Analysis of AES-GCM Cipher Suites in TLS

摘要

Encryption and decryption are the two most important complex methods for achieving security in any type of smart devices and systems/machines through transport layer security protocol (TLS). The symmetric key algorithms are the significant method for encrypting and decrypting the data/information using block cipher or stream cipher which is used for TLS protocol. The primary symmetric key block cipher algorithm used in TLS is Advanced Encryption standard (AES) and it provides security based on the key bits used in AES operation. The TLS protocol provides confidentiality(C), integrity (I) and Authenticity (A) in a single pass communication that is Authentication Encryption and Authentication Data (AEAD) between web browser and web server. It uses well known TLS cipher suite AES-GCM (Galois Counter mode) which is commonly used in TLS 1.2. Suppose AES-NI hardware acceleration is not available in smart devices like tablets it causes performance issues in smart devices using TLS 1.2 protocol. If the smart device does not possess AES-NI, it can use software for running AES-GCM but it takes a lot of time for encryption/decryption of information, ergo causing the battery performance in smart devices. The newer symmetric Stream cipher CHACHA20-POLY1305 provides AEAD for securing the communication in smart devices thus reducing the battery cycles which is used for TLS 1.3. The paper discusses the pros and cons of AES-GCM authentication encryption used in TLS 1.2.