Abstract

In Wireless Sensor Networks (WSNs), server clusters, and other systems requiring secure transmission, the overhead of data encryption and transmission is often not negligible. Unfortunately, a conflict exists between security and efficiency in processing data. Therefore, this paper proposes a strategy to overcome this conflict, called Client-Aware Negotiation for Secure and Efficient Data Transmission (CAN-SEAT). This strategy allows a client with different security transmission requirements to use the appropriate data security transmission without modifying the client. Two methods are designed for different clients. The first method is based on two-way authentication and renegotiation. After handshakes, the appropriate data security transmission scheme is selected according to the client requirements. Another method is based on redirection, which can be applied when the client does not support two-way authentication or renegotiation. For the characteristics of different architecture, this paper classifies and discusses symmetric key algorithms, asymmetric key algorithms, and hardware encryption instructions. In four application scenarios, the CAN-SEAT strategy is tested. Compared with the general transmission strategy, when only software encryption is used, the data processing and transmission cost can be reduced by 89.41% in the best case and by 15.40% in the worst case. When supporting hardware encryption, the cost can be reduced by 85.30% and 24.63%, respectively. A good effect was produced on the experimental platforms XiLinx, FT-2000+, and Intel processors. To the best of our knowledge, for Client-Aware Negotiation (CAN), this is the first method to be successfully deployed on a general system. CAN-SEAT can be easily combined with other energy-efficient strategies.

Highlights

  • As a security layer protocol, the Secure Socket Layer (SSL) and the subsequent TransportLayer Security (TLS) are widely used in TCP/IP networks

  • SSL/TransportLayer Security (TLS) is often combined with the Hypertext Transfer Protocol (HTTP) to ensure the security of data transmission; in this case, HTTP is known as Hypertext Transfer Protocol Secure (HTTPS)

  • The Client-Aware Negotiation (CAN)-SEAT strategy is only described as an example built on the HTTPS protocol and can be deployed with other protocols depending on the specific implementation of the protocols

Read more

Summary

Introduction

As a security layer protocol, the Secure Socket Layer (SSL) and the subsequent Transport. Layer Security (TLS) are widely used in TCP/IP networks. SSL/TLS is often combined with the Hypertext Transfer Protocol (HTTP) to ensure the security of data transmission; in this case, HTTP is known as Hypertext Transfer Protocol Secure (HTTPS). Compared to the traditional transmission mode, data transmission based on SSL/TLS needs to introduce additional security control overhead. The efficiency and security are closely related. More efficiency means less security; more security means less efficiency and, more broadly, higher energy consumption. Different control strategies can be set for data transmission with different security requirements

Background and Motivation
Related Work
System Description
Message Exchange
Encryption Algorithm
Security Strength
Methodology
CAN Based on Renegotiation
CAN Based on Redirection
Experimental Environment
Encryption Efficiency
Encryption Scheme and Security Analysis
Application
Findings
Conclusions

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.