threats. To combat those threats and ensure that e-business transactions and vital information are not compromised, security technology must play a major role in today's networks [1]. Both wired and wireless networks can claim advantages over the other; both represent viable options for home and other local area networks (LANs). In theory, wireless LANs are less secure than wired LANs, because wireless communication signals travel through the air and can easily be intercepted. The increasing importance of wireless systems provides malicious persons greater incentives to step up their efforts to gain unauthorized access to the information being exchanged over the wireless link [2]. The security risks in the wireless environment are particularly important because the wireless devices in the recent past have not been developed with security of the systems in mind [3]. Cryptography is the conversion of data into a secret code for transmission over a public network. The data is protected
  • 17. (confidentiality) before transmission using an encryption algorithm to keep the data secure from an eavesdropper. Encryption is also essential for other security services such as authentication, data integrity and access control. Due to the intensive computation inherent in encryption algorithms, they tend to consume a substantial amount of energy or battery power. [4]. Studies have shown that the growth of wireless networks is being restricted by their perceived insecurity. Security protocols implement mechanisms through which security services can be provided.  The IEEE 802.11 standard uses the WEP protocol for security .It operates at the Data Link layer.  IP Security (IPSec) provides security at the Network Layer by extending the IP packet header (using additional protocol numbers, not options).  Secure Socket Layer (SSL) provides security at the Transport Layer for secure transmissions on the Internet. All the above-mentioned protocols rely on encryption to provide the security services. Encryption in this sense can be said to be the backbone of security services. The three protocols mentioned above have been designed for wired systems. In wireless networks, a security protocol needs to also consider the limited battery power, small memory and limited processing capabilities of the devices and the available bandwidth. Investigation of the energy consumption of the encryption algorithms in wireless devices is therefore fundamental in the design of energy efficient security protocols customized to the wireless environment. 1.1 Motivation The objective of network security is to protect networks and their applications against attacks, ensuring information availability, confidentiality and integrity. When organizations design their network security architectures to meet this objective, they must consider a number of factors. Not all networks and their associated applications have the same risks of attacks or possible costs of repairing attack damages. Therefore, companies must perform cost-benefit analyses to evaluate the potential returns on investment for various network security technologies and components versus the opportunity costs of not implementing those items. Usually, stronger security is achieved by using longer key sizes and stronger encryption algorithms. The stronger algorithms come at the cost of increased computational time and
  • 18. energy consumption. Encryption algorithms are known to be computationally intensive. They consume a significant amount of computing resources such as CPU time, memory, and battery power. A wireless device, usually with very limited resources, especially battery power, is subject to the problem of energy consumption due to encryption algorithms. Due to the intensive computation expected in encryption algorithms, they tend to consume a considerable amount of energy or battery power. The battery can be quickly exhausted due to encryption, especially for a small wireless device. Increasing the security level would reduce the operation time of the device. Nevertheless, it is crucial to study the performance of the encryption algorithms in terms of energy consumption for various options like varying the key sizes, modifying the number of rounds, altering the amount of data blocks processed per packet and algorithms that can be used on the wireless devices before designing a secure wireless communication protocol. Knowledge of the tradeoffs would also aid in the design of systems that can adapt the security of the communication link based on the device being used and the battery left on it. A good number of researchers have put more efforts in carrying out experiments on the energy efficiency of wireless devices and encryption algorithms rather than critically studying and investigating the tradeoffs between security of wireless devices and energy consumption analysis of encryption algorithms. 1.2 Scope of Research The thesis focuses on evaluating the performance of encryption algorithms in terms of the energy consumed when implemented at the application layer through standard encryption libraries on wireless devices. The research aim and objective is to aid the design of energy efficient secure communication schemes for the wireless environment in the future. The research work has been divided into following tasks to achieve this purpose. First, gain knowledge and understanding of popular symmetric key schemes such as DES, AES, 3DES, Blowfish, and RC2. Third, study the effect of changing key size and number of rounds for AES. Fourth, study the effect of encryption and key size variation with transmission of data. This research does not provide any specific design optimized for the wireless environment and this task is left to the discretion of the systems engineer. 1.3 Thesis Outline The research focuses on the energy consumption characteristics of various encryption schemes under altering environmental condition in wireless devices such as laptops and Pocket PC. The first four chapters of the thesis have been organized in the following order.
  • 19. Chapter 1 introduces the title of the thesis and gives an in-depth explanation of network security. Chapter 2 covers the literature as related to the thesis. It covers different encryption schemes from secret key to asymmetric-key systems and their security. It also covers topics like IP Security, and Wired Equivalent Privacy (WEP). Chapter 3 explains the experimental design. It explains how choices were made for the experiments and the measurements were taken. Chapter 4 explains the results obtained during the research work and provides some analyses of the results. Finally, Chapter 5 presents the summary and conclusion of the results and provides pointers for future research work.
  • 20. Chapter 2 Background and Literature Review This chapter presents the theoretical background essential for the thesis. 2.1 Network Security The objective of network security is to protect networks and their applications against attacks, ensuring information availability, confidentiality and integrity. When organizations design their network security architectures to meet this objective, they must consider a number of factors. Not all networks and their associated applications have the same risks of attacks or possible costs of repairing attack damages. Therefore, companies must perform cost-benefit analyses to evaluate the potential returns on investment for various network security technologies and components versus the opportunity costs of not implementing those items. Networks carry all sorts of vital and confidential data, so security is a highly important part of any wireless network structure. Security ensures that the same level of data integrity and confidentiality as a wired network are maintained. Without properly implemented security measures, any wireless network adapter coming within range of another network adapter or access point can join the network. Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors, or even internal employees. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, IT managers should understand the many types of attacks that can be instigated and the damage that these attacks can cause to e- business infrastructures. The most common types of attacks include Denial of Service (DoS), password, and root access attacks. Even more malicious are Distributed Denial of Service (DDoS) attacks in which an attacker compromises multiple machines or hosts. Historically, password attacks, attacks in which a perpetrator gains unauthorized access to network passwords in order to penetrate confidential information, have been the most common type of attacks. When a hacker “cracks” the password of a legitimate user, he has access to that user’s network resources and typically a very strong platform for getting access to the rest of the network. Hackers can often easily obtain passwords because users typically choose common words or numbers as their passwords, enabling the hacker’s use of software programs to logically determine those passwords. Hackers also deploy social engineering techniques to gain access to passwords. Social engineering is the increasingly prevalent act of
  • 21. obtaining confidential network security information through nontechnical means, such as posing as a technical support representative and making direct phone calls to employees to gather password information. From the early days of the Internet, when only e-mail servers were on the network, a hacker’s ultimate goal was to gain root access to the UNIX host that ran these applications. With root access, the hacker had full control of the system and could often collect enough information to gain access to the rest of the network and other partner networks. E-business application hosts have increased the number of targets for hackers. Hackers often exploit security vulnerabilities, or security holes, in the operating systems or applications of these hosts that system administrators have not safeguarded. Using buffer overflows, Trojan horses, and other common techniques, hackers gain control of hosts that can be used as platforms for launching other attacks. These practices often result in a full compromise of an organization's IS infrastructure and can lead to serious financial losses or legal liabilities. Network attacks cause organizations several hours or days of downtime and serious breaches in data confidentiality and integrity. Depending on the level of the attack and the type of information that has been compromised, the consequences of network attacks vary in degree from slightly annoying to completely devastating, and the cost of recovery from attacks can range from hundreds to millions of dollars. When application availability is compromised by attacks, companies can easily lose millions of dollars per hour. For example, companies that run e-commerce Web sites lose revenue as customers “shop” elsewhere for their products and services; informational Web sites can lose precious advertising time; and manufacturing organizations that use supply-chain management applications can be forced to shut down their lines because they cannot access information regarding their raw materials. When data confidentiality is compromised, the consequence to an organization is not always immediate but it can be costly. For example, if a hacker gains access to an organization's e- mail system, proprietary information that provides competitive advantage might be stolen resulting in a loss of research and development dollars spent in gaining that advantage. When data integrity is compromised, an organization must often incur prohibitive costs to correct the consequences of attacks. For instance, a malicious hacker might modify a Web site, replacing relevant information with nonsensical or offensive content. This compels the proprietor of the site to spend money not only to fix the site, but also to counter the resulting bad public relations. The legal ramifications of breaches in data confidentiality and integrity can also be extremely costly for organizations.
  • 22. 2.1.1 Confidentiality To make the information confidential, the data is modified in such a way that it would be infeasible for the attacker to guess the data. It is achieved by means of encryption algorithms. Encryption is done based on shared secret information between communicating parties. Only the receiver and in some cases the sender know how to decrypt the data after it has been encrypted. The data is generally encrypted with an encryption key and can be decrypted by using a decryption key. For a symmetric key scheme, the encryption and the decryption keys are the same. For public key schemes, they are different. The key used for encryption is called public key while the key for decryption is called the private key. 2.1.2 Authentication The authentication aspect of security services requires that a pair of communicating entities establishes its identity. Essentially, the authentication service tries to establish the identity by means of making sure that a secret is shared between the involved entities. Some protocols establish the authentication through the means of symmetric key schemes while others establish it through the means of public key schemes. For the users of a symmetric key authentication system the communication systems share a secret key between the two communicating parties. Authentication is generally achieved based on challenge and response procedure. 2.1.3 Integrity Data integrity means that assurance is needed that only legitimate entities can modify the message. Encrypting the message to some extent ensures that the attacker cannot modify the message. However there is a possibility of some malicious user sending random data to the receiver. The receiver would decrypt these messages to some incomprehensible data, which posses the possibility of some damage. One method of avoiding such situations is to add a checksum to the message before encrypting it. If the decrypted message and the checksum match then the received message can be assumed valid otherwise it is considered invalid. Such a scheme would provide authentication and confidentiality along with message integrity. 2.1.4 Non repudiation Non-repudiation is the concept of ensuring that a party in a dispute cannot repudiate, or refute the validity of a statement or contract. Although this concept can be applied to any
  • 23. transmission, including television and radio, by far the most common application is in the verification and trust of signatures. In the cryptographic literature, it is possible to find a good number of works that compare the relative performance of various security options available for client authentication, hashing algorithms, cryptography techniques, and digital signatures. A good number of researchers had conducted brilliant studies on performance optimization of cryptographic algorithms. To give more prospective about the performance of the compared algorithms, this section discusses the results obtained from other resources. 2.1.5 Encryption in Wireless Devices Many encryption algorithms are commonly available in wired networks. Generally, most encryptions used in wireless devices are based on symmetric key encryption. One such example is RC4. RC4 is a stream cipher designed by Ron Rivest in 1987 and it is widely used in many applications nowadays and in wireless networks such as IEEE 802.11 WEP [10] and CDPD [11]. RC4 is known to be fast and efficient. RC4 is standardized to provide security services in wireless local area networks (WLANs) using a protocol called Wired Equivalent Privacy (WEP) [12]. However, Fluhrer and many researchers have discovered several vulnerabilities in the RC4 algorithm [13]. The weaknesses in RC4 and loopholes in the WEP Protocol have resulted in a new standard for security in WLANs (IEEE 802.11i) proposing a new protocol based on the Advanced Encryption Standard (AES). AES encryption is fast and flexible, and it can be implemented on different platforms particularly in small devices and smart card [13]. DES, 3DES, Blowfish, RC2 and AES have different tradeoffs in terms of the choice of algorithms in WLANs. A study of energy consumption of these algorithms is essential to decide on their use in security protocols. 2.1.6 Energy Consumption of Encryption Algorithms on Wireless Devices Energy consumption of wireless devices has been extensively studied. In [14], an evaluation of power consumption of an itsy pocket computer was conducted. This study is only intended to evaluate power consumption of different parts of the pocket computer under normal operations. In [15], the computational complexity of public key encryption was studied on an embedded processor. The work concentrates on using several mathematical techniques to improve the performance of public key encryption in the secure socket layer (SSL) protocol. In Law et. al.[16] study of the energy consumption of encryption for sensor networks was carried out. In their investigation, the efficiency of code sizes and algorithms of RC5 and TEA were studied. Yuan and Qu [17] proposed an energy efficient technique using dynamic voltage scaling to reduce energy consumption of public key
  • 24. encryption such RSA, DSA, and ElGamal. In Karri et. al. [18], an optimization of the energy consumption of SSL protocol was studied. Its technique was based on using a compression algorithm to reduce the size of the messages exchanged by the protocol in order to reduce the power consumed by encryption and transmission. 2.1.7 Energy Efficiency of Communication Protocols In the literature, one is likely to find several works on the energy efficiency of transmission protocols over wireless networks at different layers. In [19], performance measurements of energy consumption of the IEEE 802.11 network interfaces was conducted. It was shown that the significant cost of energy consumption is due to the overhead of the 802.11 MAC protocol for point-to-point links. In [20], the energy consumption of different variants of a TCP protocol was studied. It was shown that the congestion control algorithm of TCP could save energy by backing off when an error burst occurred during the transmission, but it worsened the transmission throughput. A comprehensive assessment of energy efficient communication protocols was presented in Jones et. al. [21]. 2.2 Encryption Algorithms Encryption forms the basic building block for various security services. Encryption algorithms take a plain text stream of data and an encryption key and generate a cipher text stream of data. There are several types of data encryptions which form the basis of network security. Encryption schemes are based on block or stream ciphers. The type and length of the keys utilized depend upon the encryption algorithm and the amount of security needed. In conventional symmetric encryption a single key is used. With this key, the sender can encrypt a message and a recipient can decrypt the message but the security of the key becomes problematic. In asymmetric encryption, the encryption key and the decryption key are different. One is a public key by which the sender can encrypt the message and the other is a private key by which a recipient can decrypt the message. The model of encryption can universally be depicted using the following diagram:
  • 25. Figure 2.1: Encryption-Decryption Technique There are two broad classifications of encryption algorithms, split by whether they use the same key for encryption as for decryption:  Symmetric: this means that the same key is used for both encryption and decryption  Asymmetric: this means that there are more different keys for encryption than for decryption. Figure 2.2: Overview on the field of Cryptology 2.2.1 Symmetric Cryptographic Algorithms The most widely used symmetric encryption algorithms are 3DES and AES. These use shared keys, and are actually the algorithms responsible for the vast bulk of data transferred securely over the Encryption Decryption Ciphertext Encryption key Decryption key Plaintext Plaintext C=E (K enc , P) P=D (K dec , C) CRYPTOLOGY CryptanalysisCryptography Asymmetric-Key ProtocolsSymmetric-Key Block Cipher Stream Cipher RSA, etcBLOWFISH DES AES RC2 RC4 SEAL
  • 26. Internet.. Some examples of popular symmetric algorithms include Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, TDES, and IDEA. Symmetric Ciphers Problem Statement: The fundamental idea behind symmetric cryptosystems is illustrated using the problem statement that follows: A and B want to communicate over an un-secure channel (e.g., the Internet, a LAN or a cell phone link). They want to prevent C (the bad guy) from listening. The solution to this is to use symmetric-key cryptosystems such that if C reads the encrypted version y of the message x over the un- secure channel, he will not be able to understand its content because x is what really was sent. Figure 2.3: Symmetric-key cryptosystem Problem Statement Illustration Some important definitions to illustrate symmetric-key algorithms: 1a) x is called the “plaintext” 1b) p = (xi,x2,….xp) is the (finite) “plaintext space” 2a) y is called the “ciphertext” 2b) c = (y1,y2,., yc) is the (finite) “ciphertext space” 3a) k is called the “key” 3b) k = (k1,k2,..kt) is the finite “key space” 4a) There are l encryption function eki : P C (or: eki (x) = y) 4b) There are l decryption function dki : P C (or: dki (y) = x) 4c) ek1 and dk2 are inverse functions if k1 = k2 : dki (y) = dki (eki (x) = x for all ki EK To illustrate the above-listed mathematical expressions, we consider a typical Data Encryption Standard (DES) algorithm  P = C = (0,1,2,….., 264 – 1) (each xi has 64 bits: xi = 010 .. 0110) C (bad) A (good) Encryption e () Decryption d () B (good) Key Generator Secure Channelk y k y
  • 27.  K = (0, 1,2,…, 256 – 1) (each ki has 56 bits)  Encryption (ek) and decryption (dk) Figure 2.4: Symmetric-key model Two properties of symmetric-key algorithms: 1) The algorithm requires same secret key for encryption and decryption. 2) Encryption and decryption are essentially identical. Main problems with symmetric-key schemes are: 1) Symmetric Key Schemes require secure transmission of secret key. 2) In a network environment, each pair of users has to have a different key resulting in too many keys (n – 1) ÷ 2 key pairs). 2.2.1.1 Types of Symmetric Ciphers Symmetric-key algorithms can be divided into stream ciphers and block ciphers. Stream ciphers encrypt the bytes of the message one at a time, and block ciphers take a number of bytes and encrypt them as a single unit. 2.2.1.1.1 Block Ciphers A block cipher is an encryption algorithm that divides a message into blocks and encrypts each block. In other words, block ciphers convert a fixed-length block of plain text into cipher text of the same length, which is under the control of the secret key [6]. Block cipher is so called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same cipher text when using the same key in block cipher whereas the same plain text will encrypt to different cipher text in a stream cipher.Block ciphers include DES, IDEA, SAFER, Blowfish. e k d k X Y X k k
  • 28. Block ciphers can operate in one of the following modes; Electronic codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plain text block to form a cipher text block. 1. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plain text is exclusively – ORed (xoRed) with the previous cipher text block prior to encryption. In this mode, two identical blocks of plain text never encrypt to the same cipher text. 2. Cipher Feedback (CFB) mode is a block cipher implementation as a self- synchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, each incoming character is placed into a shift register the same size block transmitted. At the receiving side, the cipher text is decrypted and the extra bits in the block are discarded. 3. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. CFB prevents the same plain text block from generating the same cipher text block by using an internal feedback mechanism that is independent of both the plain text and cipher text bit streams 2.1.1.2 Stream ciphers In cryptography, a stream cipher is a symmetric key cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (Xor) operation. In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption [7]. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, the digits are typically single bits or bytes. Stream ciphers represent a different approach to symmetric encryption from block ciphers. Block ciphers operate on large blocks of digits with a fixed, unvarying transformation. This distinction is not always clear-cut: in some modes of operation, a block cipher primitive is used in such a way that it acts effectively as a stream cipher. Stream ciphers typically execute at a higher speed than block ciphers and have lower hardware complexity. However, stream
  • 29. ciphers can be susceptible to serious security problems if used incorrectly: see stream cipher attacks — in particular, the same starting state must never be used twice. This leads to the following block diagram for a stream cipher encryption/decryption: Figure 2.5: Principle of stream ciphers A machine realizing the functionality shown above was developed by Vernam for teletypewriters in 1917.  Stream ciphers are less popular than block ciphers in most application domains such as Internet security. There are exceptions, for instance the popular stream cipher RC4.  Stream ciphers are often used in mobile application, such as the A5 speech encryption algorithm of the GSM mobile network.  Stream ciphers generally require fewer resources (e.g., code size or chip area) for an implementation than block ciphers. They tend to encrypt faster than block ciphers.  The one-time pad is the only provable secure symmetric algorithm.  The one-time pad is highly impractical in most cases because the key length has to be equal to the message length.  The requirements for a cryptographically secure pseudo-random generator are far more demanding than the requirements for pseudo-random generators in other (engineering) applications such as simulation. 2.2.2 List of Encryption Algorithms Compared in this Experiment This subsection is intended to give necessary background to understand the major differences among the compared algorithms. 2.2.2.1 DES algorithm Data Encryption Standard or DES is a Feistel cipher which processes plaintext blocks of n = 64 bits, producing 64-bit ciphertext blocks [6]. The effective size of the secret key K is 56 XI ZI YI ZI XI
  • 30. bits; more precisely, the input key K is specified as a 64-bit key, 8 bits of which (bits 8, 16… 64) may be used as parity bits. DES uses a 56-bit key with an additional eight parity bits to bring the block size up to 64 bits. It's an iterated block cipher using what's known as Feistel techniques where the text block being encrypted is split into two halves. The round function is applied to one half using a subkey and that output is then XORed with the other half; the two halves are then swapped and the process continues except that the last round is not swapped. DES uses 16 rounds. Figure 2.6: DES general model The main form of attack on DES is what's known as brute force or exhaustive key search, a repeated trying of keys until one fits. Given that DES uses a 56-bit key, the number of possible keys is 2 56 . With the growth in power of computer systems, this makes DES far less secure than it was when first implemented, although for practical purposes of a non-critical nature, it can still be considered adequate. Initial permutation Encryption 1 Encryption16 Final permutation … K1 K16
  • 31. Figure 2.7: DES Computation Path 64-bit key Initial permutation Round 1 Round 2 Round 16 Final permutation Round Key Generator K1 K 2 K16 64-bit ciphertext 64-bit plaintext
  • 32. 2.2.2.2 Triple-DES Encryption Triple DES is simply another mode of DES operation. It takes three 64-bit keys, for an overall key length of 192 bits [6]. Consequently, Triple DES runs three times slower than standard DES, but is much more secure if used properly. Triple DES was developed to address the obvious flaws in DES without designing a whole new cryptosystem. It simply extends the key size of DES by applying the algorithm three times in succession with three different keys. Figure 2.8: Triple-DES Computation Path Figure 2.9: Triple Encryption example DES ENCRYPTION Plaintext Ciphertext Key 3 Key 2 Key 1 DES DECRYPTION DES ENCRYPTION e e e k1 k2 k3 YX Z
  • 33. 2.2.2.3 Blowfish Algorithm Blowfish is a symmetric block cipher that can be effectively used for encryption and safeguarding of data. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for securing data. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. 2.2.2.4 AES Algorithm The Rijndael, whose name is based on the names of its two Belgian inventors, Joan Daemen and Vincent Rijmen, is a Block cipher. It takes an input block of a certain size, usually 128, and produces a corresponding output block of the same size. The transformation requires a second input, which is the secret key. It is important to know that the secret key can be of any size (depending on the cipher used) and that AES uses three different key sizes: 128, 192 and 256 bits. To encrypt messages longer than the block size, a mode of operation is chosen. While AES supports only block sizes of 128 bits and key sizes of 128, 192 and 256 bits, the original Rijndael supports key and block sizes in any multiple of 32, with a minimum of 128 and a maximum of 256 bits. Figure 2.10: AES Block and Key Sizes  Both block size and key length of Rijndael are variable. Sizes shown above are the ones required by the AES Standard. The number of rounds (or iterations) is a function of the key length: Rijindael 128 128 x y 128/192/256 k
  • 34. Table 2.1: Key lengths and number of rounds for Rijndael Key lengths (bits) nr = # rounds 128 10 192 12 256 14  However, Rijndael also allows block sizes of 192 and 256 bits. For those block sizes the number of rounds must be increased. Rijndael does not have a Feistel structure. Feistel networks do not encrypt an entire block per iteration (e.g., in DES, 64/2 = 32 bits are encrypted in one iteration). Rijndael encrypts all 128 bits in one iteration. As a consequence, Rijndael has a comparably small number of rounds. Rijndael uses three different types of layers. Each layer operates on all 128 bits of a block: Chronology of the AES Process  Development announced on January 2, 1997 by the National Institute of Standards and Technology (NIST).  15 candidate algorithms accepted on August 20th, 1998.  5 finalists announced on August 9th, 1999. - Mars, IBM Corporation. - RC6, RSA Laboratories. - Rijndael, J. Daemen & V. Rijmen. - Serpent, Eli Biham et al. - Twofish, B. Schneier et al.  Monday October 2nd, 2000, NIST chooses Rijndael as the AES. A lot of work went into software and hardware performance analysis of the AES candidate algorithms. Here are representative numbers:
  • 35. Table 2.2: Speeds of the AES Finalists in Hardware and Software Algorithm Pentium-Pro @ 200 MHz (Mbit/sec) FPGA Hardware (Gbit/sec) [EYCP01] MARS 69 - RC6 105 2.4 Rijndael 71 2.1 Serpent 27 4.9 Twofish 95 1.6 . Figure 2.11: AES Computation Path 2.2.2.5 RC2 Algorithm The RC2 algorithm is a block cipher that uses a 64 bit block size and variable key length. The key size ranges from 8 to 256 bits. RC2 uses a source-heavy Feistel network with 16 rounds of mixing and 2 rounds of mashing. Round 1 Round 2 Round Key Generator K1 K 2 K10 Round 10Round 10 128-bit Key 128-bit ciphertext 128-bit plaintext
  • 36. 2.2.3 Asymmetric Cryptographic Systems It looks as though public-key schemes can provide all functionality needed in modern security protocols such as SSL/TLS. However, the major drawback in practice is that encryption of data is extremely computationally demanding with public-key algorithms. Many block and stream ciphers can encrypt 1000 times faster in software than public-key algorithms. On the other hand, symmetric algorithms are poor at providing digital signatures and key establishment/transport functionality. Hence, most practical protocols are hybrid protocols which incorporate both symmetric and public-key algorithms. Mechanisms that can be realized with public-key algorithms are: 1) Key establishment protocols (e.g., Diffie-Hellman key exchange) and key transport protocols (e.g., via RSA) without prior exchange of a joint secret. 2) Digital signature algorithms (e.g., RSA, DSA or ECDSA) 3) Encryption 2.2.3.1 RSA In cryptography, RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations.The RSA algorithm involves three steps: key generation, encryption and decryption. A few general remarks on RSA are as follows: 1) Most popular public-key cryptosystem. 2) Invented by Rivest/Shamir/Adleman in 1977 at MIT. 3) Was patented in the USA (not in the rest of the world) until 2000. 4) The main application of RSA are: a) Encryption and, thus, for key transport b) Digital signature RSA Set-up Stage 1) Chose two large primes p and q. 2) Compute n = p.q 3) Compute Ф (n) = (p – 1). 4) Choose random b; 0 < b < Ф (n), with gcd (b, Ф (n)) = 1
  • 37. Note that b has inverse in Z Ф(n). 5) Compute inverse a = b-1 mod Ф (n): B . a ≡ 1 mod Ф (n). 6) Public key: kpub = (n,b). Private key: kpr = (p,q,a). Encryption: done using public key, kpub. Decryption: done using private key, kpr. Figure 2.12: RSA Encryption and Decryption 2.2.4 `Hash Algorithms A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional modification to the data will change the hash value. The data to be encoded is often called the "message", and the hash value is sometimes called the message digest or simply digests. The ideal cryptographic hash function has four main or significant properties: I. it is easy to compute the hash value for any given message, II. it is infeasible to find a message that has a given hash, III. it is infeasible to modify a message without changing its hash, IV. it is infeasible to find two different messages with the same hash. y = ekpub (x) = xb mod n. x E Zn = (0,1,…, n – 1). x = dkpr (y) = ya mod n.
  • 38. Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for functions with rather different properties and purposes. All well-known hash functions, including MD4, MD5, SHA-1 and SHA-2 are built from block-cipher-like components designed for the purpose, with feedback to ensure that the resulting function is not bijective. A standard block cipher such as AES can be used in place of these custom block ciphers; this generally carries a cost in performance, but can be advantageous where a system needs to perform hashing and another cryptographic function such as encryption that might use a block cipher, but is constrained in the code size or hardware area it must fit into, such as in some embedded systems like smart cards. 2.2.4 Cryptanalysis Cryptanalysis is the science of breaking a cipher without the knowledge of the key used. Its goal is either to recover the plaintext of the message or to deduce the decryption key so that other messages encrypted with the same key can be decrypted. One of the more obvious attacks is to try every possible key (i.e. the finite set of possible keys, known as the keyspace) until the result yields some intelligible data. This kind of attack is known as a brute force attack. Clearly, the greater the keyspace, the greater the immunity to a brute force attack. 2.3 Security in the Internet Internet security involves the protection of a computer's Internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computer's data. Security concerns are in some ways peripheral to normal business working, but serve to highlight just how important it is that business users feel confident when using IT systems. Security will probably always be high on the IT agenda simply because cyber criminals know that a successful attack can be very profitable. This means they will always strive to find new ways to circumvent IT security, and users will consequently need to be continually vigilant.
  • 39. 2.3.1 IPSecurity IPSecurity (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. IPSec helps to create authenticated and confidential packets for the IP layer as shown in Figure2.13 below: Figure 2.13: TCP/IP protocol and IPSec IPSec operates in one of two different modes: the transport mode or the tunnel mode as shown in Figure 2.14. Tunnel mode Transport mode Figure 2.14: Transport mode and tunnel modes of IPSec protocol In the transport mode, IPSec protects what is delivered from the transport layer to the network layer. In other words, the transport mode protects the network layer payload, the payload to be encapsulated in the network layer. The transport mode is normally used when Underlying physical networks Applications IP UDP, TCP, or SCTP IPSec is designed to provide security at the network layer. IPSec-T Transport layer Transport layer Payload Network layer IPSec IPSec-H IPSec payload IPSec-TIP-H IPSec-T Network layer IPSec IP-H IP payload IPSec payload IP-H New IP-H IP payload
  • 40. we need host-to-host or end-to-end protection of data. The sending host uses IPSec to authenticate and/or encrypt the payload delivered from the transport layer. The receiving host uses IPSec to check the authentication and/or decrypt the IP packet and deliver it to the transport layer. In the tunnel mode, IPSec protects the entire IP packet. It takes an IP packet, including the header, applies IPSec security methods to the entire packet, and then adds a new IP header. In other words, we use the tunnel mode when either the sender or the receiver is not a host. The entire original packet is protected from intrusion between the sender and the receiver. It’s as if the whole packet goes through an imaginary tunnel. IPSec defines two protocols-the Authentication Header (AH) Protocol and the Encapsulating Security Payload (ESP) Protocol-to provide authentication and/or encryption for packets at the IP level. The Authentication Head (AH) Protocol is designed to authenticate the source host and to ensure the integrity of the payload carried in the IP packet. The protocol uses a hash function and a symmetric key to create a message digest; the digest is inserted in the authentication header. The AH is then placed in the appropriate location based on the mode (transport or tunnel). The AH Protocol provides source authentication and data integrity, but no privacy. Figure below shows the fields and the position of the authentication header in the transport mode. 1. An authentication header is added to the payload with the authentication data field set to zero. 2. Padding may be added to make the total length even for a particular hashing algorithm. 3. Hashing is based on the total packet. However, only those fields of the IP header that do not change during transmission are included in the calculation of the message digest (authentication data). 4. The authentication data are inserted in the authentication header. 5. The IP header is added after the value of the protocol field is changes to 51.
  • 41. Data used in calculation of authentication data (except those fields in IP header changing during transmission) Figure 2.15: Authentication Header (AH) Protocol in transport mode ESP provides source authentication, data integrity, and privacy. The AH Protocol does not provide privacy, only source authentication and data integrity. IPSec later defined an alternative protocol that provides source authentication, integrity, and privacy called Encapsulating Security Payload (ESP): ESP adds a header and trailer. Note that ESP’s authentication data are added at the end of the packet which makes its calculation easier. Encapsulation Security Payload (ESP) Protocol in transport mode. Figure 2.16: Encapsulation Security Payload (ESP) Protocol in Transport mode When an IP datagram carries an ESP header and trailer, the value of the protocol field in the IP head is 50. A field inside the ESP trailer (the next-header field) holds the original value of the protocol field. The ESP procedure follows these steps: 1. An ESP trailer is added to the payload. IP header Transport layer payload ReservedPayload lengthNext header Security parameter index Sequence number Padding Authentication data (digest) (variable length) 8 bits 8 bits 16 bits AH IP header ESP header Transport layer payload ESP trailer Authentication data (variable length) 32 bits Security parameter index Sequence number Pad length Next header Padding 8 bits 8 bits 32 bits Authenticated Encrypted
  • 42. 2. The payload and the trailer are encrypted. 3. The ESP header is added. 4. The ESP header, payload, and ESP trailer are used to create the authentication data. 5. The authentication data are added to the end of the ESP trailer. 6. The IP header is added after the protocol value is changed to 50. IPSec supports both IPv4 and IPv6. In IPv6, however, AH and ESP are part of the extension header. The ESP Protocol was designed after the AH Protocol was already in use. ESP does whatever AH does with additional functionality which is privacy. The two protocols, AH and ESP can provide several security services for packets at the network layer. The following table shows the list of services available for each protocol. Table 2.3: IPSec services Access control Yes Yes Message authentication (message integrity) Yes Yes Entity authentication (data source authentication) Yes Yes Confidentiality No Yes Replay attack protection Yes Yes Access Control: IPSec provides access control indirectly by using a Security Association Database (SADB). When a packet arrives at a destination, and there is not security association already established for this packet, the packet is discarded. Message Authentication: The integrity of the message is preserved in both AH and ESP by using authentication data. A digest of data is created and sent by the sender to be checked by the receiver. Entity Authentication: The security association and the keyed-hashed digest of the data sent by the sender authenticate the sender of the data in both AH and ESP. Confidentiality: The encryption of the message in ESP provides confidentiality. AH, however, does not provide confidentiality. Security association is a very important aspect of IPSec. Using security association, IPSec changes a connectionless protocol; IP, to a connection-oriented protocol. We can say that when sender and receiver agree upon a set of security parameters between them, they have Services AH ESP
  • 43. established a logical connection between themselves and this is called association. However, they may not use this connection all the time. After establishing the connection, sender can send a datagram to receive today, another datagram a few days later, and so on. The logical connection is there and ready for sending a secure datagram. Certainly, they can break the connection, or they can establish a new one after a while which is a more secure way of communication. Each of three protocols (IPSec, SSL /TLS, and PGP) needs a set of security parameters before it can be operative. In IPSec, the establishment of the security parameters is done via a mechanism called Security Association (SA). IP is a connectionless protocol: Each datagram is independent of the others. For this type of communication, the security parameters can be established in one of the three ways. 1. Security parameters related to each datagram can be included in each datagram. The designer of IPSec did not choose this option probably because of overhead. Adding security parameters to each datagram creates a large overhead, particularly if the datagram is fragmented several times during its journey. 2. A set of security parameters can be established for each datagram. This means that before each datagram is transmitted, a set of packets needs to be exchanged between the sender and receiver to establish security parameters. 3. IPSec uses the third choice. A set of security parameters can be established between a sender and a particular receiver the first time the sender has a datagram to send to that particular receiver. The set can be saved for future transmission of IP packets to the same receiver. 2.3.2 Secure Socket Layer/Transport Layer Security (SSL/TLS) A transport layer security provides end-to-end security services for applications that use a reliable transport layer protocol such as TCP. The design is to provide security services for transactions on the Internet. Two protocols are foremost today for providing security at the transport layer: the Secure Sockets Layer (SSL) Protocol and the Transport Layer Security (TLS) Protocol. The latter is actually an IETF version of the former. Figure below shows the position of SSL and TLS in the Internet model. For instance, when a buyer makes an online purchase, the following security services are desired: 1. The buyer needs to be sure that the server belongs to the actual vendor, not an imposter. Likewise the vendor needs to authenticate the buyer. This is called entity authentication.
  • 44. 2. The buyer and the vendor need to be sure that the contents of the message are not modified during transition. This is called message integrity. 3. The buyer and the vendor need to be sure that an imposter does not intercept sensitive and confidential information such as a credit card number. This is confidentiality aspect of security service. Secure Socket Layer (SSL) is designed to provide security and compression services to data generated from the application layer. Characteristically, SSL can receive data from any application layer protocol, but usually the protocol is HTTP. The data received from the Application are compressed (optional), signed, encrypted. The data are then passed to a reliable transport layer protocol such as TCP. Netscape developed SSL in 1994. Versions 2 and 3 were released in 1995. Figure 2.17: Location of SSL and TLS in the Internet model Fragmentation: First, SSL divides the data into blocks of 214 bytes or less. Compression: Each fragment of data is compressed by using one of the lossless compression methods negotiated between the client and server. It should be noted that this service is optional. Message Integrity: To preserve the integrity of data, SSL uses a keyed-hash function to create a MAC. Confidentiality: To provide confidentiality, the original data and the MAC are encrypted using symmetric-key cryptography. Framing: A header is added to the encrypted payload. The payload is then passed to a reliable transport layer protocol. Security Parameters: There are no SAs, but there are cipher suites and cryptographic secrets that together make the security parameters. Applications IP TCP Underlying physical networks SSL/TLS is designed to provide security at the transport layer.
  • 45. Cipher Suite: The combination of key exchange, hash, and encryption algorithms defines a cipher suite for each SSL session. Each suite starts with the term SSL, followed by the key- exchange algorithm. The word WITH separate the key exchange algorithm from the encryption and hash algorithms. For example, SSL_DHE_RSA_WITH_DES_CBC_SHA defines DHE_RSA (ephemeral Diffie-Hellman with SRA digital signature) as the key exchange with DES_CBC as the encryption algorithm and SHA as the hash algorithm. Note that DH is fixed Diffie-Hellman, DHE is ephemeral Diffie-Hellman, and DH-anon is anonymous Diffie-Hellman. Cryptographic Secrets: The second part of security parameters is often referred to as cryptographic secrets. To achieve message integrity and confidentiality, SSL needs six cryptographic secrets, four keys, and two IVs. The client and the server have six different cryptography secrets. The process of creating these secrets is shown in Figure below. The client needs one key for message authentication, one key for encryption, and one IV for block encryption. The server needs the same. SSL requires that they keys for one direction be different from those for the other direction. If there is an attack in one direction, the other direction is not affected. These parameters are generated by using a negotiation protocol. Figure 2.18: Creation of cryptographic secrets in SSL I II III IV V VI Key-exchange handshaking Premaster secret A complex algorithm using SHA-1 and MD5 Master Secret A complex algorithm using SHA-1 and MD5 Random number Random number I - Client authentication key II - Server authentication key III - Client encryption key IV - Server encryption key V - Client initiation vector VI - Server initiation vector Some constants Some constants Server Client
  • 46. 1. The client and server exchange two random numbers; one is created by the client and the other by the server. 2. The client and server exchange one premaster secret by using one of the key exchange algorithms discussed previously. 3. A 48-byte master secret is created from the premaster secret by applying two hash functions (SHA-1 and MD5). 4. The master secret is used to create variable –length secrets by applying the same set of hash functions and prepending with different constants. Sessions and Connections: The description of IP and TCP protocol is different. IP is a connectionless protocol; TCP is a connection-oriented protocol. An association in IPSec transforms the connectionless IP to a connection-oriented secured protocol. TCP is already connection-oriented. However, the designer of SSL decided that they needed two-levels of connectivity: session and connection. A session between two systems is an association that can last for a long tine; a connection can be established and broken several times during a session. Some of the security parameters are created during the session establishment and are in effect until the session is terminated (for example, cipher suite and master key). Some of the security parameters must be recreated (or occasionally resumed) for each connection (for example, six secrets). SSL defines four protocols in two layers, as shown in Figure 22 . The Record Protocol is the carrier. It carries messages from three other protocols as well as the data coming from the application layer. Messages from the Record Protocol are payloads to the transport layer, normally TCP. The Headshake Protocol provides security parameters for the Record Protocol. It establishes a cipher set and provides keys and security parameters. It also authenticates the server to the client and the client to the server, if needed. The ChangeCipherSpec Protocol is used for signaling the readiness of cryptographic secrets. The Alert-Protocol is used to report abnormal conditions.
  • 47. Figure 2.19: Four SSL protocols Handshake Protocol: The Handshake Protocol uses messages to negotiate the cipher suite, to authenticate the server to the client and the client to the server (if needed), and to exchange information for building the cryptographic secrets. ChangeCipherSpec Protocol: It has been shown that the negotiation of the cipher suite and the generation of cryptographic secrets are formed gradually during the Handshake protocol. The question now is, when can the two parties use these parameter secrets? SSL mandates that the parties not use these parameters or secrets until they have sent or received a special message, the ChangeCipherSpec message, which is exchanged during the Handshake Protocol and defined in the ChangeCipherSec Protocol. Before the exchange of any ChangeCipherSpec messages, only the pending columns have values. Alert Protocol: SSL uses the Alert Protocol for reporting errors and abnormal conditions. It has only one message type, the alert message, which describes the problem and its level (warning or fatal). Record Protocol: The Record Protocol carries messages from the upper layer (Handshake Protocol, ChangeCipherSec protocol, Alert Protocol, or application layer). The message is fragmented and optionally compressed; a MAC is added to the compressed message by using the negotiated hash algorithm. The compressed fragment and the MAC are encrypted by using the negotiated encryption algorithm. Finally, the SSL header is added to the encrypted message. The process at the receiver is reversed. Handshake Protocol ChangeCipherSpec Protocol Alert Protocol Record Protocol Application layer Transport layer SSL
  • 48. 2.3.3 PGP One of the protocols to provide security at the application layer is Pretty Good Privacy (PGP). PGP is designed to create authenticated and confidential e-mails. Figure 23 shows the position of PGP in the TCP/IP protocol suite. Figure 2.20: Position of PGP in the TCP/IP protocol suite Sending an e-mail is a one-time activity. In IPSec or SSL, it assumes that the two parties create a session between themselves and exchange data in both directions. In e-mail, there is no session. Sender and receiver cannot create a session. Sender sends a message to receiver sometime later; receiver reads the message and may or may not sent a reply. In PGP, the sender of the message needs to include the identifiers of the algorithms used in the message as well as the values of the keys. Services: PGP can provide several services based on the requirements of the user. An e-mail can use one or more of these services. Plaintext: The simplest case is to send the e-mail message in plaintext (no service). The sender, composes a message and sends it to the receiver. The message is stored in receiver mailbox until it is retrieved by him. Message Authentication: The next improvement is to let the sender sign the message. He creates a digest of the message and signs it with his private key. He (the receiver) receives the message and verifies the message by using the sender’s public key. Two keys are needed for this scenario. A further improvement is to compress the message and digest to make the packet more compact. This improvement has no security benefit, but it eases the traffic. Confidentiality with One-Time Session Key: Confidentiality in an e-mail system can be achieved by using conventional encryption with a one-time session key. Sender can create a session key, use the session key to encrypt the message and the digest, and send the key itself Applications (e-mail) UDP, TCP, or SCTP IP Underlying physical networks PGP is designed to provide security at the application layer.
  • 49. with the message. However, to protect the session key, sender encrypts it with receiver’s public key. Code Conversion: Another service provided by PGP is code conversion. Most e-mail systems allow the message to consist of only ASCII characters. To translate other characters not in the ASCII set, PGP uses Radix 64 conversion. Each character to be sent (after encryption) is converted to Radix 64 code. Segmentation: PGP allows segmentation of the message after it has been converted to Radix 64 to make each transmitted unit the uniform size allowed by the underlying e-mail protocol. PGP Algorithms: The algorithms used in PGP are shown in Table 4. The list is not complete; new algorithms are constantly added. Table 2.4: PGP Algorithms Algorithm ID Description Public key 1 RSA (encryption or signing) 2 RSA (for encryption only) 3 RSA (for signing only) 17 DSS (for signing) Algorithm ID Description Hash 1 MD5 2 SHA-1 Encryption 3 RIPE-MD 0 No encryption 1 IDEA 2 Triple DES (3 DES) 9 AES 2.3.4 Virtual Private Network A common use of IPSEC is the construction of a Virtual Private Network (VPN), where multiple segments of a private network are linked over a public network using encrypted tunnels. This allows applications on the private network to communicate securely without any local cryptographic support, since the VPN routers perform the encryption and decryption. IPSEC is well suited for this environment, more so than tunnelling PPP over SSL
  • 50. or SSH, since it operates directly on the IP packets and preserves a one-to-one correspondence between packets inside and outside the network. In the case of tunnelling PPP over an encrypted TCP connection, any packet loss in the public network would trigger a TCP retransmission, stalling the link until the packet was delivered. In particular, running Voice over IP (VoIP) traffic through a TCP/PPP tunnel would largely defeat the RTP protocol used for VoIP; IPSEC is better suited in this case. VPN is a technology that is presently famous among large organizations that utilize the global Internet for both intra – and interorganization communication, but require privacy in their internal communications. VPN is being considered here because it uses the IPSec Protocol to apply security to the IP datagram. Private Networks: A private network is designed for use inside an organization. It allows access to shared resources and, at the same time, provides privacy. Two frequently used terms are involved here: Intranet: An intranet is a private network (LAN) that uses the Internet model. However, access to the network is restricted to the users inside the organization. The network uses application programs defined for the global Internet, such as HTTP, and may have Web servers, print servers, file servers, and so on. Extranet: An extranet is the similar to an internet with one major difference: Some resources may be accessed by specific groups of users outside the organization under authorized customers’ access to product specifications, availability, and online ordering. A university or a college can permit distance learning students access to the computer lab after passwords have been checked. Addressing: A private network that uses the Intranet model must use IP addresses. Three choices are available: 1. The network can apply for a set of addresses from the Internet authorities and use them without being connected to the Internet. This strategy has an advantage. If in the future the organization decides to be connected to the Internet, it can do so with relative ease. However, there is also disadvantage: The address space is wasted in the meantime. 2. The network can use any set of addresses without registering with the Internet authorities. Because the network is isolated, the addresses do not have to be unique.
  • 51. However, this strategy has a serious drawback: Users might mistakenly confuse the addresses as part of the global Internet. 3. To overcome the problems associated with the first and second strategies, the Internet authorities have reserved three sets of addresses, shown in the Table 2.5 below: Any organization can use an address out of this set without permission from the Internet authorities. Everybody knows that these reserved addresses are for private networks. They are unique inside the organization, but they are not unique globally. No router will forward a packet that has one of these addresses as the destination address. Table 2.5: Private networks reserved addresses. Prefix Range Total 10/8 10.0.0.0 to 101255.255.255 224 172.16/12 172.16.0.0 to 172.31.255.255 220 192.168/16 192.168.0.0 to 192.168.255.255 216
  • 52. Internet Site x Site y R2R1 Figure 2.21: Virtual Private Network VPN Technology: VPN technology, Figure 2.21,uses IPSec in the tunnel mode to prove authentication, integrity, and privacy. Tunneling: To guarantee privacy and other security measures for an organization, VPN can use the IPSec in the tunnel mode. In this mode, each IP datagram destined for private use in the organization is encapsulated in another datagram. 2.3.5 Firewalls A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices which is configured to permit or deny computer applications based upon a set of rules and other criteria. It may succinctly be described as a computer, router or other communication device that filters access to the protected network [18]. Cheswick and Bellovin [6] define a firewall as a collection of components or a system that is placed between two networks and possesses the following properties:  All traffic from inside to outside, and vice-versa, must pass through it.  Only authorised traffic, as defined by the local security policy, is allowed to pass through it.  The firewall itself is immune to penetration. Firewalls can be implemented in either hardware or software, or a combination of both. They are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. There are several types of firewall techniques:
  • 53. 1. Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. It is susceptible to IP spoofing. 2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose performance degradation. 3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. 4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses. All previous security measures cannot prevent hacker from sending a harmful message to a system. To control access to a system, we need firewalls. Figure 2.22 shows a firewall. Outgoing Incoming Global Internet Internal network(s) Firewall Figure 2.22: Firewall For example, a firewall may filter all incoming packets destined for a specific host or a specific server such as HTTP. A firewall can be used to deny access to a specific host or a specific service in the organization. 2.3.6 Wired Equivalent Privacy (WEP) WEP is a security protocol that adds security to wireless local area networks (WLANs) based on the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11. It is an OSI Data Link layer (Layer 2) security technology. And it is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN. A wired local area network (LAN) is generally protected by physical security mechanisms (controlled access to a building for example) that are effective for a controlled physical environment, but may be ineffective for WLANs because radio waves are not necessarily
  • 54. bound by the walls containing the network. WEP seeks to establish similar protection to that offered by the wired network's physical security measures by encrypting data transmitted over the WLAN. It uses RC4 encryption, which is the same as that used by the security built into standard web browsers (SSL). In a WEP protected network, all packets are encrypted using the stream cipher RC4 under a common key, the root key.RC4 utilizes a combination of secret user keys and system-generated values. The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total). Research has shown that 40-bit WEP encryption is too easy to decode, and consequently product vendors today employ 128-bit encryption (having a key length of 104 bits, not 128 bits) or better (including 152-bit and 256-bit WEP systems). Regardless of how it is implemented on a wireless LAN, WEP represents just one element of an overall WLAN security strategy. A research group from the University of California at Berkeley recently published a report citing "major security flaws" in WEP that left WLANs using the protocol vulnerable to attacks (called wireless equivalent privacy attacks). In the course of the group's examination of the technology, they were able to intercept and modify transmissions and gain access to restricted networks. 802.11 Authentication: The 802.11 standard defines several services that govern how two IEEE 802.11 devices communicate. The following events must occur before an 802.11 Station can communicate with an Ethernet network through an access point: 1. Wireless station is turned on. 2. The station listens for messages from any access points that are in range. 3. The station finds a message from an access point that has a matching SSID. 4. The station sends an authentication request to the access point. 5. The access point authenticates the station. 6. The station sends an association request to the access point. 7. The access point associates with the station. 8. The station can now communicate with the Ethernet network through the access point. An access point must authenticate a station before the station can associate with the access point or communicate with the network. The IEEE 802.11 standard defines two types of authentication: Open System and Shared Key.
  • 55.  Open System Authentication allows any device to join the network, assuming that the device SSID matches the access point SSID. Alternatively, the device can use the "ANY" SSID option to associate with any available Access Point within range, regardless of its SSID. The following steps occur when two devices use Open System Authentication: 1. The station sends an authentication request to the access point. 2. The access point authenticates the station. 3. The station associates with the access point and joins the network.  Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. The following steps occur when two devices use Shared Key Authentication: 1. The station sends an authentication request to the access point. 2. The access point sends challenge text to the station. 3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and sends the encrypted text to the access point. 4. The access point decrypts the encrypted text using its configured WEP Key that corresponds to the station's default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP Key and the access point authenticates the station. 5. The station connects to the network. If the decrypted text does not match the original challenge text (the access point and station do not share the same WEP Key), then the access point will refuse to authenticate the station and the station will be unable to communicate with either the 802.11 networks or Ethernet network.
  • 56. Chapter 3 Experimental Design The setup for the experiment is as shown in Figure 3.1. The server is connected to the access point with 100 Mbps Ethernet link. The wireless devices considered in the experiment are laptop and Pocket PC. The wireless devices are used one at a time and never all at the same time. Transmission of data is from the wireless devices to the server through the wireless link using TCP/IP protocol. For encryption the libraries considered were OpenSSL and Crypto++. Cisco Aironet 1230AG series 802.11/a/b/g Access Ponit Athlon 1.3 GHz server with 384 MB RAM and Windows XP Operating System Toshiba Satellite L300-20D laptop with an Intel CPU T1600 @ 1.66GHz Compaq IPAQ Pocket PC H3800 with Expansion Slot H3600 with Windows CE 3.0 Figure 3.1: Experimental Setup Configuration 3.1 Encryption Libraries Many encryption libraries are available supporting most of the cryptographic algorithms. It is always wise to use full-featured, source-available cryptographic libraries because building a security toolkit is hard, and making the source available makes it easier to find and fix problems. New systems should be built with a library whose source is available to the public for inspection. Most of these libraries have approximately the same crypto functions and encodings. All seem to be reasonably well documented, although openssl is trailing a little. Choice of one over another is largely a matter of language and license. All libraries are
  • 57. generally up-to-date with the latest development in number theory that helps faster mathematical operation. Crypto++ was the basic library selected for encryption since it has a sample benchmark published on its website. The choice was primarily based on ease of use, availability of benchmarks for verification, algorithms supported. Some of the popular libraries are as follows: I. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. It has implementations for AES, DES, Triple-DES, IDEA, RC2, RC4, RC5, SAFER, DH, RSA, and DSA. OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache- style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions. II. Cryptix is Java cryptographic library implemented in Java and Perl. Since 1995 the Cryptix project has been instrumental in getting strong cryptography to Java platform (and some to the Perl platform as well). In fact, while nowadays strong cryptography is widely available, this has not always been the case. At a time when export controls on cryptography were still in effect, Cryptix was the first available cryptographic library for Java. Cryptix was initiated and at first sponsored by Systemics, later on the independent Cryptix Foundation ltd was incorporated. It has implementations for Blowfish, CAST5, DES, IDEA, MARS, RC2, RC4, RC6, and Rijndael (AES), Serpent, SKIPJACK, Square, Triple-DES, Twofish, RSA, DH, and ElGamal. III. Crypto++ is a free C++ class library by published and maintained Wei Dai. This free C++ class library is a class hierarchy with an API defined by the base abstract classes. It handles a large number of cryptographic schemes (including public key cryptography) and cipher modes. In no particular order, here's a list of some stuff supported: RC6, MARS, Rijndael, Twofish, Serpent, IDEA, DES, Triple DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, CBC padded, CBC ciphertext stealing (CTS), CFB, OFB, counter
  • 58. mode,It has implementation for most of the popular Cryptographic algorithms. It has implementation for AES, IDEA, DES, Triple-DES, RC2, RC5, Blowfish, TEA, SAFER, 3- WAY, GOST, SHARK, CAST-128, SEAL, RSA, ElGamal, , ECIES. The dedicated author Wei Dai actively maintains the library. IV. Cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. The high- level interface provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details that make the encryption or authentication work. Because of this, cryptlib dramatically reduces the cost involved in adding security to new or existing applications. At the highest level, cryptlib provides implementations of complete security services such as S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping. Since cryptlib uses industry-standard X.509, S/MIME, PGP/OpenPGP, and SSH/SSL/TLS data formats, the resulting encrypted or signed data can be easily transported to other systems and processed there, and cryptlib itself runs on virtually any operating system - cryptlib doesn't tie you to a single system. This allows email, files, and EDI transactions to be authenticated with digital signatures and encrypted in an industry-standard format. 3.2 Methodology This section describes the techniques and simulation choices made to evaluate the performance of the selected algorithms. In these experiments, the laptop encrypts different sizes of data blocks (0.5MB to 20MB) using the encryption libraries. Five encryption algorithms that are selected in the experiment are AES (key size:256 bits),DES(key size:64 bits),RC2(key size:64 bits), Blowfish(key size:256 bits), and 3DES(key size:192 bits). These implementations are thoroughly tested and are optimized to give the maximum performance for each algorithm. The results are checked and tested for AES that supposed to be the best encryption algorithm by a different implementations program to give the maximum performance for the algorithms and make sure the results are the same using multiple platforms [27].Then for transmission of data, the
  • 59. laptop and the pocket pc are connected wirelessly. Data is transmitted from the first laptop to the pocket pc through the wireless link using TCP/IP protocol. the experiment are applied in two mode of wireless LANs connection (BSS and ad hoc mode).Using IEEE 802.11 standard, data is transmitted using the two different types of authentication. Firstly, data is transmitted using Open System Authentication (no encryption). Secondly, data is transmitted using Shared Key Authentication (WEP encryption). Using IEEE 802.11i, data is transmitted using Open System Authentication (no encryption) and data is transmitted using WPA. The effects of different signal to noise conditions and its effect on transmission of data (under relatively excellent signals and poor signals) are studied. Hardware Descriptions for this Experimental Setup A. Compaq iPAQ H3600 Series  CPU - Intel Strong ARM SA1110 processor  32 MB of SDRAM and 16MB of flash  Serial and slave USB via cradle  115Kbps and 4Mbps IrDA  Expansion packs B. Toshiba L300-20D Laptop  Intel CPU T1600 @ 1.66GHz  32-bit Windows Operating System  160 GB Hard disk  1GB RAM In this experiment, several performance metrics are collected and analyzed: 1. Encryption time 2. Throughput 3. Battery power 4. Transmission time. 3.2.1 Encryption time Computation The encryption time is considered the time that an encryption algorithm takes to produce a cipher text from a plaintext. Encryption time is used to calculate the throughput of an
  • 60. encryption scheme. It indicates the speed of encryption. The throughput of the encryption scheme is calculated as the total plaintext in bytes encrypted divided by the encryption time. The throughput of the encryption scheme is calculated as the total plaintext in bytes encrypted divided by the encryption time. The CPU process time is the time that a CPU is committed only to the particular process of calculations. It reflects the load of the CPU. 3.2.2 Energy Consumption Computation Energy consumption of security systems can be measured in many ways. For computation of the energy cost of encryption (micro joule/byte), the same techniques as described in is adopted [24]. A basic cost of encryption represented by the product of the total number of clock cycles taken by the encryption and the average current drawn by each CPU clock cycle is presented. The basic encryption cost is in unit of ampere-cycle. The methods used in this experiment are briefly discussed as follows: The first method used to measure energy consumption is to assume that an average amount of energy is consumed by normal operations and to test the extra energy consumed by an encryption algorithms. The battery life consumed in percentage for one run = runsofnumberthe lifebatteryinChange Average battery Consumed per iteration= N IterationsumedPerBatteryCon N  1 The second method of security parameters can also be measured by counting the amount of computing cycles which are used in computations related to cryptographic operations. In other words the second method used to measure energy consumption is to assume that an average amount of energy is consumed by normal operations and to test the extra energy consumed by an encryption algorithms. This method simply monitors the level of the percentage of remaining battery. The experiments note the number of iteration or runs over the file and the battery life. Change in battery life divided by the number of runs gives the battery life consumed in percentage for one run. The second method for computation of the energy cost of encryption. For computation of the energy cost of encryption, the same techniques is used as described in [30], [32] using the following equations. Bcost_encryption (ampere-cycle) = τ * I Tenergy_cost (ampere-seconds) =
  • 61. ec)F(cycles/s cycle)-(ampereB ptioncost_encry Ecost (Joule) = Tenergy_cost (ampere-seconds)*V Where Bcost_encryption: is a basic cost of encryption (ampere-cycle). τ: the total number of clock cycles. I: the average current drawn by each CPU clock cycle. Tenergy_cost: the total energy cost (ampere-seconds). F: clock frequency (cycles/sec). Ecost (Joule): the energy cost (consumed). By using the cycles, the operating voltage of the CPU, and the average current drawn for each cycle, the energy consumption of cryptographic functions are computed. For example, on average, each cycle consumes approximately 270 mA on an Intel 486DX2 processor [30] or 180 mA on Intel Strong ARM [31]. For a sample calculation, with a 700 MHz CPU operating at 1.35 Volt, an encryption with 20,000 cycles would consume about 5.71 x 10-3 mA-second or 7.7 μ Joule. So, the amount of energy consumed by program P to achieve its goal (encryption or decryption) is given by E= VCC × I × N × τ Where N: the number of clock cycles. τ: the clock period. VCC: the supply voltage of the system I: the average current in amperes drawn from the power source for T seconds. Since for a given hardware, Both VCC and τ are fixed, E α I × N. However, at the application level, it is more meaningful to talk about T than N, and therefore, we express energy as E α I × T. [30]Since for a given hardware Vcc are fixed. 3.3 Wireless Environment Some perspective of the effect of changing wireless environment may serve to be useful while designing wireless communication systems. With this in mind factors like changing the signal to noise ratio, packet size, and layer where encryption is performed are considered in these experiments.
  • 62. 3.3.1 Data Transmission All algorithms considered above need to be considered when the data that is encrypted by them is transmitted over the wireless network. Initially the effect of signal to noise ratio is removed by keeping the device very close to the access point to have excellent signal conditions. The effect of the algorithm and key size variations under data transmission is evaluated. 3.3.2 Signal to Noise Ratio Reduced signal to noise ration causes retransmission and transmissions under lower signal to noise ratio are more demanding on the battery. To understand the comparison of battery cost for encryption and transmission with varying signal to noise conditions measurements are taken transmission for data transfer with and without encryption under different signal to noise conditions. 3.3.3 Layer of Encryption One of the goals of this study is to determine the effect of moving the encryption process to application level. So data transmission is done with encryption enabled at the link level by WEP and then same data is transmitted with WEP disabled and encryption at application level using AES. 3.3.4 Changing Packet Size In 802.11b environment the TCP transmissions involve transmission of packets over which the TCP, IP and Ethernet headers are added. So the transmission of 128 bits data leads to and inefficient transmission mechanism. Also waiting for acknowledgements leads to reduction in effective throughput. The purpose of this set of experiments is to determine the change in performance observed by switching from 128 bits transmission to 1024 bytes transmission.
  • 63. Chapter 4 Results and Analyses 4.1 The Effect of Changing Packet Size for Cryptographic Algorithms on Power Consumption Encryption time is used to compute the throughput of an encryption algorithm. In this subsection, CPU work load, encryption throughput and power consumption for text encryption without transmission are calculated to prove which encryption algorithm has better performance. 0 5 10 15 20 25 30 RC2 DES 3DES AES BLOWFISH Duration Time(milliseconds/100) Throughput(MB/Sec) Power Consumption (Microjoules) Figure 4.1: Time Consumption, Throughput, and power consumption for Text encryptions. The effect of changes when transmission of data is taken in consideration under different scenario such as transmission of data by using two different architectures (BBS, and ADhoc mode) was equally studied.
  • 64. 0 2 4 6 8 10 12 PowerConsumption (Microjoule/Byte) No Enc AES 3DES DES RC2 BF Cryptographic Algorithms Adhoc mode/Excellent signal/Open Key Authentication(without encryption) Adhoc/Excellent signal/Shared Key Authentication(WEP) Poor Signals BBS/WPA BBS/Open Key Authentication(without encryption) Figure 4.2: Power consumption for Text Files Encryption in Micro joule/Byte with data transmission 4.2 The effect of changing data type (JPEG) for cryptography algorithm on power consumption. Figures 4, 5 and 6 respectively depict the experimental results obtained when a comparison between different JPEG images was carried out to know which one has better performance. 4.2.1 CPU work load Figure 4.3: Time consumption for different JPEG Files Encryption without data Transmission
  • 65. 4.2.2 Encryption Throughput Throughput of each encryption algorithm to encrypt different text data without data transmission is shown in Figure 5. Figure 4.4: Throughput of each encryption algorithm (Kilobytes/Second) 4.2.3 Power Consumption The Power consumption to encrypt different text data with a different data block size in micro joule/bytes are shown in Figure 4.5. Figure 4.5: Power consumption for different JPEG Files Encryptions 4.2.4 Encryption with Transmission The Figure 4.6 depicts effects of changes on results when transmission of data is taken in consideration.
  • 66. 0 0.5 1 1.5 2 2.5 3 3.5 4 ComparativeExecution TimesforTransmission ofEncryptionAlgorithms BF 3DES RC2 DES AES No Enc Cryptographic Algorithms Adhoc/Excellent signals/open key Authentication w ithout encryption Adhoc/Excellent signals/shared key Authentication(WEP) Poor signals BBS/Excellent signals/WPA Figure 4.6: Comparative execution times for transmission of JPEG files using different algorithms In case of data transmission, it was found there is insignificant difference in performance of different symmetric key schemes (most of the resources are consumed for data transmission rather than computation). 4.3 The effect of changing data type (Audio files) for cryptography algorithm on power consumption. 0 10 20 30 40 50 60 Values BLOWFISH AES DES 3DES RC2 Cryptographic Algorithms Power consumption in microjoules Throughput(MB/Sec) Duration Time in Seconds Figure 4.7: Time consumption, Throughput, and power consumption for Text Encryption