1. Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS tfletcher@chrysalis-its.com www.chrysalis-its.com

2. Overview  m-Commerce needs for security  Wireless networking constraints  Approaches  Need for efficiency  Opportunities for efficiency  Need for performance  Opportunities for performance  Future

3. M-Commerce Needs for Security  Intra-domain and end-to-end  Authentication  Data integrity  Data confidentiality Wireless Networking Constraints  Handheld device size and processing power  Carrier network bandwidth  Carrier network reliability  Network discontinuities  Between different wireless carriers  Between wireless and wired networks

4. Approaches  Carrier network security (e.g., GSM)  Transport level security (e.g., WTLS)  Application level security (e.g., S/MIME)

5. Need for Efficiency  Space limitations on devices  Processing limitations on devices  Carrier network bandwidth and reliability Opportunities for Efficiency  Protocol optimization (WTLS vs. TLS)  Optimization of key exchange and cipher suite choices (ECDH optimized handshake, smaller MAC sizes for data integrity)  Minimizing certificate sizes (ECDSA signatures)  Minimizing key exchange/key agreement traffic (resume sessions)

6. Need for Performance  At servers and gateways  Typical SSL V3 numbers  E-Commerce apps – 5% – 40% of total traffic  On-line banking – 50+% of total traffic  Approx 0.5% - 1% of typical SSL traffic is handshake protocol  Handshake very compute intensive (beyond asymmetric crypto)  TLS Full handshake requires 44 hash operations on total of approx 75 k bits  Proportions likely higher for WTLS  WML records smaller than HTML web pages  Overhead with handshake significant compared to WML traffic volumes  Handshake still compute intensive even with optimization

7. Opportunities for Performance  Optimization  Asymmetric crypto acceleration (000’s of s/sec)  Offloading compute intensive portions of handshake protocol  Offloading symmetric crypto processing

8. Future  Wireless networks evolving  Higher data rates & better reliability  Need for profiles for different network environments & operational requirements

9. Conclusion  Wireless security requires both efficiency and performance enhancement  Handshake protocol requires intensive computation beyond asymmetric crypto  Need to develop profiles to take greatest advantage of possible efficiency and performance enhancements

10. References  WTLS 18 February 2000  “http://www.wapforum.org”  TLS – RFC 2246  “http://www.ietf.org/rfc/rfc2246.txt”