Skip to main content
Log in

Design, Architecture and Performance Evaluation of the Wireless Transport Layer Security

The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Communication protocols for wireless networks have specified security layers, with high-level encryption strength. The dedicated to security layer of Wireless Application Protocol (WAP), is the Wireless Transport Layer Security (WTLS). In this paper, an efficient architecture for the hardware implementation of WTLS is proposed. The introduced system supports bulk encryption, authentication and data integrity. The proposed architecture operates alternatively for a set of ciphers, IDEA, DES, RSA, D.H., SHA-1 and MD5. It is based on two reconfigurable design units: the Reconfigurable Authentication Unit and the Reconfigurable Integrity Unit. These units operate alternatively for different ciphers and achieve to allocate minimized resources, at the same time. The introduced security system has been implemented in an FPGA device. The supported ciphers performance is compared with previously published works, and it has been proven superior to them, in most of the cases. The system’s synthesis results prove that the proposed architecture is a flexible and powerful solution for WTLS integration of today’s and future wireless networks. The system can be applied to wireless communications servers and mobile devices also. Finally, the proposed architecture can be used as a powerful security engine, in WAP communication networks, with special security demands.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  1. Advanced Encryption Standard. http://csrc.nist.gov/CryptoToolkit/aes/, 2003.

  2. T. Blum. Modular exponentiation on reconfigurable hardware. Master thesis, Electrical and Computer Eng. Dept., Worcester Polytechnic Inst., May 1999.

  3. T. Blum and C. Paar. Montgomery modular exponentiation on reconfigurable hardware. In Proc. 14th Symp. Computer Arithmetic, pp. 70–77, 1999.

  4. Th. Blum and Chr. Paar. High-Radix montgomery modular exponentiation on reconfigurable hardware. IEEE Transactions on Computers, 50(7), 2001.

  5. A. G. Broscius and J. M. Smith. Exploiting parallelism in hardware implementation of the DES. Advances in Cryptology: CRYPTO-91 Proceedings, Springer-Verlag, pp. 367–376, 1992.

  6. P. S. Chen, S. A. Hwang, and C. W. Wu. A systolic RSA public key cryptosystem. In Proceedings of International Symposium of Circuit and System (ISCAS’96), vol. 4, pp. 408–411, 1996.

  7. O. Y. H. Cheung, K. H. Tsoi, P. H. W. Leong, and M. P. Leong. Tradeoffs in parallel and serial implementations of the international data encryption algorithm. In Proceedings of CHES 2001, LNCS 2162, Springer-Verlag, pp. 333–337, 2001.

  8. A. Curiger, H. Bonnenberg, and H. Kaeslin. Regular VLSI architectures for multiplication modulo (2n+ 1). IEEE Solid-State Circuits, 26(7):990–994, 1991.

    Article  Google Scholar 

  9. Data Encryption Standard, Federal Information Processing Standard (FIPS) 46, National Bureau of Standards, 1977.

  10. J. Deepakumara, H. M. Heys, and R. Venkatesan. FPGA implementation of MD5 hash algorithm. In Proceedings of IEEE Canadian Conference on Electrical and Computer Engineering (CCECE 2001), Toronto, Ontario, May 2001.

  11. W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. Inform. Theory, IT-22:644–654, 1976.

    Google Scholar 

  12. S. Dominikus. A hardware implementation of MD4-Family hash algorithms. In Proceedings of IEEE International Conference on Electronics Circuits and Systems (ICECS’02), Croatia, vol. III, pp. 1143–1146, Sept. 15–18, 2002.

  13. H. Eberle. A high-speed des implementation for network applications. In Proceedings of 12th Annual International Cryptology Conference, CRYPTO ’92, Santa Barbara, August 16–20, 1992.

  14. I. Goldberg and D. Wagner. Architectural considerations for cryptanalytic hardware. Chapter 10 of Cracking DES: Secrets of Encryption Research, Wiretap Politics & Chip Design, O’Reilly, July 1998.

  15. F. T. Gramp and R. H. Morris. UNIX operation system security. AT&T Bell Laboratories Technical Journal, 63(8 part 2), 1984.

  16. G. J. Hwang, J. C. R. Tseng, and Y. S. Huang. I-WAP: An intelligent wap site management system. IEEE Transactions on Mobile Computing, 1(2), 2002.

  17. IEEE P1363. Standard specifications for public-key cryptography. Draft Version 8, October 1998.

  18. S. Ishii, K. Ohyama, and K. Yamanaka. A single-chip RSA processor implemented in a 0.5 μm rule gate array. in Proceedings of 7th Annual IEEE International ASIC Conference Exhibit, pp. 433–436, 1994.

  19. S. Jormalainen and J. Laine. Security in WTLS. http://www.hut.fi/∼jtlaine2/wtls/, 2002.

  20. B. S. Kaliski Jr. and Y. L. Yin. On the security of the RC5 Encryption algorithm. RSA Laboratories Technical Report TR-602, Sept. 1998.

  21. J. Kaps and Chr. Paar. Fast DES implementations for FPGAs and its application to a universal key-search machine. 5th Annual Workshop on Selected Areas in Cryptography (SAC ’98), August 17–18, Ontario, Canada, 1998.

  22. D. E. Knuth. The Art of Computer Programming, Vol. 2: Seminumerical Algorithms. Addison-Wesley, Reading, Massachusetts, 2nd edition, 1981.

  23. N. Leavitt. Will WAP deliver the wireless internet? Proceedings of IEEE Computer, 16–20, 2000.

  24. X. Lai and J. L. Massey. A proposal for a new Block Encryption Standard. In Proceedings of Eurocrypt’90, Aarhus, Denmark, pp. 389–404, May 21–24, 1990.

  25. T. Lewis. Why WAP may never get off the ground. Proceedings of IEEE Computer, 110–112, 2000.

  26. A. Menezes, P. van Oorchot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, Inc, October 1997.

  27. M. Metter and R. Colomb. WAP enabling existing HTML applications. In Proc. First Australian User Interface Conf., 49–57, 2000.

  28. P. Montgomery. Modular multiplication with trial division. Math. of Computation, 44:519–521, 1985.

    Article  MATH  Google Scholar 

  29. H. Orup. A 100 kbits/s single chip modular exponentiation processor. In HOT chips VI, Symposioum Record, pp. 53–59, 1994.

  30. J. M. Rabaey. Digital Integrated Circuits. Prentice Hall, 1996.

  31. S. S. Raghuram and C. Chakrabarti. A programmable processor for cryptography. In Proceedings of IEEE International Symposium on Circuits & Systems (ISCAS’00), May 28–31, Switzerland, 2000.

  32. R. Rajsuman. System-on-a-Chip. Design and Test, Artech House, 2002.

  33. R. L. Rivest. The RC5 encryption algorithm. In Proceedings of the 1994 Leuven Workshop on Fast Software Encryption, Springer, pp. 86–96, 1995.

  34. R. L. Rivest. The MD5 Message Digest Algorithm. RFC 1321, MIT LCS & RSA data Security, Inc., April 1992.

  35. R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Comm. ACM, 21:120–126, 1976.

    Article  MathSciNet  Google Scholar 

  36. W. Sachs and S. Wolter. Specification and implementation of a crypto-coprocessor for ISDN. In Proceedings of IEEE International Symposium on Circuits & Systems (ISCAS’00), Switzerland, vol. I, pp. 275–278, May 28–31, 2000.

  37. B. Schneier. Applied Cryptography—Protocols, Algorithms and Source Code in C, Second edition. John Wiley and Sons, New York, 1996.

    Google Scholar 

  38. SHA-1 Standard National Institute of Standards and Technology (NIST), Secure Hash Standard, FIPS PUB 180-1, www.itl.nist.gov/fipspubs/fip180-1.htm, 2001.

  39. SSL Protocol Specifications, www.netscape.com/eng/ssl3, 2002.

  40. D. R. Stinson. Cryptography: Theory and Practice. CRC Press LLC, 1995.

  41. J. D. Touch. Performance analysis of MD5. In Proceedings of ACM SIGCOMM’95, Cambridge, Massachusetts, 1995.

  42. C. D. Walter. Systolic modular multiplication. IEEE Transactions on Computers, 42(3):376, 1993.

    Article  Google Scholar 

  43. WAP Forum. Wireless Application Protocol Architecture Specification and Wireless Transport Layer Security, www.wapforum.org, 2002.

  44. D. C. Wilcox, L.G. Pierson, P.J. Robertson, E.L. Witzke, and C. Gass. A DES ASIC suitable for network encryption at 10 GPS and Beyond. In Proceedings of CHESS’99, LNCS 1717, pp. 37–48, 1999.

  45. Xilinx Inc., San Jose, California, Virtex, 2.5 V Field Programmable Gate Arrays, 2002.

  46. R. Zhang and K. Chen. Improvements on the WTLS protocol to avoid denial of service attacks. Computers and Security, Elsevier Science, 24(1):76–82, 2005.

    Google Scholar 

  47. C. N. Zhang, M. Deng, and R. Mason. Two improved algorithms and hardware implementations for key distributing using extended programmable cellular automate. 14th Annual Computer Security Applications Conference, Phoenix, Arizona, 1998.

  48. R. Zimmermann, A. Curiger, H. Bonnenberg, H. Kaeslin, N. Felber, and W. Fichtner, A 177 Mb/s VLSI implementation of the international data encryption algorithm. IEEE Journal of Solid State Circuits, 29(3), 1994.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to N. Sklavos.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sklavos, N., Kitsos, P., Papadopoulos, K. et al. Design, Architecture and Performance Evaluation of the Wireless Transport Layer Security. J Supercomput 36, 33–50 (2006). https://doi.org/10.1007/s11227-006-3549-4

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-006-3549-4

Keywords

Navigation