Simulation of RSA and ElGamal Encryption Schemes

Simulation of RSA and ElGamal Encryption Schemes using RF Simulator Syed Farid Syed Adnan1, Mohd Anuar Mat Isa2, Khairul Syazwan Ali Rahman3, Mohd Hanif Muhamad 4, Habibah Hashim5 1

Faculty of Electrical Engineering, 40450 UiTM Shah Alam, Selangor, Malaysia.

[email protected], [email protected], [email protected], 4 [email protected], [email protected]

Abstract—Sensor nodes commonly rely on wireless transmission media such as radio frequency (RF) and typically run on top of CoAP and TFTP protocols which do not provide any security mechanisms. One method of securing sensor node communication over RF is to implement a lightweight encryption scheme. In this paper, a RF Simulator developed in our previous publication which simulates lightweight security protocols for RF device communication using Rivest Shamir Alderman (RSA) and ElGamal encryption scheme are presented. The RF Simulator can be used for a fast trial and debugging for any new wireless security protocol before the actual or experimental implementation of the protocol in the physical devices. In our previous work, we have shown that the RF Simulator can support a cryptographer or engineer in performing quick product test and development for Diffe-Hellman Key Exchange Protocol (DHKE) and Advanced Encryption Standard (AES) protocols. In this work, we present the simulation result of implementing the RSA and ElGamal encryption scheme using SW-ARQ protocol in sensor node RF communication. The simulation was performed on the same testbed as previous works which comprised of HP DC7800 PCs and ARM Raspberry Pi boards. Index Terms—Simulator, Simulation, Radio Frequency, Cryptography, RF, TFTP, Stop and Wait ARQ, Trivial File Transfer Protocol, RSA, ElGamal, Raspberry Pi, Wi-Fi, Trust, Privacy, UBOOT, IOT, Lightweight, Asymmetric.

I. INTRODUCTION Numerous of research works use simulation tools such as NS2, MATLAB, GloMoSim, OPNET, SensorSim, J-Sim, SENSE, OMNeT++ [1]. It were used to model, simulate and verify network protocols. However, none of the simulation tools are suitable for rapid development, deployment and security testing of cryptographic protocols especially for RF communication of embedded devices with constrained environment. The main objective of this research work is to simulate ElGamal and RSA encryption schemes using an RF simulator [2] in Wireless Sensor Networks (WSN) . We have confined our research scope to a cryptographic simulation such as bits errors, frame delay and frame timeout. In the our preceding works [2]–[7], we have discussed an implementation of cryptographic protocol (e.g. TFTP) for securing communication in client-server architecture for embedded systems. TFTP protocol is commonly used in carrying out various network administrative tasks such as

978-1-4799-8969-0/15/$31.00 ©2015 IEEE

monitoring and upgrading of remote embedded devices’ firmware. We highlighted a security concern regarding the chosen plaintext attack (CPA), chosen ciphertext attack (CCA1), adaptive chosen ciphertext attack (CCA2), timing attack and power analysis attack. A cryptographic protocol proposed by [5] and [6] for a secure key exchange and a security reduction proof of security in “Simplex Stop and Wait with Automatic Repeat reQuest” (SSW-ARQ) for the TFTP communication protocol was presented [4]. The publications [4] covered the secure TFTP theoretical security proofs (adversary models) and its implementation. Our motivation is to continue our previous research work on RF Simulator [2] in the simulation of different encryption schemes. In our previous work, we have presented the RF Simulator, that simulates lightweight security protocols for RF devices. The previous results have showed that DHKE and AES with SW-ARQ protocol can be deploy in Wireless Sensor Networks (WSN). Subsequently, in this publication, we wish to present an experimental implementation of ElGamal and RSA protocols using the same simulator. One may refer to [2] for detailed information regarding the RF Simulator. II. RELATED WORK SW-ARQ is a simple network protocol used by network applications (e.g. FTP) in frame transmission using UDP stacks to enable stop and wait flow control [8], [9]. Therefore, any retransmission of frames in the event of frame loss or corrupted frame will be allowed by SW-ARQ [10] [9]. For examples in Fig. 1, Fig. 2 and Fig. 3, A (ALONG) wants to send a frame to B (BUSU) using encryption. A secure communication protocol must be established by both parties for asymmetric encryption. In this communication example, both parties need to share public keys using SW-ARQ protocol.

124

M. Lahdenmäki [14] simulated DHKE protocol on GUI simulator. D. Karaoglan et al. [15] simulates Identity-Based Encryption (IBE) using NS2. Likewise by W. Colitti et al. [16] , they tested the Constrained Application Protocol (CoAP) and HTTP protocol in WSN. Furthermore, A. A. Alsebae et al. [17] performed a simulation of SW-ARQ using MATLAB and SimEvents. III. EXPERIMENTAL SETUP We have simulates the Elgamal and RSA encryption schemes that is to evaluate network transmission performance (e.g. runtime and frame losses) on two distinct CPU architectures which are ARM and x86 with three different test cases. The first simulation was tested in a user space through Linux Debian 7.0 “Wheezy” i386 Kernel in HP DC7800 workstation equipped with Intel Core 2 Duo 2.3 GHz and 2GB RAM. The second simulation was tested in a user space through Linux Raspbian “Wheezy” Kernel using precompiled image [18] in Raspberry Pi Board v2 with ARM 700 MHz processor and 512MB memory. The three test cases can be summarized as in Fig. 4

Fig. 1 SW-ARQ protocol [10]

Fig. 2 RSA encryption scheme

Fig. 4 Portion of header file in rf_snw_arq_emu.h

Fig. 3 ElGamal encryption scheme

Latter, A and B will encrypt and decrypt data using the shared public keys and private keys. However, this paper emphasis on utilizing the RF simulator to simulate the cryptographic communication with SW-ARQ protocol to exchange parameters in the RSA and ElGamal encryption schemes. In this section, we will explores existing simulator tools that are used for network cryptographic simulation. C. McNear et al. [11] implemented a simulator to simulate DES and RSA protocols. M. Omar et al. [12] performed a simulation on MATLAB to secure network infrastructure (e.g. public key infrastructure (PKI)). S. D. Vuyst et al. [13] studied a behavior of SW-ARQ protocol in a wireless network and its error correlation effect. M. Singh et al. [1] compared simulation tools for simulating sensor nodes communication for examples NS2, OMNeT++, and GloMoSim.

For each simulations, three types of network transmission errors in the simulation were executed. The network transmission are wrong sequence number, altered data payload, and altered checksum value. A frame transmission delay is also incorporated that is for frame timeout event. 05 shows the configurations and parameters that were used in the simulator.

125

Fig. 5 Portion of program RF Simulator v1.1

The parameters in the simulation were devised as below: a. b. c. d. e.

Frame timeout is set to 10,000 microseconds Random frame transmission delay is set between 1,000 to 15,000 microseconds. Maximum frame allowable-retries is capped at 15 times Number of frame depends on size of frame (e.g. RSA1024, RSA2048, ELGAMAL 1024, ELGAMAL 2048) The three error rates as mentioned above are set to have same value for both protocols . The variance of error rates are shown as below: i. RSA EXP1 and ELGAMAL EXP1 are set to 50%. ii. RSA EXP2 and ELGAMAL EXP2 are set to 25%. iii. RSA EXP3 and ELGAMAL EXP3 are set to 10%. iv. RSA EXP4 and ELGAMAL EXP4 are set to 1%. v. RSA EXP5 and ELGAMAL EXP5 are set to 0.1%.

. Fig. 8 El-Gamal2048’s Session 1 in x86 CPU

IV. RESULT The simulations with parameters detailed in previous section were accomplished and the result of RSA2048 are separated into two types of graphs. The graph with label “Session 1” represent client to server transmission with entire frame and received with a proper ACK. The graph with “Session 2” represent server to client transmission with entire frame and received with a proper ACK. After session 1 and 2 completed, the RSA and ElGamal protocol are considered successfully implemented within given simulation parameters.

Fig. 9 El-Gamal2048’s Session 2 in x86 CPU

B. ARM 7 CPU: Raspberry Pi Board

A. X86 CPU: HP DC7800 Computer

Fig. 10 RSA2048’s Session 1 in ARM7 CPU

Fig. 6 RSA2048’s Session 1 in x86 CPU

Fig. 11 RSA2048’s Session 2 in ARM7 CPU

Fig. 7 RSA2048’s Session 2 in x86 CPU

126

error rate in ‘ARM RSA1024_S1’ and ‘x86 RSA2048_S1’ shows the highest frame transmission delay and the frame counter is near to the “maximum frame allow-retry”. It can be concluded that for test case of 25% error rate, it is a failure when tested on higher frame exclusively in ARM platform.

Fig. 12 El-Gamal2048’s Session 1 in ARM 7 CPU

Fig. 15 Frame transmission duration in ELGAMAL1024/2048

Fig. 13 El-Gamal2048’s Session 2 in ARM 7 CPU

V. DISCUSSION The previous section simulations were tested for embedded devices (in this case sensor nodes) and the results were shown in Fig. 6 through Fig. 13. Figures 8, 10, 12, and 13 show that there are incomplete frames and it is reached to “maximum frame allow-retry” for 25% error rate. A summary of simulation for RSA1024/2048 performance are presented in Fig. 13 and ELGAMAL1024/2048 in Fig. 14. From both diagrams, it can be concluded that by given an error rate of 50% will completely causing failure in the RSA and ElGamal protocols. For error rate more than 50%, it will definitely cause a failure in frame transmission and it is common sense to admit the protocol is failure to function properly.

In ElGamal simulation, all test cases for 25% of error rates show that the number of frames to be transmitted is increasing in ‘ARM ELGAMAL1024_S1’, ‘x86 ELGAMAL2048_S2’ and ‘ARM ELGAMAL2048_S2’. It can be observed that a failure in the frame transmission will happen when error rate is more than 25%. Therefore, it is expected that the frame transmissions with less or equal to 10% error rate, the ElGamal and RSA protocols will be successful. It can be noticed that in ElGamal simulation, least number of SW-ARQ’s frame to transmit one AES block cipher used by the simulator compared to RSA. Referring to Fig. 14 and Fig. 15 , with an error rates of 50%, the frame transmission failure is apparently to occur. Thus, in future research work, it is hopefully that more results can be experimented in the real experimental work based on this simulation results VI. CONCLUSION This paper presented the continuation of our research works in the simulation of a lightweight security protocols in WSN. Moreover, ElGamal and RSA (textbook) encryption schemes simulated results using SW-ARQ protocol as a use case in the RF Simulator are also presented. Referring to our previous work [2], the RF Simulator can provides a platform for rapid cryptographic protocol development in WSN. It allows the simulated protocol to be converted into an actual implementation cryptography protocol in C source codes. Furthermore, it gives an alternate approach for numerous stakeholders to develop and research on any cryptographic protocol for smart devices . For future work, a reader of this publication might await our next publication regarding a new version of the RF Simulator to simulate ECC, blind digital signatures and AA-Beta [19] encryption schemes.

Fig. 14 Frame transmission duration in RSA1024/2048

In RSA simulation, every test case of 25% error rate, the transmission failure occurred in cases for ‘ARM RSA2048_S1’ and ‘ARM RSA2048_S2’. Furthermore, for test case of 25%

ACKNOWLEDGMENT The authors would like to acknowledge the Ministry of Education (MOE) Malaysia for providing the grant 600-

127

RMI/FRGS 5/3 (108/2014), Universiti Teknologi MARA (UiTM) for supporting this research work.

[9]

K. R. Sollins, “THE TFTP PROTOCOL (REVISION 2) RFC 1350,” in IAB Official Protocol Standards, 1992, pp. 1–11.

REFERENCES

[10]

G. Fairhurst and L. Wood, “Advice to link designers on link Automatic Repeat reQuest (ARQ),” in RFC 3366, 2002, pp. 1–28.

[11]

C. McNear and C. Pettey, “A free, readily upgradeable, interactive tool for teaching encryption algorithms,” Proc. 43rd Annu. Southeast Reg. Conf., vol. 1, p. 280, 2005.

[12]

M. Omar, Y. Challal, and A. Bouabdallah, “NetTRUST: mixed networks trust infrastructure based on threshold cryptography,” in Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks, SecureComm (2007), 2007, pp. 2–10.

[13]

H. B. De Vuyst, Stijn, Krzysztof Tworus, Sabine Wittevrongel, “Analysis of Stop-and-Wait ARQ for a wireless channel,” 4or, vol. 7, no. 1, pp. 61–78, Aug. 2008.

[14]

M. Lahdenmäki, “Software Visualization for Teaching Network Protocols,” Aalto University, 2010.

[15]

D. Karaoglan, A. Levi, and E. Savas, “A distributed key establishment scheme for wireless mesh networks using identitybased cryptography,” in Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks - Q2SWinet ’10, 2010, p. 11.

[16]

V. D. Colitti, Walter, Kris Steenhaut, Niccolò De Caro, Bogdan Buta, “Evaluation of constrained application protocol for wireless sensor networks,” in Local & Metropolitan Area Networks (LANMAN), 2011, no. 7.

[17]

R. J. G. Alsebae, Alaa A., Mark S. Leeson, “SimEvents-based modeling and simulation study of Stop-and-Wait protocol,” in 2013 Proceedings of International Conference on Modelling, Identification & Control (ICMIC), 2013.

[18]

Raspberry Pi Foundation, “Raspberry Pi,” 2014. [Online]. Available: http://www.raspberrypi.org/downloads.

[19]

M. R. K. Ariffin, “A New Efficient Asymmetric Cryptosystem Based on Diophantine Equation Hard Problem,” arXiv Prepr. arXiv1209.3458, vol. 7, pp. 1–6, 2012.

[1]

M. K. T. Singh, Chandresh Pratap, O. P. Vyas, “A survey of simulation in sensor networks,” in 2008 International Conference on Computational Intelligence for Modelling Control & Automation, 2008.

[2]

Mohd Anuar Mat Isa, Habibah Hashim, Jamalul-lail Ab Manan, Syed Farid Syed Adnan, and Ramlan Mahmod, “RF Simulator for Cryptographic Protocol,” in The 4th IEEE International Conference on Control Systems, Computing and Engineering 2014 (ICCSCE2014), 2014, pp. 3–8.

[3]

Mohd Anuar Mat Isa, Nur Nabila Mohamed, Habibah Hashim and R. M. Syed Farid Syed Adnan, Jamalul-lail Ab Manan, “A Lightweight and Secure TFTP Protocol in the Embedded System,” in 2012 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE 2012), 2012.

[4]

Mohd Anuar Mat Isa, Habibah Hashim, Syed Farid Syed Adnan, Jamalul-lail Ab Manan, and Ramlan Mahmod, “A Secure TFTP Protocol with Security Proofs,” in Lecture Notes in Engineering and Computer Science: Proceedings of The World Congress on Engineering 2014, WCE 2014, 02-04 July, 2014, London, UK, vol. 1, pp. 443–448.

[5]

Mohd Anuar Mat Isa, Habibah Hashim, Syed Farid Syed Adnan, Jamalul-lail Ab Manan, and Ramlan Mahmod, “An Experimental study of Cryptography Capability using Chained Key Exchange Scheme for Embedded Devices,” in Lecture Notes in Engineering and Computer Science: Proceedings of The World Congress on Engineering 2014, WCE 2014, 02-04 July, 2014, London, UK, pp. 510–515.

[6]

Mohd Anuar Mat Isa, Habibah Hashim, Jamalul-lail Ab Manan, Syed Farid Syed Adnan, and Ramlan Mahmod, “A Series of Secret Keys in a Key Distribution Protocol,” Trans. Eng. Technol., 2015.

[7]

Mohd Anuar Mat Isa, Habibah Hashim, Jamalul-lail Ab Manan, Syed Farid Syed Adnan, and Ramlan Mahmod, “Cryptographic Adversary Model: Timing and Power Attacks,” Trans. Eng. Technol., 2015.

[8]

G. Malkin and A. Harkin, “TFTP Option Extension (RFC 2347),” in The Internet Society, 1998, pp. 1–7.

128