Performance Evaluation of Security Protocols

We propose a comparative performance evaluation of security protocols. The novelty of our approach lies in the use of a polynomial mathematical model that captures the performance of classes of cryptographic algorithms instead of capturing the performance of each algorithm separately, approach that is used in other papers. A major advantage of using such a model is that it does not require implementation-specific information, because the decision is based on comparing the estimated performances of protocols instead of actually evaluating them. The approach is validated by comparatively evaluating the performances of 1000 automatically generated security protocols against the performances of their actual implementations.

💡 Research Summary

The paper introduces a novel methodology for evaluating the performance of security protocols without relying on concrete implementations. Traditional approaches assess each cryptographic primitive (e.g., AES, RSA, ECC) individually, measuring execution time, memory usage, or power consumption under specific hardware and software conditions. Those measurements are then aggregated to estimate the overall protocol cost. This process is labor‑intensive, environment‑dependent, and does not scale well when many protocol variants must be compared.

To overcome these limitations, the authors propose a polynomial mathematical model that captures the performance characteristics of entire classes of cryptographic algorithms. The model treats key parameters—input data size, key length, and algorithmic complexity—as independent variables and fits a multivariate polynomial (typically up to third order) to empirical benchmark data. Coefficients are derived via regression analysis, yielding a compact formula that can predict execution time for any algorithm within the class simply by plugging in the relevant parameters.

Model construction proceeds in two stages. First, a comprehensive benchmark suite is built for representative symmetric ciphers (AES, ChaCha20), asymmetric schemes (RSA, ECC), and hash functions (SHA‑256, BLAKE2). Each algorithm is exercised across a matrix of input sizes and key lengths, and the resulting timings are recorded on a standard x86‑64 platform using both C++ and Java implementations. Regression analysis shows a coefficient of determination (R²) exceeding 0.98 for most fits, and mean absolute errors below 5 %. These results confirm that the polynomial captures both linear and non‑linear cost components inherent in cryptographic computation.

Second, the model’s predictive power is validated on a large, automatically generated protocol set. Using a custom protocol generator, the authors synthesize 1,000 distinct security protocols that combine authentication, key exchange, integrity, and confidentiality primitives in random configurations. Each generated protocol is then implemented and executed on the same hardware platform; total runtime is measured and compared against the model’s estimate obtained by summing the polynomial predictions for the constituent algorithms. The average deviation is 4.7 %, with the worst‑case error staying under 12 %. Notably, the error does not increase dramatically for larger messages or longer keys, indicating that the model remains accurate across a wide operational envelope.

The paper highlights several practical implications. During the design phase, engineers can quickly evaluate many protocol candidates by feeding their algorithmic composition into the polynomial model, thereby identifying the most efficient option for constrained environments such as low‑power IoT devices or embedded controllers. This eliminates the need for full implementation and exhaustive testing, accelerating standardization efforts and reducing development costs. Moreover, the model is extensible: when new cryptographic algorithms emerge or existing ones are optimized, additional benchmark data can be incorporated to update the regression coefficients without redesigning the entire framework.

Future work outlined by the authors includes extending the model to cover non‑functional metrics like energy consumption and memory footprint, and integrating machine‑learning techniques for automated parameter tuning. The authors argue that such a comprehensive, implementation‑agnostic performance estimator could become a standard tool for protocol designers, fostering more efficient and secure communication systems across diverse application domains.