Mobile Business Engine

Goals

The MBE project develops a middleware platform for context aware services which provides means to ensure secure communication as well as privacy of service users.

Motivation

The convergence of mobile communication and Internet allows to realize new kind of services, business models, as well as the possibility to integrate company employees which are working remote. These chances can be exploited fully only if new services and applications can be developed on a sufficiently high abstraction level. In addition business and private data have to be protected against eavesdropping, tampering, profiling etc. Applying cryptographic means provides such security mechanisms but it also increases the energy consumption of the mobile devices significantly. Thus, the user has to decide between a convenient up time of the mobile device and a secure communication. This conflict can be solved applying energy efficient hardware accelerators for cryptographic means.

Research Topics

Hardware accelerators for cryptographic operations

In order to ensure a secure communication public as well as secret key cryptography has to be applied. Secret key mechanisms are used for bulk data transfer, whereas public key approaches are used for mutual authentication, digital signatures as well as for secret key exchange. We are using AES (Advanced Encryption Standard) as secret key mechanism. There is no known successful attack against AES, so it can be used for reasonable period of time. Our main goal was to develop an area efficient AES implementation in order to guarantee low manufacturing cost. Table 1 depicts the characteristics of the AES hardware accelerator.

As a public key mechanism we selected Elliptic Curve Cryptography (ECC). The computational burden that is inhibited by ECC is less than the one of RSA. ECC provides the same level of security as RSA but with a significantly shorter key length. So, ECC is well suited for application in mobile communication. The main operation in ECC is the 'kP' multiplication. The complexity of this multiplication can be reduced by applying the Karatsuba method. Normally the Karatsuba approach is applied recursively. In the MBE project we developed an iterative implementation of the Karatsuba method which allows to realize area efficient hardware accelerators for the 'kP' multiplication. We investigated our idea also for other recursive approaches which are based on the Karatsuba method. The hardware accelerators which are realized applying an iterative approach need up to 60 per cent less area and some versions need about 30 per cent less energy per multiplication than the recursive variants. The parameters of the manufactured version are shown in Table 1.

Both hardware accelerators have been integrated into one chip which also provides a PCMCIA and a Cardbus interface for integration of the chip into mobile devices. Figure 1 shows a photo of this chip. The characteristics of both hardware accelerators clearly indicate that nor the cost neither the energy consumption prohibits the use of hardware accelerators in mobile devices (see Table 1).

Figure 1: photo of the dual crypto chip
  AES (128bit) ECC (233bit)
throughput Mbit/sec @33MHz 42.00 0.85
power consumption mW @33MHz 9.59 56.85
complexity kGates 14.44 27.26
rate clock cycles 100.00 9,000.00
size mm² @.25µm technology 1.01 2.11
Figure 1:
photo of the dual crypto chip		   Table 1:
characteristics of both hardware accelerators
Anonymous micro payment

MONETA is a simple and efficient off-line prepaid electronic cash scheme. It uses an asymmetric security architecture to limit power and memory consumption. The client owns an ECC key pair, and RSA key pairs are used on the infrastructure side. Our system provides limited anonymity and is secure against eavesdropping. Double-spender's identity can be revealed. The reasonable size of the coin and reduced computational complexity enables the use on mobile devices.

Privacy Negotiation Tool: Privacy Advocate (PrivAd)

PrivAd allows mobile service users and service providers to negotiate about the data revealed by the service user and their potential recipients, purpose etc. Our tool is backwards compatible with P3P and allows interaction between negotiation enabled clients and static servers as well as between static clients and negotiation enabled servers. Our measurements done with a state of the art PDA show that our tool is suitable for use on mobile devices, i.e. successful negotiations take about 2 sec including message transfer (forth and back) via a 802.11b wireless link.