NDSS Paper
Just a brief note to say that a paper I coauthored this past summer while at Sun Labs has been accepted to a conference. The paper, “Speeding up Secure Web Transactions using Elliptic Curve Cryptography”, has been accepted to The Eleventh Annual Symposium on Network and Distributed System Security (NDSS) 2004, which will be held in San Diego in February. I won’t be attending, but a coauthor from the Labs will be. You can download the paper from my website.
The abstract of the paper:
Elliptic Curve Cryptography (ECC) is emerging as an attractive alternative to traditional public-key cryptosystems (RSA, DSA, DH). ECC offers equivalent security with smaller key sizes resulting in faster computations, lower power consumption, as well as memory and bandwidth savings. While these characteristics make ECC especially appealing for mobile devices, they can also alleviate the computational burden on secure web servers.
This article studies the performance impact of using ECC with Secure Sockets Layer (SSL), the dominant Internet security protocol. We benchmark the Apache web server with an ECC-enhanced version of OpenSSL under a variety of conditions. Our results show that an Apache web server can handle 11%-31% more HTTPS requests per second when using ECC rather than RSA at short-term security levels. At security levels necessary to protect data beyond 2010, the use of ECC over RSA improves server performance by 110%-279% under realistic workloads.
Comment by Patrick
Well done Doug, well done!
