Comparative Analysis of Cryptography Library in Iot
Total Page:16
File Type:pdf, Size:1020Kb
International Journal of Computer Applications (0975 – 8887) Volume 118 – No. 10, May 2015 Comparative Analysis of Cryptography Library in IoT Uday Kumar Tuhin Borgohain Sugata Sanyal Tech Mahindra Limited Department of Instrumentation Corporate Technology Office, Chennai Engineering, Assam Tata Consultancy Services India Engineering College Mumbai Guwahati India India ABSTRACT 3. CRYPTOGRAPHY LIBRARY The paper aims to do a survey along with a comparative There exist numerous cryptography library encompassing analysis of the various cryptography libraries that are multitudes of encryption algorithms which can be applicable in the field of Internet of Things (IoT). The first implemented for encryption of different messages in various half of the paper briefly introduces the various cryptography fields. These cryptography libraries enable the libraries available in the field of cryptography along with a list implementation of various security measures ([11]) through of all the algorithms contained within the libraries. The the use of the containing algorithms. Some of the most second half of the paper deals with cryptography libraries prominent cryptography library ([5]) along with their specifically aimed for application in the field of Internet of encryption algorithms is listed below: Things. The various libraries and their performance analysis listed down in this paper are consolidated from various i. Borzoi: The “borZoi” cryptography library sources with the aim of providing a single comprehensive implements an algorithm based on elliptic curves (as such repository for reference to the various cryptography libraries known as Elliptic Curve Cryptography Library) ([4], [9], [10], and the comparative analysis of their features in IoT. [14], [36]). It implements the following algorithms which ranges over a finite field bearing a characteristic 2 (GF2m) Keywords ([1]): ECC, wolfSSL, RELIC, AvrCryptoLib, TinyECC, WiseLib a. ECDSA (Elliptic Curve Digital Signature 1. INTRODUCTION Algorithm) The implementation of encryption and decryption in the field b. Elliptic Curve Diffie-Hellman Key Agreement of cryptography provides a solid means of relaying messages Scheme to and fro between users without the added risk of the c. ECIES (Elliptic Curve Integrated Encryption message being compromised to unwanted personnel. Such Scheme) encryption-decryption operations are performed by various ways ([3], [7], [15]) through the use of specific set of borZoi is also implemented with AES Symmetric encryption algorithms. A cryptography library is a sort of repository of scheme and one other algorithm to produce SHA-1, its digital the various algorithms available for cryptographic purposes, signature which are as follows ([1]) : which provides the added function of categorising the multitudes of algorithms into specific collections based on a. AES (Rijndael) Symmetric Encryption Scheme their performance capacities and functions. b. SHA-1 hash algorithm In the field of IoT, microprocessors and embedded devices ii. Crypto++ : Written in C++, this cryptography with low computational power plays the vital role of exchange library implements various algorithms ranging from of information using the internet infrastructure. Such authenticated encryption schemes (like GCM, CCM etc.) to constraints to computational capabilities and the necessity of algorithms based on elliptic curves (like ECDSA, ECNR etc) secure exchange of information calls upon the need to ([13]). The various algorithms implemented by Crypto++ are implement algorithms specifically optimized to run in as follows ([2]): resource constrained environments. As such cryptography a. GCM, CCM, EAX libraries aimed for use in microprocessors and embedded devices plays a very important role for providing the b. AES (Rijndael), RC6, MARS, CAST-256, Twofish, necessary security layers to IoT devices and securing up the Serpent overall IoT infrastructure. c. Panama, Sosemanuk, Salsa20, XSalsa20 2. OVERVIEW: d. IDEA, Triple-DES, Camellia, SEED, XTEA, In this paper Section 3 will briefly introduce the various Skipjack, SHACAL-2, RC5, Blowfish cryptography libraries available for encryption in general. It will also list all the encryption algorithms available in the e. ECB, CBC, CTS, CFB, OFB, CTR various cryptography libraries. In section 4, we will discuss in f. VMAC, HMAC, CBC-MAC, GMAC, Two- details the various cryptography libraries in IoT. In section 5, Track-MAC we will do a comparative analysis amongst the various cryptography libraries discussed in section 4 based on their g. SHA-1, SHA-2, SHA-3, WHIRLPOOL, Tiger, unique features. We conclude the paper in section 6 RIPEMD-128, RIPEMD-256, RIPEMD-160, RIPEMD-320 h. ECDSA, ECNR, ECIES, ECMQV, ECDH 5 International Journal of Computer Applications (0975 – 8887) Volume 118 – No. 10, May 2015 i. MD2, MD4, MD5, Panama Hash, Square, GOST, bits SAFER, SEAL 3.0, DES, ARC4, DESX, RC2, 3-WAY, ) WAKE-OFB, CAST-128, SHARK j. Diffie-Hellman, XTR-DH, DH2, MQV, LUCDIF k. PKCS#1 v2.0, OAEP, PSS, IEEE P1363 EMSA2- SEE Ca Cam Cam Salsa Salsa GOST ST D mell ellia ellia 20 20/12 28147 RE EMSA5, PSSR ia (192 (256 -89 A l. ESIGN, LUC, RSA, DSA, ElGamal, RW, NR, (128 bits) bits) M DLIES bits) GC CC RFC CFB CBC ECB OFB CT iii. Libmcrypt: The “libmcrypt” cryptography library M M 3394 R provides encryption of data and is thread safe. This specific library contains a set of encryption algorithms and modes RSA DS ElGa ECD EdDS CMA GMA H which are modular in nature. This nature allows algorithms A mal SA A C C M and the encryption modes to operate in a much efficient AC manner. The various algorithms contained within the SHA TIG RIPE MD4 MD5 TIGE TIGE SH framework of this library are tabulated in Table 1: -1 ER MD- R/192 R2 A- 160 224 xTEA CAST- CAST DES 3DES GOS SKIP 128 -256 T JAC Whir GO GOS SHA SHA- SHA- ISO RF K lpool ST T R -256 384 512 3309 C R 34.11 151 3- BLOW TWOF WAK PAN MAR LOK 34.1 - 0 WAY FISH ISH E AMA S I97 1- 2012 RC2 RC6 ARCF RIJND CBC ECB SAF 201 (512 OUR AEL ER 2 bits) (256 SAFE SAFE SAFE SAFE SAFE ENIG IDE bits) R+ R K-64 R K- R SK- R SK- MA A 128 64 128 RFC GO RFC PBK SCR 2440 ST 4880 DF2 YPT SERP STRE CFB OFB nOFB nCFB CTR R ENT AM 34.1 1-94 Table 1: Algorithms in Libmcrpyt library Table 3: Algorithms in Libgcrypt library iv. Botan (formerly known as OpenCL): This cryptography library is written in C++ and licensed under vi. Bouncy Castle: This particular cryptography library BSD-2 ([23], [28]). It was later implemented with a “Card is written in Java and C# ([41]). Designed mainly for use in Verifiable Certificate” for ePassports and this modified devices with low computational memory, this library contains version of Botan was named “InSiTO”. This library contains the algorithms listed in Table 4: a number of encryption formats, algorithms and protocols PKC DAN DVC OCSP DTL OpenP CRMF which are tabulated in Table 2: S#1 E S S GP TLS SSL PKCS PKCS #3 PKCS #5 0 (v1.5/v2.0) CM TSP TLS PKCS# CM S/MIM DTLS RSA DSA X.509 Parts of Diffie- P 12 S E CRLs 1363 Hellman Table 4: Algorithms in Bouncy Castle library Table 2: Algorithms in Botan library vii. Cryptlib: The “cryptlib” cryptography library is a v. Libgcrypt: Written in C language, the “libgcrypt” is library of algorithms which provides security to a multi-platform cryptography library licensed under GNU communication and information exchange. Its simple Lesser General Public License GNU General Public License interface makes it very user-friendly and its layered structure ([32]). It features a multiple precision arithmetic (the lower layers each providing a layer of abstraction, the implementation and entropy gathering utility ([37]). The higher layers covering up the details of implementation of the cryptography algorithms in this library are tabulated in Table algorithms) makes up the whole library very secure and 3: impermeable to intrusion to a very high degree. The various IDE 3DE SER SER SERP CAS BLO AE algorithms within this library are tabulated in Table 5: A S PEN PEN ENT T5 WFIS S T T (256 H 128 SSL TLS SS S/MIM Open C SCE RTCS (128 (192 bits) H E PGP MP P bits) bits) OC X.509 SE Micros RPK Sig Ident PKCS AES AE TWO TWO ARC DES Ron’s Ro SP v1 T oft I G rus #7 192 S FISH FISH FOU Ciphe n’s Authen 256 (128 (256 R r 2 Cip tiCode bits) bits) (40 her RT OCS C X.509v bits) 2 CS P A 3 (12 8 Table 5: Algorithms in Cryptlib library 6 International Journal of Computer Applications (0975 – 8887) Volume 118 – No. 10, May 2015 viii. Catacomb: Written using gcc, this cryptography SSL S/MIME TLS PKCS #11 library contains a set of cryptographic primitives and used in Linux operating systems ([9]). Some of the most prominent categories of algorithms within this library out of its many other are as shown in Table 6: BLOCK HASH Multi-precision Public Key Table 9: Security algorithms in NSS Cipher functions Maths Library Algorithms xv. OpenPGP: This cryptography library is an open source variant of PGP (Pretty Good Privacy) which is used for securing the privacy of end-users and levelling up the security Table 6: Categories of algorithms in the Catacomb of communication systems by implementation of library authentication methods through the use of PGP ([16], [18]). ix. Cryptix: The “Cryptix” (say Cx) cryptography xvi. OpenSSL: Written in C language, the “OpenSSL” is library was made to provide a library of cryptographic a multi-platform library of cryptographic algorithms and algorithms to the Java platform as there were a number of functions ([40]). It is an open source library licensed under issues regarding adoption of cryptography in Java ([22]).