Configuration and extension of embedded processors to optimize IPSec protocol execution

Authors:
Nachiketh R. Potlapally;Srivaths Ravi;Anand Raghunathan;Ruby B. Lee;Niraj K. Jha
Affiliations:
Department of Electrical Engineering, Princeton University, Princeton, NJ;NEC Laboratories America, Princeton, NJ;NEC Laboratories America, Princeton, NJ;Department of Electrical Engineering, Princeton University, Princeton, NJ;Department of Electrical Engineering, Princeton University, Princeton, NJ
Venue:
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Year:
2007

Citing 8
Cited 1

Hitting the memory wall: implications of the obvious

ACM SIGARCH Computer Architecture News
Speeding up protocols for small messages

Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Architectural support for fast symmetric-key cryptography

ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
System design methodologies for a wireless security processing platform

Proceedings of the 39th annual Design Automation Conference
Securing wireless data: system architecture challenges

Proceedings of the 15th international symposium on System Synthesis
Cryptography and Network Security: Principles and Practice

Cryptography and Network Security: Principles and Practice
Bit Permutation Instructions for Accelerating Software Cryptography

ASAP '00 Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors
Impact of Configurability and Extensibility on IPSec Protocol Execution on Embedded Processors

VLSID '06 Proceedings of the 19th International Conference on VLSI Design held jointly with 5th International Conference on Embedded Systems Design

Implementation and performance evaluation of an active RFID system for fast tag collection

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security protocols, such as IPSec and SSL, are being increasingly deployed in the context of networked embedded systems. The resource-constrained nature of embedded systems and, in particular, the modest capabilities of embedded processors make it challenging to achieve satisfactory performance while executing security protocols. A promising approach for improving performance in embedded systems is to use application-specific instruction set processors that are designed based on configurable and extensible processors. In this paper, we perform a comprehensive performance analysis of the IPSec protocol on a state-of-the-art configurable and extensible embedded processor (Xtensa from Tensilica Inc.). We present performance profiles of a lightweight embedded IPSec implementation running on the Xtensa processor, and examine in detail the various factors that contribute to the processing latencies, including cryptographic and protocol processing. In order to improve the efficiency of IPSec processing on embedded devices, we then study the impact of customizing an embedded processor by synergistically 1) configuring architectural parameters, such as instruction and data cache sizes, processor-memory interface width, write buffers, etc., and 2) extending the base instruction set of the processor using custom instructions for both cryptographic and protocol processing. Our experimental results demonstrate that upto 3.2 × speedup in IPSec processing is possible over a popular embedded IPSec software implementation.