Improving SSL Handshake Performance via Batching
نویسندگان
چکیده
We present an algorithmic approach for speeding up SSL’s performance on a web server. Our approach improves the performance of SSL’s handshake protocol by up to a factor of 2.5 for 1024-bit RSA keys. It is designed for heavily-loaded web servers handling many concurrent SSL sessions. We improve the server’s performance by batching the SSL handshake protocol. That is, we show that b SSL handshakes can be done faster as a batch than doing the b handshakes separately one after the other. Experiments show that taking b = 4 leads to optimal results, namely a speedup of a factor of 2.5. Our starting point is a technique due to Fiat for batching RSA decryptions. We improve the performance of batch RSA and describe an architecture for using it in an SSL web server. We give experimental results for all the proposed techniques.
منابع مشابه
Batching SSL/TLS Handshake Improved
Secure socket layer (SSL) is the most popular protocol to secure Internet communications. Since SSL handshake requires a large amount of computational resource, batch RSA was proposed to speedup SSL session initialization. However, the batch method is impractical since it requires a multiple of certificates. In this paper, we overcome this problem without modifying SSL protocol. To select the o...
متن کاملUnderstanding SSL
Chris Hare 134.1 What Is SSL?.................................................................... 1777 134.2 Server Certificates ........................................................... 1778 134.3 The SSL Handshake........................................................ 1778 The CLIENT-HELLO Message † The SERVERHELLO Message † The CLIENT-MASTER-KEY Message 134.4 Generating a New Master Key ....
متن کاملWorkload Characterization of a Lightweight SSL Implementation Resistant to Side-Channel Attacks
Ever-growing mobility and ubiquitous wireless Internet access raise the need for secure communication with devices that may be severely constrained in terms of processing power, memory capacity and network speed. In this paper we describe a lightweight implementation of the Secure Sockets Layer (SSL) protocol with a focus on small code size and low memory usage. We integrated a generic public-k...
متن کاملResearch and Implementation of Three HTTPS Attacks
With the rapid development of network applications, the issues of Network transmission security become very important. Therefore, SSL protocol is more and more widely used in a variety of network services. But the SSL protocol itself is not perfect, in practice, there are also problems. For the deficiencies of endpoint authentication in the SSL handshake process, the paper analyzes two kinds of...
متن کاملSSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services
Key establishment is essential for many applications of cryptography. Its purpose is to negotiate keys for other cryptographic schemes, usually for encryption and authentication. In a web services context, WS-SecureConversation has been specified to make use of negotiated keys. The most popular key establishment scheme in the Internet is the (handshake protocol of the) Secure Socket Layer or Tr...
متن کامل