Abstract
Security has become a very critical issue in the provision of mobile services. The Open Mobile Alliance (OMA) has specified a powerful security layer, the WTLS. In this paper, a VLSI architecture for the implementation of the WTLS integrity unit is proposed. The proposed architecture is reconfigurable in the sense that operates in three different modes: as Keyed-Hash Authentication Code (HMAC), as SHA-1 and MD5 hash functions, according to WTLS specifications. This multi-mode operation is achieved due to the reconfigurable applied design technique in the proposed architecture, which keeps the allocated area resources at a minimized level. The proposed architecture achieves high speed performance, due to the pipeline designed architecture. Especially, SHA-1 operation achieved throughput is equal to 1,7 Gbps, while MD5 operation mode bit rate is equal to 2,1 Gbps. The proposed architecture has been integrated by using VHDL and has been synthesized placed and routed in an FPGA device. Comparisons with related hash functions implementations have been done in terms of throughput, operating frequency, allocated area and Area-Delay product. The achieved performance of the SHA-1 operation mode is better at about 14–42 times compared with the other conventional works. In addition, MD5 performance is superior to the other works at about 6–18 times, in all of the cases. The proposed Integrity Unit is a very trustful and powerful solution for the WTLS layer. In addition, it can be integrated in security systems which are used for the implementation networks for wireless protocols, with special needs of integrity in data transmission.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
“Open Mobile Alliance Specifications,” www.openmobilealliance.org, 2003.
Menezes, A. Oorchot, P. van and Vanstone, S.,Handbook of Applied Cryptography, CRC Press, Inc., Oct. 1997.
Schneier, B.,Applied Cryptography — Protocols, Algorithms and Source Code in C, 2ed, John Wiley and Sons, New York, 1996.
HMAC Standard, National Institute of Standards and Technology, “The Keyed-Hash Message Authentication Code (HMAC),” http://csrc.nist.gov/publications/fips/dfips-HMAC.pdf, 2003.
Jormalainen, S. and Laine, J., “Security in WTLS,” http://www.hut.fi/ jtlaine2/wtls/, 2003.
“SSL Protocol Specifications”, www.netscape.com/eng/ssl3, 2003.
Stinson, D. R.,Cryptography: Theory and Practice, CRC Press LLC, 1995.
Bakhtiari, S., Safavi-Naini, R. and Pieprzyk, J., “Cryptographic Hash Functions: A Survey,”Technical Report 95-09, Department of Computer Science, University of Wollongong, July 1995.
Rivest, R.,The MD5 Message-Digest Algorithm, RFC 1321, MIT LCS and RSA Data Security, Inc., April 1992.
SHA-1 Standard, National Institute of Standards and Technology (NIST), “Secure Hash Standard,”FIPS PUB 180-1, www.itl.nist.gov/fipspubs/fip180-1.htm, 2003.
A Simple Method of Estimating Power in XC40000X1/EX/E FPGAs, Application Brief XBRF 014 v1.0, Xilinx, San Jose, California, USA, 2003.
Virtex,2.5 V Field Programmable Gate Arrays, www.xilinx.com, Xilinx, San Jose, California, USA, 2003.
Roe, M., “Performance of Block Ciphers and Hash Functions-One Year Later,” inProc. of Second International Workshop for Fast Software Encryption '94, Leuven, Belgium, Dec. pp. 14–16, 1994.
Dominikus, S., “A Hardware Implementation of MD4-Family Hash Algorithms,” inProc. of IEEE International Conference on Electronics Circuits and Systems (ICECS'02), III, pp. 1143–1146, Croatia, September 15–18, 2002.
Dobbertin, H., Bosselaers, A. and Preneel, B., “RIPEMD-160, a Strengthened Version of RIPEMD,”Fast Software Encryption, LNCS 1039, pp. 71–82, Springer-Verlag, 1996.
Touch, J. D., “Performance Analysis of MD5,” inProc. of ACM SIGCOMM '95, Cambridge, Massachusetts, 1995.
Author information
Authors and Affiliations
Corresponding author
Additional information
Nicolas Sklavos, Ph.D.: He is a Ph.D. Researcher with the Electrical and Computer Engineering Department, University of Patras, Greece. His interests include computer security, new encryption algorithms design, wireless communications and reconfigurable computing. He received an award for his Ph.D. thesis on “VLSI Designs of Wireless Communications Security Systems” from IFIP VLSI SOC 2003. He is a referee of International Journals and Conferences. He is a member of the IEEE, the Technical Chamber of Greece and the Greek Electrical Engineering Society. He has authored or co-authored up to 50 scientific articles in the areas of his research.
Paris Kitsos, Ph.D.: He is currently pursuing his Ph.D. in the Department of Electrical and computer Engineering, University of Patras, Greece. He received the B.S. in Physics from the University of Patras in 1999. His research interests include VLSI design, hardware implementations of cryptography algorithms, security protocols for wireless communication systems and Galois field arithmetic implementations. He has published many technical papers in the areas of his research.
Epaminondas Alexopoulos: He is a student of the Department of Electrical and Computer Engineering, University of Patras, Greece. His research includes hardware implementations, mobile computing and security. He has published papers in the areas of his research.
Odysseas Koufopavlou, Ph.D.: He received the Diploma of Electrical Engineering in 1983 and the Ph.D. degree in Electrical Engineering in 1990, both from University of Patras, Greece. From 1990 to 1994 he was at the IBM Thomas J. Watson Research Center, Yorktown Heights, NY, USA. He is currently an Associate Professor at the Department of Electrical and Computer Engineering, University of Patras. His research interests include VLSI, low power design, VLSI crypto systems and high performance communication subsystems architecture and implementation. He has published more than 100 technical papers and received patents and inventions in these areas.
About this article
Cite this article
Sklavos, N., Kitsos, P., Alexopoulos, E. et al. Open Mobile Alliance (OMA) security layer: Architecture, implementation and performance evaluation of the integrity unit. New Gener Comput 23, 77–100 (2005). https://doi.org/10.1007/BF03037652
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF03037652