AES CCMP Algorithm with N-Way Interleaved Cipher Block Chaining Paper Presenter: Zadia Codabux Rossan, University of Mauritius Author(s): Zadia Codabux-Rossan, University of Mauritius Mohammad Razvi Doomun, University of Mauritius Extended Abstract Nowadays, the increased use of battery-powered mobile appliances and the urge to access sensitive data anywhere has fuelled the demand for wireless networks. However, the latter is susceptible to intrusion and security problems. There is an inherent need to secure the wireless data communication to ensure the confidentiality, authenticity, integrity and non repudiation [N Potlapally et al., 2006] of the data being exchanged. On the other hand, the computation and energy cost to achieve security can be high as encryption algorithms are generally computationally intensive, thus consuming a significant amount of computing resources such as CPU time, memory, and battery power. Considering the limited resources on wireless devices, it is crucial to evaluate the cost of data security on such devices and to implement security protocols efficiently. Recent years have witnessed a plethora of efforts on wireless security, with the outcome of a rich body of proposed solutions [A. Samiah et al., 2007] [R. Doomun et al., 2007]. The state-of-the-art IEEE 802.11i security standard [H Yang et al., 2006] counteracts the vulnerabilities of the outdated Wired Equivalent Privacy (WEP) with two distinctly different protocols: Temporal Key Integrity protocol (TKIP) and Advanced Encryption Standard (AES)Cipher Block Chaining Counter Mode Protocol (CCMP). The new AES-CCMP cryptosystem used in IEEE 802.11i is provably secure against differential and linear cryptanalysis and CCMP is a blend of Cipher Block Chaining (CBC) and Counter (CTR) mode. This work focuses on how the energy consumption of execution is impacted by the use of unoptimised AES-CCMP algorithm and optimised AES CCMP Algorithm using N-Way Interleaving, without compromising the security of the session. Interleaved encryption uses multiple independent messages block of known size, with N different initialization vectors (IVs), generally treating every nth block as part of a single message. CBC is difficult to parallelize, which led to the development of Interleaved CBC (ICBC), in which multiple streams of CBC encryption are interleaved [Gaj et al., 2000]. The encryption of the next block of data can start as soon as the block N positions earlier have been encrypted. In two-way interleaved chaining, the first, third and every two block thereafter is encrypted in CBC mode. The second, fourth and every two block thereafter is encrypted as another stream. An example of such mode is the interleaved CBC mode shown in Figure 1.0. 1 M1 IV1 M2 M3 M4 … … IVN-1 IV2 E E C1 MN-1 E E MN IVN E E CN C2 CN-1 C3 Result (MIC) C4 Figure 1.0: Interleaved CBC Mode The benefit of interleaved modes, such as the interleaved CBC mode is that they offer security of feedback modes combined with the performance of non-feedback modes. Thus, interleaving encryption processes deliver of high performance mainly in terms of gain in speed while maintaining level of security. However, as shown in Figure 1.0, for the ICBC, two IVs are required to be transmitted to receiver. While there are several research issues related to wireless network, the focus in this work is to design an optimised AES CCMP that is energy efficient. The objective of this work is also to analyse the performance of AES (Rijndael) and AES - CCMP and there is an inherent need to understand the relationships between power consumption and encryption parameters beforehand. Nway interleaving technique as an optimisation of the CBC MAC will be investigated using the performance metrics encryption time, throughput, and power consumption. References [1] H Yang et al., “Securing a Wireless World”, Computer Science Dept., Univ. of California, Los Angeles, CA, USA, Proceedings of the IEEE, Feb. 2006 Volume: 94, Issue: 2 [2] K Gaj and Chodowiec P., “Hardware performance of the AES finalists - survey and analysis of results”, Technical Report, George Mason University, Sep 2000, http://ece.gmu.edu/crypto/AES_survey.pdf [3] N Potlapally et al., “A study of the energy consumption characteristics of cryptographic algorithms and security protocols”, IEEE Transactions on Mobile Computing, Vol 5, No 2, February 2006 [4] S Fluhrer, I. Mantin, and A. Shamir, "Attacks on RC4 and WEP," CryptoBytes (RSA Laboratories), vol.5, no.2, pp.26–34, Summer/Fall 2002. [5] A Samiah et al., “An Efficient Software Implementation of AES-CCM for IEEE 802.11i Wireless Standard”, 31st Annual International Computer Software and Applications Conference - Vol. 2- pp. 689-694, COMPSAC 2007 [6] R Doomun et al., “Analytical Comparison of cryptographic techniques for resource-constrained wireless security”, International Journal of Network Security, 2007 2