Over the last several years, our research team built a commercially-offered
secure coprocessor that, besides other features, offers high-speed DES:
over 20 megabytes/second.
However, it obtains these speeds only on operations with large data
lengths. For DES operations on short data (e.g., 8-80 bytes), our
commercial offering was benchmarked at less than 2 kilobytes/second.
The programmability of our device enabled us to investigate this issue,
identify and address a series of bottlenecks that were not initially apparent,
and ultimately bring our short-DES performance close to 3 megabytes/second.
This paper reports the results of this real-world systems exercise in
hardware cryptographic acceleration---and demonstrates the importance of,
when designing specialty hardware, not overlooking the software aspects
governing how a device can be used.
By: M. Lindemann, S. W. Smith
Published in: Proceedings of the 10th USENIX Security Symposium. Berkeley, CA, USENIX Association, p.67-81 in 2001
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .