Abstract
End-to-end communication encryption is considered necessary for protecting the privacy of user data in the Internet. Only a small fraction of all Internet traffic, however, is protected today. The primary reason for this neglect is economic, mainly security protocol speed and cost. In this paper we argue that recent advances in the implementation of cryptographic algorithms can make general purpose processors capable of encrypting packets at line rates. This implies that the Internet can be gradually transformed to an information delivery infrastructure where all traffic is encrypted and authenticated. We justify our claim by presenting technologies that accelerate end-to-end encryption and authentication by a factor of 6 and a high performance TLS 1.2 protocol implementation that takes advantage of these innovations. Our implementation is available in the public domain for experimentation.
Original language | English |
---|---|
Pages (from-to) | 135-146 |
Number of pages | 12 |
Journal | Computer Communication Review |
Volume | 40 |
Issue number | 4 |
DOIs | |
State | Published - 2010 |
Externally published | Yes |
Keywords
- AES
- Cryptographic algorithm acceleration
- GCM
- HTTPS
- RSA
- SSL
- Secure communications
- TLS
ASJC Scopus subject areas
- Software
- Computer Networks and Communications