Must Read Books   My Server   Web   Music

Tag Archives | HTTPS


Juliano Rizzo and Thai Duong presented a new attack on the SSL/TLS protocol family using an utility named BEAST.

Comments are closed

Accelerating SSL/TLS protocol stacks on GPUs

Lately, there is a new upcoming trend for accelerating security protocols on Graphics Processor Units (GPUs). The in parallel processing that GPUs offer, in combination with the several cores with which GPUs are equipped, reveal a promising and quite attractive alternative. Of course, there is always the drawback of power consumption (110-300 Watts), which could be 2-4 times more than the one that the latest generations of CPUs report. Nevertheless, the performance benefits especially for expensive computations (such as RSA operations) yield a 9-10 times faster processing. Until now, most of the experiments were targeting cryptanalysis tasks, but in the future we might see security protocols to be ported in languages like CUDA or OpenCL. Here is a very interesting and recent investigation for Accelerating TLS/SSL on GPUs. The comparison betweenGPUs and CPUs is very impressive. Imagine that the authors did not even patched the OpenSSL and they only used a web proxy structure in order to off-load the workload on GPUs. Already the first signs for porting security stacks appeared: Running CyaSSL on a GPU. Graphics Processor Units are portablecompetitively cheap and extremely powerful. There are no guarantees that this emerging approach will be adopted, but all the facts show a great value for performance reasons.

Comments are closed

The Undisputed Truth: SSL/TLS

Recently, I found myself working at the Secure Socket Layer (SSL) and Transport Layer Security (TLS) standards, mostly for optimizing and accelerating the expensivecryptographic operations. In particular, I examined the OpenSSL toolkit and I tried to figure out, what applies into the real world (web browsers, web servers, open source SSL/TLS stacks). The scenery is quite fuzzy and sometimes insecure. The lack of a unified direction and the unavoidable need for backward compatibility with all the versions of standards create an environment with several possible configurations. Unfortunately, this introduces significant space for security flaws (e.g. man-in-the-middle attacks) and thus, the proper attention is needed when SSL/TLS is applied. Ivan Ristic conducted an excellent research for SSL Labs. This research gives a great overview of the usage of SSL/TLS in real-life and presents an in depth analysis for all the cryptographic features. The results of this investigation will be presented in Black Hat 2010 USA.

The presentation can be found here.

Comments are closed