Table 10 Performance comparison between HRMv1, HRMv2, HRMv3, GGHLM-D, GGHLM-B, and GGHLM-H16 for the task of matching a 16-bit plaintext number against encrypted range rules.

From: Oblivious network intrusion detection systems

Location

Operation

HRMv1

HRMv2

HRMv3

GGHLM-D

GGHLM-B

GGHLM-H16*

G,L

E

R

G,L,E,R

G,L

E

R

G,L,E,R

Trusted

Client

Key Creation

(Time)

826.3

ms

721.089

ms

Rule Encryption

(Time)

1.311

ms

1.323

ms

1.974

ms

1342

ms

15.8

ms

10.4

ms

31.8

ms

50.79

sec

10.51

sec

3.926

days

Cloud

Side

Rule Matching

(Time)

386

ms

192

ms

790

ms

1.25

us

25.7

ms

12.9

ms

64.9

msec

25.3

msec

79.49

msec

5.01

msec

Trusted

Client

Decryption

(Time)

1

usec

497.703

msec

Encrypted Rule

(Size)

158.5

KB

158.5

KB

237.75

KB

158.5

MB

1.86

MB

1.24

MB

3.71

MB

330.3

MB

66.1

MB

2.064

TB

Encrypted Result

(Size)

2.48

KB

33.03

KB

Estimated Key

(Size)

113.7

MB

59.1

MB

Max Resident Memory

(Size)

253.31

MB

253.32

MB

253.61

MB

412.4

MB

255.1

MB

254.4

MB

257

MB

623

MB

172

MB

3.524

TB

Security bits

128

51

  1. *Values for GGHLM-H16 are estimated using the elementary measurements for GGHLM as follows:
  2. Rule encryption time = Time for encrypting one transition matrix \(\times\) |Alphabet| = 5.08 s \(\times\) \(2^{16}\)
  3. Rule Matching Time = (Matrix \(\times\) Vector) process time \(\times\) #input symbols = 5.01 msec \(\times\) 1. (There is a matrix for every possible plain number)
  4. Encrypted Rule Size = |Alphabet| \(\times\) size of encrypted matrix = \(2^{16}\times\) 33.03 MB.
  5. Maximum Resident Memory = 1.707 \(\times\) Encrypted Rule size + Key Size = 1.707 \(\times\) 2.064 TB + 59.1 MB.
  6. The key creation time, key size, decryption time, and the encrypted result size are the same
Back to article page