Mini Project (Bempenis m., 09099225)

8/3/2019 Mini Project (Bempenis m., 09099225)

1/18

Oxford Brookes University ASSESSED COURSEWORK School of Technology

TO BE COMPLETED BY STUDENT(S)

Department: School of Technology

Module No: P00011 Module Title: Research and Study Methods

Assignment Title or No: Mini Project

If this is a group assignment, please enter all group members nos., names, and if relevant, group no. or name.

Student No(s): Student Name(s): (Surname , first name)

09099225 Bempenis, Michail Group:

Statement of Compliance:

We declare that the work submitted is our own and that the work we submit is fully in accordance with the

University regulations regarding assessments (see overleaf).Student Signature(s):

signed MB Date: 25 Nov 2009

TO BE COMPLETED BY SCHOOL

Received by: Date Received by School:

Markers Name: Markers Signature:

Weighting of this assignment as a % of the whole module:

Areas of achievement:

Areas for further development:

Grade / mark (unmoderated): Date:

FORM: LT1 Assessed Coursework Coversheet Version: September 2009


2/18


Module Number: P00011

Project Title:Data security for Wireless Communication Systems: A study of

various popular crypto algorithms and their suitability. - This

topic should cover various popular crypto algorithms based on

block, stream, and public key ciphers and their suitability for

mobile communication devices in terms power, speed of

operation, chip area requirement, reliability, etc. This should

include techniques based on, for example, ECC, RSA, AES,

Kasumi, etc.

Student Name: Bempenis Michail

Student Number: 09099225

Proposed by: Dr. Abusaleh Jabir

Date of submission: 25 November 2009


3/18


AbstractIn our daysNowdays/Recent trend suggests, it is crystal clear that security issues are

becoming an everyday worry for a wide group of electronic systems that control,

store, access and communicate important and sensitive data. In recent years the role of

wireless communication systems has broadened significantly and the total knowledge

dealing with them has grown a great deal as well. However, security policies for

wireless systems need to focus attention to additional areas that are not always

addressed for wired systems, because of the special characteristics make wireless

systems distinguish from any other electronic systems.

In this study, the main issues for security applied on communication systems are

reviewed in the context of satisfaction of security requirements and provision of

security services being available to mitigate the potential threats for any kind of

network. Additionally, cryptographic algorithms -the core of security systems are

discussed, their major categories are listed, the most popular ciphers as of block,

stream and public key ones are described in detail with figures, as well as many

evaluations in terms of power, speed of operation, chip area requirement and

reliability are illustrated.

With a lot of security approaches for wireless systems have been suggested till now,

potential improvements of security for wireless devices with low processing power

and small size and memory capacities are more than challenging in our days.

Para. 1wordy=

Para. 2

Para. 3


4/18


Table of Contents

1. Introduction... 1

2. Fundamentals.....1

2.1 Security requirements... 1

2.2 Basic Terminology....... 2

2.3 Security Services...... 2

3. Cryptographic Algorithms... 3

3.1 Asymmetric key algorithms..... 3

3.2 Symmetric key algorithms....4

3.2.1 Block and Stream ciphers.......4

3.3 Hash algorithms....7

4. Suitability of cryptographic algorithms.. 7

4.1 Hardware and software implementation...... 8

4.2 Power management.. 8

5. Conclusions.... 11

References... 12


5/18


List of Abbreviations

AES Advanced Encryption Standard

DES Data Encryption Standard

DH Diffie-Hellman

DSA Digital Signature Algorithm

ECC Elliptic Curve Cryptography

MAC Message Authentication Code

RC4 Rivest Cipher 4

RSA Rivest,ShamirandAdleman

SHA Secure Hash Algorithm

SSL Secure Sockets Layer

WEP Wired Equivalency Protocol

3DES triple-Data Encryption Standard

3G Third Generation
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivest


6/18


1. Introduction

The very last years Recently/In recent years, wireless systems technology, which

actually coexists with, extends, and even competes with wired communication

services, has provided high quality connectivity and communication services withpreviously unknown flexibility and mobility characteristics.

However the commercialization of wireless communications resulted in the rise of the

potential for adversarial interactions, which are motivated by various harming

concerns. In the modern business world for example, vital information needs to be

exchanged between parties for the successful completion of a transaction and current

business practices are dependent on extensive use of computers and the Internet.

In response to the rise of security problems, the technical community has developed a

collection of basic technologies for addressing network security. Many of the same

problems, design approaches, and even protocols that have been developed for wired

network security can be applied to wireless network security too, in a way that it

could simply be considered as a subtopic of general network security.

On the other hand, cryptographic algorithms are still troublesome for wireless systems

because of kind of difficulties in their implementation. Many scientists believe that a

number of cryptographic algorithms have been proven unsuitable for wireless systems

devices -especially for handheld devices, because these devices operate in a different

way and their specific limitations as of power consumption and chip area

requirements for example, affect a great deal the network security features. The

impact of those parameters on existing security systems should not be disregarded as

many studies for this topic have been developed and apparently will be discussed on

the following paragraphs of this study.

2. Fundamentals

2.1 Security requirements

The objective of communication security, which wireless systems should satisfy as

well, is the preservation of the three following principles [4]:

Confidentiality: the communication data are only released to authorized parties

of the network.

Integrity: the data in the communication process retain their completeness and

are not able to be modified by any unauthorized party.

1

Does not contain an overview the article. Organization of the paper/report/article..


7/18


Availability: authorized parties are allowed timely access and adequate

bandwidth to access the data.

2.2 Basic Terminology Plaintext is the initial message or initial data to be encrypted. Its form is

understandable by all every parties [2].

Ciphertext is the text produced as a result of encryption process. Its form is

secret for everybody other than the valid communicating parties [2].

Encryption: the process which through implementation of a cryptographic

algorithm and the use of cryptographic material (mainly cryptographic keys)

transforms the plaintext to ciphertext [2]. Encryption or cryptographic algorithm is the formula that performs the

necessary transformations so that the plaintext to be encrypted [2].

Decryption: the inverse procedure than that encryption performs [2].

Cryptographic key is the main part of the provisioned cryptographic material

that is typically used for the cryptographic algorithm. Key or keys are strictly

delivered to the legitimate communicating parties only [1].

Security protocol: includes a formal sequence of steps to be followed by twoor more parties of a network and decides which encryption algorithms should

be used, so that security services to be carried out successfully [2].

2.3 Security Services

Security services orsecurity objectives have been developed to counter the potential

threats against the security system. They have many uses in general network security

and are an important part of wireless network security. The three main categories aretraced as follows [1]:

Data origin authentication orintegrity protection ensures that the receiver of a

message is able to ascertain that the received message originated from an

authorized party as well as that its contents were not changed during

transmission.

Confidentiality protection is the most popular security service. Confidentiality

protection allows the sender party to know that only a designated receiver and

2


8/18


not any unplanned eavesdropper is able to read the contents of the message it

sent.

Replay protection ensures that undesirable replaying of previous messages can

not be committed. Sequence of replayed messages captured during a legitimatetransaction can block the receiver partys processing, so that receiver to refuse

services to legitimate parties.

3. Cryptographic Algorithms

As it has already been mentioned above, cryptographic algorithms require

cryptographic material in order security services to be provided successfully.

Generally, both communicating parties possess and use in common cryptographickeys which managementover the time is one of the most significant and complex field

of security procedure for wireless systems [1].

Cryptographic algorithms usually define the security characteristics of the key

management system, but at the same time they can be roughly divided, depending on

the number of keys are used during the encryption process, into two main types which

will be discussed comprehensively in the following paragraphs [1], [3].

3.1 Asymmetric key algorithms

Public key or asymmetric algorithms use different keys, especially a pair of keys,

namelypublic key andprivate key for encryption and decryption, respectively [2], [3].

In order asymmetric algorithms to be performed, confidential material is not required

to be transmitted as well as disposal in advance of secret material to the both parties.

Instead, communicating parties originate a pair of keys, one private not available to

any other party and one public, which is not confidential and can be transmitted

through open links of the network to the communicating parties [1].

They are not based on simple operations with bits as symmetric algorithms do, but on

tough computational mathematical functions -namely algorithmical [3].

Furthermore, it is noted that asymmetric key algorithms are widely developed for data

origin authentication services and key delivery/exchange purposes [1].

The most typical examples asymmetric key algorithms are discussed above:

3


9/18


Rivest,ShamirandAdleman (RSA) is the most popular of the category and is

based on the difficulty of integer resolving [2], [7]. It is usually used to secure

wed traffic and e-mail in the Secure Sockets Layer (SSL) protocol [7].

Diffie-Hellman (DH) is based on that of the discrete logarithm problem ininteger fields [2].

Elliptic Curve Cryptography (ECC) algorithmis based on difficulty of solving

the discrete logarithm problem in integer fields. Related to RSA algorithm,

ECC achieves better storage efficiencies, lower power consumption, higher

speed and security per key bit. These advantages explain why ECC is used in

mobile devices which processor power, energy availability, bandwidth, and

storage are limited [7].

3.2 Symmetric key algorithms

Conventional, shared, secret key orsymmetric algorithms use the same key on both

encryption and decryption process [2], [3]. The key is a high entropy random bit

cryptographic pattern that is combined with the plaintext to produce the ciphertext [1].

The key should be kept secret from all other parties except from the communicating

ones. In case of its revelation, the eavesdropper unfortunately will be able to perform

the identical cryptographic operations that had been considered to be performed only

by the legitimate parties [1]. Consequently, the not-legitimate party could play the

role of a legitimate one, or to decrypt encrypted messages legitimate parties sent.

Last but not least, it is noted that symmetric algorithms are mainly used to provide

confidentiality protection services [2].

3.2.1 Block and Stream ciphers

Further division of symmetric algorithms can be achieved considering the way the

cryptographic algorithm processes the plaintext, either bit by bit or block by block.

So, the two basic subcategories are presented below, as well as the most typical

examples are discussed above:

Block ciphers

In this case, fixed-size plaintext blocks considered as input are encrypted into ideally

equal ciphertext fixed-size blocks considered as output. Additionally, the process

4
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adleman


10/18


requires the data to be passed through sequence of operations which are usually called

rounds [2].

They are more popular than stream ciphers, are used in many Internet standards as

well as 3G mobile communications and last but not least they constitute fundamental

building blocks for wireless internet security [1].

Advanced Encryption Standard (AES) algorithm can use independently

128, 192 or 256 bits either for input-output or keys. Figure 1 above

illustrates its structure on encryption and decryption procedure, and

Figure 2 its block diagram respectively [7].

Figure 1: AES cipher structure [7]

5


11/18


Figure 2: Block diagram of AES [7]

Kasumi is the base cipher for data origin authentication and

confidentiality services of Third Generation (3G) mobile

communications. Kasumi encrypts blocks of 64-bits and uses 128-bit

key with eight operation rounds [4], [7]. Figure 3 illustrates an indicial

block diagram of Kasumi algorithm [7].

Figure 3: Block diagram of Kasumi argorithm [7]

DES algorithm operates on 64-bit block of data, uses a 56-bit key and

there are sixteen rounds of identical operations [7]. If the DES

6


12/18


operation is performed three consecutive times the algorithm referred

as 3-DES, the security level increases, but on the contrary, the

performance reduces because 48 round operations are required. Figure

4 illustrates the block diagram of DES algorithm [7].

Figure 4: Block diagram of DES algorithm [7]

Stream ciphers

The plaintext is transformed to ciphertext on a bit-by-bit or byte-by-byte basis. There

are used in cases where buffering is very limited or when incoming traffic is

processed on a byte-by-byte basis [1]. There are not detailed internet standards for

stream ciphers but on the other hand they are specialized and usually provided under

particular requirements [1].

RivestCipher 4 (RC4) is the most popular cipher of this category. It is

used in many protocols (SSL, WEP) and is characterized for its high

speed in software and its simplicity [8].

3.3 Hash Algorithms

A cryptographic hash function is actually a noninvertible function that maps the bytes

in a message to a unique message digest. When a shared key is an argument to the

function in addition to the bytes of the message, a cryptographic hash function is often

called a keyed hash. A message digest formed using a keyed hash from both the

message and a secret key shared between two parties is called a message

7
http://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Ron_Rivest


13/18


authentication code (MAC), which are developed a great deal in Internet security

protocols for data origin authentication [1].

Secure Hash Algorithm-1 (SHA-1) is one of the most common hash

functions in Internet security protocols. It is used for example tocalculate message digests and for several other applications. Finally, it

is noted that in order a SHA-1 message digest to be calculated only the

bits of the message are required and not any kind of key [1].

4. Suitability of cryptographic algorithms

The various above-mentioned cryptographic algorithms can achieve and provide

similar security functionalities and services respectively. However, the difficulties inimplementation of cryptographic algorithms on wireless communication devices

maintain their selection as an open issue.

For this reason in this section, their suitability is being evaluated in terms of some

vital characteristics for mobile communication devises, as those of power

consumption, hardware area requirements, speed of operation and reliability.

4.1 Hardware and Software Implementation

On one hand, cipher implementations in hardware are highly suggested, because

software solutions may be easier but not acceptable for real time, high-speed and low-

power consumption applications in wireless communication devices [5], [7].

On the other hand, many researchers suggest solutions in software, because the huge

amount of calculations of cryptographic algorithm require extra chip area for

hardware, not usually available on mobile or handheld devices for example [5].

Considering existing literature and many studies accumulated so far to evaluate the

various algorithms, the following outputs could be argued:

In terms of hardware, stream ciphers for example have usually simpler

circuitry and consequently lower chip area requirements [1].

In terms ofsoftware, 3DES algorithm for example is slow for software

implementations related to DES and other block ciphers. This characteristic

actually constitutes the main drawback of 3DES ciphers, as well.

8


14/18


In terms ofspeed of operation, stream ciphers seems to be faster than block

ciphers [1], asymmetric algorithms tend to require more complex arithmetic

processing and to be considerably slower than symmetric key algorithms [1].

Additionally, RC4 is a good choice of algorithm for high speed applications,because of its high speed operation and good performance [2]. Last but not

least, it is noted that ECC algorithm achieves higher speed than that of RSA

algorithm [7].

4.2 Power management

Many studies have been carried out in the field of wireless communication energy

management, especially of the power consumed by a handheld device. This is normal

if we take into consideration the high scale variations recorded in power consumed by

cryptographic algorithms of the same category.

Generally, it can be noted that energy consumed by these devices is a function of the

size of data transmitted, and the security level of the service as illustrated for example

in Figure 5 [6].

Figure 5: Energy consumed by secure wireless data transmission of 64KB data using (a) DES

and (b) 3DES encryption [6]

Furthermore, Figure 6 illustrates power consumption for various symmetric

algorithms as a result of a specific study [2], from where the following observations

have been derived from and are discussed above:

RC4 is a good choice of algorithm for high speed applications, but its energy

cost it relatively high to AES algorithm for example.

AES algorithm offers a good combination of security and energy efficiency(both key setup and encryption).

9


15/18


Figure 6: Power consumption for various symmetric algorithms [2]

Additional outcomes related to the power consumption from different studies are

presented above [2], [6]:

Power consumed by AES algorithm in software is five times less than that is

required by 3DES [6], as illustrated in Table 1.

Encryption software implementation

3DES (192-bit)AES

128-bit 192-bit 256-bit

Energy/bit (J) 0.3349 0.0666 0.07 0.075

Throughput (Mbps) 4.976 25.963 24.58 24.1

Table 1: Energy consumed by optimized software implementations

of 3DES and AES encryption [6]

The amount of power required for symmetric algorithms performance is not

critically affected by the size of the key, contrary to that of asymmetric

algorithms [2]. Table 2 illustrates the energy consumption of the AES

algorithm for various key sizes.

Key size

(bits)

Key setup

(J)

Average power of various

operating modes (J/B)

10


16/18


128 7.83 1.59

192 7.87 1.9075

256 9.92 2.0725

Table 2: Energy costs of AES variants [2]

The amount of energy consumption of symmetric algorithms is related to the

key-setup cost.

The level of security services provided by a cryptographic algorithm can be

compromised for power supplies by the key size and number of rounds.

Particularly, symmetric algorithms are the best example of this trade-off

philosophy [2].

ECC algorithm achieves lower power consumption than that of RSA algorithm[7].

Last but not least, potential solutions suggested by many researchers so that wireless

devices to reduce the power levels consuming during encryption procedure include

adapting communication according to the application requirements, regulating of

energy used by the mobile transmitter during active communication, alterations

between different modes of operation, and finally delaying of unit operation during

idle periods [6].

5. Conclusions

In this study the basic concepts and characteristics of security for communication

systems have been discussed. An interesting start to design a reliable security system

is to designate the security services that are basically required and then to evaluate the

cryptographic algorithm and material that their implementation will provide the

security requirements. In addition to all above-mentioned, we examined the basic

cryptographic algorithms suitability for mobile communication devices in relation to

their limitations (energy, speed of operation, hardware and software)

and reached the following conclusions:

1. High scale variations in power consumption are recorded between

cryptographic algorithms of same category.

2. Performance of asymmetric algorithms consumes the highest amount of power

in relation to other algorithms, i.e sometimes five times more than that

11

bullet

points

Wellwritten


17/18


symmetric ones consume. On the contrary, hash algorithms require the lowest

amount of power.

3. The amount of power required for symmetric algorithms performance is not

critically affected by the size of the key. On the contrary, asymmetric

algorithms power consumption is highly related to the key size.

4. The level of security services provided by a cryptographic algorithm can be

compromised for power supplies by parameters as the key size and number of

rounds.

5. Asymmetric algorithms have generally lower performance in term of speed of

operation, and

6. Last but not least, stream ciphers seem to be faster than block ciphers as well

as they have usually simpler circuitry and consequently lower chip area

requirements.

Furthermore, we did not omit to present a number of interesting suggestions

submitted by researchers and constitute potential solutions (e. g scalable encryption)

to wireless devices limitations, as well as future work for study in the field of

cryptographic algorithms.

Words: 2884 (figures, tables and reference list are not included)

References

1. Kempf, J. Wireless internet security. Architecture and Protocols. New York:

Cambridge University Press, 2008.

2. Potlapally, N. et all. A study of the Energy Consumption Characteristics of

Cryptographic Algorithms and Security Protocols. IEEE Transactions on Mobile

Computing5 (2), 2006, pp.128 142.

3. Gritzalis, S.Basic Cryptographic Topics. Samos: University of Aigaon, 2002.

4. Giannattasio, G. et all. A guide to the Wireless Engineering Body of Knowledge.New Jersey: John Wiley and Sons, 2009.

5. Sklavos, N. Zhang, X. Wireless Security and Cryptography. Specifications and

Implementations. Boca Raton: CRC Press, 2007.

6. Karri, R. Mishra, P. Minimizing Energy Consumption of Secure Wireless Session

with QoS Constraints. Proceedings, IEEE International Conference on

Communication, New York, 2002.

7. Howon, K. Sunggu L. Design and Implementation of a Private and Public Key

Crypto Processor and its Application to a Security System . IEEE Transactions onConsumer Electronics 50 (1), 2004, pp.214-224.

12


18/18


8. RC4. Wikipedia. Available at: http://en.wikipedia.org/wiki/RC4 (Accessed: 23

November 2009).

Bibliography

Stallings, W. Cryptograpgy and Network Security. USA: Person Education, Inc,

2006.

13
http://en.wikipedia.org/wiki/RC4http://en.wikipedia.org/wiki/RC4http://en.wikipedia.org/wiki/RC4

Mini Project (Bempenis m., 09099225)

Documents

Transcript of Mini Project (Bempenis m., 09099225)