TinySec: TinySec: Performance Performance Characteristics Characteristics Chris K :: Chris K :: Naveen S Naveen S :: :: David W David W January 16, 2004 January 16, 2004
Dec 21, 2015
TinySec:TinySec:Performance Performance
CharacteristicsCharacteristics
Chris K :: Chris K :: Naveen SNaveen S :: David W :: David W
January 16, 2004January 16, 2004
This TalkThis Talk
Recent resultsRecent results Measurements on Mica2s (TOS 1.1.2)Measurements on Mica2s (TOS 1.1.2)
LatencyLatency BandwidthBandwidth PowerPower Stress testingStress testing
Hardware crypto comparison & Hardware crypto comparison & implicationsimplications 802.15.4 (e.g. CC2420)802.15.4 (e.g. CC2420)
TinySec Review: How & WhyTinySec Review: How & Why
Link layer security mechanismLink layer security mechanism Hop-by-hop, not end-to-endHop-by-hop, not end-to-end Better support for aggregationBetter support for aggregation Enables higher level keying protocolsEnables higher level keying protocols
Low overhead security in softwareLow overhead security in software
Cryptographic checksumCryptographic checksum Ensures integrityEnsures integrity Enforces access controlEnforces access control
Optional encryptionOptional encryption
TinySec PerformanceTinySec Performance
Characterize Overhead: Energy, Latency, Characterize Overhead: Energy, Latency, Bandwidth.Bandwidth.
Factors for TinySec overheadFactors for TinySec overhead ComputationComputation Larger Packet SizesLarger Packet Sizes
Can predict overhead caused by packet Can predict overhead caused by packet sizessizes
Measurement goal: Show computation Measurement goal: Show computation overhead is minimaloverhead is minimal
Note: crypto HW only reduces computation Note: crypto HW only reduces computation overheadoverhead
Packets & Predicted Packets & Predicted OverheadOverhead
Old packet (CRC): +7 b
Authentication Only (TinySec-Auth): +8 b
Authentication, Encryption (TinySec-AE) : +12 bIV
OverheaOverhead (b)d (b)
Total Total Size (b)Size (b)
Xmit Xmit time time (ms)(ms)
IncreasIncreasee
CRCCRC 3939 6363 26.226.2 ----
TinySec-TinySec-AuthAuth
4040 6464 26.626.6 1.5%1.5%
TinySec-AETinySec-AE 4444 6868 28.828.8 8%8%
Latency Test SetupLatency Test Setup
Test purpose: Test purpose: Measure latency at different hopcountsMeasure latency at different hopcounts Determine difficulty in adding TinySec to Determine difficulty in adding TinySec to
existing applicationexisting application Integrate with SystemCIntegrate with SystemC Successfully transmitted 70,000+ packets: Successfully transmitted 70,000+ packets:
Our stress testOur stress test
SetupSetup:: 4x9 grid in Woz of Mica2s4x9 grid in Woz of Mica2s Landmark routing code from Landmark routing code from
midterm demomidterm demo 200 measurements per hopcount200 measurements per hopcount
LM
A
B
BS
Energy Test SetupEnergy Test Setup
Single mote transmitting a packetSingle mote transmitting a packet Measure voltage drop with Measure voltage drop with
oscilloscopeoscilloscope
Bandwidth Test SetupBandwidth Test Setup
Vary number of sendersVary number of senders Each sender sends as fast as it canEach sender sends as fast as it can Measure number of packets Measure number of packets
successfully received in a time periodsuccessfully received in a time period
Performance SummaryPerformance Summary
PredictePredicted d (packet (packet size size only)only)
Latency Latency OverheaOverheadd
BW BW OverheaOverheadd
Energy Energy OverheaOverheadd
CRC (No CRC (No TinySec)TinySec)
------ ------ ------ ------
TinySec-TinySec-AuthAuth
1.5%1.5% 1.7%1.7% NegligiblNegligiblee
3%3%
TinySec-TinySec-AEAE
8%8% 7.3%7.3% 6%6% 10%10%
TinySec StatusTinySec Status
New version working with 1.1.3 stackNew version working with 1.1.3 stack To use: TINYSEC=trueTo use: TINYSEC=true
Suggestion: Suggestion: base new stacks off of TinySec stackbase new stacks off of TinySec stack
802.15.4802.15.4
New standard supported by ChipCon 2240.New standard supported by ChipCon 2240. Link-layer security provisionsLink-layer security provisions
Key management left to higher protocols Key management left to higher protocols (ZigBee)(ZigBee)
Design similarities to TinySec:Design similarities to TinySec: 3 security modes: off, auth, auth + encryption3 security modes: off, auth, auth + encryption
(also include encryption only).(also include encryption only). Block cipher basedBlock cipher based 16 byte IV; format similar to TinySec format16 byte IV; format similar to TinySec format
802.15.4: (cont)802.15.4: (cont)
Design differences to TinySecDesign differences to TinySec Larger security parameter choicesLarger security parameter choices
Performance hit?Performance hit? AES in hardwareAES in hardware MAC size variable, 0..16 bytesMAC size variable, 0..16 bytes Encryption: CTR modeEncryption: CTR mode Encryption: 16 byte IV. Similar to Encryption: 16 byte IV. Similar to
TinySec FormatTinySec Format
ConclusionConclusion
Increased packet length dominant factor in Increased packet length dominant factor in overheadoverhead
HW right long term solutionHW right long term solution EaseEase Energy savingsEnergy savings Faster block cipher ops, but not the right metricFaster block cipher ops, but not the right metric But: requires design at chip timeBut: requires design at chip time
Hardware not needed for acceptable performanceHardware not needed for acceptable performance Software Crypto is efficient and feasibleSoftware Crypto is efficient and feasible Relies on an underutilized CPURelies on an underutilized CPU Our implementation is low overheadOur implementation is low overhead
AcknowledgementsAcknowledgements
D. Molnar for help in running the latency D. Molnar for help in running the latency testtest
R. Szewczyk for measuring the energy R. Szewczyk for measuring the energy plotsplots
A. Woo for the key piece of Matlab trivia so A. Woo for the key piece of Matlab trivia so we could write our scriptswe could write our scripts