Re: RSA 1024 authentication benchmark

Tue, 17 Jul 2001 15:21:21 -0700 

[EMAIL PROTECTED] writes:
> Please correct me if I'm wrong, but I'm under the general impression that
> when accessing a secure site, client-server authentication is done via RSA
> using 1024 bits and once authentication is established, web page encryption
> is done with some other method using 128 bit.
In most cases SSL authentication is implicit: the client uses the
server's public key to encrypt a shared secret (called the PreMaster
Secret) and the server authenticates itself by proving it knows the
shared secret. 

Thus, the client has to perform the following operations:
(1) verification of the server's certificate (fast)
(2) encryption of the PreMaster Secret (PMS) (fast)

The server performs:
(1) decryption of the PreMaster Secret (slow)

Also, both have to do a bunch of relatively fast encryption
and digesting operations.

If you use the 'openssl speed' command you can see the performance of
RSA private key operations (performed on the server) and public key
operations (performed on the client) respectively. Bottom line, the
burden falls mainly on the server. Obviously, how fast they are
depends on the speed of the machine you're working on. On my PII/400 a
1024 bit RSA private key op takes about 20 ms.

SSL also incorporates a feature called session resumption which
allows you to skip the expensive RSA operations by caching the
shared secret. Your browser does resumption automatically but if
you had a test harness you could of course turn it off. Resumption
improves performance dramatically.

If you want to try things for yourself, you can use Geoff Thorpe's
"swamp" utility which is an SSL client simulator:
http://www.geoffthorpe.net/crypto/swamp/swamp-1.0.3.tar.gz

The topic of SSL performance is also discussed in extreme detail in
Chapter 6 of my book "SSL and TLS: Designing and Building Secure
Systems".

-Ekr

[Eric Rescorla                                   [EMAIL PROTECTED]]
Author of "SSL and TLS: Designing and Building Secure Systems"
                  http://www.rtfm.com/
  









______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to