1 / 16

INTRODUCTION

Beyond Fixed Key Size: Classifications Toward a Balance Between Security and Performance by Abdullah Almuhaideb,Mohammed Alhabeeb,Phu Dung Le, Bala Srinivasan Presented by: Anirudh Rao Vasudeva Rao Abha Chaudhary Varshinee Krishnamurthy. INTRODUCTION. Motivation:

chars
Download Presentation

INTRODUCTION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Beyond Fixed Key Size: Classifications Toward a Balance Between Security and PerformancebyAbdullah Almuhaideb,MohammedAlhabeeb,Phu Dung Le, BalaSrinivasanPresented by:AnirudhRaoVasudevaRaoAbhaChaudharyVarshinee Krishnamurthy

  2. INTRODUCTION • Motivation: • Number of Mobile Devices increase exponentially every year. • Advancement in mobile technology opens up new opportunities in different fields which might compromise on security. • Current Technology -4G aims at providing higher data rates. • Primary goal - maintain a balance between security and performance.

  3. Problem Statement: There are three main challenges: • Mobile Device performance capabilities • Mobile Network issues • Security protocol issues

  4. RELATED WORK • Portmann et al: • Proposed a simple extension of TLS protocol that involves selectively encrypting a message stream. • 2 levels of security: • 1stLevel - involves encrypting sensitive parts of data stream • 2nd Level – non-sensitive parts of data stream are left unprotected. • This paper’s approach: • Classifies information security in 4 levels of security.

  5. Tak and Park: • Classified 4 security classes based on information sensitivity and Network congestion. • Aimed at providing a trade off between security and performance. • Increase the number of keys used for increasing security. • Drawbacks: • They concentrate only on e-commerce and they did not consider m-commerce. • Mobile power supply gap was not taken into account. • This paper’s approach: • Increase the key length to increase security.

  6. Song et al: • Proposed an extension of SSL protocol called the Multiple Channel SSL(MC-SSL). • Idea involves different channels for data with different sensitivity. • Communication between client and server either happens directly or through proxy servers. • Drawbacks: • Confined to a single protocol (SSL) • This paper’s approach: • Its offers 4 levels of Information security leveland 7 levels of capability performance levels.

  7. THE PROPOSED TECHNIQUE • DKS- Dynamic Key Size • DKS architecture supports security protocol by selecting the appropriate key size

  8. A. Capability performance Levels: • Has 7 performance levels.(0-6) • Based on 3 categories: • Category 1: Processing Power and Memory Capacity • Category 2: Power Supply • Category 3: Communication System

  9. B. Information Security Levels: • 4 levels of information security levels. • None Critical • Least Critical • Critical • Most Critical • As information sensitivity increases key size increases (DKS) • Provides balance between security and performance.

  10. C. Key Management: • Generates and maintains key that are used in encryption. • Contains identifiers for Authentication and encryption algorithms. • D. Policy Management: • Important component of DKS Approach • Describes the policies that has to be followed in each level of capability performance

  11. POSSIBLE APPLICATIONS This paper supports SSL protocol dealing with its drawbacks : • Limitaion -1 : leak of capability negotiation and selective information security • Limitation -2 : use of full handshake more than once This approach provides : • 4 keys for different levels of security • The above is provided once for a single handshake • So every message will be associated with a key

  12. SECURE CONNECTION OF DKS OVER SSL • Step 1 : after the initiation of handshake, the user sends the MD capability status and other supporting information • Step 2 : based on step 1, the MD is classified into the appropriate categories ; the largest PKI key size is generated. • Step 3 : the PKI key size is verified and the premaster keys and are generated. • Step 4 : check if the above generated keys matches with the information and capability levels. • Step 5 : the various communication links are secured properly. • Step 6&7 : end the session.

  13. DISCUSSIONS • Need for a balance between performance and security • Though the balance is a challenging task , a practical balance is achieved • The functioning and processing of the MD and its capabilities need to be studied. • Hence the MD is classified as seven capability levels. • This approach provides selective security by classifying various (7) security levels. • A balance is achieved by combining the appropriate performance level and information sensitivity level. • The dynamic key approach provides a different key for different message hence avoiding leakage of information to attackers.

  14. CONCLUSION • DKS approach is a practical solution to an effective balance between efficiency and security. • DKS approach different performance and security levels for various heterogeneous environment. • It provides more flexibility to security protocols.

  15. THANK YOU

More Related