Improving security performance with parallel crypto operations in SSL bulk data transfer
Information security, including integrity and privacy, is an important concern among today’s computer users due to increased connectivity. Despite a number of secure algorithms that have been proposed, the trade-offs made between security and performance demands further research toward improvement....
Saved in:
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Malaysian Society for Cryptology Research
2009
|
Online Access: | http://psasir.upm.edu.my/id/eprint/51912/1/Improving%20security%20performance%20with%20parallel%20crypto%20operations%20in%20SSL%20bulk%20data%20transfer.pdf http://psasir.upm.edu.my/id/eprint/51912/ http://www.mscr.org.my/ijcr_volumes1(2).htm |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Information security, including integrity and privacy, is an important concern among today’s computer users due to increased connectivity. Despite a number of secure algorithms that have been proposed, the trade-offs made between security and performance demands further research toward improvement. For example, in bulk data transfer, especially in large messages, the secured processing time takes much longer than non-secured processes. This is due to crypto operations, which include symmetric encryption operations and hashing functions. In the current bulk data transfer phase in Secure Socket Layer (SSL), the server or the client firstly calculates the Message Authentication Code (MAC) of the data using HMAC operation, and then performs the symmetric encryption on the data together with the MAC. This paper proposes a new algorithm which provides a significant performance gain in bulk data transfer without compromising the security. The proposed algorithm performs the encryption of the data and the calculation of the MAC in parallel. The server calculates the MAC of the data at the same time as the encryption process of the data. Once the calculation of the MAC is completed, only then the MAC will be encrypted. The algorithm was simulated in two processors with one processor performing the MAC calculation and the other on encrypting the data, simultaneously. The communication between the two processors was done via Message Passing Interface (MPI). Based on the performance simulations, the new parallel algorithm gained speedup of 1.74 with 85% efficiency over the sequential (current) algorithm. |
---|