ROSAEC center Seoul National University
NRF

Seminars & Workshops

Speaker:Kyung Soo Park , KAIST
When:2011-02-11 16:00
Place:Room 408, Bldg 302, SNU

Abstract

Secure end-to-end communication is becoming increasingly important as more private and sensitive data is transferred on the Internet. Unfortunately, today's SSL eployment is largely limited to security or privacycritical domains. The low adoption rate is mainly attributed to the heavy cryptographic computation overhead on the server side, and the cost of good privacy on the Internet is tightly bound to expensive hardware SSL accelerators in practice. In this talk, we present high-performance SSL acceleration using commodity processors. First, we show that modern graphics processing units (GPUs) can be easily converted to general-purpose SSL accelerators. By exploiting massive computing parallelism of GPUs, we accelerate core cryptographic operations beyond what state-of-the-art CPUs provide. Second, we build a transparent SSL proxy, SSLShader, that carefully leverages the trade-offs of recent hardware features such as AES-NI and NUMA architecture and achieves both high throughput and low latency. In our evaluation, the GPU implementation of RSA shows a factor of 21.8 to 30.4 improvement over the fastest CPU implementation. SSLShader achieves 26.7 K transactions per seconds for small files while it can transfer large files at 13 Gbps on a commodity server machine. These numbers are comparable to high-end commercial SSL appliances at a fraction of their price.

Short bio

KyoungSoo Park is E-won assistant professor in the department of Electrical Engineering at KAIST. He received his B.S. degree from Seoul National University in 1997, and his M.A. and Ph.D. degrees from Princeton University in 2004 and 2007, respectively, all in computer science. Before joining KAIST, he worked as assistant professor in the computer science department at University of Pittsburgh in the year of 2009. His research interests focus on the reliability, performance, and security issues in the design and implementation of networked computing systems. He has developed CoBlitz, a scalable large-file content distribution network (CDN), which is now used to serve the commercial CDN traffic in Polish Telecom. He has co-developed HashCache, a memoryefficient caching storage system for developing regions, which was chosen one of the top 10 technologies in 2009 by the MIT technology review magazine. He is currently working on novel networked systems design, exploiting new opportunities with innovative hardware such as GPUs, PRAM, and many-core CPUs.

Resources



© Copyright 2008-2010 ROSAEC Center, Seoul National University