Encrypting the internet

Michael E. Kounavis, Xiaozhu Kang, Ken Grewal, Mathew Eszenyi, Shay Gueron, David Durham

Research output: Contribution to journalArticlepeer-review

Abstract

End-to-end communication encryption is considered necessary for protecting the privacy of user data in the Internet. Only a small fraction of all Internet traffic, however, is protected today. The primary reason for this neglect is economic, mainly security protocol speed and cost. In this paper we argue that recent advances in the implementation of cryptographic algorithms can make general purpose processors capable of encrypting packets at line rates. This implies that the Internet can be gradually transformed to an information delivery infrastructure where all traffic is encrypted and authenticated. We justify our claim by presenting technologies that accelerate end-to-end encryption and authentication by a factor of 6 and a high performance TLS 1.2 protocol implementation that takes advantage of these innovations. Our implementation is available in the public domain for experimentation.

Original languageEnglish
Pages (from-to)135-146
Number of pages12
JournalComputer Communication Review
Volume40
Issue number4
DOIs
StatePublished - 2010
Externally publishedYes

Keywords

  • AES
  • Cryptographic algorithm acceleration
  • GCM
  • HTTPS
  • RSA
  • SSL
  • Secure communications
  • TLS

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Encrypting the internet'. Together they form a unique fingerprint.

Cite this