| Re: draft-urien-eap-smartcard-06.txt | <– Date –> <– Thread –> |
From: Mohamad Badra (badra enst.fr)
|
|
| Date: Fri, 20 Aug 2004 13:10:42 -0400 (EDT) | |
Thomas Otto wrote:
It is FULL TLS. That means you will not see all these messages in TLS-PSK :).
The high latency here is because of the PRF (see later)
The card used in our test needs between 100 and 500 ms for RSA operations.
When you use a card handle SHA1 and MD5, the PRF will be negligeable. Take the example: RSA sign 342 bytes/s and verify 3287 [Rescorla] whereas SHA1 do 22838 Kbytes/s.
Please, when you compare 4year old 400 MHz machine, do it but not with a VERY weak support like the smart card that has in our test the following properties: CPU 8 bits, RAM 2304 bytes, ROM 96 Kbytes, E2PROM 34 Kbytes, Max. Clock 8 MHz, Max Data Rate 424 kbit/s.
Add to that:
1) The weak smart card does not have also SHA1 and MD5 co-processor and thus the PRF-TLS representes about 25% from the global performance. Another 15% for the digest and 12 to 28% for data transfert. More info are available at http://www.infres.enst.fr/~urien/security/aswn2004-urien.pdf
2) You compare the EAP-PSK to FULL EAP-TLS, but you forget to do it with EAP-TLS-PSK.
Rescorla used in SSL and TLS book a Pentium II 400 for benchmarkink TLS, [machine equivalentto your one :)]. The Resumed Handshake (The equivalent of TLS-PSK) takes between 0.0028 and 0.0038 seconds (see Rescorla, Page 213, Figure 6.26).
Badra
More precisely, the client needs almost 30 seconds to send
ClientKeyExchange, CertificateVerify, and ChangeCipherSpec (in frame 52), where I remember ClientKeyExchange requires the 48 byte premaster secret. (which requires expensive computations ..)
It is FULL TLS. That means you will not see all these messages in TLS-PSK :).
The high latency here is because of the PRF (see later)
So, is there hope for a speedup or is EAP-TLS not suitable for the EAP smartcard? How much Java influences this duration?
In contrast to this, as answer to "Are smartcards performances sufficient ?" we get the information, "Usually smart
cards include crypto-processors that compute the RSA 2048 bits
algorithm in less than 0,5s."
This is great, so I suppose the card above lacks of such a
crypto-processor ?
The card used in our test needs between 100 and 500 ms for RSA operations.
When you use a card handle SHA1 and MD5, the PRF will be negligeable. Take the example: RSA sign 342 bytes/s and verify 3287 [Rescorla] whereas SHA1 do 22838 Kbytes/s.
May I compare this to the running time of my implementation of EAP-PSK, which took for a full authentication only 0.75 seconds.
There is a strange 0.25 second delay between Identity Request and Response, so essentially we have 0,5 seconds for the protocol.
By the way, the notebook used for this test was nothing special, just a
4year old 400 MHz machine ;-)
Please, when you compare 4year old 400 MHz machine, do it but not with a VERY weak support like the smart card that has in our test the following properties: CPU 8 bits, RAM 2304 bytes, ROM 96 Kbytes, E2PROM 34 Kbytes, Max. Clock 8 MHz, Max Data Rate 424 kbit/s.
Add to that:
1) The weak smart card does not have also SHA1 and MD5 co-processor and thus the PRF-TLS representes about 25% from the global performance. Another 15% for the digest and 12 to 28% for data transfert. More info are available at http://www.infres.enst.fr/~urien/security/aswn2004-urien.pdf
2) You compare the EAP-PSK to FULL EAP-TLS, but you forget to do it with EAP-TLS-PSK.
Rescorla used in SSL and TLS book a Pentium II 400 for benchmarkink TLS, [machine equivalentto your one :)]. The Resumed Handshake (The equivalent of TLS-PSK) takes between 0.0028 and 0.0038 seconds (see Rescorla, Page 213, Figure 6.26).
Badra
-
draft-urien-eap-smartcard-06.txt Pascal Urien, August 19 2004
-
Re: draft-urien-eap-smartcard-06.txt Thomas Otto, August 20 2004
- Re: draft-urien-eap-smartcard-06.txt Pascal Urien, August 20 2004
- Re: draft-urien-eap-smartcard-06.txt Mohamad Badra, August 20 2004
-
Re: draft-urien-eap-smartcard-06.txt Thomas Otto, August 20 2004
Results generated by Tiger Technologies using MHonArc.