TinySec: Performance Characteristics Chris K :: Naveen S :: David W January 16, 2004.

TinySec:TinySec:Performance Performance

CharacteristicsCharacteristics

Chris K :: Chris K :: Naveen SNaveen S :: David W :: David W

January 16, 2004January 16, 2004

This TalkThis Talk

Recent resultsRecent results Measurements on Mica2s (TOS 1.1.2)Measurements on Mica2s (TOS 1.1.2)

LatencyLatency BandwidthBandwidth PowerPower Stress testingStress testing

Hardware crypto comparison & Hardware crypto comparison & implicationsimplications 802.15.4 (e.g. CC2420)802.15.4 (e.g. CC2420)

TinySec Review: How & WhyTinySec Review: How & Why

Link layer security mechanismLink layer security mechanism Hop-by-hop, not end-to-endHop-by-hop, not end-to-end Better support for aggregationBetter support for aggregation Enables higher level keying protocolsEnables higher level keying protocols

Low overhead security in softwareLow overhead security in software

Cryptographic checksumCryptographic checksum Ensures integrityEnsures integrity Enforces access controlEnforces access control

Optional encryptionOptional encryption

TinySec PerformanceTinySec Performance

Characterize Overhead: Energy, Latency, Characterize Overhead: Energy, Latency, Bandwidth.Bandwidth.

Factors for TinySec overheadFactors for TinySec overhead ComputationComputation Larger Packet SizesLarger Packet Sizes

Can predict overhead caused by packet Can predict overhead caused by packet sizessizes

Measurement goal: Show computation Measurement goal: Show computation overhead is minimaloverhead is minimal

Note: crypto HW only reduces computation Note: crypto HW only reduces computation overheadoverhead

Packets & Predicted Packets & Predicted OverheadOverhead

Old packet (CRC): +7 b

Authentication Only (TinySec-Auth): +8 b

Authentication, Encryption (TinySec-AE) : +12 bIV

OverheaOverhead (b)d (b)

Total Total Size (b)Size (b)

Xmit Xmit time time (ms)(ms)

IncreasIncreasee

CRCCRC 3939 6363 26.226.2 ----

TinySec-TinySec-AuthAuth

4040 6464 26.626.6 1.5%1.5%

TinySec-AETinySec-AE 4444 6868 28.828.8 8%8%

Latency Test SetupLatency Test Setup

Test purpose: Test purpose: Measure latency at different hopcountsMeasure latency at different hopcounts Determine difficulty in adding TinySec to Determine difficulty in adding TinySec to

existing applicationexisting application Integrate with SystemCIntegrate with SystemC Successfully transmitted 70,000+ packets: Successfully transmitted 70,000+ packets:

Our stress testOur stress test

SetupSetup:: 4x9 grid in Woz of Mica2s4x9 grid in Woz of Mica2s Landmark routing code from Landmark routing code from

midterm demomidterm demo 200 measurements per hopcount200 measurements per hopcount

LM

A

B

BS

Late

ncy

Late

ncy

Late

ncy

: B

yte

Tim

es

Late

ncy

: B

yte

Tim

es

Energy Test SetupEnergy Test Setup

Single mote transmitting a packetSingle mote transmitting a packet Measure voltage drop with Measure voltage drop with

oscilloscopeoscilloscope

Energ

yEnerg

y

+3%

+10%

Bandwidth Test SetupBandwidth Test Setup

Vary number of sendersVary number of senders Each sender sends as fast as it canEach sender sends as fast as it can Measure number of packets Measure number of packets

successfully received in a time periodsuccessfully received in a time period

Bandw

idth

Bandw

idth

TinySec-Auth: same throughputTinySec-AE: 6% less throughput

Performance SummaryPerformance Summary

PredictePredicted d (packet (packet size size only)only)

Latency Latency OverheaOverheadd

BW BW OverheaOverheadd

Energy Energy OverheaOverheadd

CRC (No CRC (No TinySec)TinySec)

------ ------ ------ ------

TinySec-TinySec-AuthAuth

1.5%1.5% 1.7%1.7% NegligiblNegligiblee

3%3%

TinySec-TinySec-AEAE

8%8% 7.3%7.3% 6%6% 10%10%

TinySec StatusTinySec Status

New version working with 1.1.3 stackNew version working with 1.1.3 stack To use: TINYSEC=trueTo use: TINYSEC=true

Suggestion: Suggestion: base new stacks off of TinySec stackbase new stacks off of TinySec stack

802.15.4802.15.4

New standard supported by ChipCon 2240.New standard supported by ChipCon 2240. Link-layer security provisionsLink-layer security provisions

Key management left to higher protocols Key management left to higher protocols (ZigBee)(ZigBee)

Design similarities to TinySec:Design similarities to TinySec: 3 security modes: off, auth, auth + encryption3 security modes: off, auth, auth + encryption

(also include encryption only).(also include encryption only). Block cipher basedBlock cipher based 16 byte IV; format similar to TinySec format16 byte IV; format similar to TinySec format

802.15.4: (cont)802.15.4: (cont)

Design differences to TinySecDesign differences to TinySec Larger security parameter choicesLarger security parameter choices

Performance hit?Performance hit? AES in hardwareAES in hardware MAC size variable, 0..16 bytesMAC size variable, 0..16 bytes Encryption: CTR modeEncryption: CTR mode Encryption: 16 byte IV. Similar to Encryption: 16 byte IV. Similar to

TinySec FormatTinySec Format

ConclusionConclusion

Increased packet length dominant factor in Increased packet length dominant factor in overheadoverhead

HW right long term solutionHW right long term solution EaseEase Energy savingsEnergy savings Faster block cipher ops, but not the right metricFaster block cipher ops, but not the right metric But: requires design at chip timeBut: requires design at chip time

Hardware not needed for acceptable performanceHardware not needed for acceptable performance Software Crypto is efficient and feasibleSoftware Crypto is efficient and feasible Relies on an underutilized CPURelies on an underutilized CPU Our implementation is low overheadOur implementation is low overhead

AcknowledgementsAcknowledgements

D. Molnar for help in running the latency D. Molnar for help in running the latency testtest

R. Szewczyk for measuring the energy R. Szewczyk for measuring the energy plotsplots

A. Woo for the key piece of Matlab trivia so A. Woo for the key piece of Matlab trivia so we could write our scriptswe could write our scripts

802.15.4: IV Format802.15.4: IV Format