Presentation is loading. Please wait.

Presentation is loading. Please wait.

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Similar presentations


Presentation on theme: "Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS"— Presentation transcript:

1 Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

2 Overview  m-Commerce needs for security  Wireless networking constraints  Approaches  Need for efficiency  Opportunities for efficiency  Need for performance  Opportunities for performance  Future

3 M-Commerce Needs for Security  Intra-domain and end-to-end  Authentication  Data integrity  Data confidentiality Wireless Networking Constraints  Handheld device size and processing power  Carrier network bandwidth  Carrier network reliability  Network discontinuities  Between different wireless carriers  Between wireless and wired networks

4 Approaches  Carrier network security (e.g., GSM)  Transport level security (e.g., WTLS)  Application level security (e.g., S/MIME)

5 Need for Efficiency  Space limitations on devices  Processing limitations on devices  Carrier network bandwidth and reliability Opportunities for Efficiency  Protocol optimization (WTLS vs. TLS)  Optimization of key exchange and cipher suite choices (ECDH optimized handshake, smaller MAC sizes for data integrity)  Minimizing certificate sizes (ECDSA signatures)  Minimizing key exchange/key agreement traffic (resume sessions)

6 Need for Performance  At servers and gateways  Typical SSL V3 numbers  E-Commerce apps – 5% – 40% of total traffic  On-line banking – 50+% of total traffic  Approx 0.5% - 1% of typical SSL traffic is handshake protocol  Handshake very compute intensive (beyond asymmetric crypto)  TLS Full handshake requires 44 hash operations on total of approx 75 k bits  Proportions likely higher for WTLS  WML records smaller than HTML web pages  Overhead with handshake significant compared to WML traffic volumes  Handshake still compute intensive even with optimization

7 Opportunities for Performance  Optimization  Asymmetric crypto acceleration (000’s of s/sec)  Offloading compute intensive portions of handshake protocol  Offloading symmetric crypto processing

8 Future  Wireless networks evolving  Higher data rates & better reliability  Need for profiles for different network environments & operational requirements

9 Conclusion  Wireless security requires both efficiency and performance enhancement  Handshake protocol requires intensive computation beyond asymmetric crypto  Need to develop profiles to take greatest advantage of possible efficiency and performance enhancements

10 References  WTLS 18 February 2000  “http://www.wapforum.org”  TLS – RFC 2246  “http://www.ietf.org/rfc/rfc2246.txt”


Download ppt "Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS"

Similar presentations


Ads by Google