Wireless Security Software Code Re-engineering
Working on this project has been most beneficial to me, in more than a way. I have gathered the required skills and aptitudes to analyse and tackle complex algorithms such as the Advanced Encryption Standard. It has been a whole new adventure into the world of cryptography and digital security. For everything I have gained while working on this project, I must thank all the people who have given me advice, support and encouragement.
My heartfelt gratitude goes to my project coordinator, Mr Razvi Doomun, who has been of great help and assistance through all the steps of this project. His thoughtful advice and constant guidance have allowed me to thread on the right path, without losing focus of my objectives. I am grateful for all the opportunities he has given me and for his invaluable coaching.
My appreciation also goes to my project partner, Sundeep Tengur. We have worked collaboratively to solve several complex issues and problems we have encountered. His comments and suggestions have helped us both to achieve our objectives and meet all the requirements set in this project. Besides working together, we have share great moments of friendship while working towards our project goals.
Project Abstract:
The Advanced Encryption Standard is currently one of the most secure encryption algorithms. Unlike other algorithms such as WEP which have been cracked and exposed, AES stills holds its integrity due to the complex and random nature that data is encrypted through it. With the increasing number of mobile computing devices and along with it, the increasing demand for wireless transmissions, the need for a new adapted security protocol arises. Therefore, the 802.11i specification has been ratified in 2004 and it proposes the use of CCMP – Counter Mode with Cipher Block Chaining Message Authentication Protocol, an AES-based algorithm.
This project aims at optimizing the AES algorithm for wireless transmissions of mobile devices by reducing the execution time while preserving the encryption strength of AES. The optimised algorithm developed will preserve and make optimum use of mobile device resources such as CPU clock cycles, memory and battery power. The objectives also include the investigation of AES in Cipher Block Chaining (CBC) mode. Several simulations are conducted to analyse the speed, resource consumption and encryption robustness of AES-CBC to investigate its viability for image encryption usage on common low power devices.
This project focused on the encryption part of the AES and AES-CBC while performing different simulations for the encryption process on varying file size, increasing number of rounds, partial optimisations and image encryption.
Problem Statement:
AES is a robust algorithm built for encryption of data in computer systems. However it was mainly designed for powered computers running on wired networks. However nowadays, the trend in computing technology is geared towards small, self-powered wireless devices such as PDAs, tablet PCs, laptops and smart-phones, able to run micro computer applications. Several more issues now come into consideration and have to be addressed, namely:
1. Reducing execution time on mobile devices.
2. Battery cycles and standby time.
3. Low memory and slow processor limitations.
4. Security while communicating through wireless channels.
Motivation
The motivation behind this project was to contribute to computer science by optimising the use of AES for mobile devices. Since there is no adapted version of AES for mobile devices and wireless networks to date, we earnestly hope to re-engineer AES to cope with problems that it may encounter while being run on those devices. We predict that in the very near future, a very large portion on computer devices will be mobile or pocket devices, connecting wirelessly to their base stations and therefore the robustness of AES, coupled with modifications to address issues proper to mobile equipment, can turn out to be a very powerful tool for mobile data encryption.
Main Objectives
In this project we try to understand the issues that must be considered when implementing block ciphers to wireless transmissions. One of the goals is to find ways to exploit the medium to its maximum and to use all available resources in an optimum way so as to achieve the highest possible rate of encryption.
Blocks of data can be copied with encryption for virtually the same cost as copying alone. Hence our main objective is to achieve these results by paying very careful attention to the scheduling of instructions and memory references, loop unrolling, and careful hand-optimization of the inner loop of both copy and copy-plus-encrypt operations. In other words, memory copy with encryption can be made virtually as efficient as a traditional memory copy using different optimization techniques.
The following action shall be initiated to address the issues specified in the problem statement:
1. To cater for memory limitations:
Adopt programming language with more concise syntax
2. To cater for battery life:
Reduce execution time
Measure performance of improved security software using reengineering & optimisation techniques.
3. To cater for low processing power:
Optimise execution of software
Detailed Objectives
To analyse the AES encryption algorithm complexity.
To use existing AES encryption library tools as a benchmarks.
To run AES encryption software on different wireless devices/hardware platforms, e.g. PC, laptop, PDA.
To apply different software engineering techniques that optimise code execution, i.e. reengineering the code or algorithm of AES for better performance.
To run several simulations of AES software for different optimisations incrementally and interpret simulation results qualitatively and quantitatively.
To measure the performance gain (execution time, processing, battery usage, memory usage) for different simulation cases and critically analyse the results.
AES Operations
The AES consists of 4 main operations:-
- AddRoundKey
- SubBytes
- ShiftRows
- MixColumns
Analysis of Encrypted Image using AES
Images of various sizes are executed for run-tests and the resultant encrypted cipher-image are analysed for encryption strength. Images of various types are used, namely:
Type 1 – simple object on plain background
Type 2 – objects on textured background with more details
Type 3 – structured images with much small details
Image Type 1 : simple object on plain background
Observations:-
It is observed that the resultant cipher-image still displays some visible information about the shape, size and structure of the original image. This type of results occurs mostly for Type 1 images encrypted with a 128-bit key. As the key length goes stronger (192 and 256), the resultant encrypted image is more scrambled and less visual cues are displayed originating from the source image.
Image Type 2 : objects on textured background with more details
Observations:-
It is observed that the resultant cipher-image still displays some less visible information about the shape, size and structure of the original image. This type of results occurs mostly for Type 2 images encrypted with a 128-bit key. As the key length goes stronger (192 and 256), the resultant encrypted image is more scrambled and less visual cues are displayed originating from the source image.
Image Type 3 : structured images with much small details
Observations:-
It is observed that the resultant cipher-image displays very little of the visible information about the shape, size and structure of the original image. This type of results occurs mostly for Type 3 images encrypted with a 128-bit key. As the key length goes stronger (192 and 256), the resultant encrypted image is more scrambled and less visual cues are displayed originating from the source image.
Analysis of Encrypted Image using AES CBC
Images of various sizes are executed for run-tests and the resultant encrypted cipher-image are analysed for encryption strength. Images of various types are used, namely:
Type 1 – simple object on plain background
Type 2 – objects on textured background with more details
Type 3 – structured images with much small details
Image Type 1 : simple object on plain background
Observations:-
It is observed that the encrypted image holds no visual cues and it is not possible to make out any shape or texture from the scrambled image about the original image.
Image Type 2 : objects on textured background with more details
Observations:-
It is observed that the encrypted image holds no visual cues and it is not possible to make out any shape or texture from the scrambled image about the original image.
Image Type 3 : structured images with much small details
Observations:-
It is observed that the encrypted image holds no visual cues and it is not possible to make out any shape or texture from the scrambled image about the original image.
Analysis of Encrypted Images while varying number of rounds for AES
2 Rounds 4 Rounds
6 Rounds 8 Rounds
Observations:-
The images are encrypted using the AES algorithm using various number of rounds. Note that a 128-bit key calls 10 rounds of encryption, 192-bits calls 12 rounds and a 256-bit long key calls 14 rounds of AES encryption. The number of rounds will be altered beyond and beneath the normal scope of AES to view the impact it is having on the encrypted images using 2,4,6 and 8 rounds.
Discussion:
The objectives of the project were to optimise the AES algorithm for encryption and decryption and these have been met. Simulations have been carried out to attest of same at each project milestone.
Several software optimisation techniques have been used to achieve faster execution time, less memory space and to reduce processor clock cycles, i.e, to make the algorithm less processor-intensive.
Loop unrolling, loop merging, removal of conditional statements and the implementation of lookup tables were applied to seek a gain in performance on AES codes. Simulations have proved that the optimised codes executed in less time, thus using less CPU cycles.
Performance gain on AES Encryption, from unoptimised to optimised codes.
- SubBytes() showed a performance gain of 26% in terms of execution speed.
- ShiftRows() displayed a performance of 30% in terms of execution speed.
- AddRoundKey() displayed a performance gain of 27% in terms of execution speed.
- Mixcolumn() displayed a performance gain of 16% in terms of execution speed.
This shows that 25-30% performance gain by optimizing the encrypt() function.
Performance gain on AES Decryption, from unoptimised to optimised codes.
- InvSubBytes() showed a performance gain of 26% in terms of execution speed.
- InvShiftRows() displayed a performance of 30% in terms of execution speed.
- AddRoundKey() displayed a performance gain of 27% in terms of execution speed.
- InvMixcolumn() displayed a performance gain of 11% in terms of execution speed.
This shows that 25-30% performance gain by optimizing the decrypt() function.
Future Work
This project has covered a wide scope of AES and AES-CBC encryption and decryption.
It has focused on core encryption and decryption operations, involving input text, text from a file and 24-bit BMP colour images. However there may be a few aspects that could be improved and developed in the future.
- JPEG Image Encryption & Decryption
Currently, the AES software encrypts only Bitmap images. Bitmap images have a fixed image header size and therefore it can be stored while the actual pixel contents of the image are encrypted. The same header is then appended to the encrypted pixels to display the scrambled image.
Had the image been encrypted along with its header information, its contents could not have been displayed. The resultant would have been an image file with same file size as the source image but with no viewable contents.
Encryption and Decryption of JPEG images have not been considered in this project as header information for JPEG images is not fixed and varies depending on the compression rate and the type of JPEG encoding (Baseline JPEG, Progressive, etc..)
2. Video Encryption & Decryption
Another aspect in line with this project could be the encryption and decryption of video files. The individual frames would be treated as images and encrypted using the same algorithm.
The code could be optimised to encrypt compressed video formats such as MPEG-4. The code could also be enhanced to cater for temporal and spatial redundancy present in video compression, thus allowing more efficient encryption.
