Cryptography on Multi-core Architectures

Background

During the past decades, the processing power of central processing units (CPU) has continuously increased. For a long time, performance improvements have mainly been achieved by an increase of the CPU’s clock frequency. As this approach has maxed out due to physical limitations, performance improvements are nowadays usually achieved by integration of multiple processor cores. This allows for a parallel execution of instructions and computations and again increases the overall processing power.

To employ the power of multiple processor cores, appropriate algorithms that carry out in parallel as many processing steps as possible are required. This approach seems especially suitable to improve computationally complex cryptographic methods. Unfortunately, the parallelization of algorithms also introduces a certain overhead. Thus, parallelization of software is only advantageous for computations of a certain complexity.

Objectives

In this project, we have tried to evaluate if and how the performance of cryptographic algorithms can be improved by parallelization and the usage of multi-core architectures. In a first step, we have analyzed on which level of abstraction parallelism can be applied to cryptographic algorithms. By means of a concrete Java implementation, the efficiency of the applied parallelization has been tested on three different test environments.

For the performed evaluation we have analyzed the cryptographic methods RSA key generation, RSA cipher, and ECDSA signature verification. These algorithms have been parallelized by means of two different Java parallelization approaches in order to be able to compare the power of these two methods. The achieved performance improvements are described in more detail below.

Results

Figure 1 illustrates the achieved performance improvements that result from a parallelization of the RSA key generation algorithm. The three charts of Figure 1 represent results obtained from the three test environments. In each chart, the three curves represent the three different implementations of the same cryptographic algorithm. The x-axis represents the number of operations that has been carried out. The y-axis shows the amount of time that has been required to carry out these operations.

On all three test environments, significant performance improvements could be observed for parallelized implementations of the RSA key generation algorithm. However, there was no significant difference in the efficiency of the two different parallelization methods provided by the Java framework.

Similar results have also been obtained for the other two investigated cryptographic algorithms. The performance of all cryptographic operations could be significantly improved by applying parallelism. Both evaluated parallelization methods available under Java have led to comparable results. Details on the obtained results are provided in the following figures.

Figure 1 – Results – RSA Key Generation

Figure 1: Results – RSA Key Generation

Figure 2 – Results – RSA Cipher

Figure 2: Results – RSA Cipher

Figure 3 – Results – ECDSA Signature Verification

Figure 3: Results – ECDSA Signature Verification

Scientific Publication

The results of this project will be presented on the 7th International Conference on Web Information Systems and Technologies (WEBIST) and published in the conference proceedings.