ENCRYPTION ISSUES: MOVING TOWARD HIGHER PERFORMANCE NETWORK SECURITY SUBSYSTEMS.The Internet is an inherently insecure medium. Sensitive data must be encrypted before being dispatched, meaning that all Virtual Private Network (VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. ) traffic must be encrypted before it is transmitted. This is particularly important for e-commerce involving credit card numbers, bank statements, corporate proprietary records, and other sensitive data. The growing popularity of e-commerce and VPNs is making cryptographic security a critical gateway feature. But at the same time, it is creating a major gateway bottleneck. Internet gateways handle enormous volumes of traffic from many simultaneous sessions. Computational demands of security are greater compared to other gateway tasks. Consequently, as secure sessions become more common, the usual gateway architecture is increasingly less suitable. Security functions are overly burdensome largely due to the nature of algorithms employed and the fact every byte in a packet must be processed. Most other gateway tasks only operate on packet headers. Cryptography works on the premise that an encrypted message is virtually impossible to decode by an unauthorized user, but is merely difficult to the authorized user authorized user Radiation physics A person who, having satisfied the applicable training and experience requirements, is granted authority to order radioactive material and accepts responsibility for its safe receipt, storage, use, transfer and disposal . The algorithms used to implement security, encryption, compression, and authentication can be performed in software, which is ideal for systems handling small numbers of connections. However, when large numbers of users exercise the same security features at the same time, they create a bottleneck that cannot be alleviated with software implementations. In this instance, performance must be achieved through specialized hardware. Internet Protocol See Internet and TCP/IP. (networking) Internet Protocol - (IP) The network layer for the TCP/IP protocol suite widely used on Ethernet networks, defined in STD 5, RFC 791. IP is a connectionless, best-effort packet switching protocol. security or IPSec is the security measure for protecting corporate data and access to corporate resources over the Internet, regardless whether those accesses come from the remote user or branch office. These users access the Internet via a local connection to their service provider and data is encrypted via that channel to create the VPN. The implementation of IPSec can be in a firewall, integrated as a feature in a router, or in a separate dedicated VPN gateway. Remote access and branch office applications take into account a great number of telecommuters and field sales personnel in most cases. Plus, branch offices may have upwards of 50 or more remote locations worldwide. Each may have multiple T1 or T3 lines to the Internet, and they transfer data among themselves, as well as with headquarters. Hence, the requirements on the headquarters gateway are exceptionally high in terms of the demanded bandwidth, which, in turn, creates major traffic bottlenecks. Internet Protocol Security A complete IP security solution implements IPSec, Internet Key Exchange Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. Overview IKE is defined in RFC 2407, RFC 2408 and RFC 2409. IKEv2 is defined in RFC 4306. (IKE), and IP Payload Compression Protocol The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. (IPPCP IPPCP Internet Protocol Payload Compression Protocol ). These protocols define the use of public-key encryption (cryptography) public-key encryption - (PKE, Or "public-key cryptography") An encryption scheme, introduced by Diffie and Hellman in 1976, where each person gets a pair of keys, called the public key and the private key. , data compression data compression Process of reducing the amount of data needed for storage or transmission of a given piece of information (text, graphics, video, sound, etc.), typically by use of encoding techniques. , symmetric key encryption, and authentication to implement a security solution. All these operations are computationally intensive and, depending on the bandwidth needed, may require hardware acceleration In computing, hardware acceleration is the use of hardware to perform some function faster than is possible in software running on the normal (general purpose) CPU. Examples of hardware acceleration include blitting acceleration functionality in graphics processing units (GPUs) and . Public key encryption See public key cryptography. is used to exchange the symmetric keys when a secure communication link is established. The IKE protocol is used in conjunction with IPSec to perform this task. It validates the identity of users and allows them to exchange new encryption keys for every session without revealing the key in unencrypted form. Symmetric keys are the keys that perform data scrambling on each IP packet. Symmetric key cryptography (cryptography) symmetric key cryptography - A cryptography system in which both parties have the same encryption key, as in secret key cryptography. Opposite: public-key cryptography. is used to encrypt each packet instead of public key cryptography An encryption method that uses a two-part key: a public key and a private key. To send an encrypted message to someone, you use the recipient's public key, which can be sent to you via regular e-mail or made available on any public Web site or venue. because it is considerably less computationally intensive. Symmetric key encryption makes transmitted data unreadable to all but the intended recipient. Authentication is essentially a testing vehicle to make sure the secured data hasn't been violated. The IPSec protocol defines the use of encryption and authentication at the network layer. Lastly, compression reduces the size of the packet and, thus, mitigates some of the performance impact that IPSec can have on network performance. IPPCP defines the use of compression at the network layer. IKE Acceleration IKE represents one bottleneck. An encrypted data session begins with an automatic encryption key exchange. These keys are randomly generated for each session by their associated CPU CPU in full central processing unit Principal component of a digital computer, composed of a control unit, an instruction-decoding unit, and an arithmetic-logic unit. hosts. When new keys are used for each session, eavesdroppers or snoopers cannot use old keys to decrypt To convert secretly coded data (encrypted data) back into its original form. Contrast with encrypt. See plaintext and cryptography. new messages. However, the two systems must agree on keys. Otherwise, they won't be able to decrypt each other's messages. The Diffie-Heilman (DH) algorithm which is part of the IKE protocol provides a mechanism for setting up a secret, but unauthenticated connection between two parties. The two without fear of eavesdroppers can negotiate a secret session key. DH involves transmission of just enough information so that the two CPU hosts can derive the key to be used. However, an eavesdropper eaves·drop intr.v. eaves·dropped, eaves·drop·ping, eaves·drops To listen secretly to the private conversation of others. won't be able to do so. Authentication during the key exchange is provided by RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. or DSA (1) (Directory Server Agent) An X.500 program that looks up the address of a recipient in a Directory Information Base (DIB), also known as white pages. It accepts requests from the Directory User Agent (DUA) counterpart in the workstation. public key algorithms, which are also part of the IKE protocol. IKE does not use the arithmetic operations of an average CPU instruction set. Rather than utilizing 32-bit integers or 64-bit floating point, key exchange heavily depends on extended precision modular arithmetic (mathematics) modular arithmetic - (Or "clock arithmetic") A kind of integer arithmetic that reduces all numbers to one of a fixed set [0..N-1] (this would be "modulo N arithmetic") by effectively repeatedly adding or subtracting N (the "modulus") until the result is within this using 512-, 1024, or even 2048-bit integers. Also, the operations of this modular arithmetic are not limited to four-function arithmetic, but rely on such operations as modular exponentiation. Since these keys are very large, their operation cannot be processed adequately by a general-purpose processor. Key exchange only occurs during session initiation. The process is so slow that it can bog down the system. This can severely impact systems in which time sensitive data, such as Voice Over IP (VoIP), are transmitted even if that data is not secure. Special-purpose hardware that is architecturally suited is the best approach for handling the IKE computational load. A single chip public key processor is an example of the type of hardware needed. The modular arithmetic unit embedded in this chip operates on integers of up to 1024 bits wide and reads operands from the data register file, operates on them, and writes the results back to the data register file. IPSec Performance Issues Implementing IPSec can result in IP packet fragmentation and additional data transfers within the system. Both of these issues can gridlock Gridlock A government, business or institution's inability to function at a normal level due either to complex or conflicting procedures within the administrative framework or to impending change in the business. what is often an already over burdened resource: the main system bus. In addition, systems requiring more than about Mbit/sec of security performance need IPSec hardware acceleration. Packet Fragmentation When IPSec is applied to a data packet at IP Layer 3, a header or trailer or both is added to the packet to let the receiving system know that IP security is used and to call out the associated algorithms. As a result, the packet grows in length. For example, an Ethernet packet is 1,500 bytes, but once encrypted, it becomes bigger. Once the packet is enlarged, it is difficult to route it through the network. Hence, it must be split into two packets, known as IP fragmentation. The original packet may be 1,490 bytes, however, it increases to 1,544 bytes after new IP and Encapsulating Security Payload (ESP (1) (Enhanced Service Provider) An organization that adds value to basic telephone service by offering such features as call-forwarding, call-detailing and protocol conversion. ) headers, trailer information, and Message Authentication Code A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. A MAC algorithm accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a tag). (MAC) value are added as called out in IPSec. This increases the original packet by 54 bytes, and thus, the original packet must now be fragmented into two packets. These additional packets impose an additional processing burden on the system. By compressing the data prior to encryption, the original packet is smaller and the additional headers and trailers added by IPSec are far less likely to induce IP fragmentation. The use of compression, implemented in IPPCP, reduces the performance impact of IPSec. Data Transfers if different system resources implement compression and encryption, data is forced to traverse across the system bus multiple times as it moves data to and from packet memory and the processor and on to each individual hardware accelerator. For example, data can come into packet memory. Then, it can go to the compressor, back to packet memory and then to the encryptor chip, back to packet memory, and to the authentication device and then back to packet memory. Data can crisscross the system bus multiple times as a result and this intensive processing of data bogs down system performance. When the system incorporates a single chip completely fitted with compression, encryption, and authentication functionality, data moves across the system bus two times--once to the packet memory and another time back to the integrated compressor, encryption, authentication chip. Examples of these security processors include Hi/fn's 7711, 7751, and 7811 chips. The 7751 and 7711 each handle up to eight T1/E1 links, while the 7811 handles three times as many. A key design feature these security engines offer is the optional implementation of either a single protocol algorithm, none, or all the compression, encryption, and authentication protocols on a data packet. These options hand network system designers considerable engineering and design flexibility in various applications. For example, a PPP (Point-to-Point Protocol) The most popular method for transporting IP packets over a serial link between the user and the ISP. Developed in 1994 by the IETF and superseding the SLIP protocol, PPP establishes the session between the user's computer and the ISP using compression packet going to a remote access concentrator A remote access server that supports one or more T1/E1 lines, allowing multiple analog and ISDN calls to come in over one port from the telephone company. Remote access concentrators can handle much higher call densities than remote access servers. may only require LZS LZS Ludowe Zespoly Sportowe (Polish organization that promotes sports in rural areas) LZS Lempel Ziv STAC (data compression algorithm used in IPSEC protocol) compression and no other algorithm. Hence, a 7711 chip, for instance, can be instructed accordingly to only apply the LZS compression algorithm. On the other hand, if another link happens to be an IPSec link, it can be instructed to perform LZS, Triple DES, and MD5 on the packet. Chips like these in particular applications areas can support multiple protocols for all the sessions an access concentrator supports. They can support PPP compression and multiple channel of this, as well as multiple channels of IPSec. In a VPN/IPSec-based design, encryption can pose certain performance degradation issues, unless special care is taken to factor in compression. It is best to compress source data prior to encryption to minimize or eliminate all together IP fragmentation, which can adversely affect system performance. Single pass compression, encryption, and authentication presents the most efficient design route in these instances. Mark Muegge is the product manager, Hi/fn, Inc. (Los Gatos, CA). www.hifn.com |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion