Presentation is loading. Please wait.

Presentation is loading. Please wait.

Performance and Efficiency in Wireless Security

Published byCoskun Akbay Modified over 5 years ago

Similar presentations

Presentation on theme: "Performance and Efficiency in Wireless Security"— Presentation transcript:

1 Performance and Efficiency in Wireless Security
Terry Fletcher, Senior Security Architect Chrysalis-ITS

2 Overview m-Commerce needs for security Wireless networking constraints
Approaches Need for efficiency Opportunities for efficiency Need for performance Opportunities for performance Future

3 M-Commerce Needs for Security
Intra-domain and end-to-end Authentication Data integrity Data confidentiality Wireless Networking Constraints Handheld device size and processing power Carrier network bandwidth Carrier network reliability Network discontinuities Between different wireless carriers Between wireless and wired networks

4 Approaches Carrier network security (e.g., GSM)
Transport level security (e.g., WTLS) Application level security (e.g., S/MIME)

5 Opportunities for Efficiency
Need for Efficiency Space limitations on devices Processing limitations on devices Carrier network bandwidth and reliability Opportunities for Efficiency Protocol optimization (WTLS vs. TLS) Optimization of key exchange and cipher suite choices (ECDH optimized handshake, smaller MAC sizes for data integrity) Minimizing certificate sizes (ECDSA signatures) Minimizing key exchange/key agreement traffic (resume sessions)

6 Need for Performance At servers and gateways Typical SSL V3 numbers
E-Commerce apps – 5% – 40% of total traffic On-line banking – 50+% of total traffic Approx 0.5% - 1% of typical SSL traffic is handshake protocol Handshake very compute intensive (beyond asymmetric crypto) TLS Full handshake requires 44 hash operations on total of approx 75 k bits Proportions likely higher for WTLS WML records smaller than HTML web pages Overhead with handshake significant compared to WML traffic volumes Handshake still compute intensive even with optimization

7 Opportunities for Performance
Optimization Asymmetric crypto acceleration (000’s of s/sec) Offloading compute intensive portions of handshake protocol Offloading symmetric crypto processing RSA Sign 35ms Verify 3ms ECDSA Sign 5.5 ms Verify 9 ms EC acceleration – integer fields – choice of field primes can simplify math (Mersennes) - GF(2) dedicated GF multiplier HW

8 Future Wireless networks evolving
Higher data rates & better reliability Need for profiles for different network environments & operational requirements

9 Conclusion Wireless security requires both efficiency and performance enhancement Handshake protocol requires intensive computation beyond asymmetric crypto Need to develop profiles to take greatest advantage of possible efficiency and performance enhancements

10 References WTLS 18 February 2000 TLS – RFC 2246
TLS – RFC 2246

Download ppt "Performance and Efficiency in Wireless Security"

Similar presentations

Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.

Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Secure Socket Layer (SSL)

Secure Socket Layer (SSL)
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.

1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
8.4 – 8.5 Securing E-mail & Securing TCP connections with SSL By: Amanda Porter.

8.4 – 8.5 Securing & Securing TCP connections with SSL By: Amanda Porter.

Similar presentations

Ads by Google