Cryptology ePrint Archive: Report 2005/037
Improving Secure Server Performance by Re-balancing SSL/TLS Handshakes
Claude Castelluccia and Einar Mykletun and Gene Tsudik
Abstract: Much of today's distributed computing takes place in a client/server model.
Despite advances in fault tolerance -- in particular, replication and load
distribution -- server overload remains to be
a major problem. In the Web context, one of the main overload factors is the
direct consequence of expensive Public Key operations performed by servers
as part of each SSL handshake. Since most SSL-enabled servers use RSA,
the burden of performing many costly decryption operations can be
very detrimental to server performance. This paper examines a
promising technique for re-balancing RSA-based client/server
handshakes. This technique facilitates more favorable load distribution
by requiring clients to perform more work (as part of encryption) and
servers to perform commensurately less work, thus resulting in better
SSL throughput. Proposed techniques are based on careful adaptation of
variants of Server-Aided RSA originally constructed by
Matsumoto, et al. Experimental results demonstrate that
suggested methods (termed Client-Aided RSA) can speed up processing
by a factor of between 11 to 19, depending on the RSA key size. This represents
a considerable improvement. Furthermore, proposed techniques can be a useful
companion tool for SSL Client Puzzles in defense against DoS and DDoS attacks.
Category / Keywords: public-key cryptography / SSL, RSA, Client-aided
Publication Info: In submission
Date: received 10 Feb 2005, last revised 8 Apr 2005
Contact author: mykletun at ics uci edu
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: Contrary to ``popular belief'', our proposed solution is
not subject to the meet-in-the-middle attack proposed during private communication with David Wagner.
Version: 20050415:054857 (All versions of this report)
Short URL: ia.cr/2005/037
[ Cryptology ePrint archive ]