IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.10, October 2008 1 Manuscript received October 5, 2008 Manuscript revised October 20, 2008 Resource Saving AES-CCMP Design with Hybrid Counter Mode Block Chaining - MAC M. Razvi Doomun*, K.M. Sunjiv Soyjaudah Faculty of Engineering, University of Mauritius Summary IEEE 802.11i security standard is emerging as an essential security requirement to support the growth of a wide range of wireless data services and applications. However, with the advent of more battery powered wireless devices, efficient and robust cryptographic designs are needed that do not impose high computational overhead and avoid mismatch with limited battery resources and low processing capabilities inherent on these wireless devices. In this paper, we (a) apply a systematic approach to determine computational complexity and efficiency of AES-CCMP (Advance Encryption Standard - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) designed for IEEE 802.11i, (b) propose a resource saving AES-CCMP design with hybrid CBC-MAC variant merged with Counter Mode encryption, defined as Counter Mode Block Chaining-MAC (or CMBC–MAC), for faster and more efficient data encryption and decryption. A comparative analysis of CCMP with hybrid CMBC-MAC computational complexity is performed to show its energy economy. Key words: Security, AES-CCMP, Computational Complexity, Cipher Block Chaining MAC. 1. Introduction IEEE 80211i security standard suite [1] has been developed as a replacement of the highly vulnerable Wired Equivalent Privacy (WEP) to provide the ‘best’ security for 802.11 wireless local area network (WLAN). IEEE 802.11i standard consists of the Counter Mode with Cipher Block Chaining –Message Authentication Code Protocol (Counter Mode + CBC MAC = CCMP) [2] and has been designed as a long term security solution. It is based on Advance Encryption Standard (AES) cipher and it offers robust encryption and message integrity as proved in ref [2][3]. Although CCMP is seen as an efficient algorithm which combines the Counter Mode for encryption and CBC MAC for message authentication, its encryption and authentication implementations are based on the relatively intensive Advance Encryption Standard (AES) operations that require support for more powerful hardware. Improvements in battery technology are easily offset by the increasing complexity of security mechanisms for WLAN and Ad Hoc networks. Thus, to guarantee a reasonable battery operation lifetime, designing innovative techniques to conserve power consumption for cryptographic algorithm are crucial. But, successfully designing resource-saving security mechanism needs good comprehension of the relationships between encryption parameters and power consumption. In the work [5], the computational complexity of AES is modeled based on its algorithmic operations to show how the degree of complexity varies with different key size and number of rounds of encryption. Indeed, AES is very robust, but at the expense of high computational operations. Furthermore, when IEEE 802.11i security protocol is used for certain real-time video and audio applications on WLAN or Ad Hoc network, the device CPU is overloaded severely causing noticeable performance hit. The battery power consumption of small wireless devices is severely affected by the computationally heavy cryptographic operations causing rapid power depletion which creates a new problem dimension between robust wireless security and energy efficiency. Moreover, the quest for efficient cryptographic mechanism is still research challenge for providing optimum security in resource constrained wireless networks which requires minimum memory, making optimal use of hardware processing capabilities and consuming the least energy or battery power [5] [4] [6]. In this paper, we first derive the complexity equation model of AES-CCMP to mathematically assess its computational cost in terms of processing cycles of different number of basic operations involved in the execution of the algorithm. The complexity study also unveils the algorithm’s practicality in terms of encryption or decryption performance and speed. Eventually, the computational cost of AES-CCMP algorithm is correlated to its energy consumption when executed on any particular hardware platform. But, the mathematical complexity equations of AES-CCMP is independent of the actual platform they are implemented on and this gives us a standardized fairly accurate methodology to measure energy consumption of the security protocol. While currently there is no other standard way of measuring the computational complexity of security protocols, this creates a knowledge gap as it is difficult to compare different security protocols on an energy performance metric. In addition, for optimizing energy efficiency and