Improving secure server performance by re-balancing SSL/TLS handshakes

Much of today's distributed computing takes place in a client /server model. Despite advances in fault tolerance - in particular, replication and load distribution -- server overload remains to be a major problem. In the Web context, one of the main overload factors is the direct consequence of expensive Public Key operations performed by servers as part of each SSL handshake. Since most SSL-enabled servers use RSA, the burden of performing many costly decryption operations can be very detrimental to server performance. This paper examines a promising technique for re-balancing RSA-based client/server handshakes. This technique facilitates more favorable load distribution by requiring clients to perform more work (as part of encryption) and servers to perform commensurately less work, thus resulting in better SSL throughput. Proposed techniques are based on careful adaptation of variants of Server-Aided RSA originally constructed by Matsumoto, et al. [1]. Experimental results demonstrate that suggested methods (termed Client-Aided RSA) can speed up processing of RSA private key operations by a factor of between 11 to 19, depending on the RSA key size. This represents a considerable improvement. Furthermore, proposed techniques can be a useful companion tool for SSL Client Puzzles in defense against DoS and DDoS attacks.

[1]  N. S. Barnett,et al.  Private communication , 1969 .

[2]  Chae Hoon Lim,et al.  More Flexible Exponentiation with Precomputation , 1994, CRYPTO.

[3]  Dan Boneh,et al.  Fast Variants of RSA , 2007 .

[4]  Vipul Gupta,et al.  Speeding up Secure Web Transactions Using Elliptic Curve Cryptography , 2004, NDSS.

[5]  Hyunsoo Yoon,et al.  A new appraoch to server-aided secret computation , 1998, ICISC.

[6]  Chris J. Mitchell,et al.  Parameter Selection for Server-Aided RSA Computation Schemes , 1994, IEEE Trans. Computers.

[7]  Dan Boneh,et al.  Cryptanalysis of RSA with private key d less than N0.292 , 1999, IEEE Trans. Inf. Theory.

[8]  Amos Fiat,et al.  Batch RSA , 1989, Journal of Cryptology.

[9]  Adam Stubblefield,et al.  Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.

[10]  Dan S. Wallach,et al.  Performance analysis of TLS Web servers , 2006, TOCS.

[11]  Diana K. Smetters,et al.  Cryptography as a Network Service , 2000 .

[12]  D. Boneh Cryptanalysis of RSA with Private Key d Less Than N 0 , 1999 .

[13]  Hovav Shacham,et al.  Improving SSL Handshake Performance via Batching , 2001, CT-RSA.

[14]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[15]  Chi-Sung Laih,et al.  Remarks on parameter selection for Server-aided Secret RSA computation schemes , 1999, Proceedings of the 1999 ICPP Workshops on Collaboration and Mobile Computing (CMC'99). Group Communications (IWGC). Internet '99 (IWI'99). Industrial Applications on Network Computing (INDAP). Multime.

[16]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[17]  Jean-Jacques Quisquater,et al.  Fast Server-Aided RSA Signatures Secure Against Active Attacks , 1995, CRYPTO.

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Igor E. Shparlinski,et al.  On the Insecurity of a Server-Aided RSA Protocol , 2001, ASIACRYPT.

[20]  Ronald Mraz Secure Blue: an architecture for a scalable, reliable high volume SSL Internet server , 2001, Seventeenth Annual Computer Security Applications Conference.

[21]  Michael J. Wiener,et al.  Cryptanalysis of Short RSA Secret Exponents (Abstract) , 1990, EUROCRYPT.

[22]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Public Key Cryptography.

[23]  Hideki Imai,et al.  Speeding Up Secret Computations with Insecure Auxiliary Devices , 1988, CRYPTO.

[24]  Johannes Merkle,et al.  Multi-round passive attacks on server-aided RSA protocols , 2000, CCS.

[25]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[26]  Chae Hoon Lim,et al.  Security and Performance of Server-Aided RSA Computation Protocols , 1995, CRYPTO.

[27]  Ross Anderson,et al.  Attack on server assisted authentication protocols , 1992 .

[28]  Birgit Pfitzmann,et al.  Attacks on Protocols for Server-Aided RSA Computation , 1992, EUROCRYPT.

[29]  Hideki Imai,et al.  On Verifiable Implicit Asking Protocols for RSA Computation , 1992, AUSCRYPT.

[30]  J. Quisquater,et al.  Fast decipherment algorithm for RSA public-key cryptosystem , 1982 .