Enhancing security performance with parallel crypto operations in SSL bulk data transfer phase

Information security, including integrity and privacy, is an important concern among today's computer users due to increased connectivity. Despite a number of secure algorithms that have been proposed, the trade-offs made between security and performance demands further research toward improvem...

Full description

Saved in:
Bibliographic Details
Main Authors: Alaidaros, Hashem Mohammed, A. Rasid, Mohd Fadlee, Othman, Mohamed, Raja Abdullah, Raja Syamsul Azmir
Format: Conference or Workshop Item
Language:English
Published: IEEE 2007
Online Access:http://psasir.upm.edu.my/id/eprint/48248/1/Enhancing%20security%20performance%20with%20parallel%20crypto%20operations%20in%20SSL%20bulk%20data%20transfer%20phase.pdf
http://psasir.upm.edu.my/id/eprint/48248/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Information security, including integrity and privacy, is an important concern among today's computer users due to increased connectivity. Despite a number of secure algorithms that have been proposed, the trade-offs made between security and performance demands further research toward improvement. In bulk data transfer, especially in large messages, the secured processing time takes much longer than non-secured processes. This is due to crypto operations, which include symmetric encryption operations and hashing functions. In the current bulk data transfer phase in Secure Socket Layer (SSL), the server or the client firstly calculates the Message Authentication Code (MAC) of the data using Keyed-Hash Message Authentication Code (HMAC) operation, and then performs the symmetric encryption on the data together with the MAC. This paper proposes a new algorithm which provides a significant performance gain in bulk data transfer without compromising the security. The proposed algorithm performs the encryption of the data and the calculation of the MAC in parallel. The server calculates the MAC of the data at the same time as the encryption process of the data. Once the calculation of the MAC is completed, only then the MAC will be encrypted. The algorithm was simulated in two processors with one processor performing the MAC calculation and the other on encrypting the data, simultaneously. The communication between the two processors was done via Message Passing Interface (MPI). Based on the performance simulations, the new parallel algorithm gained speedup of 1.74 with 85% efficiency over the current (sequential) algorithm.