Optimizing public-key encryption for wireless clients

Providing acceptable levels of security imposes significant computational requirements on wireless clients, servers, and network elements. These requirements are often beyond the modest processing capabilities and energy (battery) resources available on wireless clients. The relatively small sizes of wireless data transactions imply that public-key encryption algorithms dominate the security processing requirements. We propose techniques to improve the computational efficiency of public-key encryption algorithms. We focus on the modular exponentiation based encryption/decryption employed in many popular public-key algorithms. We study an extensive suite of algorithmic optimizations to the basic modular exponentiation algorithm and new advanced techniques. The proposed algorithmic optimizations lead to an "algorithm design space", across which performance varies significantly (over an order-of-magnitude). We evaluated the proposed algorithmic optimization techniques by obtaining processing times for the SSL (secure sockets layer) handshake protocol on a state-of-the-art embedded processor by using the optimal algorithm configuration and a popular conventional algorithm configuration. The results demonstrate that the optimum algorithm configuration leads to a 5.7/spl times/ improvement in SSL handshake protocol processing times. The proposed techniques are complementary to, and can be applied in conjunction with, improvements in security mechanisms and protocols, new hardware architectures, and improvements in silicon technologies.