DOC PREVIEW
MASON ECE 646 - Analysis of capabilities and performance of JAVA Cryptography Extension

This preview shows page 1-2-3 out of 8 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Analysis of capabilities and performance of JAVA Cryptography Extension JCE Vani Karimijji Abstract Implementations of security protocols require the use of tools to provide encryption and decryption to achieve the desired level of security Hence it is important to understand their performance and analyze their adaptability to different protocols and domains This project focuses on the performance analysis of various cryptographic algorithms in the JCE and compares their performance with similar functions in Crypto a C library Index Terms JCE Crypto Execution time I INTRODUCTION Since java is extensively used in developing web technologies which are being used greatly in developing web based businesses and in the wake of increased concern both from customers and businesses regarding security of doing businesses via web it is very important to study JCE and its performance compared against similar software implementations TM The Java 2 Platform Standard Edition 5 0 Development Kit JDK 5 0 provides security using the following Certification Path Java Authentication and Authorization Service JAAS Java Generic Security Services Java GSSAPI Java Cryptography Extension JCE Java Secure Socket Extension JSSE Simple Authentication and Security Layer SASL The JCE is a package of classes that provide several cryptographic algorithms It provides Java developers the means to securely generate and exchange keys and encrypt data 6 The JCE is a pluggable technology Sun defined the JCE interface but the technology is quite flexible it allows different entities such as some existing JCE providers Cryptix IAIK to provide its implementation 11 Sun JCE implementation is used for this project The strength of a JCE implementation is largely dependant on the key sizes that it supports The Java Cryptography Extension JCE is a set of packages that provides a framework and implementations for encryption key generation and key agreement and Message Authentication Code MAC algorithms Support for encryption includes symmetric asymmetric block and stream ciphers The software also supports secure streams and sealed objects 6 JCE API includes Symmetric block encryption Symmetric stream encryption Asymmetric encryption Password based encryption Key Agreement Message Authentication Codes The Java 2 SDK v 1 5 release comes standard with a JCE provider named SunJCE which comes preinstalled and registered More about this package can be found at 6 This package is used for Java programming in the project Crypto a C library is used for comparison with JCE Crypto is an open source library which supports a vast category of cryptographic schemes The cryptographic algorithms that are quite similar to those defined in JCE are presented as follows Crypto API includes AES Rijndael and AES candidates other symmetric block ciphers generic cipher modes stream ciphers public key cryptography padding schemes for public key systems key agreement schemes elliptic curve cryptography one way hash functions message authentication codes Cipher constructions based on hash functions Pseudo random number generators PRNG Password based key derivation functions More about the cryptographic schemes defined by the crypto library can be found at 5 II ALGORITHMS CONSIDERED FOR ANALYSIS Symmetric Block Ciphers Symmetric algorithms use the same key for encryption and decryption Encryption is done by taking a block of input text and encrypting it to a block of cipher text of the same size Block ciphers can be operated in several modes of operation such as ECB OFB CFB and CBC modes The symmetric algorithms considered are DES RC2 AES RC5 and Blowfish algorithms The default mode of operation in the tools I considered is ECB Electronic Code Book mode for the block ciphers DES Data Encryption Standard encrypts an input block of size 64 bits to a cipher block of size 64 bits with a key size of 56 bits RC2 This algorithm encrypts an input block of 64 bits to a cipher block of 64 bits RC2 algorithm with key size 128 bits is considered AES This algorithm uses a block size of 128 bits and a key size of 128 bits RC5 This algorithm uses an input block size of 64 bits and encrypts it into a cipher block of size 64 bits A 128 bit key and 12 rounds are used Blowfish Input block size of 64 bits and key size of 128 bits is used Stream Ciphers Stream ciphers operate by encrypting a stream of data one bit at a time Stream ciphers are faster than block ciphers Block ciphers combined with different modes of operation provide the effect of a stream cipher Stream cipher considered for analysis is RC4 RC4 RC4 with key size 128 bits is used Asymmetric ciphers Asymmetric algorithms have two types of keys public key and a private key Encryption is done using the public key and decryption is done using the private key RSA algorithm with key sizes 1024 and 2048 is considered for analysis RSA is based on mathematical properties of modulo arithmetic which provides more security than symmetric block and stream ciphers but they are much slower than the symmetric ciphers Password based encryption Password based encryption derives an encryption key from a password in order to make the task of getting key from password very timeconsuming for an attacker most PBE implementations will mix in a random number known as a salt to create the key 7 PBE with MD5 with key size 180 bits is considered Key Agreement The encryption key is exchanged between two parties who need to exchange data securely in encrypted form Diffie Hellman key agreement algorithm with key size of 1024 bits is considered Message Authentication Codes Cryptographic hash functions execute faster than symmetric ciphers in software HMAC MD5 is considered for analysis III WORKING IMPLEMENTATION Experimentation for analysis is done on the following system parameters Windows XP with an Intel Pentium M Processor 715 1 5GHz 2MB L2 Cache and 512 MB RAM The compilers and libraries used are Java 2 SDK Standard Edition Version 1 5 C and C compilers from VC using Crypto library Execution time for the algorithms is calculated as follows Input File Input Memory and it is written into the output fie from the memory Execution time for each algorithm is calculated as execution time with and without File I O only the cipher block without I O memory Timing are calculated as an average of 3 runs for each algorithm for a more accurate result Execution time for symmetric block stream ciphers and password based encryption are compared for


View Full Document

MASON ECE 646 - Analysis of capabilities and performance of JAVA Cryptography Extension

Documents in this Course
Load more
Download Analysis of capabilities and performance of JAVA Cryptography Extension
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Analysis of capabilities and performance of JAVA Cryptography Extension and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Analysis of capabilities and performance of JAVA Cryptography Extension 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?