An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware

The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. Wh...

Full description

Saved in:
Bibliographic Details
Main Author: Paramasivam, Vishnu
Format: Thesis
Language:English
Published: 2009
Subjects:
Online Access:http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.18290
record_format uketd_dc
spelling my-utm-ep.182902018-06-26T07:52:33Z An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware 2009 Paramasivam, Vishnu TK Electrical engineering. Electronics Nuclear engineering The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. When using the SSL/TLS protocol, the computational power required is typically too much for most embedded systems, because cryptographic functions are computationally extensive. The solution to this problem would be to perform hardware acceleration of computationally intensive cryptographic functions. This thesis proposes an embedded cryptosystem with Field Programmable Gate Array based hardware acceleration for networking security, applying the OpenSSL cryptographic protocol. The key cryptographic functions used in SSL/TLS-driven connections are Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), Rivest-Shamir-Adleman (RSA), and Random Number Generation (RNG). The AES hardware symmetric cryptographic hardware core is newly designed, the SHA-1, SHA-2, RNG, and RSA cores are improved from previous work, and the system bus interface of these hardware cores are upgraded. All of these hardware cores are integrated into an embedded system implemented as a System-on-Chip. Finally, the OpenSSL cryptographic library is accelerated using this cryptosystem to improve the performance of networking security. Nios2-Linux Real Time Operating System is used within the embedded system. It provides native support for Ethernet, Universal Serial Bus, multitasking, standard Linux functions, and has a large collections of ready-to-use libraries, which includes the OpenSSL library. Applications are written to test, verify, and benchmark the embedded cryptosystem. Results show an improvement in performance by 9 to 278 times of the OpenSSL crypto library, depending on the algorithm accelerated. The performance for networking security using the SSL/TLS protocol through the OpenSSL library is also improved. 2009 Thesis http://eprints.utm.my/id/eprint/18290/ http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Electrical Engineering Faculty of Electrical Engineering
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
language English
topic TK Electrical engineering
Electronics Nuclear engineering
spellingShingle TK Electrical engineering
Electronics Nuclear engineering
Paramasivam, Vishnu
An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
description The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transport Layer Security (TLS) can be used to secure applications that communicate over a network. The most widely deployed, freely available implementation of the SSL/TLS protocol is the OpenSSL library. When using the SSL/TLS protocol, the computational power required is typically too much for most embedded systems, because cryptographic functions are computationally extensive. The solution to this problem would be to perform hardware acceleration of computationally intensive cryptographic functions. This thesis proposes an embedded cryptosystem with Field Programmable Gate Array based hardware acceleration for networking security, applying the OpenSSL cryptographic protocol. The key cryptographic functions used in SSL/TLS-driven connections are Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), Rivest-Shamir-Adleman (RSA), and Random Number Generation (RNG). The AES hardware symmetric cryptographic hardware core is newly designed, the SHA-1, SHA-2, RNG, and RSA cores are improved from previous work, and the system bus interface of these hardware cores are upgraded. All of these hardware cores are integrated into an embedded system implemented as a System-on-Chip. Finally, the OpenSSL cryptographic library is accelerated using this cryptosystem to improve the performance of networking security. Nios2-Linux Real Time Operating System is used within the embedded system. It provides native support for Ethernet, Universal Serial Bus, multitasking, standard Linux functions, and has a large collections of ready-to-use libraries, which includes the OpenSSL library. Applications are written to test, verify, and benchmark the embedded cryptosystem. Results show an improvement in performance by 9 to 278 times of the OpenSSL crypto library, depending on the algorithm accelerated. The performance for networking security using the SSL/TLS protocol through the OpenSSL library is also improved.
format Thesis
qualification_level Master's degree
author Paramasivam, Vishnu
author_facet Paramasivam, Vishnu
author_sort Paramasivam, Vishnu
title An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
title_short An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
title_full An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
title_fullStr An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
title_full_unstemmed An embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
title_sort embedded system for networking security applying cryptographic acceleration in field programmable gate array hardware
granting_institution Universiti Teknologi Malaysia, Faculty of Electrical Engineering
granting_department Faculty of Electrical Engineering
publishDate 2009
url http://eprints.utm.my/id/eprint/18290/1/VishnuParamasivamMFKE2009.pdf
_version_ 1747815239100923904