Accelerating application-level security protocols
نویسندگان
چکیده
We present a minimal extension to the BSD socket layer that can improve the performance of application-level security protocols, such as SSH or SSL/TLS, by 10%, when hardware cryptographic accelerators are available in the system. Applications specify what cryptographic transforms must be applied to incoming and outgoing data frames, and such processing is applied by the operating system itself (exploiting hardware accelerators) when the application sends or receives data. Under this scheme, we can reduce the number of system calls and context switches by 50%, and the amount of data copying by 66%. We describe our prototype implementation for the OpenBSD system and quantify its performance implications. We conclude with a discussion of further possible performance improvements that our approach enables.
منابع مشابه
A new method for accelerating impossible differential cryptanalysis and its application on LBlock
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...
متن کاملA Detailed Exploration of Usability Statistics and Application Rating Based on Wireless Protocols
A Detailed Exploration of usability statistics and Application Rating on short-range Wireless protocols Bluetooth (IEEE 802.15.1), ZigBee (IEEE 802.15.4), Wi-Fi (IEEE 802.11) and NFC (ISO/IEC 14443) has been performed that being representing of those prominent wireless protocols evaluating their main characteristics and performances in terms of some metric such as co-existence, data rate, secur...
متن کاملAccelerating Cryptographic Protocols: A Review of Theory and Technologies
Modern cryptography applications require significant processing power and resources on computers. To make implementations of these algorithms comply with the rising requirements of speed and throughput of modern applications, the use of instruction set extensions and external cryptography processors has become more and more commonplace. While cryptography algorithms can and do differ significan...
متن کاملA Security Architecture for a Satellite Network Transport Architecture†
This paper presents the security architecture designed for SaNTA (Satellite Networks Transport Architecture). SaNTA is an architecture designed for accelerating TCP connections through satellite links. It uses a split architecture to overcome problems in the TCP congestion control mechanism when using satellite links. However, such split architecture cannot easily interoperate with secure commu...
متن کاملAnBx - Security Protocols Design and Verification
Designing distributed protocols is challenging, as it requires actions at very different levels: from the choice of network-level mechanisms to protect the exchange of sensitive data, to the definition of structured interaction patterns to convey application-specific guarantees. Current security infrastructures provide very limited support for the specification of such guarantees. As a conseque...
متن کامل