An embedded database design and implementation of a parallel IEEE XTS storage encryption for mobile devices

The ubiquity and huge proliferation of mobile and handheld devices, such as smartphones and tablets, are globally undeniable where Google’s Android operating system dominates the largest share of mobile platforms in the market. The vast spread and increased capabilities of these devices have come with major challenges to mobile security and data confidentiality. Every year different threats against sensitive data resting inside the storage of these mobile devices continue to rise sharply. Encryption might be the most efficient technique to ensure storage confidentiality; however it comes with great impact on these small gadgets which suffer from lack of resources such as processing power and battery. Performance is also a major concern for implementing security solutions, such as full storage encryption, inside mobile devices. A security solution might not be welcomed by consumers if it causes tangible performance degradation. With the wide spread of multi-core processors in current smart gadget devices, parallelization is no more luxury and can be used to enhance encryption performance in mobile gadgets significantly. This study focuses on evaluating and enhancing the performance of data storage encryption inside mobile devices. In this thesis, a parallel encryption system for the protection of sensitive data stored inside Android-based mobile devices is developed and successfully implemented. To ensure higher security level, the developed system is implemented using the NIST-certified XTS-AES block encryption algorithm. Other storage encryption algorithms, i.e. XTS-Twofish and XTS-RC6, have also been implemented in both serial and parallel designs and then evaluated. Overheads occurring due to parallel implementations have been identified and successfully mitigated to achieve proper performance speedup. Since the most user sensitive data are residing inside persisting databases, an SQLite implementation of the parallel XTS-AES system is proposed. This developed parallel SQLite-XTS system encrypts data stored in databases transparently on-thefly without the need for any user intervention. To design the parallel computation side of the proposed system and improve the overall system performance, a specific version of OpenMP API is integrated inside the architecture of targeted Android platform. This allows the developed encryption system to exploit the multi-core commodity processors, equipped with current mobile devices, in order to enhance performance. Different serial and parallel experiments have been conducted on an Android testbed device, where performance analysis and comparisons of different SQLite implementations have been carried out. During the file-based experiments, the parallel XTS-AES has shown a performance speedup of 1.71 with 86% efficiency faster than its serial counterpart; with higher encryption throughput achieved in the testbed device up to 8290 KB/s and 11380 KB/s when using XTS-AES and XTS-RC6 ciphers respectively. Additionally, the developed parallel SQLite-XTS system have been successfully implemented and integrated into the mobile testbed device. To assess the performance and feasibility of this system, it has been compared with three other SQLite implementations, i.e. Plain SQLite, Serial XTS SQLite, and SQLCipher-CBC. Results show that the developed parallel SQLite system has reduced the overhead of database encryption from 30.8%, with serial implementation, up to 17.8% when parallel SQLite is used. That provides the developed system with an efficiency of 73% compared to serial counterpart. These results clarify that the developed SQLite system introduces significant performance improvement compared to other implementations.

Preview Text FK 2018 8 - IR.pdf Download (2MB) | Preview

Actions (login required)

View Item