ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Improving secure server performance by re-balancing SSL/TLS handshakes
Full text PdfPdf (327 KB)
Source ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2006 ACM Symposium on Information, computer and communications security table of contents
Taipei, Taiwan
SESSION: Security protocols table of contents
Pages: 26 - 34  
Year of Publication: 2006
ISBN:1-59593-272-0
Authors
Claude Castelluccia  INRIA Zirst, Saint Ismier, Cedex, France
Einar Mykletun  University of California, Irvine Irvine, CA
Gene Tsudik  University of California, Irvine Irvine, CA
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 19,   Downloads (12 Months): 156,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1128817.1128826
What is a DOI?

ABSTRACT

Much of today's distributed computing takes place in a client /server model. Despite advances in fault tolerance - in particular, replication and load distribution -- server overload remains to be a major problem. In the Web context, one of the main overload factors is the direct consequence of expensive Public Key operations performed by servers as part of each SSL handshake. Since most SSL-enabled servers use RSA, the burden of performing many costly decryption operations can be very detrimental to server performance. This paper examines a promising technique for re-balancing RSA-based client/server handshakes. This technique facilitates more favorable load distribution by requiring clients to perform more work (as part of encryption) and servers to perform commensurately less work, thus resulting in better SSL throughput. Proposed techniques are based on careful adaptation of variants of Server-Aided RSA originally constructed by Matsumoto, et al. [1]. Experimental results demonstrate that suggested methods (termed Client-Aided RSA) can speed up processing of RSA private key operations by a factor of between 11 to 19, depending on the RSA key size. This represents a considerable improvement. Furthermore, proposed techniques can be a useful companion tool for SSL Client Puzzles in defense against DoS and DDoS attacks.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Tsutomu Matsumoto , Koki Kato , Hideki Imai, Speeding Up Secret Computations with Insecure Auxiliary Devices, Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology, p.497-506, August 21-25, 1988
 
2
Private communication, "Private communication with D. Wagner," 2005.
 
3
Network Working Group, "RFC 2246 - The TLS Protocol Version 1.0," Internet RFC/STD/FYI/BCP Archives, 1999, http://www.faqs.org/rfcs/rfc2246.html.
 
4
BEA WebLogic, "BEA WebLogic Server Frequently Asked Questions," http://e-docs.bea.com/wls/docs60/faq/security.html.
5
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
 
6
D. Boneh and G. Durfee, "Cryptanalysis of RSA with Private Key d Less than n0.292," IEEE Transactions on Information Theory, vol. 46, pp. 1339--1349, 2000.
 
7
J. Quisquater and C. Couvreur, "Fast decipherment algorithm for RSA public-key cryptosystem," Electronic Letters, vol. 18, pp. 1905--907, 1982.
 
8
Alfred J. Menezes , Scott A. Vanstone , Paul C. Van Oorschot, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL, 1996
 
9
B. Pfitzmann and M. Waidner, "Attacks on Protocols for Server-Aided RSA Computations," Proceedings of Eurocrypt '92, pp. 153--162, 1992.
 
10
R. J. Anderson, "Attack on Server Assisted Authentication Protocols," Electronic Letters, vol. 28, pp. 1473, 1992.
 
11
Tsutomu Matsumoto , Hideki Imai , Chi-Sung Laih , Sung-Ming Yen, On Verifiable Implicit Asking Protocols for RSA Computation, Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.296-307, December 13-16, 1992
 
12
Chae Hoon Lim , Pil Joong Lee, Security and Performance of Server-Aided RSA Computation Protocols, Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, p.70-83, August 27-31, 1995
 
13
J. Burns , C. J. Mitchell, Parameter Selection for Server-Aided RSA Computation Schemes, IEEE Transactions on Computers, v.43 n.2, p.163-174, February 1994  [doi>10.1109/12.262121 ]
 
14
Remarks on Parameter Selection for Server-Aided Secret RSA Computation Schemes, Proceedings of the 1999 International Workshops on Parallel Processing, p.167, September 21-24, 1999
 
15
Philippe Bégiun , Jean-Jacques Quisquater, Fast Server-Aided RSA Signatures Secure Against Active Attacks, Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, p.57-69, August 27-31, 1995
 
16
S. Hong, J. Shin, and H. Lee-Kwang, "A new approach to server-aided secret computation," International Conference on Information Security and Cryptology, pp. 33--45, 1998.
17
Johannes Merkle, Multi-round passive attacks on server-aided RSA protocols, Proceedings of the 7th ACM conference on Computer and communications security, p.102-107, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352616]
 
18
Phong Q. Nguyen , Igor Shparlinski, On the Insecurity of a Server-Aided RSA Protocol, Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, p.21-35, December 09-13, 2001
 
19
A. K. Lenstra and E. R. Verheul, "Selecting cryptographic key sizes," Journal of Cryptology: the journal of the International Association for Cryptologic Research, vol. 14, no. 4, pp. 255--293, 2001.
 
20
Hovav Shacham , Dan Boneh, Improving SSL Handshake Performance via Batching, Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA, p.28-43, April 08-12, 2001
 
21
C. Coarfa, P. Druschel and D. S. Wallach, "Performance Analysis of TLS Web Servers," 9th Network and Systems Security Symposium, pp. 553--558, 2002.
 
22
R. Mraz, Secure Blue: An Architecture for a Scalable, Reliable, High Volume SSL Internet Server, Proceedings of the 17th Annual Computer Security Applications Conference, p.391, December 10-14, 2001
 
23
Sonic WALL, "Sonic WALLE SSL-RX," http://www.sonicwall.com/products/sslrx.html.
 
24
A. Juels and J. Brainard, "Client Puzzles: A Cryptographic Defense Against Connection Depletion," 5th Network and Systems Security Symposium, pp. 151--165, 1999.
 
25
D. Dean and A. Stubblefield, "Using Client Puzzles to Protect TLS," Proceedings of the USENIX Security Symposium, 2001.
 
26
T. Berson, D. Dean, M. Franklin, D. Smetters, and M. Spreitzer, "Cryptography as a Network Service," 7th Network and Systems Security Symposium, 2001.
 
27
D. Boneh and H. Shacham, "Fast Variants of RSA," CryptoBytes (RSA Laboratories), vol. 5, pp. 1--9, 2002.
 
28
Henri Cohen, A course in computational algebraic number theory, Springer-Verlag New York, Inc., New York, NY, 1995
 
29
M. Weiner, "Cryptanalysis of Short RSA Secret Exponents," IEEE Transactions on Information Theory, vol. 36(3), pp. 553--558, 1990.
 
30
Amos Fiat, Batch RSA, Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology, p.175-185, August 20-24, 1989
 
31
Chae Hoon Lim , Pil Joong Lee, More Flexible Exponentiation with Precomputation, Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology, p.95-107, August 21-25, 1994
 
32
V. Gupta and D. Stebila and S. Fung, "Speeding Up Secure Web Transactions Using Elliptic Curve Cryptgraphy," 11th Network and Systems Security Symposium, pp. 231--239, 2004.

CITED BY
 
Daniel F. García , Rodrigo García , Joaquín Entrialgo , Javier García , Manuel García, Evaluation of the effect of SSL overhead in the performance of e-business servers operating in B2B scenarios, Computer Communications, v.30 n.16, p.3063-3074, November, 2007

INDEX TERMS

Primary Classification:
  E. Data
  E.3 DATA ENCRYPTION

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

  E. Data
  E.4 CODING AND INFORMATION THEORY


General Terms:
Algorithms, Security


Keywords:
client puzzles, denial-of-service, hardware accelerators, load-balancing, server-aided RSA, server-aided secure computation

Collaborative Colleagues:
Claude Castelluccia: colleagues
Einar Mykletun: colleagues
Gene Tsudik: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player