An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. Wh...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf http://eprints.utm.my/id/eprint/18290/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| Language: | English |
| id |
my.utm.18290 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.182902018-06-26T07:52:33Z http://eprints.utm.my/id/eprint/18290/ An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware Paramasivam, Vishnu TK Electrical engineering. Electronics Nuclear engineering The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. When using the SSL/TLS protocol, the computational power required is typically too much for most embedded systems, because cryptographic functions are computationally extensive. The solution to this problem would be to perform hardware acceleration of computationally intensive cryptographic functions. This thesis proposes an embedded cryptosystem with Field Programmable Gate Array based hardware acceleration for networking security, applying the OpenSSL cryptographic protocol. The key cryptographic functions used in SSL/TLS-driven connections are Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), Rivest-Shamir-Adleman (RSA), and Random Number Generation (RNG). The AES hardware symmetric cryptographic hardware core is newly designed, the SHA-1, SHA-2, RNG, and RSA cores are improved from previous work, and the system bus interface of these hardware cores are upgraded. All of these hardware cores are integrated into an embedded system implemented as a System-on-Chip. Finally, the OpenSSL cryptographic library is accelerated using this cryptosystem to improve the performance of networking security. Nios2-Linux Real Time Operating System is used within the embedded system. It provides native support for Ethernet, Universal Serial Bus, multitasking, standard Linux functions, and has a large collections of ready-to-use libraries, which includes the OpenSSL library. Applications are written to test, verify, and benchmark the embedded cryptosystem. Results show an improvement in performance by 9 to 278 times of the OpenSSL crypto library, depending on the algorithm accelerated. The performance for networking security using the SSL/TLS protocol through the OpenSSL library is also improved. 2009 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf Paramasivam, Vishnu (2009) An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware. Masters thesis, Universiti Teknologi Malaysia, Faculty of Electrical Engineering. |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
TK Electrical engineering. Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering. Electronics Nuclear engineering Paramasivam, Vishnu An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| description |
The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. When using the SSL/TLS protocol, the computational power required is typically too much for most embedded systems, because cryptographic functions are computationally extensive. The solution to this problem would be to perform hardware acceleration of computationally intensive cryptographic functions. This thesis proposes an embedded cryptosystem with Field Programmable Gate Array based hardware acceleration for networking security, applying the OpenSSL cryptographic protocol. The key cryptographic functions used in SSL/TLS-driven connections are Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), Rivest-Shamir-Adleman (RSA), and Random Number Generation (RNG). The AES hardware symmetric cryptographic hardware core is newly designed, the SHA-1, SHA-2, RNG, and RSA cores are improved from previous work, and the system bus interface of these hardware cores are upgraded. All of these hardware cores are integrated into an embedded system implemented as a System-on-Chip. Finally, the OpenSSL cryptographic library is accelerated using this cryptosystem to improve the performance of networking security. Nios2-Linux Real Time Operating System is used within the embedded system. It provides native support for Ethernet, Universal Serial Bus, multitasking, standard Linux functions, and has a large collections of ready-to-use libraries, which includes the OpenSSL library. Applications are written to test, verify, and benchmark the embedded cryptosystem. Results show an improvement in performance by 9 to 278 times of the OpenSSL crypto library, depending on the algorithm accelerated. The performance for networking security using the SSL/TLS protocol through the OpenSSL library is also improved. |
| format |
Thesis |
| author |
Paramasivam, Vishnu |
| author_facet |
Paramasivam, Vishnu |
| author_sort |
Paramasivam, Vishnu |
| title |
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| title_short |
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| title_full |
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| title_fullStr |
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| title_full_unstemmed |
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| title_sort |
embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware |
| publishDate |
2009 |
| url |
http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf http://eprints.utm.my/id/eprint/18290/ |
| _version_ |
1643646855499743232 |