Improving SSL Handshake Performance via Batching

Authors: D. Boneh and H. Shacham

We present an algorithmic approach for speeding up SSL's performance on a web server. Our approach improves the performance of SSL's handshake protocol by up to a factor of 2.5 for 1024-bit RSA keys. It is designed for heavily-loaded web servers handling many concurrent SSL sessions. We improve the server's performance by batching the SSL handshake protocol. That is, we show that b SSL handshakes can be done faster as a batch than doing the b handshakes separately one after the other. Experiments show that taking b=4 leads to optimal results, namely a speedup of a factor of 2.5. Our starting point is a technique due to Fiat for batching RSA decryptions. We improve the performance of batch RSA and describe an architecture for using it in an SSL web server. We give experimental results for all the proposed techniques.

In proceedings RSA '2001, Lecture Notes in Computer Science, Vol. 2020, Springer-Verlag, pp. 28--43, 2001

Full paper: PostScript         [first posted 11/2000 ]