Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Slides:

Advertisements

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Advertisements

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

Cryptography and Network Security

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

WTLS (Wireless Transport Layer Security) Youngho Choung

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Internet Security Protocols

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.

Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

A Survey of WAP Security Architecture Neil Daswani

Cryptography and Network Security Chapter 17

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

Chapter 8 Web Security.

Secure password-based cipher suite for TLS: The importance of end-to-end security Marie L.S. Dumont CS 265.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

PKI interoperability and policy in the wireless world.

Security in WAP Sanket Naik, Ameya Varde CS590F Fall 2000.

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Public Key Infrastructures and mCommerce Baltimore’s offerings for wireless technologies.

TECHNICAL SEMINAR Presented by :- Satya Prakash Pattnaik TECHNICAL SEMINAR By Satya Prakash Pattnaik EC Under the guidance of Mr.

Network Security Essentials Chapter 5

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Cryptography and Network Security (SSL)

1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.

Mobile Security. Security is Hard Just this year: Denial of service Credit card compromise I Love you Cost to manage security quickly becomes prohibitive.

Security Standards. IEEE IEEE 802 committee for LAN standards IEEE formed in 1990’s – charter to develop a protocol & transmission specifications.

WAP Architecture Presented by, Nithya Inbamani. WAP Background Wireless Application Protocol – secure specification. Wireless Application Protocol – secure.

SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

Chapter 14 Network Encryption

Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.

Gold Coast Campus School of Information Technology 2003/16216/3112INT Network Security 1Copyright © Griffith University, INT / 3112INT Network.

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

1 Secure Socket Layer Originally by Yu Yang and Lilly Wang Originally by Yu Yang and Lilly Wang Modified by T. A. Yang Modified by T. A. Yang.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Cryptography CSS 329 Lecture 13:SSL.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.

Cryptography and Network Security

Originally by Yu Yang and Lilly Wang Modified by T. A. Yang

Web Security (TRANSPORT-LEVEL SECURITY)

SSL (Secure Socket Layer)

Web Security (TRANSPORT-LEVEL SECURITY)

The Secure Sockets Layer (SSL) Protocol

Transport Layer Security (TLS)

Performance and Efficiency in Wireless Security

Presentation transcript:

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Overview  m-Commerce needs for security  Wireless networking constraints  Approaches  Need for efficiency  Opportunities for efficiency  Need for performance  Opportunities for performance  Future

M-Commerce Needs for Security  Intra-domain and end-to-end  Authentication  Data integrity  Data confidentiality Wireless Networking Constraints  Handheld device size and processing power  Carrier network bandwidth  Carrier network reliability  Network discontinuities  Between different wireless carriers  Between wireless and wired networks

Approaches  Carrier network security (e.g., GSM)  Transport level security (e.g., WTLS)  Application level security (e.g., S/MIME)

Need for Efficiency  Space limitations on devices  Processing limitations on devices  Carrier network bandwidth and reliability Opportunities for Efficiency  Protocol optimization (WTLS vs. TLS)  Optimization of key exchange and cipher suite choices (ECDH optimized handshake, smaller MAC sizes for data integrity)  Minimizing certificate sizes (ECDSA signatures)  Minimizing key exchange/key agreement traffic (resume sessions)

Need for Performance  At servers and gateways  Typical SSL V3 numbers  E-Commerce apps – 5% – 40% of total traffic  On-line banking – 50+% of total traffic  Approx 0.5% - 1% of typical SSL traffic is handshake protocol  Handshake very compute intensive (beyond asymmetric crypto)  TLS Full handshake requires 44 hash operations on total of approx 75 k bits  Proportions likely higher for WTLS  WML records smaller than HTML web pages  Overhead with handshake significant compared to WML traffic volumes  Handshake still compute intensive even with optimization

Opportunities for Performance  Optimization  Asymmetric crypto acceleration (000’s of s/sec)  Offloading compute intensive portions of handshake protocol  Offloading symmetric crypto processing

Future  Wireless networks evolving  Higher data rates & better reliability  Need for profiles for different network environments & operational requirements

Conclusion  Wireless security requires both efficiency and performance enhancement  Handshake protocol requires intensive computation beyond asymmetric crypto  Need to develop profiles to take greatest advantage of possible efficiency and performance enhancements

References  WTLS 18 February 2000  “  TLS – RFC 2246  “