Abstract:
Abstract : The objective of this research is to develop an adaptive cryptographic protocol, which allows users to select an optimal cryptographic strength and algorithm based upon the hardware and bandwidth available and allows users to reason about the level of security versus the system throughput. In this constantly technically-improving society, the ability to communicate via wireless technology provides an avenue for delivering information at anytime nearly anywhere. Sensitive or classified information can be transferred wirelessly across unsecured channels by using cryptographic algorithms. The research presented will focus on dynamically selecting optimal cryptographic algorithms and cryptographic strengths based upon the hardware and bandwidth available. The research will explore the performance of transferring information using various cryptographic algorithms and strengths using different CPU and bandwidths on various sized packets or files. This research will provide a foundation for dynamically selecting cryptographic algorithms and key sizes. The conclusion of the research provides a selection process for users to determine the best cryptographic algorithms and strengths to send desired information without waiting for information security personnel to determine the required method for transferring. This capability will be an important stepping stone towards the military's vision of future Net-Centric Warfare capabilities.Cite
The Internet of Things creates advanced application systems requiring minimum human interaction by integrating entities having unique addressing mechanisms with digital processing platforms by communicating in a network. The Internet of Things devices being resource constrained are prone to attacks and security breaches. Conventional cryptographic procedures are not viable for Internet of Things and embedded applications as the computations involved with them require higher processing power, memory and energy. Lightweight cryptographic techniques can be used in resource constrained Internet of Things devices to mitigate the security issues. These lightweight cryptographic solutions use smaller key sizes, smaller block sizes and lesser number of rounds. This paper uses a lightweight cryptographic algorithm, AES (Advanced Encryption Algorithm) which is one of the efficient and robust algorithms, to secure communication in the wireless sensor networks. The experimentation uses UDP protocol for transmissions and Routing Protocol for Low-Power and Lossy networks (RPL) for packet delivery from source to destination. Later, the performance of different variants of AES is checked by performing the power analysis. The results demonstrate that AES-192 and AES-256 with 8 rounds show optimized results in terms of power, thus making it suitable for power constrained devices.
Cite
Citations (15)
Wireless sensor networks (WSN) allow to exchange information and to take immediate and remote actions in natural, industrial, military or domestic environment systems. These networks are vulnerable to cyber-attacks, hence, they are vulnerable to being intercepted, interrupted or modified. However, for the last twenty years, the amount of information exchanged through communication networks around the world has considerably increased and thus its vulnerability. As a result, encryption algorithms are fundamental to protect information. In this context, security, performance and energy consumption become a paramount design factor for an engineer when designing and implementing WSNs. It is not an easy task to reach an optimal balance between these factors. In this paper, we evaluate three well-known symmetric encryption algorithms in an embedded development platform: the ARDUINO MEGA 2560. Our experiment measures the algorithms encryption average execution time and energy consumption. Additionally, we measure the impact of the channels of a small wireless sensor network with two nodes. The evaluation demonstrates the feasibility of implementing cryptographic algorithms in devices with limited resources such as memory, computing power and life span (energy consumption). Furthermore, the low impact on the network channels when comparing unencrypted communication vs encrypted communication evidence the potential of symmetric encryption algorithms.
Cite
Citations (4)
Abstract With the large-scale application of 5G in industrial production, the Internet of Things has become an important technology for various industries to achieve efficiency improvement and digital transformation with the help of the mobile edge computing. In the modern industry, the user often stores data collected by IoT devices in the cloud, but the data at the edge of the network involves a large of the sensitive information, which increases the risk of privacy leakage. In order to address these two challenges, we propose a security strategy in the edge computing. Our security strategy combines the Feistel architecture and short comparable encryption based on sliding window (SCESW). Compared to existing security strategies, our proposed security strategy guarantees its security while significantly reducing the computational overhead. And our GRC algorithm can be successfully deployed on a hardware platform.
Cite
Citations (14)
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system applications handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain confidentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and finite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus, longer battery life), and robustness to attacks.
This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and configurable features of an embedded processor. Next, we introduce a satisfiability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.
IPsec
Robustness
Transport Layer Security
Cite
Citations (1)
Implementation
Cite
Citations (122)
Sensor devices, RFID tags, wireless sensor networks, Internet of Things and embedded systems, which have increasing usage areas in human life, connect objects internally and maintain continuous communication with each other in a controlled manner with the application fields developed with technological investments and incentives. Seizing of data by unauthorized persons constitutes a serious weakness in terms of security. Cryptography algorithms are also used to create a secure communication by avoiding weaknesses. However, limited resources, such as memory, RAM, battery, etc., affect performance, limit the cryptography algorithms to be applied. This article also examines lightweight encryption algorithms developed for use in restricted sources. Examples of articles that include performance tests and analysis of lightweight algorithms in the literature are included. Cryptographic message transmission is performed by using lightweight block encryption algorithms between two objects with different hardware properties and performance analysis is performed.
Cite
Citations (0)
Objectives: A reliable and effective data communication is required without imposing overheads in terms of energy, communication costs, processing and the network latency. Data aggregation is the process which provides capabilities like In-Network processing, reducing the communication overhead, eliminating redundant packet transmissions and increases the lifetime of the network. Methods: A method for implementing secure data aggregation using Lightweight Cryptographic primitives is proposed which is suitable for resource constrained networks. Security services provided include authentication, integrity and confidentiality. A Lightweight Cryptography algorithm SPECK is used for encryption and decryption of the aggregated data. Instead of using the same key repeatedly an unique key is generated for every session. Findings: By implementing security primitives it is possible to provide basic services that are required to make the established network immune to attacks. The proposed method is analysed in terms of execution time, memory usage and throughput and provides better results in comparison to existing standard encryption algorithms. Application/Improvement: It is very well suited for application in which the data needs to be processed periodically and continuously. The future scope of work includes analyzing the scalability and communication overhead for large network of nodes and Homomorphic evaluation of the algorithm to deliver end-to-end security services.Keywords: Lightweight cryptography, SPECK, Secure Data Aggregation, Wireless Sensor Network
Cite
Citations (3)
More and more mobile applications require the ability to issue digital signatures. Traditionally, digital signatures are based on asymmetric cryptographic techniques which make them computationally expensive. Currently, all mobile devices tend to have limited computational capabilities and equally limited power. This makes them ill-suited for complex cryptographic computations. We designed a server-aided PKI service (SaPKI) to offload work from clients in mobile networks such as GSM and CDMA. Mobile clients can utilized the powerful (both CPU speed and power supply) SaPKI server to generate RSA keys and digital signatures. The paper details the implementation of SaPKI service. A secure "cell phone-banking" application has been implemented on SaPKI architecture in CDMA-IX mobile network. After thorough performance analysis, we concluded that SaPKI could significantly improve the performance of mobile client's cryptographic operation.
GSM
Cite
Citations (6)
Security is considered to be an important issue in wireless sensor networks.Clustering is an effectual and convenient way to enhance performance of the WSN system. Sensor nodes have limited power, computational capabilities and memory. Cryptography is the most offered security service in WSN. Applying any encryption scheme requires transmission of extra bits, hence extra processing, memory and battery power are needed. For ensuring robust security for the network, the keys are to be managed, revoked, assigned to a new sensor network or renewed. In this paper different cryptographic schemes and their encountered issues are discussed.
Cite
Citations (0)