Comparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance. By Akshay Thorat

Transcription

1 Comparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance By Akshay Thorat

2 Table of Contents TLS - Why is it needed? Introduction- SSL/TLS evolution Libraries Studied Comparison Library to Implementation Supported Features Algorithm/Ciphers Supported Performance for libraries Conclusion

3 Transport Layer Security(TLS), why is it needed? Communication security on internet Secure - , VOIP, Web browsing, Bank transactions Provides Privacy and Integrity of data Prevent Eavesdropping and Tampering

4 Introduction Application protocol independent TLS versions (Implementations) evolved as SSL1.0->SSL2.0->SSL3.0 ->TLS1.0->TLS1.1->TLS1.2->TLS1.3 (draft) Less Secure Each suite contains authentication, message authentication code (MAC), key exchange and encryption algorithms Datagram TLS (DTLS) TLS with packet lost and reordering implementation DTLS1.0 and DTLS 1.2

5 Libraries Under Consideration Primary OpenSSL - Robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) GnuTLS Portable ANSI C based library with Lesser General Public license (GPL) Other Network Security Services (NSS) - Library designed to support crossplatform development of security-enabled client and server applications Cryptlib - Open source cross-platform software security toolkit library for SSL/TLS and SSH secure sessions, CA services

6 Library to Implementation comparison Library SSL3.0 TLS1.0 TLS1.1 TLS1.2 TLS1.3 DTLS1.0 DTLS1.2 OpenSSL Yes Yes Yes Yes Yes Yes Yes GnuTLS Yes Yes Yes Yes No Yes Yes NSS Yes Yes Yes Yes Yes Yes Yes Cryptlib Yes Yes Yes Yes No No No

7 General Comparison OpenSSL GnuTLS NSS Languages C C C or C++ Cryptographic Token Not Present natively * Present Present Interface- PKCS #11 Thread safety CPU Assisted Crypt. With AES-NI Languages Two callback function with POSIX or Win Threads Yes Use POSIX or Win Thread Yes (+VIA Padlocks) Cryptographic Token Interface - Hardware security module Platform independent API for Hardware Security Modules (HSM) and smart cards Thread Safety Safe shared data manipulation CPU assisted Cryptography Use of hardware acceleration for cryptographic functions with supported instruction set *engine needs to be added externally through patch Yes Yes

8 Performance Comparisons Criteria Literature survey of Speedtest and Comparison of Open-Source Cryptography Libraries by Timo Bingmann Public key performance results for NSS Installing OpenSSL and running hashing algorithms Installing GnuTLS and running benchmarking for hashes/ciphers

9 OpenSSL and GnuTLS Comparison Each speed test consists of one encryption pass directly followed by a decryption pass Ciphers Tested OpenSSL - AES, Blowfish,CAST5,3DES, XTEA GnuTLS AES, Blowfish, CAST5,3DES, Serpent, Twofish Average of KB of data processed per unit time with different distributions 35,000 30,000 25,000 20,000 15,000 10,000 5,000 0 Throughput KB/s Ubuntu-hardy Debian-lenny Ubuntu-Gutsy Fedora8 Debian-etch GnuTLS OpenSSL

10 Problems Ciphers compared are not same average values could have been shifted Varying Buffer size values were calculated and only ran once should have ran multiple times until results avg. out Only Symmetric ciphers are tested

11 NSS The SSL_RSA_WITH_RC4_128_MD5 (SSL3) cipher is used Restart runs utilize cache which results in higher throughput Full runs handshake every connection which introduce overhead Type Ops/sec CPU-usage(%) Full Full-zones Restart Restart-zones

12 Throughput and CPU usage Full Full-zones Restart Restart-zones Throughput (Ops/sec) CPU-usage(%) CPU utilization is near about same for each run So varying throughput is a function of Memory access speed Depending the use of cache, throughput can be vastly increased

13 Performance Tests Comparison based OS running natively vs in Virtual machine Libraries compared OpenSSL and GnuTLS Native machine and VM both are running equal environments Ubuntu CPU Intel core i5 2.20GHz RAM 4GB Disk 25GB

14 OpenSSL Throughput (KB/s) Comparison Buffer Size (Bytes) Native VM SHA256 with varying buffer size (16,64,256,1024,8192 Bytes) Buffer size above 1000 bytes, starts to saturate throughput 330MB/s In VM, low throughput is observed because of overhead of running inside VM After increasing buffer value by certain value bottleneck can occur

15 GnuTLS Hashing algorithms checked for fixed payload size (16384 bytes) MACs - SHA1, SHA256,SHA512 Throughput around 300MB/s In VM low throughput Throughput KB/s SHA1 SHA256 SHA512 Native VM

16 Conclusion Best library? Depends on criteria Higher Throughput and simple OpenSSL (32MB/s) Portable and lightweight - GnuTLS Cross Platform support NSS License compatibility - Apache License (used by OpenSSL) are incompatible with the GPL, GnuTLS or NSS Novice TLS developer OpenSSL Wide Support Simple to use Single platform and no compatibility required

17 Thank You!

18 References [1] Timo Bingmann,(14th July 2008), Speedtest and Comparison of Open-Source Cryptography Libraries and Compiler Flags, [online]. Available: [2] OpenWrt Oraganisation (n.d). OpenSSL Benchmarks tool. [online]. Availble: [3] GNU TLS, Transport Layer Security Library for the GNU system, for version 2.0.2, 17 October Available: /doc/gnutls.pdf [4] Mozilla Developer Network. Network Security Services. Available: Accessed: Sep. 8,2017.