Analysis of capabilities and performance of JCEIntroductionJCE (Java Cryptography Extension)JCE API includes:Crypto++ library includes:ObjectiveAlgorithms ConsideredMethodologyComparison of execution time of algorithms in JCE and C++Results in JCE for encryptionResults in JCE for decryptionRSAResults in Crypto++ for encryptionResults in Crypto++ for decryptionRSA in Crypto++ComparisonLanguage, compiler usedConclusionAnalysis of capabilities and performance of JCEBy Vani KarimijjiIntroduction Implementations of security protocols require the use of tools to provide encryption and decryption to achieve the desired level of security. Hence it is important to understand their performance and analyze their adaptability to different protocols and domainsJCE (Java Cryptography Extension) The JCE is a package of classes that provide several cryptographic algorithms. It provides Java developers the means to securely generate and exchange keys, and encrypt data. The Java Cryptography Extension (JCE) is a set of packages that provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects. The strength of a JCE implementation is largely dependant on the key sizes that it supports. “Sun JCE” implementation is used for this project.JCE API includes: Symmetric bulk encryption, such as DES, RC2, AES Symmetric stream encryption, such as RC4 Asymmetric encryption, such as RSA with key sizes 1024, 2048 Password-based encryption (PBE) Key Agreement schemes: Diffie-Hellman (DH) Message Authentication Codes (MAC): MD5-MAC, HMACCrypto++ library includes: symmetric block ciphers generic cipher modes stream ciphers public-key cryptography key agreement AES (Rijndael) and AES candidates schemes one-way hash functions message authentication codesObjective Compare the performance of a given algorithm for different file sizes in a given implementation Compare the performance of different algorithms within agiven implementation Compare the performance of the algorithms in JCE with their corresponding implementations in Crypto++Algorithms Considered DES,AES,IDEA RC2,RC4,RC5,Blowfish RSA PBE with MD5 and DES Diffie-Hellman HMAC MD5Methodology Input File Æ Encryption/Decryption ÆOutput File Execution time is compared for following cases Time taken by the program with file I/O Time taken by the program without file I/OComparison of execution time of algorithms in JCE and C++ Performance analysis of the algorithms for three different input file sizes for encryption and decryption for both with file I/O and without file I/O is done. Input Files of size 5MB, 20MB and 40MB are considered for analysisResults in JCE for encryptionJCE_Enc+IO0.0002.0004.0006.0008.00010.00012.00014.000DES AES Bl owFish RC2 RC4 Hmac -MD5 PB EWit hMD5 and DESAl gor it hm5MB20MB40MBJCE_Enc01234567DES AES BlowFi sh RC2 RC4 Hmac- MD5 PBEWit hMD5 and DESAl gor ithm5MB20MB40MBResults in JCE for decryptionJCE_Dec+IO0.0002.0004.0006.0008.00010.00012.000DES AES Bl owFish RC2 RC4 PB EWit hMD5 and DESAl gori t hm5 MB20MB40MB`JCE_Dec0.0001. 0 002.0003.0004.0005.0006.0007.0008.000DES AES B lowFish RC2 RC4 P BEWit hMD5 and DESAlgorit hmSeries1Series2Series3RSAJCE encryption with File I/O(Input file size of 5 MB) RSA(1024):10.966RSA(2048):10.511; JCE encryption without File I/ORSA(1024):11.353RSA(2048):11.008JCE decryption with File I/ORSA(1024): 345.437 RSA(2048):345.804JCE decryption without File I/ORSA(1024): 344.965RSA(2048):345.512Results in Crypto++ for encryptionJCE_Enc+IO0.0002.0004.0006.0008.00010.00012.00014.000DES AES Bl owFish RC2 RC4 Hmac- MD5 PBEWi t hMD5 and DESAlgorit hm5MB20MB40MBCPP_Enc0.0001. 0 0 02.0003.0004.0005.0006.000DES AES BlowFish RC2 RC5 IDEAAl gori t hm5MB20MB40MBResults in Crypto++ for decryptionCPP_D ec+IO0.0001. 0 0 02.0003.0004.0005.0006.0007.0008.0009.00010 . 0 00DES AES BlowFish RC2 RC5 IDEAAlgorit hm5 MB20MB40MBCPP_D ec0.0001. 0 002.0003.0004.0005.0006.000DES AES BlowFish RC2 RC5 IDEAAl gori t hm5MB20MB40MBRSA in Crypto++Crypto++ encryption with File I/O(Input file size of 5 MB) RSA(1024):11.025RSA(2048):11.392; Crypto++ encryption without File I/ORSA(1024):10.570RSA(2048):11. 147Crypto++ decryption with File I/ORSA(1024): 344.964 RSA(2048):345.331Crypto++ decryption without File I/ORSA(1024): 344.965RSA(2048):345.512ComparisonComparision0.0002.0004.0006.0008.00010.00012.00014.000Algorithms DES AES Blowf ish RC2 HMAC-MD5 DHAl gorit hmsJ C E- En c wi t h I/ OJCE-Enc wit hout I/ OCr ypt o++Enc wi t h I/ OCrypt o++Enc wit hout I/ OJCE-Dec with I/OJCE-Dec wit hout I/ OCr ypt o++Dec wit h I/ OCrypt o++Dec wit hout I/ OLanguage, compiler used For JCE: Java 2 SDK, Standard Edition Version 1.4.1 using javax.crypto package For C++: compilers from MSVC 6.0 using Crypto++ library Windows XP with an Intel Pentium M Processor 715 1.5GHz- 2MB L2 Cache and 512 MB RAMConclusion While choosing a cryptographic algorithm for any real world application it is very important to analyze the performance of different algorithms within a given implementation so as to choose the one that fits the best with respect to the security and performance. Sometimes when the performance becomes a real issue using an implementation utilizing other alternative implementation with better performance would help greatly to fulfill the requirements of the application. In this context results from an analysis like this would be very
View Full Document