A COMPARISON OF HTTP AND HTTPS PERFORMANCE 1

Similar documents
Web Servers Should Turn Off Nagle to Avoid Unnecessary 200 ms Delays +

A Performance Analysis of Secure HTTP Protocol

Performance Analysis of Secure Web Server Based on SSL

Overview. SSL Cryptography Overview CHAPTER 1

mod_ssl Cryptographic Techniques

Three attacks in SSL protocol and their solutions

Differences Between SSLv2, SSLv3, and TLS

Using etoken for SSL Web Authentication. SSL V3.0 Overview

The Secure Sockets Layer (SSL)

TLS/SSL in distributed systems. Eugen Babinciuc

CRYPTOGRAPHY IN NETWORK SECURITY

Cleaning Encrypted Traffic

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

<draft-luotonen-web-proxy-tunneling-00.txt> February Tunneling TCP based protocols through Web proxy servers

SWE 444 Internet and Web Application Development. Introduction to Web Technology. Dr. Ahmed Youssef. Internet

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Implementation Vulnerabilities in SSL/TLS

PHOENIX: SECURE FILE TRANSFER USING SSL

S y s t e m A r c h i t e c t u r e

New CICS support for Secure Sockets Layer

ERserver. iseries. Secure Sockets Layer (SSL)

Communication Security for Applications

DESIGN AND IMPLEMENTATION OF AN INTRANET SECURITY AND ACCESS CONTROL SYSTEM IN UBI-COM

[MS-SSTP]: Secure Socket Tunneling Protocol (SSTP) Intellectual Property Rights Notice for Open Specifications Documentation

What is an SSL Certificate?

Properties of Secure Network Communication

Transport Layer Security Protocols

NetScaler 2048-bit SSL Performance

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Version Highlights. CertainT 100 SSL Accelerator. Version International. New hardware and software version. North America

SSL A discussion of the Secure Socket Layer

Chapter 7 Transport-Level Security

WebEx Remote Access White Paper. The CBORD Group, Inc.

Understanding Digital Certificates and Secure Sockets Layer (SSL)

As enterprises conduct more and more

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Apache, SSL and Digital Signatures Using FreeBSD

Cornerstones of Security

Zeus Traffic Manager VA Performance on vsphere 4

Microsoft Windows Server 2003 with Internet Information Services (IIS) 6.0 vs. Linux Competitive Web Server Performance Comparison

Web Security: Encryption & Authentication

[SMO-SFO-ICO-PE-046-GU-

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD

Riverbed Stingray Traffic Manager VA Performance on vsphere 4 WHITE PAPER

Oracle Applications Release 10.7 NCA Network Performance for the Enterprise. An Oracle White Paper January 1998

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Chapter 17. Transport-Level Security

Security Policy Revision Date: 23 April 2009

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

BEGINNER S GUIDE TO SSL CERTIFICATES: Making the best choice when considering your online security options

Key Management (Distribution and Certification) (1)

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Thierry ZOLLER Principal Security Consultant

z/os Firewall Technology Overview

Apache Security with SSL Using Ubuntu

ERserver. iseries. Securing applications with SSL

Security Protocols/Standards

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Encrypting Network Traffic

ZVA64EE PERFORMANCE BENCHMARK SOFINTEL IT ENGINEERING, S.L.

Building Customer Confidence through SSL Certificates and SuperCerts

Securing your Online Data Transfer with SSL

IBM Application Hosting EDI Services Expedite software adds Secure Sockets Layer TCP/IP support

Oriental Bank s NetBanking Services

PC-Duo Web Console Installation Guide

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES


Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Security Policy for Oracle Advanced Security Option Cryptographic Module

White Paper. Enhancing Website Security with Algorithm Agility

VPN. Date: 4/15/2004 By: Heena Patel

An Overview of Oracle Forms Server Architecture. An Oracle Technical White Paper April 2000

Security Digital Certificate Manager

Oct 15, Internet : the vast collection of interconnected networks that all use the TCP/IP protocols


SSL VPN vs. IPSec VPN

T Cryptography and Data Security

Configuring SSL Termination

Lab 7. Answer. Figure 1

2014 IBM Corporation

1 Documentation Accessibility

Westell VERSALINK GATEWAY (MODEL 327W) Quick Start Guide Rev. A May 2004

Web Security Considerations

LAN Performance Measurements Lab

Internet Privacy Options

Oracle Discoverer 4i Plus Firewall and SSL Tips. An Oracle White Paper February 2002

Chapter 5. Data Communication And Internet Technology

BEGINNERS GUIDE TO SSL CERTIFICATES: Making the BEST choice when considering your online security options

The World Wide Web: History

Secure Sockets Layer

Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

Performance Analysis of TLS Web Servers

SMart esolutions. Install Guide for Xerox SMart esolutions for Windows for Office devices based in Europe. a Xerox remote service platform INSTALL

Strong Security in Multiple Server Environments

ENHANCED SECURITY IN SECURE SOCKET LAYER 3.0 SPECIFICATION

Transcription:

A COMPARISON OF HTTP AND HTTPS PERFORMANCE 1 Arthur Goldberg, Robert Buff, Andrew Schmitt Computer Science Department Courant Institute of Mathematical Science New York University {artg, buff, schm7136}@cs.nyu.edu www.cs.nyu.edu/cs/faculty/artg This study compares the performance of encrypted and non-encrypted Web communications. It presents measurements of the most widely used secure Web encryption the Secure HyperText Transport Protocol (HTTPS) on the Secure Sockets Layer (SSL) version 3.0 with 40 and 128 bit RC4 encryption. Encryption increases the response times of two popular Web servers, Netscape Enterprise Server 3.5.1 and Microsoft IIS 4.0, by at most 22%. We view this additional delay imposed by encryption as moderate, and therefore encourage Web sites to routinely use secure communications. 1. Introduction The importance of electronic commerce is widely acknowledged. Surveys of Web users indicate that poor performance is a major cause of dissatisfaction. This paper presents results that show that popular servers that use the Secure HyperText Transport Protocol (HTTPS), the secure version of the HyperText Transport Protocol (HTTP), can transmit typical documents with little performance penalty. We study both Netscape s Enterprise Server and Microsoft s Internet Information Server (IIS) because these are two of the three most popular servers as indicated by a comprehensive survey [Netcraft]. 2. Encrypted Communications We briefly review the operation of secure Web communications. The Secure Sockets Layer (SSL) [Hickman95, SSL] protocol has become most widely used method for encrypting and authenticating Web communications. Conducting SSL communications involves the following steps: A client establishes a Transmission Control Protocol (TCP) connection with a server, which involves one round-trip message delay when no failure occurs. On top of TCP, the client and server establish a secure SSL communication channel [Freier96]. The application implements this by issuing an SSL_connect() call to the SSL library. The client and server negotiate a mutually agreeable cipher, which is a stream encryption algorithm and an authentication method pair. The client and server use a public key cryptographic protocol to exchange secret session keys that will be used to encrypt and decrypt application layer messages. Secret keys are frequently used for streaming encryption because public key encryption is much more expensive. For more details, see Bolyard s nice trace of SSL session setup [Bolyard97]. On top of SSL, the client and server exchange one or more HTTP messages. A single HTTP message is exchanged in HTTP/1.0; multiple messages would be exchanged in keep-alive or persistent connections [Fielding98]. To use encryption the application code issues calls to SSL_write() and SSL_read(), instead of calls to TCP socket write() and read(), respectively. The performance of the encryption algorithm RC4 [RC4] was studied. RC4 is a variable key-size stream cipher designed by Ron Rivest. Designed for byteoriented operations, RC4 is expected to run quickly, as it uses only 8 to 16 instructions per byte. 1 Supported by an IBM Partnership Award for Web Performance Measurement and Evaluation, from 1997 to 1998.

We studied the RC4 because it is widely used. A nonstatistical survey of 5384 secure Web sites worldwide in March 1997 [Netcraft97] found that 59% of the secure servers were Netscape or Microsoft and used RC4 encryption. The portion for each server and key size is shown in Table 1. Netscape-Enterprise (includes multiple versions) Microsoft-IIS multiple versions) (includes 40 bit 128 bit Total 16.4% 10.4% 26.8% 20.0% 12.6% 32.6% Total 36.4% 23.0% 59.4% Table 1. The Subset of the Secure Servers Which Run Netscape or Microsoft and Use RC4 Secret key sizes of 40 and 128 bits constitute the vast majority of production RC4 keys. The smaller, 40-bit key is called export strength because the US Government permits its export from the United States. It is breakable with moderate effort [Netcraft97]. The 128-bit key is considered long enough to be unbreakable by known methods in typical large computer facilities assuming it is used properly. 3. Experiments We modeled a small Intranet environment. A 10 Mbps Ethernet connected 2 PCs. Each PC was directly attached to an unswitched hub. The Web servers ran on a PC with a 200 MHz Pentium, 256MB RAM and a fast Ethernet card, running NT 4.0. The clients ran on a PC, also running NT 4.0, with a 100 MHz Pentium with 32MB RAM and an NE 2000 NIC Ethernet card. Performance was measured in a no-load situation during the experiments the PCs were otherwise unused and the hub was lightly used. In addition, during the experiments neither machine paged virtual memory. We call our measurement apparatus WebPerf. WebPerf consists of a Web robot client and a backend database. The robot measures Web response times and other parameters and stores the results in the database. The robot was written by one of us Buff in C++ and compiled with Visual C++ version 5.0, with optimization. It communicates via Winsock 2.0. To minimize contention with itself the robot browser runs single-threaded on an otherwise idle machine. A widespread SSL implementation was integrated into the robot by one of us Schmitt. SSLeay version 0.8.1, written by Eric A. Young [Hudson] was used. It supports SSL versions 2.0 and 3.0. The robot does not authenticate the server since this is a client side activity. Netscape Enterprise Server 3.5.1 and Microsoft IIS 4.0 were both installed on the server PC. Two identical Web sites were created with 24 documents of sizes 1,000, 2,000, 3,000,, 20,000, 40,000, 60,000, 80,000, 100,000 bytes. This size distribution is similar to that of documents requested on the Web as observed in traces from an Internet Service Provider and an Intranet in 1998 [Goldberg98B]. The documents contained typical HTML text (actually, the beginning of the HTTP/1.1 specification [Fielding98]). The robot browser sequentially requested each of the 24 documents many times. The robot measured the duration at the client between just before the client robot issued the SSL_write() of the request and just after the client completed the SSL_read() of the response. This measures the streaming application layer encryption performance. The costs of additional delays for establishing SSL connections were presented elsewhere [Goldberg 98A]. This duration and many other measures are stored in an Oracle 7.3 SQL database after the measurements have been made. 4. Analysis To evaluate the cost of server encryption and client decryption, the performance of HTTPS and HTTP were measured. The data are plotted in Figure 1 and Figure 2. Each vertical bar represents a set of measurements of HTTP or HTTPS durations. In Figure 1 the bars above 20 KB summarize 87 measurements for the nonsecure and 40 bit data and 30 for the 128 bit measurements. The ones below measurements 20 KB summarize 6 times as many data points. In Figure 2 the bars summarize 87 measurements for the nonsecure and 40 bit data and 30 for the 128 bit measurements. The top and bottom of the wide part of a bar marks the range of 75% of the measurements closest to median (the range from 12.5% to 87.5%). The narrow vertical bars mark the range of 95% of the data. A dashed line indicates a least squares fit.

Figure 1. Durations for Non-secure HTTP and Secure HTTPS with Two RC4 Key Sizes for Netscape and Microsoft Web Servers for Documents from 1 to 100 KB. The wide part of a bar marks the range of 75% of the measurements closest to median. The narrow vertical bars mark the range of 95% of the data. A dashed line indicates a least squares fit

Figure 2. Durations for Non-secure HTTP and HTTPS with Two RC4 Key Sizes for Netscape and Microsoft Web Servers for Documents from 1 to 20 KB. The wide part of a bar marks the range of 75% of the measurements closest to median. The narrow vertical bars mark the range of 95% of the data. A dashed line indicates a least squares fit.

These graphs show, in three rows, measurements of non-secure, and secure RC4 40 bit and 128 bit response times. Several features are apparent in the data. As expected the duration increases with document size. For most configurations the duration shows little dispersion, that is, 75% of the data falls within a small range. For many of the document sizes 75% of the data falls near the minimum duration measurement, as seen for example in the Netscape 40 bit configuration. This is consistent with a duration that is determined by the critical path through the code. The 20% of the data that falls between 75% and 95% may result from occasional queuing delays that occur on lightly loaded systems and networks. However, two configurations, IIS non-secure and Netscape 128 bit, show high variability. For the Netscape 128 bit data, especially for documents less than 20 KB, the variability is similar in size to the data. These configurations show surprisingly large delays for small documents. This variability is apparent in Figure 1 and, especially, in Figure 2. The source of this variability is not understood and is under investigation. These larger values become obvious in the Offset of the linear fit, as listed in Table 2. Each data set was fit with a least squares line parameterized by Duration = Offset + DocumentSize / TransferRate The fit parameters are given in Table 2. TransferRate (bytes/ms) Offset (ms) Server Netscape Microsoft Netscape Microsoft Nonsecure Secure 40 bit Secure 128 bit 946 829 4.5 19.0 730 689 3.6 3.9 736 686 25.0 5.1 Table 2. Parameters of Linear Fits to HTTP and HTTPS Transfers The TransferRates are consistent with the Ethernet limit of 10 Mbps (1250 bytes/ms). Also, measured TCP transfer rates in good stacks are consistent with our results. The TransferRates decrease as the level of encryption increases, as expected. However, the TransferRates only decrease by 22% and 17% for Netscape and Microsoft, respectively. We consider this to be a reasonable price to pay for security. 5. Conclusions We find that secure Web servers perform well in comparison to non-secure servers. In particular, measurements show that on typical PCs encrypted Web communications using SSL and RC4 can transfer data at speeds similar to non-encrypted HTTP. This bodes well for electronic commerce. 6. References [Bolyard97] Nelson Bolyard, Export Client SSL Connection Details, 1997, http://home.netscape.com/eng/ssl3/traces/trc-clntex.html [Dierks97], Tim Dierks, Christopher Allen, November 12, 1997, The TLS Protocol Version 1.0, http://www.ietf.org/internet-drafts/draft-ietf-tls-protocol- 05.txt [Fielding98] R. Fielding, J. Gettys, J. C. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-Lee, August 1, 1998, Hypertext Transfer Protocol -- HTTP/1.1, http://www.w3.org/protocols/history.html [Freier96] Freier, Alan O., Philip Karlton, Paul C. Kocher, The SSL Protocol Version 3.0 Internet Draft, November 18, 1996, http://home.netscape.com/eng/ssl3/draft302.txt [Goldberg98A] Arthur Goldberg, Ilya Pevzner, Robert Buff, Characteristics of Internet and Intranet Web Proxy Traces, to be published in the Computer Measurement Group Conference, CMG98, December 1998. [Goldberg98B] Arthur Goldberg, Robert Buff, Andrew Schmitt, Secure Web Server Performance Dramatically Improved By Caching SSL Session Keys, Published in the "Workshop on Internet Server Performance", held in conjunction with SIGMETRICS'98, June 23, 1998. [Hickman95] K.E.B. Hickman. The SSL Protocol December 1995, http://www.netscape.com/newsref/std/ssl.html. [Hudson] Hudson, Tim J., and Eric A. Young. SSLeay Programmer Reference, circa 1997, http://psych.psy.uq.oz.au/~ftp/crypto/ssl.html.

[Netcraft97], Secure Web Server Survey, http://www.netcraft.com/surveys/analysis/https/1997/ Mar/CMatch/strongsv.html and http://www.netcraft.com/surveys/analysis/https/1997/ Mar/CMatch/strength.html. [Netcraft], Web Server Survey, http://www.netcraft.com/survey/reports/9806/. [RC4] RSA, What is RC4?, http://www.rsa.com/rsalabs/faq/html/3-6-3.html. [SSL] Netscape, Introduction to SSL, http://developer.netscape.com/docs/manuals/security/ sslin/contents.htm.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information