Presentation is loading. Please wait.

Presentation is loading. Please wait.

TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004."— Presentation transcript:

1 TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004

2 This Talk Recent results Recent results Measurements on Mica2s (TOS 1.1.2) Measurements on Mica2s (TOS 1.1.2) Latency Latency Bandwidth Bandwidth Power Power Stress testing Stress testing Hardware crypto comparison & implications Hardware crypto comparison & implications 802.15.4 (e.g. CC2420) 802.15.4 (e.g. CC2420)

3 TinySec Review: How & Why Link layer security mechanism Link layer security mechanism Hop-by-hop, not end-to-end Hop-by-hop, not end-to-end Better support for aggregation Better support for aggregation Enables higher level keying protocols Enables higher level keying protocols Low overhead security in software Low overhead security in software Cryptographic checksum Cryptographic checksum Ensures integrity Ensures integrity Enforces access control Enforces access control Optional encryption Optional encryption

4 TinySec Performance Characterize Overhead: Energy, Latency, Bandwidth. Characterize Overhead: Energy, Latency, Bandwidth. Factors for TinySec overhead Factors for TinySec overhead Computation Computation Larger Packet Sizes Larger Packet Sizes Can predict overhead caused by packet sizes Can predict overhead caused by packet sizes Measurement goal: Show computation overhead is minimal Measurement goal: Show computation overhead is minimal Note: crypto HW only reduces computation overhead Note: crypto HW only reduces computation overhead

5 Packets & Predicted Overhead Old packet (CRC): +7 b Authentication Only (TinySec-Auth): +8 b Authentication, Encryption (TinySec-AE) : +12 b IV Overhead (b) Total Size (b) Xmit time (ms) IncreaseCRC396326.2-- TinySec-Auth406426.61.5% TinySec-AE446828.88%

6 Latency Test Setup Test purpose: Test purpose: Measure latency at different hopcounts Measure latency at different hopcounts Determine difficulty in adding TinySec to existing application Determine difficulty in adding TinySec to existing application Integrate with SystemC Integrate with SystemC Successfully transmitted 70,000+ packets: Successfully transmitted 70,000+ packets: Our stress test Setup : Setup : 4x9 grid in Woz of Mica2s 4x9 grid in Woz of Mica2s Landmark routing code from midterm demo Landmark routing code from midterm demo 200 measurements per hopcount 200 measurements per hopcount LM A B BS

7 Latency

8 Latency: Byte Times

9 Energy Test Setup Single mote transmitting a packet Single mote transmitting a packet Measure voltage drop with oscilloscope Measure voltage drop with oscilloscope

10 Energy +3% +10%

11 Bandwidth Test Setup Vary number of senders Vary number of senders Each sender sends as fast as it can Each sender sends as fast as it can Measure number of packets successfully received in a time period Measure number of packets successfully received in a time period

12 Bandwidth TinySec-Auth: same throughput TinySec-AE: 6% less throughput

13 Performance Summary Predicted (packet size only) Latency Overhead BW Overhead Energy Overhead CRC (No TinySec) ------------ TinySec- Auth 1.5%1.7%Negligible3% TinySec- AE 8%7.3%6%10%

14 TinySec Status New version working with 1.1.3 stack New version working with 1.1.3 stack To use: TINYSEC=true To use: TINYSEC=true Suggestion: base new stacks off of TinySec stack Suggestion: base new stacks off of TinySec stack

15 802.15.4 New standard supported by ChipCon 2240. New standard supported by ChipCon 2240. Link-layer security provisions Link-layer security provisions Key management left to higher protocols (ZigBee) Key management left to higher protocols (ZigBee) Design similarities to TinySec: Design similarities to TinySec: 3 security modes: off, auth, auth + encryption (also include encryption only). 3 security modes: off, auth, auth + encryption (also include encryption only). Block cipher based Block cipher based 16 byte IV; format similar to TinySec format 16 byte IV; format similar to TinySec format

16 802.15.4: (cont) Design differences to TinySec Design differences to TinySec Larger security parameter choices Larger security parameter choices Performance hit? Performance hit? AES in hardware AES in hardware MAC size variable, 0..16 bytes MAC size variable, 0..16 bytes Encryption: CTR mode Encryption: CTR mode Encryption: 16 byte IV. Similar to TinySec Format Encryption: 16 byte IV. Similar to TinySec Format

17 Conclusion Increased packet length dominant factor in overhead Increased packet length dominant factor in overhead HW right long term solution HW right long term solution Ease Ease Energy savings Energy savings Faster block cipher ops, but not the right metric Faster block cipher ops, but not the right metric But: requires design at chip time But: requires design at chip time Hardware not needed for acceptable performance Hardware not needed for acceptable performance Software Crypto is efficient and feasible Software Crypto is efficient and feasible Relies on an underutilized CPU Relies on an underutilized CPU Our implementation is low overhead Our implementation is low overhead

18 Acknowledgements D. Molnar for help in running the latency test D. Molnar for help in running the latency test R. Szewczyk for measuring the energy plots R. Szewczyk for measuring the energy plots A. Woo for the key piece of Matlab trivia so we could write our scripts A. Woo for the key piece of Matlab trivia so we could write our scripts

19

20 802.15.4: IV Format

Download ppt "TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004."

Similar presentations

TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.

TinySec: Security for TinyOS C. Karlof, N. Sastry, D. Wagner November 20, 2002.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Incentive-Compatible Opportunistic Routing for Wireless Networks Fan Wu, Tingting Chen, Sheng Zhong (SUNY Buffalo) Li Erran Li Li Erran Li (Bell Labs)

Incentive-Compatible Opportunistic Routing for Wireless Networks Fan Wu, Tingting Chen, Sheng Zhong (SUNY Buffalo) Li Erran Li Li Erran Li (Bell Labs)
P1451.5 Security Survey and Recommendations By: Ryon Coleman October 16, 2003.

P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003

TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks C. Karlof, N. Sastry, D. Wagner SPINS: Security Protocol for Sensor Networks A.
Cryptography for Backup Navigation

Cryptography for Backup Navigation
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.

1 CS 577 “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks” Chris Karlof, Naveen Sastry, David Wagner UC Berkeley Summary presented.
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner SenSys 2004.
1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.

1 TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry, David Wagner Presented by Paul Ruggieri.
Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.

Privacy and Security in Embedded Sensor Networks Daniel Turner 11/18/08 CSE237a.
Radio Stack Iteration How to improve the CC1000 Joe Polastre January 15, 2004 NEST Retreat.

Radio Stack Iteration How to improve the CC1000 Joe Polastre January 15, 2004 NEST Retreat.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

Similar presentations

Ads by Google