performance of host identity protocol on lightweight ... · host identity protocol ... – nat...
TRANSCRIPT
![Page 1: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/1.jpg)
Performance of Host Identity Protocol onPerformance of Host Identity Protocol on
Lightweight Mobile DevicesLightweight Mobile Devices
Andrey Khurri
Helsinki Institute for Information Technology
4th FRUCT seminar
Tampere, Finland
October 29-31, 2008
![Page 2: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/2.jpg)
OutlineOutline
Research problem
Host Identity Protocol (HIP)
Device specifications & network setup
Performance metrics
Results and analysis
Concluding remarks
![Page 3: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/3.jpg)
Research ProblemResearch Problem
•Moving TCP/IP stack to lightweight platforms
– Adjusting for constrained devices such as PDA, phone, sensor,
microcontrollers
• Examples: µTCP/IP, µIPv6, lightweight IKE
– Running existing ”desktop” solutions if performance is acceptable
• Example: Elliptic-Curve Cryptography on mobile healthcare
devices
•Are unmodified IP mobility and security solutions ready to be used on lightweight devices?
– Limited hardware resources
– Computationally expensive software-based cryptography
![Page 4: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/4.jpg)
Host Identity ProtocolHost Identity Protocol
•Host Identity Protocol –
a ”universal” solution to many Internet problems
– Three open-source implementations
– No experience with running it on lightweight devices
– Concept similar to other security and mobility protocols
• Assymetric key pair cryptography
• IPsec ESP for data protection
![Page 5: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/5.jpg)
Host Identity Protocol (contHost Identity Protocol (cont’’d)d)
•Specified by IETF (RFC 5201-5207)
•Decouples IP layer from the above layers
– Locator/identifier split
•Public-private key pairs to authenticate hosts
•IPsec ESP protocol to protect user data
•Provides
– End-to-end security
– Authentication
– Mobility
– Multihoming
– NAT traversal
![Page 6: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/6.jpg)
HIP Protocol StackHIP Protocol Stack
Physical Layer
Link Layer
Network Layer
Transport Layer
Application Layer
Host Identity Layer
<IP address, port>
<IP address>
<Host Identity, port>
Physical Layer
Link Layer
Network Layer
Transport Layer
Application Layer
<IP address>
new name space
![Page 7: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/7.jpg)
HIP Base ExchangeHIP Base Exchange
I1 < HIT i, HIT r >
Initiator Responder
ServerMobile Terminal
R1 < cookie, D-H, HI r, signature >
I2 < solution, D-H, HI i, ESP, signature >
R2 < ESP, signature>
ESP protected traffic
![Page 8: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/8.jpg)
HIP MobilityHIP Mobility
Mobile Client
Server
IP address 1
IP address 2
1. UPDATE < LOCATOR, ESP_INFO, SEQ >
2. UPDATE < ESP_INFO, SEQ, ACK, ECHO_REQUEST>
3. UPDATE < ACK, ECHO_RESPONSE >
HIP association
Data protected by IPs
ec
Data protected by IPsec
![Page 9: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/9.jpg)
Mobile Device Specs EvolutionMobile Device Specs Evolution
CPU
RAM
MHz
MB
220 330
64
96
128
400
N810N800
N770E60N80
E51N78
N95
N96 E90
Battery900 - 1500 mAh
G700P1i
Nokia 5800
![Page 10: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/10.jpg)
Device SpecificationsDevice Specifications
Symbian,
S60 3rd Edition
Linux Debian,
Maemo
Operating
System
3G, WLAN,
BluetoothWLAN, BluetoothConnectivity
10501500Battery, mAh
9664RAM, MB
369220CPU, MHz
Nokia E51
smartphone
Nokia 770
Internet Tablet
![Page 11: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/11.jpg)
Network SetupNetwork Setup
IEEE 802.11g
3.00 GHz CPU2 GB RAM
Ubuntu Linux Server
Switch
Nokia 770
Mobile-to-Server
Mobile-to-Mobile
1.6 GHz CPU1 GB RAM
Laptop-to-Server
IBM R51 laptop
Nokia E51
220 MHz CPU64 MB RAM
369 MHz CPU96 MB RAM
![Page 12: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/12.jpg)
Network SetupNetwork Setup
IEEE 802.11g
3.00 GHz CPU2 GB RAM
Ubuntu Linux Server
Switch
Nokia 770
Mobile-to-Server
Mobile-to-Mobile
1.6 GHz CPU1 GB RAM
Laptop-to-Server
IBM R51 laptop
Nokia E51
220 MHz CPU64 MB RAM
369 MHz CPU96 MB RAM
![Page 13: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/13.jpg)
Porting from Desktop to MobilePorting from Desktop to Mobile
easiest
hard
Linux OSSHIPL
Multi-platform OSSOpenHIP
easier
![Page 14: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/14.jpg)
Performance IndicatorsPerformance Indicators
•HIP Base Exchange duration
•Mobility Update duration
•TCP throughput
•Power consumption
•CPU and memory load
![Page 15: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/15.jpg)
ResultsResults
Nokia 770
Nokia E51
HIP
![Page 16: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/16.jpg)
Duration of HIP Base ExchangeDuration of HIP Base Exchange
Base Exchange stages and total BE time
Mobile Client Server
Ave
rage
tim
e (s
)
Tablet
Laptop
1024-bit RSA keys1536-bit DH Group
![Page 17: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/17.jpg)
Duration of HIP Base Exchange (contDuration of HIP Base Exchange (cont’’d)d)
Tablet-to-Tablet
PC-to-PC
Ave
rage
tim
e (s
)
Base Exchange stages and total BE time
Mobile Client Mobile Client
![Page 18: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/18.jpg)
Base Exchange Duration Base Exchange Duration with HIPL and OpenHIPwith HIPL and OpenHIP
3.501 / 0.1233.781 / 0.125Phone Phone (Standby)
4.297 / 0.0736.416 / 0.712Phone Phone (Active)
1.851 / 0.0741.759 / 0.138Server Phone (Standby)
2.758 / 0.1063.313 / 0.104Server Phone (Active)
1.895 / 0.1221.677 / 0.063Phone Server (Standby)
3.089 / 0.1703.169 / 0.108Phone Server (Active)
OpenHIPHIPLScenario / Implementation
Mean / Standard Deviation (s)Nokia E51
• Surprisingly, we found a significant difference in performance measured in Active and Standby phone states
![Page 19: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/19.jpg)
Key Pair CreationKey Pair Creationof Different Size on Nokia E51of Different Size on Nokia E51
40.73 / 31.203.56 / 1.280.51 / 0.13RSA
389.99 / 308.6131.48 / 16.544.90 / 1.46DSA
20481024512Key Length (bits)
Mean / Standard Deviation (s)Nokia E51
•The public-private key pair generation might stress the cell phone
– Especially with key length > 1024 bits
![Page 20: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/20.jpg)
Puzzle Difficulty ImpactPuzzle Difficulty Impact
T2 processing time dependence on K
Ave
rage
Tim
e (s
)
Puzzle Difficulty K (bits)
Tablet
Laptop
![Page 21: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/21.jpg)
Influence of DiffieInfluence of Diffie--Hellman Group IDHellman Group ID
• With the 768-bit DH Group HIP association establishment with a server
might be reduced up to 0.35 sec
Ave
rage
Tim
e (s
)
DH Group (bits)
Tablet
Laptop
![Page 22: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/22.jpg)
Duration of Mobility UpdateDuration of Mobility Update
Average time: Tablet – 287 ms; Laptop – 100 ms
Tim
e fo
r M
obili
ty U
pdat
e (s
)
Number of measurements
Tablet
Laptop
![Page 23: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/23.jpg)
TCP ThroughputTCP ThroughputAverage TCP throughput with Tablet and Laptop
21.16 / 0.1821.77 / 0.23Laptop PC
3.14 / 0.034.84 / 0.053.27 / 0.084.86 / 0.28 Tablet PC
TCP + HIP + WPATCP + WPATCP + HIPTCP
Mean / Standard Deviation (Mbps)Throughput
•Surprisingly, tablet only achieves 4.86 Mbps in a IEEE 802.11g WLAN
(our laptop achieves 21.77 Mbps over the same link)
•WPA encryption has minor impact on the throughput
– In contrast, ESP encryption involved with HIP reduces TCP throughput
by 32%
![Page 24: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/24.jpg)
TCP Throughput (cont'd)TCP Throughput (cont'd)T
hrou
ghpu
t (M
bps)
Number of measurements
Tablet (plain TCP)
Tablet (TCP/HIP)
Laptop (TCP/HIP)
Laptop (plain TCP)
![Page 25: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/25.jpg)
Power consumption Power consumption –– Nokia 770Nokia 770
< 0.01
0.12
0.35 – 0.50
0.20
0.40 – 0.50
0.27
> 0.50
0.38
0.38
0.36
Current (A)
0.04Standby mode
0.44Passive WLAN
1.57Browsing (Active WLAN)
0.74Local audio
1.66Audio stream from a server
0.99Local video
1.85Video stream from a server
1.41Plain TCP (an app without HIP)
1.41ESP traffic (an app with HIP)
1.33HIP Base Exchange
Power (W)Application / Mode
• The use of HIP does not noticeably affect the speed of battery depletion
• BUT energy cost per byte is higher with HIP due to reduced throughput
1500 mAh
![Page 26: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/26.jpg)
Power consumption (cont'd)Power consumption (cont'd)
•Almost no difference between HIP-enabled and non-HIP applications
– Tablet's CPU is kept busy always upon data transmission over WLAN
•HIP consumes more energy per byte than plain TCP/IP
– IPsec data encryption requires a notably longer CPU utilization for a data bulk to be transferred
– Longer CPU utilization causes more energy consumption for this particular task
![Page 27: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/27.jpg)
Power Consumption Power Consumption –– Nokia E51Nokia E51
No HIP daemon: 200mW/60mA (18 h) and HIP BEX: 340mW/90mA (12 h)
Average Power: 0.62 W; Current: 0.17 A
![Page 28: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/28.jpg)
OpenHIP Daemon InitializationOpenHIP Daemon InitializationCPU Load on Nokia E51CPU Load on Nokia E51
•CPU usage is close to 100% at the initialization phase but low in the idle mode
![Page 29: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/29.jpg)
OpenHIP Daemon Initialization with BEXOpenHIP Daemon Initialization with BEXRAM Usage on Nokia E51RAM Usage on Nokia E51
•HIP increases memory usage by 3 MB
![Page 30: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/30.jpg)
ConclusionsConclusions
•Unmodified HIP
– might be used in a number of scenarios with a lightweight device communicating via a single proxy server
– BUT is too heavy for two mobile hosts and/or multiple parallel HIP associations
6.43.52.6Mobile Mobile
3.21.71.4Mobile Server
Nokia E51 (active)
Nokia E51 (standby)
Nokia 770BEX, sec
![Page 31: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/31.jpg)
Conclusions (contConclusions (cont’’d)d)
•OpenHIP implementation has been a lot more portable (works now on many OS: Linux, Win, MacOS) and showed slightly better performance
•HIP implemented natively using Symbian C++ would have better performance
•Applicability of the measurement results to
– A wide range of mobility and security protocols
• most such protocols are based on similar public key and IPsec ESP operations like HIP
– Other models of smartphones with similar hardware
![Page 32: Performance of Host Identity Protocol on Lightweight ... · Host Identity Protocol ... – NAT traversal. HIP Protocol Stack Physical Layer Link Layer Network Layer Transport Layer](https://reader035.vdocument.in/reader035/viewer/2022062504/5b0b601c7f8b9aba628dcf4f/html5/thumbnails/32.jpg)
Thank You!Thank You!