IEEE REGION 8 SIBIRCON 2008

25

Enhanced "ULTRA GRIDSEC": Enhancing High Performance Symmetric Key Cryptography Schema Using Pure Peer To Peer Computational Grid Middleware (HIMAN)
Prof. Dr. Mostafa-Sami M. Mostafa Computer Science Department Faculty of Computers and Information Helwan University, Cairo, Egypt Dr. Safia.H.Deif Computers and Systems Department, National Telecommunication Institute, Cairo, Egypt Hisham.Abd Elazeem.Ismail.Kholidy Computer Science Department Faculty of Computers and Information Helwan University, Cairo, Egypt hisham_dev@yahoo.com

Keywords: ULTRA GRIDSEC, High Performance, Symmetric Key Cryptography, Security Schema, Pure P2P, Computational Grid Middleware

Abstract
"ULTRA GRIDSEC" [1] is a high Performance Symmetric Key Cryptography Schema used to increase the performance of symmetric key encryption algorithms[12] like DES and TDES by decreasing their execution time and increasing their security by using compression and multithreading techniques and other enhancement points [1]. In this paper we enhancing the performance of a "ULTRA GRIDSEC"[1] by using a pure Peer-to-Peer Computational Grid Middleware called (HIMAN) [2] that we developed before. ULTRA GRIDSEC Performance accelerated by about 254.8% when it was applied as an application for "HIMAN" middleware for file with size 55MB and 1MB Block Size, and accelerated by 431.2% for file with size 110MB and 10MB Block Size so every time the size of file is large and choosing the suitable block size and suitable number of threads this can cause a great acceleration for the schema performance regarding to machines capabilities of the running middleware. After that we compared the performance of the Enhanced "ULTRA GRIDSEC" with a developed schema called "GRIDCRYPT" [4] developed by Melbourne University in Australia and run over their middleware called Alchemi [5, 6, 11], so for file with size 55MB and 1MB Block Size and using 4 workers, ULTRA GRIDSEC Performance is faster by about 445.37% than the " GRIDCRYPT " Schema, and for file with size 110MB and 10MB Block Size and using 4 workers, ULTRA GRIDSEC Performance is faster by about 708.69% than the "GRIDCRYPT" Schema. An analysis and results of this schema and comparison of this scheme performance with another existing schema is presented in this paper.

Hardware, Peer-to-peer (P2P) or enterprise grids are proven as one of the approaches for developing costEffective high-end computing systems. By utilizing them, one can improve the performance of symmetric key cryptography through parallel execution. In this paper we enhancing the performance "ULTRA GRIDSEC" schema by using a pure Peer-to-Peer Computational Grid Middleware called (HIMAN) that we developed[2] before. An analysis of schema results and comparison of this scheme performance with another existing schema is presented in this paper.

1.1 "ULTRA GRIDSEC" Schema

Different Middlewares use symmetric key encryption Algorithms for securing there transmitted data, but symmetric key algorithms cause a huge overhead in processor and memory of the running machines, So it is needed to develop an efficient Schema for supporting secure transmission of data between middleware nodes, such a schema must supports the following [7, 8 and 10]: 1- Secure communication between elements of a computational Grid by encrypting data passes between them. 2- Avoiding a centrally managed security system (in P2P Models only). 3- Not affect the Performance of the middleware completely comparable to the actual execution time. It is evident that TDES Algorithm has many disadvantages like weak keys and the overload done in the processing speed and memory storage. When applying the algorithm in the grid system we have many concerns like communication bandwidth and processing power, etc [7]. ULTRA GRIDSEC solved these problems by the following enhancements [1]: 1- Compression and Decompression by using Huffman And RLE Algorithms 2- Block Division. 3- Multithreading methodology by using a. Separate "Key Generation processes" in a thread. b. First Half Threading" methodology. c. "Second Half Threading" methodology. d. "Full Threading" methodology.

1. Introduction
Using larger key sizes and complex algorithms are important procedures to achieve an unbreakable state for cryptanalysis on symmetric key cryptograph, but this leads to an increase in computational complexity, so many researches tried to develop high-performance symmetric key cryptography schemes using the high-end computing

978-1-4244-2134-3/08/$25.00 2008 IEEE

26

IEEE REGION 8 SIBIRCON 2008

4- Creating USFs (Ultra Swapping Files) 5- Prevent the weak keys problems in TDES when keys are small or are equal. These proposed enhancement points handle the performance from several points of view [1]: 1. Utilizing the disk storage capabilities, communication bandwidth, memory usage, and increasing the TDES security by compressing the data before making the required encryption or decryption Operations this compression change the file contents as a type of encryption so the encrypted file will be different in its contents from the regular TDES encrypted file, so successful attacks that affect TDES files can't attack it, also Compression techniques enhance the Schema performance by 35-70% according to input file characteristics. 2. Block Division is continuously loading input data for encryption or decryption block by block instead of loading the complete data into memory and this enhance the usage of memory also this enhances the Schema performance by 8-10% according to Machine capabilities. 3. Enhancing the processing speed that can be noticed through multithreading methodology which can be applied using one or more of the previous mentioned points and this enhances the Schema performance by about 20-30% according to machine capabilities and about 8% for separating key generation in single thread. 4. Creating USFs (Ultra Swapping Files): The added Feature USFs is continuously loading and saving data to another target during file processing, this enables us to utilize the memory storage that needed during the running processes. 5. Prevent the weak keys problems in Triple DES when keys are small or are Equal: in our schema we compare the input key for our "ULTRA GRIDSEC" schema with known weak keys and prevent using one of them, also it applies compression algorithms to the weak keys to prevent the repetitions in this weak keys also the resulted file is compressed and encrypted using different keys to prevent any one from decompress or decrypt the file except the one who have the compression and encryption keys and this increases the security of "ULTRA GRIDSEC" schema. Using "ULTRA GRIDSEC" TDES Performance accelerated by about 439.7% in dual processor 3000M.HZ and 2GB of Ram and 217.5 % in processor 3000M.HZ and 512MB of Ram and 129.15 % in processor 2400M.HZ and 256MB of Ram and 103.28% in processor 1800M.HZ and 256MB of Ram. Classes of "ULTRA GRIDSEC" are described in paper [1]. The Encryption and decryption Scenarios are shown in figure 1and figure 2 respectively.

Figure 1: Encryption Scenario in "ULTRA GRIDSEC" Schema

Figure 2: Decryption Scenario in "ULTRA GRIDSEC" Schema

MOSTAFA-SAMI M. MOSTAFA, SAFIA.H.DEIF AND HISHAM ABD ELAZEEM ISMAIL KHOLIDY

27

1.2 "HIMAN": Pure Peer-to-Peer Computational Grid Middleware System Model

"HIMAN" [2] is a proposed Middleware that designed for building a pure P2P Desktop Grid system for performing both serial and parallel task execution. Serial task execution is the execution of a task, as one part, on a remote node (i.e. worker) [9]. Parallel task execution is the simultaneous execution of the same task (split up and specially adapted) on multiple workers in order to obtain results faster [2].The system architecture is organized as three layer architecture, depicted in Figure 6. 1.2.1 Communication Layer The communication layer is responsible for providing communication channels to perform transmission of control commands and files between the client and the worker. Figure 3 shows the structure of the communication layer [1], the communication security sub layer is the layer responsible for securing the data (commands and files) between the client and the worker according to "ULTRA GRIDSEC" Schema for encrypting/decrypting the passing data.

Figure 4: Task Execution and Management Layer

2. Design and Architecture of the Enhanced "ULTRA GRIDSEC"

The following figure shows how we adapted "ULTRA GRIDSEC" Schema to accelerate its performance using "HIMAN" middleware. A- Applying Encryption Methodology as an application in the mentioned middleware

System layered architecture

Communication Layer

Figure 3: System layered architecture and Communication Layer

1.2.2 Task Execution Layer Task execution layer is responsible for performing task execution and providing the fault tolerance technique [3]. Figure 4 shows the structure of that layer 1.2.3 Management Layer Management layer is responsible for performing load balancing through scheduling submitted tasks among available working nodes. It is also responsible for monitoring the whole system performance [1]. Description of the components of the management layer for performing required functionalities in both Client and Worker is depicted in Figure. 4. The Authentication and Authorization manager is an important component required for testing the credentials and permissions for the users and their requested tasks according to their giving roles in the system (Worker, Client, or Administrator) this feature is a future work point.

Figure 5: Applying Encryption Methodology as an application in the P2PComputational Grid Middleware

28

IEEE REGION 8 SIBIRCON 2008

B- Applying Decryption Methodology as an application in the mentioned middleware The decryption Scenario is the same for the Encryption Scenario but the input file is compressed and encrypted so after decrypting and decompressing each part at the client the resulted parts of the file will be merged again to output the final decrypted file.

3.2 Performance Comparisons

Evaluation

&

Run

time

Figure 6: Decryption Methodology as an application in the P2PComputational Grid Middleware

3. Performance Evaluation & Run time Comparisons of Accelerating "ULTRA GRIDSEC" Schema Using "HIMAN".
3.1 Testbed
The testbed is a LAN consisting of 13 workers and one client. Figure 7 shows the structure of the LAN: seven workers, PC1 - PC7, are PCs connected to an Ethernet switch (100 Mbps max) together with the client, PC8. The other six workers, TC1 - TC6, are Tablet PCs which are connected as wireless nodes to an access-point (54 Mbps max). The access-point is connected to the switch as shown. The client is Pentium 4 3.0GHz machine with 512MB physical memory running Windows Server 2003 Enterprise Edition. All PC workers are Pentium 4 3.0GHz machines with 256MB physical memory running Windows XP professional. All TC workers are Intel Pentium 4 2GHz machines with 512MB physical memory running Windows XP Tablet PC Edition [2].

In our run time Comparisons we did our experiments using the Full threading technique mentioned in paper [1], we used first half threading with 3 threads and second half threading of 2 threads, we fixed this specification according to the best results obtained from ULTRA GRIDSEC schema used with this specifications as mentioned in paper [1] and regarding to the middleware Testbed specifications as mentioned previously. We have done a runtime comparison for the ULTA GRIDSEC Acceleration using the testbed described previously, but we specified only12 executor nodes each with the same specification of Pentium IV 2400 MHz processor and 512 MB of memory to be similar to the Alchemi [5, 6, 11] middleware Infrastructure that we will compare with. We monitored the CPU usage and the threads execution details using the HIMAN console [2] (see Figure 8 Client Screen, Figure 9 Worker Screen).

Figure 8 Client Screen

Figure 7: Testbed for experimentations

Figure 9 Worker Screen

MOSTAFA-SAMI M. MOSTAFA, SAFIA.H.DEIF AND HISHAM ABD ELAZEEM ISMAIL KHOLIDY

29

Our experiments are done according to the following specifications: 1- The acceleration of ULTRA GRIDSEC schema using (TDES) using file 44MB over 1, 2, 3, 4, 5, 6 workers and using 1MB Block size comparable to the using of only one worker.

4- Comparing between ULTRA GRIDSEC using "DES" and GRIDCRYPT Schema [4] applied in Alchemi [5, 6, 11] middleware developed by Melbourne University in Australia Using 55MB file with 1MB block size. For 1, 2, and 4 workers.

Figure 13 Comparison between ULTRA GRIDSEC using "DES" and "GRIDCRYPT" for file with size 55M.B Block size 1M.B Figure 10 Acceleration of ULTRA GRIDSEC using "TDES" for 44M.B File using Block size 102400K.B and Full threading (3, 2)

2- The acceleration of ULTRA GRIDSEC schema using (TDES) using file 55MB and using 1, 2, 4,8,12 workers and using 1MB Block size comparable to the using of only one worker

5- Comparing between ULTRA GRIDSEC using "DES" and GRIDCRYPT Using 55 MB file with 10MB block size For 1, 2, and 4 workers.

Figure 14 Comparison between ULTRA GRIDSEC using "DES" and "GRIDCRYPT" for file with size 55M.B Block size 10M.B

6- Comparing between ULTRA GRIDSEC using "DES" and GRIDCRYPT Using 110 MB file with 10MB block size For 1, 2, and 4 workers.
Figure 11 Acceleration of ULTRA GRIDSEC using "TDES" for File with size 55MB using 1MB Blocks and Full threading(3,2)

3- Comparing between ULTRA GRIDSEC schema (using DES) and the old DES without block division, Threading or Compression for file with size 55MB and number of workers equals to 1, 2, 4, 8, and 12 using 1MB Block size.

Figure 15 Comparison between ULTRA GRIDSEC using "DES" and "GRIDCRYPT" for file with size 110MB Block size 10MB

6. Using "ULTRA GRIDSEC" Schema as a security layer for securing data inside "HIMAN" middleware
Figure 12 Comparison between (ULTRA GRIDSEC using "DES" with Block size 1MB using Full threading (3, 2)) and (the Old DES without block division, Threading or Compression) for File with size 55MB.

Paper [1] described in details how to apply "ULTRA GRIDSEC" Schema as a security layer for securing data passes between the interconnected nodes (Client and Workers) in "HIMAN" middleware for its serial and parallel executions methodologies as following:

30

IEEE REGION 8 SIBIRCON 2008

6.1 Applying "ULTRA GRIDSEC" schema inside serial execution methodology in the "HIMAN" middleware
The following scenario describes steps required to secure data passes inside "HIMAN" middleware in its serial execution as described in details in paper [1].

8. References
[1] Mostafa-Sami M. Mostafa, Safia H Deif, Hisham A Kholidy, "ULTRA GRIDSEC: Peer-to-Peer Computational Grid Middleware Security Using High Performance Symmetric Key Cryptography", IEEE-ITNG Conference (5th International Conference on Information Technology- New Generations) Las Vegas, Nevada, USA, 1- 4 April 2008. [2] Ali E. El-Desoky, Hisham A., Abdulrahman A. Azab, "A Pure Peer-to-Peer Desktop Grid Framework with Efficient Fault Tolerance ", IEEE-ICCES 24, Nov. 2007. [3] Ali E. El-Desoky, Hisham A, Abdulrahman A. Azab, "Improving Fault Tolerance in Desktop Grids Based On Incremental Checkpointing", ICCES'06, Nov. 2006. [4] Akshay Luther, Rajkumar Buyya, Rajiv Ranjan, and Srikumar Venugopal, "GridCrypt: High Performance Symmetric Key Cryptography Using Enterprise Grids ", Laurence Yang and Minyi Guo (editors), Wiley Press, New Jersey, USA. Fall 2004. [5] Akshay Luther, Rajkumar Buyya, Rajiv Ranjan, and Srikumar Venugopal, "Alchemi: A .NET-based Desktop Grid Computing Framework, High Performance Computing: Paradigm and Infrastructure", Laurence Yang and Minyi Guo (editors), Wiley Press, New Jersey, USA. Fall 2004. [6] Akshay Luther, Rajkumar Buyya, Rajiv Ranjan, and Srikumar Venugopal , "Peer-to-Peer Grid Computing and a .NET-based Alchemi Framework", University of Melbourne, Australia, (2004). [7] Jean-Christophe Durand Grid Computing A Conceptual and Practical Study Book, University of Lausanne, November 8, 2004 [8] J. Dayka A. Nadalin F. Siebenlist V. Welch S. Tueckle N. Nagaratnam, P. Janson and I. Foster. "Security architecture for open grid services". OGSA Security Workgroup, 2002. [9] C. Kesselman. I. Foster. "Computational grids. In The Grid: Blueprint for a New Computing Infrastructure" chapter 2. Morgan-kaufman edition, 1999. [10] I. Foster, C. Kesselman, G. Tsudik, S. Tuecke, Proc, A Security Architecture for Computational Grids, 5th ACM Conference on Computer and Communications Security Conference, pg. 83-92, 1998. [11] http://www.alchemi.net [12] MyCrypto.net. Encryption Algorithms: http://www.mycrypto.net/encryption/crypto_algorithms.html

6.2 Applying ULTRA GRIDSEC schema inside parallel execution methodology in "HIMAN" middleware
The following scenario describes steps required to secure data passes inside "HIMAN" middleware in its parallel execution as described in details in paper [1].

Figure 8: System scenario for Applying "ULTRA GRIDSEC" inside parallel Execution Method of the proposed Middleware

7. Conclusion
ULTRA GRIDSEC Performance accelerated by about 254.8% when it was applied as an application for "HIMAN" middleware for file with size 55MB and 1MB Block Size, and accelerated by 431.2% for file with size 110MB and 10MB Block Size so every time the size of file is large and choosing the suitable block size and suitable number of threads this can cause a great acceleration for the schema performance regarding to machines capabilities of the running middleware. For file with size 55MB and 1MB Block Size and using 4 workers, ULTRA GRIDSEC Performance is faster by about 445.37% than the "GRIDCRYPT" Schema, and for file with size 110MB and 10MB Block Size and using 4 workers, ULTRA GRIDSEC Performance is faster by about 708.69% than the "GRIDCRYPT" Schema. In general, as showed in this paper, ULTRA GRIDSEC can successfully be used as a security schema for encrypting data passes between the interconnected nodes of the grid system and adapt the characteristics required for grid systems.