A Study of the Performance of SSL on PDAs

Shin, Yong-il; Gupta, Manika; Myers, Steven

doi:10.1109/infcomw.2009.5072104

Cited by 11 publications

(9 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This step factors the time it takes for the client to perform the necessary computations. These results also agree with those reported in [2]. Google and Facebook did not support the Diffie-Hellman protocol.…”

Section: B Stepwise Analysissupporting

confidence: 91%

TLS and energy consumption on a mobile device: A measurement study

Miranda

Siekkinen

Waris

2011

2011 IEEE Symposium on Computers and Communications (ISCC)

View full text Add to dashboard Cite

We report results from a measurement study on the role of the most popular end-to-end security protocol Transport Layer Security (TLS) in the energy consumption of a mobile device. We measured energy consumed by TLS transactions between a Nokia N95 and several popular Web services over WLAN and 3G network interfaces. Our detailed analysis corroborates some earlier results but also reveals, contrary to earlier studies, that the transmission and I/O energy, both in the TLS handshake and the record protocol, far exceed the required computational energy by the actual cryptographic algorithms and that with transactions larger than 500KB, the energy required to transmit the actual data clearly outranks the TLS energy overhead. In addition, we note that the energy consumption varies remarkably between measured services. I. INTRODUCTIONIn the last few years, mobile devices have evolved significantly in terms of power, throughput, and in terms of new functionalities, but they are still severely constrained by limited battery life-time. Secure communications are achieved by employing security protocols, which are based on cryptographic algorithms.Executing certain cryptographic algorithms requires rather intensive computations. Therefore, their energy consumption on these battery powered devices is naturally a concern. In this paper, we study the energy consumption of Transport Layer Security (TLS), which is used to establish a secure communication channel between two end hosts and exchange data over that channel. TLS is a transport level protocol that uses asymmetric and symmetric encryption algorithms and hash algorithms in order to provide data secrecy, authentication of the communication parties, and data integrity for applications in a transparent manner.We use a Symbian mobile device (Nokia N95) to establish TLS connections to different web services, such as electronic email or social networks, over both WLAN and 3G network interfaces and measure the energy consumption. TLS comprises two phases. First, a security association is created through a handshake protocol after which the actual data is transferred over an encrypted and integrity protected channel. We perform detailed analysis of the different steps involved in TLS transactions, compute the amount of energy overhead in a TLS transaction, and explain the major causes that determine this overhead.Energy consumption of different cryptographic algorithms as well as the performance of TLS on PDAs and in computers

show abstract

Section: B Stepwise Analysissupporting

confidence: 91%

TLS and energy consumption on a mobile device: A measurement study

Miranda

Siekkinen

Waris

2011

2011 IEEE Symposium on Computers and Communications (ISCC)

View full text Add to dashboard Cite

show abstract

“…Similarly, Zhao et al investigate the most time consuming operations of commonly used cryptographic algorithms in TLS [16]. Analyzing the performance of SSL connections for mobile devices is done by [3] and [13]. Unlike our work, this focuses on the cost of connections for mobile clients, not servers which communicate with mobile clients.…”

Section: Transaction Per Second Resultsmentioning

confidence: 99%

Predictive Eviction: A Novel Policy for Optimizing TLS Session Cache Performance

Stevens

Chen

2015

2015 IEEE Global Communications Conference (GLOBECOM)

View full text Add to dashboard Cite

Transport Layer Security (TLS) is the most commonly used security protocol to encrypt web traffic. TLS connections are computationally expensive to set up, so the TLS protocol supports session resumption, where previously negotiated connection parameters can be used to short-circuit the TLS handshake. The server assigns new sessions a session identifier (ID) and caches each session by its ID so it can be retrieved later. As clients come and go, sessions in the server's cache will have to be evicted according to the server's eviction policy. We find that first-in-first-out (FIFO) and least-recentlyused (LRU) are the most common session cache eviction policies among popular TLS libraries, however, for applications whose clients connect at regular intervals, such as mobile advertising, the performance of these policies may be far worse than randomly evicting policies from the cache. To handle this, we propose a novel eviction policy for TLS session caches, predictive eviction, that relies on the server knowing the next time each client will connect again. Using a real-world application of such a policy, Android in-application advertising, we build a client that is able to simulate the behavior of a large number of devices requesting mobile advertisements over TLS. We use this simulated client to benchmark the hit rate of the predictive policy compared with eviction policies found in popular TLS library implementations. In addition, we demonstrate that our policy can be implemented efficiently by benchmarking its performance in transactions per second compared with OpenSSL's session cache implementation, and compared with TLS session tickets (an alternative to session caching for resuming TLS sessions). We find that our policy has better hit rate performance than other eviction policies, and can achieve comparable performance to session tickets. To the best of our knowledge, this is the first study of the performance of TLS session resumption strategies.

show abstract

“…(ii) Temporal validity may be verified by simply comparing D-expire to the current date. All these operations are typically executed in a few seconds (in particular, the cryptographic steps involved in the digital signature verification and HTTPS interaction with a centralized server may be expected to take much less than one second based on the data in [19,20]). These operations can be easily integrated with the usual store and register working.…”

Section: Qr Code and Appmentioning

confidence: 99%

An Architecture for Anonymous Mobile Coupons in a Large Network

Bartoli

Medvet

2016

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

A mobile coupon (m-coupon) can be presented with a smartphone for obtaining a financial discount when purchasing a product or a service. M-coupons are a powerful marketing tool that has enjoyed a huge growth and diffusion, involving tens of millions of people each year. We propose an architecture which may enable significant improvements over current m-coupon technology, in terms of acceptance of potential customers and of marketing actions that become feasible: the customer does not need to install any dedicated app; an m-coupon is not bound to any specific device or customer; an m-coupon may be redeemed at any store in a set of potentially many thousands of stores, without any prior arrangement between customer and store. We are not aware of any proposal with these properties.

show abstract

A Study of the Performance of SSL on PDAs

Cited by 11 publications

References 11 publications

TLS and energy consumption on a mobile device: A measurement study

TLS and energy consumption on a mobile device: A measurement study

Predictive Eviction: A Novel Policy for Optimizing TLS Session Cache Performance

An Architecture for Anonymous Mobile Coupons in a Large Network

Contact Info

Product

Resources

About