||
本文为美国密歇根大学(作者:LisaWu)的硕士论文,共45页。
互联网作为安全通信和电子商务载体的发展,使密码处理性能成为高吞吐系统设计的前沿。密码学提供了在通信中实现问责制、准确性和保密性所必需的机制。随着安全协议(如安全IP(IPSEC)和虚拟专用网络(VPN))的广泛采用,这一趋势将进一步得到加强。因此,高效的密码处理对于良好的系统性能将变得越来越重要。
在本论文中,我们将探讨硬件/软件设计技术,以提升密钥密码演算法的效能。我们引入了新的指令来提高所分析算法的效率,并进一步介绍了Crypto Maniac处理器,一种用于密码工作负载的快速、灵活的协同处理器。我们的第一种方法是添加指令集支持快速替换、一般排列、旋转和模块化算法。对优化密码的性能分析表明,在有旋转指令的基线设备上,整体加速率为59%;在没有旋转指令的基线设备上,整体加速率为74%。通过优化的替换(SBOX)和额外的功能单元资源,可以验证更高的加速率。我们对原始和优化算法的分析为高性能可编程密码处理器的设计提供了未来研究的方向。
为了跟进这些建议,我们的第二种方法是设计一个运行加密算法的高效硬件。我们分析了一种0.25um的物理设计,它运行的标准Rijndael密码算法比600MHz Alpha 21264处理器快2.25倍。此外,在相同的技术下,我们的实施只需要1/100的面积和功率。我们已经证明,我们的设计性能与3DES(三重DES)算法的最先进专用硬件可以一较高低,同时保持多个密码算法的灵活性。最后,我们定义了一个可扩展的系统体系架构,该体系架构结合了密码学处理元素,以利用许多通信协议中可用的会话间和包间并行性。通过I/O跟踪和详细的时序模拟,我们证明了芯片多处理器配置可以有效地服务于高吞吐量应用,包括安全的Web和磁盘I/O处理。
The growth of the Internet as a vehicle forsecure communication and electronic commerce has brought cryptographicprocessing performance to the forefront of high throughput system design.Cryptography provides the mechanisms necessary to implement accountability,accuracy, and confidentiality in communication. This trend will be furtherunderscored with the widespread adoption of secure protocols such as secure IP(IPSEC) and virtual private networks (VPNs). Efficient cryptographic processing,therefore, will become increasingly vital to good system performance. In thisthesis, we explore hardware/software-design techniques to improve theperformance of secretkey cipher algorithms. We introduce new instructions thatimprove the efficiency of the analyzed algorithms, and further introduce theCryptoManiac processor, a fast and flexible co-processor for cryptographicworkloads. Our first approach is to add instruction set support for fastsubstitutions, general permutations, rotates, and modular arithmetic.Performance analysis of the optimized ciphers shows an overall speedup of 59%over a baseline machine with rotate instructions and 74% speedup over abaseline without rotates. Even higher speedups are demonstrated with optimizedsubstitutions (SBOX’s) and additional functional unit resources. Our analysesof the original and optimized algorithms suggest future directions for thedesign of high-performance programmable cryptographic processors. To follow upon these suggestions, our second approach is to design an efficient piece ofhardware that runs cryptographic algorithms. We present analysis of a 0.25umphysical design that runs the standard Rijndael cipher algorithm 2.25 timesfaster than a 600MHz Alpha 21264 processor. Moreover, our implementation requires1/100th the area and power in the same technology. We demonstrate that theperformance of our design rivals a state-of-the-art dedicated hardwareimplementation of the 3DES (triple DES) algorithm, while retaining theflexibility to simultaneously support multiple cipher algorithms. Finally, wedefine a scalable system architecture that combines CryptoManiac processingelements to exploit inter-session and inter-packet parallelism available inmany communication protocols. Using I/O traces and detailed timing simulation,we show that chip multiprocessor configurations can effectively service highthroughput applications including secure web and disk I/O processing.
更多精彩文章请关注公众号:
Archiver|手机版|科学网 ( 京ICP备07017567号-12 )
GMT+8, 2024-11-23 21:06
Powered by ScienceNet.cn
Copyright © 2007- 中国科学报社