Embed Size (px)
Citation preview
Encryption for Mobile Computing
ByErik OlsonWoojin Yu
Encryption Algorithms
• DES and 3DES• RC5• RC6 – AES Finalist• Twofish- AES Finalist
DES and 3DES
• DES - International Standard, 1970’s
• 3DES – repeated encryption with DES
• Extensive usage of permutation, table look-ups, and rotational shifts
• 56 bit key – weak encryption
RC5
• Fast block cipher• By Ron Rivest at RSA in 1994• Based on integer addition, data
dependent rotational shifts and XOR’s
• Very simple, but powerful • Patented
RC6
• Based on RC5 algorithm• One finalist for AES • 128 bit blocks for AES• Flexible
Twofish
• AES finalist• XOR’s, 32 bit and 4 bit rotational
shifts, table lookups, and matrix operations
• Scalable and parameterizable• Some operations can be done in
parallel
Processor in Our Survey
• Motorola DragonBall EZ - 68K core- Primarily used in Palm Pilots- 16.58 Mhz- 2.7 MIPS rating
Setup and Makekey
• Shifts and Rotational Shifts– A=A>>8– ROTL(x,n)=
(x<<(n & 0x1f))|(x >> 0x20-(n&0x1f))
• Word Swapping– A->B, B->A
• Extensive usage of loops• Array operations
– S[I]=S[I-1]+4
3DES Setup
0
10000
20000
30000
40000
50000
60000
70000
80000AB
CD ADD
ADDA
ADDI
ADDQ
ANDI
ASR
BEQ
BLT
BRA
BTST CL
R
CMP
CMPI
EOR
EORI
EXT
JSR
LEA
LINK LS
L
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
SUB
SUBQ TS
T
UNLK
Cycles
RC5 Setup
0
2000
4000
6000
8000
10000
12000
14000
16000ABC
D
ADD
ADDQ
AND
BNE
BRA
CLR
CM
P
EXT
JSR
LEA
LINK
LSL
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
SUB
SUBQ
UNLK
Cycles
RC6 Setup
0
5000
10000
15000
20000
25000
30000
35000
40000
45000
50000
ABCD AD
D
ADDI
ADDQ AN
D
ANDI
ASR
BEQ
BGE
BLT
BNE
BRA
CLR
CMP
CMPI
DIVS EX
T
JSR
LEA
LINK LS
L
LSR
MO
VE
MO
VEA
MO
VEQ
MUL
S OR
PEA
SUB
SUBQ
SWAP TS
T
UNLK
Cycles
Twofish Setup
0
10000
20000
30000
40000
50000
60000
70000
80000ABC
D
ADD
ADDA
ADDI
ADDQ
ANDI
ASR
BEQ
BLT
BRA
BTST
CLR
CM
P
CM
PI
EOR
EORI
EXT
JSR
LEA
LINK
LSL
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
SUB
SUBQ
TST
UNLK
Cycles
Core Operations
• Rotational Shifts– ROTL(x,n)=
(x<<(n & 0x1f))|(x >> 0x20-(n&0x1f))– ROTR(x,n)=
(x>>(n & 0x1f))|(x << 0x20-(n&0x1f))
• XOR– A=A^B
Core Op Cont’d
• Integer Operations– A=A+S[0]
• Bit Permutation– A=01001110
SP={5,7,1,3,2,8,4,6}A=11001001 after permutation
• Using Constants– P=0xb7e15163, – A=A^P
3DES Core
0
20000
40000
60000
80000
100000
120000
140000
160000
180000
200000
ADD
ADDQ
AND
ANDI
BLT
BRA
CM
PI
EOR
JSR
LEA
LINK
LSL
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
UNLK
Cycles
RC5 Core
0
500
1000
1500
2000
2500ABC
D
ADD
ADDQ
AND
BRA
CM
P
EOR
LEA
LINK
LSL
LSR
MO
VE
MO
VEA
MO
VEQ OR
SUB
Cyc
les
RC6 Core
0
1000
2000
3000
4000
5000
6000
7000
8000AB
CD ADD
ADDA
ADDQ AN
D
ASR
BEQ
BRA
CMPI
EOR
EXT
JSR
LEA
LINK LS
L
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
SUB
SUBQ TS
T
UNLK
Cycles
Twofish Core
0
10000
20000
30000
40000
50000
60000
70000AD
D
ADDA
ADDI
ADDQ AS
R
BEQ
BGE
BLT
BRA
BTST
CMP
CMPI
EOR
JSR
LEA
LINK LS
L
LSR
MO
VE
MO
VEA
MO
VEQ OR
PEA
SUBQ
UNLK
Cycles
Analysis & Improvement
• Using Rotational Shift instruction• Implementing special shifting unit• LSR and LSL dominate the clock
cycles• Minimize Move Instruction/Penalty
Analysis Cont’d
• Improvement using ROT instruction– 1.5 times speed up in encryption core
• Improvement using fast rotation HW– 2 times speed up in encryption core
Analysis Cont’d
• 3DES Core– 6.1 Kbps
• RC5 Core– 121 Kbps– Improved version : 272 Kbps
• RC6 Core– 87 Kbps– Improved version : 187 Kbps
• Twofish– 12.8 Kbps
Conclusion
• Dominance of shifts and rotational shifts in all encryption algorithms
• Limited improvement provided by the specialized hardware
• Importance of algorithm choice for optimal usage
Future Recommendations
• Analysis on Windows CE processors – Hitachi SH3 and StrongArm
• Analysis involving more instruction parallelism
• Analysis on configurable processors - Tensilica
