Performance evaluation of WTLS handshake protocol using RSA and elliptic curve cryptosystems

WTLS (Wireless Transport Layer Security) is the security protocol designed for WAP (Wireless Application Protocol) protocol stack. Negotiation of the security parameters and authentication of the peers require using public key cryptosystems. Public key operations are generally slow. Thus, use of these cryptosystems in resource constrained handheld devices becomes a significant problem. Server (WAP Gateway) waiting time and handshake data transmission time may also be bottlenecks that occur during the WTLS handshake. In this study, WTLS Handshake Protocol is implemented using C++ and performance measurements are done using Nokia 7650 as client and open source Kannel gateway as the WAP Gateway. GSM CSD (Global System for Mobile Communication - Circuit Switched Data) data bearer with 9600 bps data rate has been used during the tests. Networking time has also been measured using GPRS bearer. Mutual authenticated and Server Authenticated WTLS full handshake performance with RSA (Rivest-Shamir-Adleman) and ECDH_ECDSA (Elliptic Curve Diffie-Hellman Elliptic Curve Digital Signature Algorithm) key exchange suites has been compared for three different categories. Each category contains four groups: three of these groups use certificates with ECC (Elliptic Curve Cryptography) curve parameters and the fourth group uses RSA certificates. All of the groups in each category are assumed to provide the same level of security. Three groups of ECC certificates are composed of prime, Koblitz and random curve parameters. Client and server processing times have been measured for each handshake message of the test cases. These values have been used to analyze the processing load of the corresponding key exchange suite, overall handshake time and server queue delay. Server has been modeled as an M/G/1 queue and the average waiting time in the server queue has been modeled based on the well-known Pollaczek-Khincin (P-K) formula. Queue delay model has been implemented in Matlab 6.0 and queue delay characteristics of the considered test cases have been analyzed using the measured server processing times. Data transmission time model includes two components. The first component is the amount of time necessary to transmit the measured size of data with specified channel transmission rate. The second component is the traversal delay of the network that is added to the data transmission time regardless of how much data is sent. Simulation results show that ECC has better processing time performance than RSA. Server queue delay does not seem to be bottleneck for mutual authenticated WTLS handshake using ECC certificates with prime curve parameters. Server authenticated WTLS handshake using any of the three ECC certificate types also has a good queue delay characteristic. However, there exists a practical upper limit of handshake requests per second for other key exchange suites. Traversal delay of the network is much more effective on the overall handshake time when using GSM CSD or GPRS bearer.

[1]  Reiner Ludwig,et al.  Link layer enhancements for TCP/IP over GSM , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[2]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[3]  Albert Levi,et al.  Performance evaluation of public-key cryptosystem operations in WTLS protocol , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[4]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[5]  Petri Mähönen,et al.  TCP performance issues over wireless links , 2001, IEEE Commun. Mag..

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Douglas Stebila,et al.  Performance analysis of elliptic curve cryptography for SSL , 2002, WiSE '02.

[8]  Dimitri P. Bertsekas,et al.  Data Networks , 1986 .

[9]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[10]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[11]  Ian Herwono,et al.  Performance of WTLS and Its Impact on an M-commerce Transaction , 2001, ICICS.

[12]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[13]  Diptikalyan Saha,et al.  Securing electronic commerce: reducing the SSL overhead , 2000 .

[14]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[15]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.