IBM Systems Journal - Special issue on cryptology
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Performance Engineering of Software Systems
Performance Engineering of Software Systems
Practical server privacy with secure coprocessors
IBM Systems Journal - End-to-end security
Secure coprocessor integration with kerberos V5
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Encryption Modes with Almost Free Message Integrity
Journal of Cryptology
High-speed I/O: the operating system as a signalling mechanism
NICELI '03 Proceedings of the ACM SIGCOMM workshop on Network-I/O convergence: experience, lessons, implications
Practical server privacy with secure coprocessors
IBM Systems Journal - End-to-end security
Security Enhancement in InfiniBand Architecture
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Papers - Volume 01
TCP offload is a dumb idea whose time has come
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Hi-index | 0.00 |
Over the last several years, our research team built a commercially-offered secure coprocessor that, besides other features, offers high-speed DES: over 20 megabytes/second. However, it obtains these speeds only on operations with large data lengths. For DES operations on short data (e.g., 8-80 bytes), our commercial offering was benchmarked at less than 2 kilobytes/second. The programmability of our device enabled us to investigate this issue, identify and address a series of bottlenecks that were not initially apparent, and ultimately bring our short-DES performance close to 3 megabytes/second. This paper reports the results of this real-world systems exercise in hardware cryptographic acceleration--and demonstrates the importance of, when designing specialty hardware, not overlooking the software aspects governing how a device can be used.