Vinodh Gopal

A hybrid network coding technique for single-hop wireless networks

In this paper, we investigate a hybrid network coding technique to be used at a wireless base station (BS) or access point (AP) to increase the throughput efficiency of single-hop wireless networks. Traditionally, to provide reliability, lost packets from different flows (applications) are retransmitted separately, leading to inefficient use of wireless bandwidth. Using the proposed hybrid network coding approach, the BS encodes these lost packets, possibly from different flows together before broadcasting them to all wireless users. In this way, multiple wireless receivers can recover their lost packets simultaneously with a single transmission from the BS. Furthermore, simulations and theoretical analysis showed that when used in conjunction with an appropriate channel coding technique under typical channel conditions, this approach can increase the throughput efficiency up to 3.5 times over the automatic repeat request (ARQ), and up to 1.5 times over the HARQ techniques.

Fast Modular Reduction

It is widely acknowledged that efficient modular multiplication is a key to high-performance implementation of public-key cryptography, be it classical RSA, Diffie-Hellman, or (hyper-) elliptic curve algorithms. In the recent decade, practitioners have relied mainly on two popular methods: Montgomery Multiplication and regular long-integer multiplication in combination with Barretts modular reduction technique. In this paper, we propose a modification to Barretts algorithm that leads to a significant reduction (25% to 75%) in multiplications and additions.

Fast multiplication techniques for public key cryptography

We describe two novel techniques for multiplying polynomials which help with accelerating popular public key cryptographic algorithms like RSA and key exchange techniques like Elliptic Curve Diffie Hellman. The first technique is based on an algorithm for generating one-iteration Karatsuba-like formulae using graphs. The novelty of our approach lies on the correlation between graph properties (i.e. vertices, edges and sub-graphs) and the Karatsuba-like terms of big number multiplication routines. The second technique is an improvement over the one-iteration extension to Karatsuba proposed by Weimerskirch and Paar (2003) that yields better performance when the input polynomials have odd number of coefficients. We present experimental data that show that our techniques boost the performance of public key and key exchange algorithms substantially.

Data De-duplication and Event Processing for Security Applications on an Embedded Processor

Network security schemes generally deploy sensors and other network devices which generate huge volumes of data, overwhelming the underlying decision making algorithms. An example is corporate networks employing intrusion detection systems where there is a deluge of alert data, confounding the computations involved in sensor information fusion and alert correlation. One way to obtain fast and real-time responses is to preprocess such data to manageable sizes. In this paper, we show that data de-duplication using computationally efficient fingerprinting algorithms can provide real-time results. We present an algorithm which utilizes Rabin Fingerprinting/hashing scheme for the purpose of data de-duplication. We have implemented this algorithm on Intel Atom, which is a powerful, energy efficient embedded processor. Our study is intended to show that the relatively low performing embedded processors are capable of providing the needed computational support if they were to handle security functions in the field. When compared to the algorithmic performance on a high end system, viz. Intel Core 2 Duo processor, the positive results obtained make a case for using the Atom processor in networked applications employing mobile devices.

Accelerated Processing of Secure Email by Exploiting Built-in Security Features on the Intel EP80579 Integrated Processor with Intel QuickAssist Technology

Domain Keys Identified Mail (DKIM) is one of the widely used mechanisms by which email messages can be cryptographically signed, permitting a signing domain to claim responsibility for the release of an email into the mail stream. As the volume of emails exchanged becomes large, the software implementations of DKIM using OpenSSL library will become a limiting factor of performance due to the heavy computations involved. In this largely empirical work, we identify the computation intensive modules of DKIM and solve the performance issues by implementing their functions on COTS hardware. Our approach makes use of the Intel Embedded processor Tolapai (Intel EP80579) that has several built-in cryptographic functionalities, viz. security accelerators for bulk encryption, authentication, hashing and public/private key generation and digital signing. Experimental results show that an overall 50% acceleration can be achieved by transparently migrating the DKIM functionalities to hardware.