Speeding up secure web transactions using Elliptic Curve Cryptography

958 views

Published on

Elliptic Curve Cryptography (ECC) is emerging as an attractive alternative to traditional public-key cryptosys- tems (RSA, DSA, DH). ECC offers equivalent security with smaller key sizes resulting in faster computations, lower power consumption, as well as memory and bandwidth sav- ings. While these characteristics make ECC especially ap- pealing for mobile devices, they can also alleviate the com- putational burden on secure web servers.
This article studies the performance impact of using ECC with SSL, the dominant Internet security protocol. We cre- ated an ECC-enhanced version of OpenSSL and used it to benchmark the Apache web server. Our results show that, under realistic workloads, an Apache web server can han- dle 13%–31% more HTTPS requests per second when using ECC-160 rather than RSA-1024 reflecting short-term secu- rity levels. At security levels necessary to protect data be- yond 2010, the use of ECC-224 over RSA-2048 improves server performance by 120%–279%.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
958
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
37
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Speeding up secure web transactions using Elliptic Curve Cryptography

  1. 1. P2 P1 R=P1+P2
  2. 2. 0 KB 10 KB 30 KB 70 KB ECC-224 RSA-2048 ECC-192 RSA-1536 ECC-160 RSA-1024 ECC-224 RSA-2048 ECC-192 RSA-1536 ECC-160 RSA-1024 ECC-224 RSA-2048 ECC-192 Other 60 RSA-1536 70 65 ECC-160 55 RSA-1024 ECC-224 RSA-2048 ECC-192 RSA-1536 ECC-160 RSA-1024 HTTPS request handling time (ms) 75 RC4 SHA 50 Public-key 45 40 35 30 25 20 15 10 5 0
  3. 3. 0.425 0.400 RSA-2048 0.375 0.350 RSA-1024 First-Response Time (s) 0.325 Reuse: 66% Size: 30KB 0.300 0.275 ECC-224 0.250 0.225 0.200 0.175 ECC-160 0.150 0.125 0.100 0.075 0.050 0.025 0 20 40 60 80 100 Requests per second 120 140 160
  4. 4. 220 200 180 Fetches per second 160 Size: 30KB ECC-160 140 120 100 80 ECC-224 RSA-1024 60 40 RSA-2048 20 0 0% 20% 40% 60% % Session Reuse 80% 100%

×