|
The SSL performance bottleneck is a pressing problem that affects the bottom line of many e-retailers, ISP/ASPs, and other dot com businesses.
Secure Sockets Layer (SSL) is ubiquitous throughout the Internet-- SSL is the de facto industry standard cryptographic protocol for the Internet today. SSL does not require a complex architecture to be in place before use. SSL is deployed in virtually every browser and in millions of web servers around the world.
SSL has been deployed in many different application areas within the Internet. According to the Gartner Group, SSL has been implemented in over 1200 Internet solutions thus far. Security is simply a tool for risk management and SSL provides perfectly adequate security for most applications.
The SSL Performance Bottleneck-- Within the SSL protocol, it is mandatory that the server authenticate itself to the browser which requires the server to compute a single RSA operation-- a private key decryption-- to establish a secure session. RSA private key operations are a very compute intensive operation, requiring nearly one-tenth of a second on the fastest Pentium processor. This single operation may account for over 95% of a server's SSL processing. The most common domestic key length for SSL authentication is 1024 bits. Why does a 1024-bit RSA private key operation require millions of CPU instructions to perform? Because the basic math behind RSA is modular exponentiation of a set of 1024-bit long integers. Breaking down x^y mod z (where x, y, and z are over a thousand bits in length each) into small enough steps for a 32-bit processor is not efficient. Many web servers initially only service requests for web pages and then only later offer some product for sale. Then security is added, often in the form of SSL, and the web server previously servicing hundreds of customers is now 'broken' and is only capable of a handful of secure requests. When SSL security is added to web applications, server performance can degrade by two orders of magnitude. The chart above comes from a competitor's (iPivot) web site and was created by Bill Mallen using numbers supplied by NetworkShop.
The Business Consequence of the SSL Performance Bottleneck-- A compelling study from Anderson Consulting shows that over one quarter of the customers shopping during the 1999 holiday season walked away from their purchase while waiting in queue to be serviced by SSL servers. Intel commissioned a study by Giga that concluded that an average customer will wait only eight seconds before surfing away to another site. A third survey that is done on a regular basis, the Keynote Consumer 40 Index, paints a dire picture. The top 40 e-commerce sites have an average wait of over 16 seconds and growing. Affected businesses need some relief from the SSL performance bottleneck in order to continue to satisfy their customers' needs. A successful application may have new customers waiting to connect to the server. Customers may become frustrated and go elsewhere. Eventually a business will hit the SSL server performance bottleneck. Users are accustomed to security not costing anything because SSL on their browser is 'free.' The perception is that SSL security should come free on the server as well. So it is difficult to accept that it will likely pay several thousands of dollars for another processor and even more for additional memory to be able to satisfy waiting SSL connection requests. The SSL performance bottleneck can be solved by offloading compute-intensive cryptographic processing to a specialized coprocessor such as the HP/Atalla AXL600L SSL Accelerator Card.
Just as a floating point co-processor is much more efficient at its specific calculation than a general purpose CPU, a cryptographic coprocessor is designed to outperform even the fastest processor at a fraction of the cost. Tomorrow's web servers will use dedicated cryptographic coprocessors. The natural evolution to specialized hardware seen with floating point (and I/O, audio-video and graphics) co-processors will continue by servicing network security with cryptographic coprocessors. Today this problem is solved by adding a math co-processor for cryptography processing. HP offers the HP/Atalla AXL600L SSL Accelerator Card to alleviate the SSL server performance bottleneck problem. The chart on the right compares the 600 SSL connections per second that the AXL600L can do versus the few SSL connects done by the typical IA-32 server. The chart on the left compares a server with its CPU utilization devoted to cryptographic processing and a server with the HP/Atalla AXL600L coprocessor. Over 600 SSL connections per second is impressive, but remember that at only a handful of SSL requests/second, the application server is spending too much time on cryptography and not enough doing the customer's business. Offloading the modular exponentiation to the HP/Atalla AXL600L Accelerator frees the application server to do real business work.
Highest performance in the market-- At over 600 SSL connections/second, the HP/Atalla AXL600L has the best price/performance on a single PCI card on the market. Note that this number cannot be directly compared to those of other SSL accelerators. Several solutions promote exponentiations per second derived from industry-standard 1024-bit RSA operations using the Chinese Remainder Theorem (CRT). CRT splits the mathematical problem into two smaller calculations. The HP/Atalla AXL600L using CRT provides 700+ 1024-bit RSA operations per second. Why not use this number; because none of the supported linux web servers (Netscape Enterprise Server, or Apache) use or support CRT today.
|
Printable version
