A cryptographic library for the Motorola DSP56000
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Improving SSL Handshake Performance via Batching
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
SSLACC: A Clustered SSL Accelerator
Proceedings of the 11th USENIX Security Symposium
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Larrabee: a many-core x86 architecture for visual computing
ACM SIGGRAPH 2008 papers
Addressing email loss with SureMail: measurement, design, and evaluation
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Exploiting the Power of GPUs for Asymmetric Cryptography
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Practical symmetric key cryptography on modern graphics hardware
SS'08 Proceedings of the 17th conference on Security symposium
HashCache: cache storage for the next billion
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Efficient Acceleration of Asymmetric Cryptography on Graphics Hardware
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Cox-Rower architecture for fast parallel montgomery multiplication
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Symmetric key cryptography on modern graphics hardware
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Proceedings of the ACM SIGCOMM 2010 conference
PacketShader: a GPU-accelerated software router
Proceedings of the ACM SIGCOMM 2010 conference
Corey: an operating system for many cores
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
FSE'10 Proceedings of the 17th international conference on Fast software encryption
The case for ubiquitous transport-level encryption
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Cryptographics: secret key cryptography using graphics cards
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Privad: practical privacy in online advertising
Proceedings of the 8th USENIX conference on Networked systems design and implementation
PTask: operating system abstractions to manage GPUs as compute devices
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
GPU-assisted AES encryption using GCM
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
ACCENT: Cognitive cryptography plugged compression for SSL/TLS-based cloud computing services
ACM Transactions on Internet Technology (TOIT)
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
A disruption-tolerant transmission protocol for practical mobile data offloading
Proceedings of the third ACM international workshop on Mobile Opportunistic Networks
Shredder: GPU-accelerated incremental storage and computation
FAST'12 Proceedings of the 10th USENIX conference on File and Storage Technologies
Toward predictable performance in software packet-processing platforms
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Gdev: first-class GPU resource management in the operating system
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
The power of batching in the Click modular router
Proceedings of the Asia-Pacific Workshop on Systems
Taking proof-based verified computation a few steps closer to practicality
Security'12 Proceedings of the 21st USENIX conference on Security symposium
GPUstore: harnessing GPU computing for storage systems in the OS kernel
Proceedings of the 5th Annual International Systems and Storage Conference
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
The power of batching in the click modular router
APSys'12 Proceedings of the Third ACM SIGOPS Asia-Pacific conference on Systems
Generalized resource allocation for the cloud
Proceedings of the Third ACM Symposium on Cloud Computing
GPU-Acceleration of block ciphers in the OpenSSL cryptographic library
ISC'12 Proceedings of the 15th international conference on Information Security
Wire speed name lookup: a GPU-based approach
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Expressive privacy control with pseudonyms
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
The man who was there: validating check-ins in location-based services
Proceedings of the 29th Annual Computer Security Applications Conference
GPU and CPU parallelization of honest-but-curious secure two-party computation
Proceedings of the 29th Annual Computer Security Applications Conference
Toward a verifiable software dataplane
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Fast and flexible: parallel packet processing with GPUs and click
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
High-performance capabilities for 1-hop containment of network attacks
IEEE/ACM Transactions on Networking (TON)
Software dataplane verification
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
mTCP: a highly scalable user-level TCP stack for multicore systems
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
Secure end-to-end communication is becoming increasingly important as more private and sensitive data is transferred on the Internet. Unfortunately, today's SSL deployment is largely limited to security or privacy-critical domains. The low adoption rate is mainly attributed to the heavy cryptographic computation overhead on the server side, and the cost of good privacy on the Internet is tightly bound to expensive hardware SSL accelerators in practice. In this paper we present high-performance SSL acceleration using commodity processors. First, we show that modern graphics processing units (GPUs) can be easily converted to general-purpose SSL accelerators. By exploiting the massive computing parallelism of GPUs, we accelerate SSL cryptographic operations beyond what state-of-the-art CPUs provide. Second, we build a transparent SSL proxy, SSLShader, that carefully leverages the trade-offs of recent hardware features such as AESNI and NUMA and achieves both high throughput and low latency. In our evaluation, the GPU implementation of RSA shows a factor of 22.6 to 31.7 improvement over the fastest CPU implementation. SSLShader achieves 29K transactions per second for small files while it transfers large files at 13 Gbps on a commodity server machine. These numbers are comparable to high-end commercial SSL appliances at a fraction of their price.