A. Ramesh,A. Suruliandi

DOI: https://doi.org/10.1109/iccpct.2013.6528957

2013-03-01

Abstract:Information Security has become an important issue in data communication. Encryption algorithms have come up as a solution and play an important role in information security system. On other side, those algorithms consume a significant amount of computing resources such as CPU time, memory and battery power. Therefore it is essential to measure the performance of encryption algorithms. In this work, three encryption algorithms namely DES, AES and Blowfish are analyzed by considering certain performance metrics such as execution time, memory required for implementation and throughput. Based on the experiments, it has been concluded that the Blowfish is the best performing algorithm among the algorithms chosen for implementation.

Praneet Singh,Kedar Deshpande

DOI: https://doi.org/10.48550/arXiv.1812.02220

2018-12-06

Abstract:With the advent of Internet of Things (IoT) and the increasing use of application-based processors, security infrastructure needs to be examined on some widely-used IoT hardware architectures. Applications in today's world are moving towards IoT concepts as this makes them fast, efficient, modular and future-proof. However, this leads to a greater security risk as IoT devices thrive in an ecosystem of co-existence and interconnection. As a result of these security risks, it is of utmost importance to test the existing cryptographic ciphers on such devices and determine if they are viable in terms of swiftness of execution time and memory consumption efficiency. It is also important to determine if there is a requirement to develop new lightweight cryptographic ciphers for these devices. This paper hopes to accomplish the above-mentioned objective by testing various encryption-decryption techniques on different IoT based devices and creating a comparison of execution speeds between these devices for a variety of different data sizes. Keywords-Internet of things(IoT), application-based processors, security, encryption-decryption, speed, efficiency

Cryptography and Security

邓锦红,陈德人,苏斐琦

DOI: https://doi.org/10.3785/j.issn.1008-973X.2003.02.005

2003-01-01

Abstract:Security is an important element in the design of e-business sites. However, performance is the price to be paid for it. To learn how the mechanisms and protocols used to support security may impact system performance, an analysis of the security mechanisms such as TLS and SET protocol is provided. After identifying the dominant factor, i.e. bottleneck, Some auxiliary methods can be used to improve the performance of it. Dynamic load balancing, proxy servers and caches can be used for security at the network level; a combination of firewall and the single Sign-on technology can also be used at this level. For security at the server level, the use of cryptographic accelerator cards, more and faster processors, and the use of faster cryptographic algorithms can substantially reduce the time spent in the most expensive cryptographic operations so that performance is increased. In addition, an improved model based on Distributed Calculating environment and DES Cipher algorithm can effectively reduce the impact of security mechanisms on system performance.

Boyuan He,Vaibhav Rastogi,Yinzhi Cao,Yan Chen,V. N. Venkatakrishnan,Chunlin Xiong,Runqing Yang,Zhenrui Zhang

2016-01-01

Abstract:Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols have become the security backbone of the Web and Internet today. Many systems including mobile and desktop applications are protected by SSL/TLS protocols against network attacks. However, many vulnerabilities caused by incorrect use of SSL/TLS APIs have been uncovered in recent years. Such vulnerabilities, many of which are caused due to poor API design and inexperience of application developers, often lead to confidential data leakage or man-in-the-middle attacks. In this paper, to guarantee code quality and logic correctness of SSL/TLS applications, we design and implement SSLINT, a scalable, automated, static analysis system for detecting incorrect use of SSL/TLS APIs. SSLINT is capable of performing automatic logic verification with high efficiency and good accuracy. To demonstrate it, we apply SSLINT to one of the most popular Linux distributions – Ubuntu. We find 29 previously unknown SSL/TLS vulnerabilities in Ubuntu applications, most of which are also distributed with other Linux distributions.

Sebastian Gallenmüller,Dominik Schöffmann,Dominik Scholz,Fabien Geyer,Georg Carle

DOI: https://doi.org/10.48550/arXiv.1904.11423

2019-04-25

Abstract:Secure communication is an integral feature of many Internet services. The widely deployed TLS protects reliable transport protocols. DTLS extends TLS security services to protocols relying on plain UDP packet transport, such as VoIP or IoT applications. In this paper, we construct a model to determine the performance of generic DTLS-enabled applications. Our model considers basic network characteristics, e.g., number of connections, and the chosen security parameters, e.g., the encryption algorithm in use. Measurements are presented demonstrating the applicability of our model. These experiments are performed using a high-performance DTLS-enabled VPN gateway built on top of the well-established libraries DPDK and OpenSSL. This VPN solution represents the most essential parts of DTLS, creating a DTLS performance baseline. Using this baseline the model can be extended to predict even more complex DTLS protocols besides the measured VPN. Code and measured data used in this paper are publicly available at <a class="link-external link-https" href="https://git.io/MoonSec" rel="external noopener nofollow">this https URL</a> and <a class="link-external link-https" href="https://git.io/Sdata" rel="external noopener nofollow">this https URL</a>.

Networking and Internet Architecture,Cryptography and Security,Performance

Antonio Francesco Gentile,Davide Macrì,Domenico Luca Carnì,Emilio Greco,Francesco Lamonaca

DOI: https://doi.org/10.3390/s24092781

IF: 3.9

2024-04-27

Sensors

Abstract:The widespread adoption of Internet of Things (IoT) devices in home, industrial, and business environments has made available the deployment of innovative distributed measurement systems (DMS). This paper takes into account constrained hardware and a security-oriented virtual local area network (VLAN) approach that utilizes local message queuing telemetry transport (MQTT) brokers, transport layer security (TLS) tunnels for local sensor data, and secure socket layer (SSL) tunnels to transmit TLS-encrypted data to a cloud-based central broker. On the other hand, the recent literature has shown a correlated exponential increase in cyber attacks, mainly devoted to destroying critical infrastructure and creating hazards or retrieving sensitive data about individuals, industrial or business companies, and many other entities. Much progress has been made to develop security protocols and guarantee quality of service (QoS), but they are prone to reducing the network throughput. From a measurement science perspective, lower throughput can lead to a reduced frequency with which the phenomena can be observed, generating, again, misevaluation. This paper does not give a new approach to protect measurement data but tests the network performance of the typically used ones that can run on constrained hardware. This is a more general scenario typical for IoT-based DMS. The proposal takes into account a security-oriented VLAN approach for hardware-constrained solutions. Since it is a worst-case scenario, this permits the generalization of the achieved results. In particular, in the paper, all OpenSSL cipher suites are considered for compatibility with the Mosquitto server. The most used key metrics are evaluated for each cipher suite and QoS level, such as the total ratio, total runtime, average runtime, message time, average bandwidth, and total bandwidth. Numerical and experimental results confirm the proposal's effectiveness in foreseeing the minimum network throughput concerning the selected QoS and security. Operating systems yield diverse performance metric values based on various configurations. The primary objective is identifying algorithms to ensure suitable data transmission and encryption ratios. Another aim is to explore algorithms that ensure wider compatibility with existing infrastructures supporting MQTT technology, facilitating secure connections for geographically dispersed DMS IoT networks, particularly in challenging environments like suburban or rural areas. Additionally, leveraging open firmware on constrained devices compatible with various MQTT protocols enables the customization of the software components, a crucial necessity for DMS.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Praveen Banasode,Sunita Padmannavar

DOI: https://doi.org/10.1109/fabs52071.2021.9702689

2021-12-21

Abstract:the revolution caused by the advanced analysis features of Internet of Things and big data have made a big turnaround in the digital world. Data analysis is not only limited to collect useful data but also useful in analyzing information quickly. Therefore, most of the variants of the shared system based on the parallel structural model are explored simultaneously as the appropriate big data storage library stimulates researchers’ interest in the distributed system. Due to the emerging digital technologies, different groups such as healthcare facilities, financial institutions, e-commerce, food service and supply chain management generate a surprising amount of information. Although the process of statistical analysis is essential, it can cause significant security and privacy issues. Therefore, the analysis of data privacy protection is very important. Using the platform, technology should focus on providing Advanced Cryptography Policy (ACP). This research explores different security risks, evolutionary mechanisms and risks of privacy protection. It further recommends the post-statistical modern privacy protection act to manage data privacy protection in binary format, because it is kept confidential by the user. The user authentication program has already filed access restrictions. To maintain this purpose, everyone’s attitude is to achieve a changing identity. This article is designed to protect the privacy of users and propose a new system of restoration of controls.

Bela Genge,Piroska Haller

DOI: https://doi.org/10.48550/arXiv.0910.3765

2009-10-20

Abstract:We propose a comparative performance evaluation of security protocols. The novelty of our approach lies in the use of a polynomial mathematical model that captures the performance of classes of cryptographic algorithms instead of capturing the performance of each algorithm separately, approach that is used in other papers. A major advantage of using such a model is that it does not require implementation-specific information, because the decision is based on comparing the estimated performances of protocols instead of actually evaluating them. The approach is validated by comparatively evaluating the performances of 1000 automatically generated security protocols against the performances of their actual implementations.

Cryptography and Security

Jenny Blessing,Michael A. Specter,Daniel J. Weitzner

DOI: https://doi.org/10.48550/arXiv.2107.04940

2021-07-11

Cryptography and Security

Abstract:The security of the Internet rests on a small number of open-source cryptographic libraries: a vulnerability in any one of them threatens to compromise a significant percentage of web traffic. Despite this potential for security impact, the characteristics and causes of vulnerabilities in cryptographic software are not well understood. In this work, we conduct the first comprehensive analysis of cryptographic libraries and the vulnerabilities affecting them. We collect data from the National Vulnerability Database, individual project repositories and mailing lists, and other relevant sources for eight widely used cryptographic libraries. Among our most interesting findings is that only 27.2% of vulnerabilities in cryptographic libraries are cryptographic issues while 37.2% of vulnerabilities are memory safety issues, indicating that systems-level bugs are a greater security concern than the actual cryptographic procedures. In our investigation of the causes of these vulnerabilities, we find evidence of a strong correlation between the complexity of these libraries and their (in)security, empirically demonstrating the potential risks of bloated cryptographic codebases. We further compare our findings with non-cryptographic systems, observing that these systems are, indeed, more complex than similar counterparts, and that this excess complexity appears to produce significantly more vulnerabilities in cryptographic libraries than in non-cryptographic software.

Geovandro C. C. F. Pereira,Renan C. A. Alves,Felipe L. da Silva,Roberto M. Azevedo,Bruno C. Albertini,Cíntia B. Margi

DOI: https://doi.org/10.1155/2017/2046735

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:The deployment of security services over Wireless Sensor Networks (WSN) and IoT devices brings significant processing and energy consumption overheads. These overheads are mainly determined by algorithmic efficiency, quality of implementation, and operating system. Benchmarks of symmetric primitives exist in the literature for WSN platforms but they are mostly focused on single platforms or single operating systems. Moreover, they are not up to date with respect to implementations and/or operating systems versions which had significant progress. Herein, we provide time and energy benchmarks of reference implementations for different platforms and operating systems and analyze their impact. Moreover, we not only give the first benchmark results of symmetric cryptography for the Intel Edison IoT platform but also describe a methodology of how to measure energy consumption on that platform.

computer science, information systems,telecommunications

Tingyuan Nie,Lijian Zhou,Zhe-Ming Lu

DOI: https://doi.org/10.1049/iet-sen.2012.0137

2013-01-01

IET Software

Abstract:With the increasingly extensive application of networking technology, security of network becomes significant than ever before. Encryption algorithm plays a key role in construction of a secure network system. However, the encryption algorithm implemented on resource-constrained device is difficult to achieve ideal performance. The issue of power consumption becomes essential to performance of data encryption algorithm. Many methods are proposed to evaluate the power consumption of encryption algorithms yet the authors do not ensure which one is effective. In this study, they give a comprehensive review for the methods of power evaluation. They then design a series of experiments to evaluate the effectiveness of three main types of methods by implementing several traditional symmetric encryption algorithms on a workstation. The experimental results show that external measurement and software profiling are more accurate than that of uninterruptible power system battery. The improvement of power consumption is 27.44 and 33.53% which implies the method of external measurement and software profiling is more effective in power consumption evaluation.

Christian Paquin,Douglas Stebila,Goutam Tamvada

DOI: https://doi.org/10.1007/978-3-030-44223-1_5

2020-01-01

Abstract:AbstractPost-quantum cryptographic primitives have a range of trade-offs compared to traditional public key algorithms, either having slower computation or larger public keys and ciphertexts/signatures, or both. While the performance of these algorithms in isolation is easy to measure and has been a focus of optimization techniques, performance in realistic network conditions has been less studied. Google and Cloudflare have reported results from running experiments with post-quantum key exchange algorithms in the Transport Layer Security (TLS) protocol with real users’ network traffic. Such experiments are highly realistic, but cannot be replicated without access to Internet-scale infrastructure, and do not allow for isolating the effect of individual network characteristics.In this work, we develop and make use of a framework for running such experiments in TLS cheaply by emulating network conditions using the networking features of the Linux kernel. Our testbed allows us to independently control variables such as link latency and packet loss rate, and then examine the performance impact of various post-quantum-primitives on TLS connection establishment, specifically hybrid elliptic curve/post-quantum key exchange and post-quantum digital signatures, based on implementations from the Open Quantum Safe project. Among our key results, we observe that packet loss rates above 3–5% start to have a significant impact on post-quantum algorithms that fragment across many packets, such as those based on unstructured lattices. The results from this emulation framework are also complemented by results on the latency of loading entire web pages over TLS in real network conditions, which show that network latency hides most of the impact from algorithms with slower computations (such as supersingular isogenies).

Gabriele Restuccia,Hannes Tschofenig,Emmanuel Baccelli

DOI: https://doi.org/10.48550/arXiv.2011.12035

2020-12-10

Abstract:Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software, and in hardware. Standard protocols such as Datagram Transport Layer Security (DTLS 1.2) and Transport Layer Security (TLS 1.2) are often recommended to secure communications to/from IoT devices. Recently, the TLS 1.3 standard was released and DTLS 1.3 is in the final stages of standardization. In this paper, we give an overview of version 1.3 of these protocols, and we provide the first experimental comparative performance analysis of different implementations and various configurations of these protocols, on real IoT devices based on low-power microcontrollers. We show how different implementations lead to different compromises. We measure and compare bytes-over-the-air, memory footprint, and energy consumption. We show that, when DTLS/TLS 1.3 requires more resources than DTLS/TLS 1.2, this additional overhead is quite reasonable. We also observe that, in some configurations, DTLS/TLS 1.3 actually decreases overhead and resource consumption. All in all, our study indicates that there is still room to optimize the existing implementations of these protocols.

Cryptography and Security,Networking and Internet Architecture

Kaushal Shah,Devesh C. Jinwala

DOI: https://doi.org/10.5121/csit.2018.80405

2018-09-18

Abstract:The linear and grid based Wireless Sensor Networks (WSN) are formed by applications where objects being monitored are either placed in linear or grid based form. E.g. monitoring oil, water or gas pipelines; perimeter surveillance; monitoring traffic level of city streets, goods warehouse monitoring. The security of data is a critical issue for all such applications and as the devices used for the monitoring purpose have several resource constraints (bandwidth, storage capacity, battery life); it is significant to have a lightweight security solution. Therefore, we consider symmetric key based solutions proposed in the literature as asymmetric based solutions require more computation, energy and storage of keys. We analyse the symmetric ciphers with respect to the performance parameters: RAM, ROM consumption and number of CPU cycles. We perform this simulation analysis in Contiki Cooja by considering an example scenario on two different motes namely: Sky and Z1. The aim of this analysis is to come up with the best suited symmetric key based cipher for the linear and grid based WSN.

Cryptography and Security

Jolly Shah,Vikas Saxena

DOI: https://doi.org/10.48550/arXiv.1112.0836

2011-12-05

Abstract:Image applications have been increasing in recent <a class="link-external link-http" href="http://years.Encryption" rel="external noopener nofollow">this http URL</a> is used to provide the security needed for image applications. In this paper, we classify various image encryption schemes and analyze them with respect to various parameters like tunability, visual degradation, compression friendliness,format compliance, encryption ratio, speed, and cryptographic security.

Cryptography and Security

Sohaib ul Hassan,Iaroslav Gridin,Ignacio M. Delgado-Lozano,Cesar Pereida García,Jesús-Javier Chi-Domínguez,Alejandro Cabrera Aldaya,Billy Bob Brumley

DOI: https://doi.org/10.1145/3372297.3421761

2020-08-14

Abstract:Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same vulnerabilities in old and new products, highlighting a big issue among vendors: effectively tracking and fixing security vulnerabilities when disclosure is not done directly to them. In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library. We use a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Our evaluation uncovers several new vulnerabilities in NSS affecting DSA, ECDSA, and RSA cryptosystems. We exploit said vulnerabilities and implement key recovery attacks using signals---extracted through different techniques such as timing, microarchitecture, and EM---and improved lattice methods.

Cryptography and Security

Anjali Malik,Shailender Gupta,Sangeeta Dhall

DOI: https://doi.org/10.1007/s11042-020-09279-6

IF: 2.577

2020-07-30

Multimedia Tools and Applications

Abstract:Cryptography (encryption/decryption) is one of the prevailing mechanisms for protection of information (data or image) in the growing era of computerized exchange. It is the art of securing data/image by changing it into an unreadable format, called cipher text/image. Encryption mechanism is said to be efficient if it offers high security and robustness against attacks, and endow with very low correlation value between cipher and the original information. Enormous techniques and corresponding survey papers are available in literature considering only a few methods or parameters into account, but there is a stern need of investigation, which thoroughly considers vast variety of techniques and compares them in the light of numerous performance metrics under the influence of wide variety of probable threats. In view of the fact, this paper has taken account of almost all traditional, modern, chaotic, and quantum-chaotic based methods under the influence of prevalent intimidation and does a comprehensive investigation based on various performance metrics. To measure the efficacy, all the mechanisms are implemented in MATLAB-2014. Chaos and Quantum based algorithms are the superlative in comparison to others presented in literature under most of the extensive threats (attacks, noises etc.) and can resist brute force attacks due to large key space. In addition, suggestions for future scope have been given.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Boyuan He,Vaibhav Rastogi,Yinzhi Cao,Yan Chen,V. N. Venkatakrishnan,Runqing Yang,Zhenrui Zhang

DOI: https://doi.org/10.1109/SP.2015.38

2015-01-01

Abstract:Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols have become the security backbone of the Web and Internet today. Many systems including mobile and desktop applications are protected by SSL/TLS protocols against network attacks. However, many vulnerabilities caused by incorrect use of SSL/TLS APIs have been uncovered in recent years. Such vulnerabilities, many of which are caused due to poor API design and inexperience of application developers, often lead to confidential data leakage or man-in-the-middle attacks. In this paper, to guarantee code quality and logic correctness of SSL/TLS applications, we design and implement SSLINT, a scalable, automated, static analysis system for detecting incorrect use of SSL/TLS APIs. SSLINT is capable of performing automatic logic verification with high efficiency and good accuracy. To demonstrate it, we apply SSLINT to one of the most popular Linux distributions -- Ubuntu. We find 27 previously unknown SSL/TLS vulnerabilities in Ubuntu applications, most of which are also distributed with other Linux distributions.

Ting Li,Jinjiang Yang,Yin Zhou,Shaojun Wei

DOI: https://doi.org/10.1145/3672919.3673034

2024-01-01

Abstract:Cryptography is very important in the field of network security. In order to encrypt various types of data using different encryption algorithms, an efficient encryption hardware architecture must have both flexibility and high performance. However, current hardware often fails to balance encryption speed and flexibility. This is a question that researchers need to address. This paper proposes a reconfigurable cryptographic algorithm processing module RPU, which can support various publicly available block cipher, hashing algorithms and streaming algorithms, as well as user-defined algorithms. This module is integrated into the SOC system. In this paper, we also map AES and SM4 algorithms and conduct experiments to demonstrate that we achieve better performance and lower power consumption. Compared with other hardware implementations, our proposed architecture has an energy efficiency advantage of 12X to 102X. Additionally, this design also improves energy efficiency by 3.7X compared to other CGRA chips.

Mansoor Ebrahim,Shujaat Khan,Umer Bin Khalid

DOI: https://doi.org/10.48550/arXiv.1405.0398

2014-05-02

Cryptography and Security

Abstract:Information Security has become an important issue in modern world as the popularity and infiltration of internet commerce and communication technologies has emerged, making them a prospective medium to the security threats. To surmount these security threats modern data communications uses cryptography an effective, efficient and essential component for secure transmission of information by implementing security parameter counting Confidentiality, Authentication, accountability, and accuracy. To achieve data security different cryptographic algorithms (Symmetric & Asymmetric) are used that jumbles data in to scribbled format that can only be reversed by the user that have to desire key. This paper presents a comprehensive comparative analysis of different existing cryptographic algorithms (symmetric) based on their Architecture, Scalability, Flexibility, Reliability, Security and Limitation that are essential for secure communication (Wired or Wireless).