An Encrypted World is Here. Is Your Network Ready for the SSL Storm?
A few months back, Google announced that, starting with version 56 (current version is 55), Chrome will explicitly mark HTTP pages that collect passwords or credit cards as non-secure. This is just Google’s first step and they will continue to add more categories of plaintext websites under the “Not-Secure” umbrella with future versions. Google’s warnings will also become more visible and contain stronger wording to encourage web users to stay away from such websites. This is clearly a very strong push and will contribute to the effort of encrypting the whole Internet. Sandvine’s Global Internet Phenomenon Report predicts that encrypted traffic will surpass 80% this year on some mobile provider networks.
Such warnings coming from a popular browser will push web admins to implement SSL
What Does It Mean for Your Network Infrastructure?
Enforcing SSL would most certainly result in a significant increase in encrypted traffic passing through the network. This would mean any intermediate device that does deep packet inspection (DPI) would have to look at ever-increasing contents. As encrypting/decrypting SSL is a highly CPU-intensive task, unprepared networks will soon begin to experience performance problems.
Device datasheets generally publish significantly lower performance for SSL traffic
However, all onus is not on the networking gear, a parallel optimization effort is going on in the SSL space to make encryption/decryption fast without compromising security and chip vendors are implementing accelerators targeted at improving SSL performance. Let’s take a deeper dive...
The Evolution of SSL Ciphers
In the process of making SSL more “secured,” encryption and encapsulation algorithms are more complex and key sizes longer. As has been the case, an increased security feature generally results in slower performance. For example, the widely used 2K keys for RSA handshakes make it significantly more secured than the 1K key size used a few years back. However, the performance drop is also significant—on average 50-70% lower with a bigger key size.
Introduction of the elliptical curve cryptography (ECC) ciphers that use the algebraic structure of elliptical curves (EC) over finite fields has significantly reduced key sizes without necessarily compromising security. Calculations suggest a P-224-bit key size of EC would provide the same security as using a 2K key for RSA. This essentially transpires into having higher security along with higher handshake performance. ECC generally uses the Diffie Hellman key exchange (DHE) mechanism and is together called ECDHE. Since DHE doesn’t have a signature algorithm, ECDHE generally uses RSA or ECDSA for the key signing.
Representative performances aggregated over several platforms with other parameters remaining same
Based on the above graph, it seems ECDHE-ECDSA should be the default choice of handshake going forward. The reality is quite different though, ECC implementation can be tricky and time consuming, hence has significantly lower industry support as of now. Plus, the massive deployment of RSA over the years makes it difficult to replace suddenly (Think COBOL!). So, for the foreseeable future we will be dealing with a mix of RSA-AES (2k, 4k key), ECDHE-RSA-AES, and ECDHE-ECDSA-AES ciphers being used for different connections/conditions.
Chip manufactures have considered the possibilities and we have seen an influx of dedicated chips like Intel-Xeon and Cavium-Nitrox in the market that have been specifically designed to provide higher performance with the newer SSL ciphers.
Prepare for the SSL-Storm Before It Hits You.
As advanced ciphers and chip designers have geared up for the massive increase in encrypted traffic, Ixia too has prepared a test tool to validate the scale/performance expected from modern DPI-capable devices. Introducing Ixia’s CloudStorm which, like other Ixia test products, is designed with future testing requirements in mind. CloudStorm has both hardware and software optimizations to ensure superior SSL performance for all major ciphers. The software optimizations also enable significantly higher SSL performance over varying key and curve sizes. The tests are tailor-made to measure and validate individual devices or network infrastructures for their SSL bandwidth/handshake capabilities and predict your preparedness for the upcoming SSL storm.