Parallelized network security protocols

Security and privacy are growing concerns in the Internet community, due to the Internet's rapid growth and the desire to conduct business over it safely. This desire has led to the advent of several proposals for security standards, such as secure IP, secure HTTP, and the Secure Socket Layer. All of these standards propose using cryptographic protocols such as DES and RSA. Thus, the need to use encryption protocols is increasing. Shared-memory multiprocessors make attractive server platforms, for example as secure World-Wide Web servers. These machines are becoming more common, as shown by recent vendor introductions of platforms such as SGI's Challenge, Sun's SPARCCenter, and DEC's AlphaServer. The spread of these machines is due both to their relative ease of programming and their good price/performance. This paper is an experimental performance study that examines how encryption protocol performance can be improved by using parallelism. We show linear speedup for several different Internet-based cryptographic protocol stack running on a symmetric shared-memory multiprocessor using two different approaches to parallelism.

[1]  Gerald W. Neufeld,et al.  A Parallel Approach to OSI Connection-Oriented Protocols , 1992, Protocols for High-Speed Networks.

[2]  R. Lee,et al.  SPARCcenter 2000: multiprocessing for the 90's , 1993, Digest of Papers. Compcon Spring.

[3]  Douglas C. Schmidt,et al.  Measuring the impact of alternative parallel process architecture on communication subsystem performance , 1994, Protocols for High-Speed Networks.

[4]  Mats Björkman,et al.  Locking Effects in Multiprocessor Implementations of Protocols , 1994, J. High Speed Networks.

[5]  Douglas C. Schmidt,et al.  Measuring the performance of parallel message-based process architectures , 1995, Proceedings of INFOCOM'95.

[6]  Arun N. Netravali,et al.  Design and implementation of a high-speed transport protocol , 1990, IEEE Trans. Commun..

[7]  Larry L. Peterson,et al.  The x-Kernel: An Architecture for Implementing Network Protocols , 1991, IEEE Trans. Software Eng..

[8]  Van Jacobson,et al.  TCP Extensions for High Performance , 1992, RFC.

[9]  Erich M. Nahum,et al.  Networking Support For Large Scale Multiprocessor Servers , 1995, Third IEEE Workshop on the Architecture and Implementation of High Performance Communication Subsystems.

[10]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[11]  Thomas F. La Porta,et al.  Performance analysis of MSP: feature-rich high-speed transport protocol , 1993, TNET.

[12]  Mohan Krishnan,et al.  Pitfalls in Multithreading SVR4 STREAMS and Other Weightless Processes , 1993, USENIX Winter.

[13]  Murad S. Taqqu,et al.  On the Self-Similar Nature of Ethernet Traffic , 1993, SIGCOMM.

[14]  Walter Willinger,et al.  On the self-similar nature of Ethernet traffic , 1993, SIGCOMM '93.

[15]  David D. Clark,et al.  The structuring of systems using upcalls , 1985, SOSP '85.

[16]  Erich M. Nahum,et al.  Performance issues in parallelized network protocols , 1994, OSDI '94.

[17]  Mats Björkman,et al.  Locking Effects in Multiprocessor Implementations of Protocols , 1993, SIGCOMM.

[18]  Sally Floyd,et al.  Wide area traffic: the failure of Poisson modeling , 1995, TNET.

[19]  Eric Williams,et al.  Performance optimizations, implementation, and verification of the SGI Challenge multiprocessor , 1994, 1994 Proceedings of the Twenty-Seventh Hawaii International Conference on System Sciences.

[20]  Karsten Schwan,et al.  Parallel and configurable protocols: experiences with a prototype and an architectural framework , 1993, 1993 International Conference on Network Protocols.

[21]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[22]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[23]  Jeffrey C. Mogul,et al.  The packer filter: an efficient mechanism for user-level network code , 1987, SOSP '87.

[24]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[25]  Martina Zitterbart,et al.  Parallel TCP for high performance communication subsystems , 1992, [Conference Record] GLOBECOM '92 - Communications for Global Users: IEEE.

[26]  Joseph D. Touch,et al.  Performance analysis of MD5 , 1995, SIGCOMM '95.

[27]  Hans Eberle,et al.  A High-Speed DES Implementation for Network Applications , 1992, CRYPTO.

[28]  S. O'Malley,et al.  THE ROAD TO NETWORK SECURITY OR THE VALUE OF SMALL COBBLESTONES , 1994 .

[29]  Samuel J. Leffler,et al.  The design and implementation of the , 1990 .

[30]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[31]  R. Schroeppel,et al.  Towards High Performance Cryptographic Software , 1995, Third IEEE Workshop on the Architecture and Implementation of High Performance Communication Subsystems.

[32]  David D. Clark,et al.  Modularity and efficiency in protocol implementation , 1982, RFC.

[33]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[34]  Jeffrey C. Mogul Network Locality at the Scale of Processes , 1992, ACM Trans. Comput. Syst..

[35]  David M. Fenwick,et al.  The AlphaServer 8000 Series: High-end Server Platform Development , 1995, Digit. Tech. J..