{"title":"密钥交换协议的比较性能评估","authors":"Octavian Catrina, Silvia-Ioana Stanciu","doi":"10.1109/comm54429.2022.9817281","DOIUrl":null,"url":null,"abstract":"The paper presents a comparative performance evaluation of typical constructions of authenticated key exchange protocols using asymmetric and/or symmetric cryptography. The protocols are implemented using JAKE, a lightweight Java frame-work for prototype implementation and experimental analysis of secure-channel protocols, including attacks and performance evaluation. JAKE uses the standard library of cryptographic classes included in OpenJDK. The experiments were carried out for different cryptographic algorithms and security levels. The comparative analysis demonstrates the important performance gains achieved by switching from Finite-Field Cryptography (FFC) to Elliptic-Curve Cryptography (ECC), for Diffie-Hellman (DH) key agreement, signatures, and public-key certificates. The algorithms based on ECC reduce substantially the performance gap between authentication using symmetric cryptography and pre-shared secret keys (faster, but with limited applications) and authentication using asymmetric cryptography and public-key certificates. They also show a substantial performance degradation from 128-bit to 192-bit or 256-bit security, so the security level should be adjusted according to application requirements.","PeriodicalId":118077,"journal":{"name":"2022 14th International Conference on Communications (COMM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Comparative Performance Evaluation of Key Exchange Protocols\",\"authors\":\"Octavian Catrina, Silvia-Ioana Stanciu\",\"doi\":\"10.1109/comm54429.2022.9817281\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The paper presents a comparative performance evaluation of typical constructions of authenticated key exchange protocols using asymmetric and/or symmetric cryptography. The protocols are implemented using JAKE, a lightweight Java frame-work for prototype implementation and experimental analysis of secure-channel protocols, including attacks and performance evaluation. JAKE uses the standard library of cryptographic classes included in OpenJDK. The experiments were carried out for different cryptographic algorithms and security levels. The comparative analysis demonstrates the important performance gains achieved by switching from Finite-Field Cryptography (FFC) to Elliptic-Curve Cryptography (ECC), for Diffie-Hellman (DH) key agreement, signatures, and public-key certificates. The algorithms based on ECC reduce substantially the performance gap between authentication using symmetric cryptography and pre-shared secret keys (faster, but with limited applications) and authentication using asymmetric cryptography and public-key certificates. They also show a substantial performance degradation from 128-bit to 192-bit or 256-bit security, so the security level should be adjusted according to application requirements.\",\"PeriodicalId\":118077,\"journal\":{\"name\":\"2022 14th International Conference on Communications (COMM)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 14th International Conference on Communications (COMM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/comm54429.2022.9817281\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 14th International Conference on Communications (COMM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/comm54429.2022.9817281","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Comparative Performance Evaluation of Key Exchange Protocols
The paper presents a comparative performance evaluation of typical constructions of authenticated key exchange protocols using asymmetric and/or symmetric cryptography. The protocols are implemented using JAKE, a lightweight Java frame-work for prototype implementation and experimental analysis of secure-channel protocols, including attacks and performance evaluation. JAKE uses the standard library of cryptographic classes included in OpenJDK. The experiments were carried out for different cryptographic algorithms and security levels. The comparative analysis demonstrates the important performance gains achieved by switching from Finite-Field Cryptography (FFC) to Elliptic-Curve Cryptography (ECC), for Diffie-Hellman (DH) key agreement, signatures, and public-key certificates. The algorithms based on ECC reduce substantially the performance gap between authentication using symmetric cryptography and pre-shared secret keys (faster, but with limited applications) and authentication using asymmetric cryptography and public-key certificates. They also show a substantial performance degradation from 128-bit to 192-bit or 256-bit security, so the security level should be adjusted according to application requirements.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
