User requirements-aware security ranking in SSL protocol | The Journal of Supercomputing Skip to main content
Springer Nature Link
Log in

User requirements-aware security ranking in SSL protocol

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

The primary goal of the secure socket layer protocol (SSL) is to provide confidentiality and data integrity between two communicating entities. Since the most computationally expensive step in the SSL handshake protocol is the server’s RSA decryption, it is introduced that the proposed secret exchange algorithm can be used to speed up the SSL session initialization. This paper first points out that the previous batch method is impractical since it requires multiple certificates. It then proposes a unique certificate scheme to overcome the problem. The optimization strategy, which is based on the constrained model considering the user requirements-aware security ranking, focuses on the optimal result in different public key sizes. It is also introduced that the parameter is optimized when integrating user requirements for Internet QoS, such as the stability of the system and the tolerable response time. Finally, the proposed algorithm is evaluated to be practical and efficient through both analysis and simulation studies.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Goldberg I, Wagner D (1996) Randomness and the netscape browser. Dr Dobb’s J 21(1):66–70

    Google Scholar 

  2. Callegati F, Cerroni W, Ramilli M (2009) Man-in-the-middle attack to the HTTPS protocol. IEEE Secur Priv 7(1):78–81

    Article  Google Scholar 

  3. Freier AO, Karlton P, Kocher PC (1996) The SSL protocol V3.0, 1996-11-01

  4. Sobh TS, Elgohary A, Zaki M (2008) Performance improvements on the network security protocols. Int J Comput Sci Netw Secur 6(1):103–115

    Google Scholar 

  5. Feigenbaum J, Freedman MJ, Sander T, Shostack A (2002) Privacy engineering for digital rights management systems. In: Proceedings of 2001 ACM workshop on security and privacy in digital rights management. LNCS, vol 2320. pp 76–105

    Chapter  Google Scholar 

  6. Rescorla E, Cain A, Korver B (2002) SSLACC: A clustered SSL accelerator. In: Proceedings of the 11th USENIX security conference, San Francisco, August 5–9, pp 229–246

    Google Scholar 

  7. Sun HM, Yang CT, Wu ME (2009) Short-exponent RSA, IEICE transactions on fundamentals of electronics. Commun Comput Sci E92-A(3):912–918

    Google Scholar 

  8. Kuo FC, Tschofenig H, Meyer F et al (2006) Comparison studies between pre-shared and public key exchange mechanisms for transport layer security. In: Proceedings of IEEE global internet symposium 2006, Spain, pp 1–6

    Google Scholar 

  9. Castelluccia C, Mykletun E, Tsudik G (2006) Improving secure server performance by re-balancing SSL/TLS handshakes. In: Proceedings of the 2006 ACM symposium on information, computer and communications security. ACM Press, New York, pp 26–34

    Google Scholar 

  10. Shacham H, Boneh D (2001) Improving SSL handshake performance via batching, RSA’2001. In: Lecture notes in computer science. vol 2020. Springer, San Francisco, pp 28–43

    Google Scholar 

  11. Takagi T (1997) Fast RSA-type cryptosystems using N-adic expansion. In: Proceedings of crypto ’97. Lecture notes in computer science, vol 1294, pp 372–384

    Google Scholar 

  12. Boneh D, Shacham H (2002) Fast variants of RSA. RSA Lab Crypt 5(1):1–8

    Google Scholar 

  13. Blakey E (2009) Factorizing RSA keys an improved analogue solution. New Gener Comput 27(2):159–176

    Article  MATH  Google Scholar 

  14. Fiat A (1989) In: Batch RSA, Crypto’89. Springer, Berlin, pp 175–185. See also J Cryptology 10(2):75–88, 1997

    Google Scholar 

  15. Menezes A, Van Oorschot P, Vanstone S (1997) Handbook for applied cryptography. CRC Press, Boca Raton

    Google Scholar 

  16. Bhatti N, Bouch A, Kuchinsky A (2000) Integrating user-perceived quality into web server design. In: Proceedings of the 9th international world wide web conference, Amsterdam, Netherlands, pp 24–334

    Google Scholar 

  17. Bouch A, Kuchinsky A, Bhatti N (2000) Quality is in the eye of the beholder: Meeting user’s requirements for internet quality of service. In: Proceedings of the CHI 2000 conference on human factors in computing systems, The Hague, The Netherlands, pp 297–304

    Google Scholar 

  18. Qi F, Tang Z, Wang GJ, Wu J (2009) QoS-aware optimization strategy for security ranking in SSL protocol. In: Proceedings of the 2009 IEEE international symposium on trust, security and privacy for pervasive applications (TSP-09), in conjunction with IEEE MASS 2009, Macau SAR, China, pp 842–847

    Google Scholar 

  19. Nah F (2004) Study on tolerable waiting time: How long are web users willing to wait? Behav Inf Technol 23:153–163

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Science and Engineering, Central South University, 410083, Changsha, PR China

    Fang Qi, Zhe Tang & Guojun Wang

  2. Department of Computer and Information Sciences, Temple University, Philadelphia, PA, 19122, USA

    Jie Wu

Authors
  1. Fang Qi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhe Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guojun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jie Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhe Tang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Qi, F., Tang, Z., Wang, G. et al. User requirements-aware security ranking in SSL protocol. J Supercomput 64, 762–776 (2013). https://doi.org/10.1007/s11227-010-0546-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-010-0546-4

Keywords

Search

Navigation