Security enhancement in infiniBand architecture

Proceedings - 19th IEEE International Parallel and Distributed Processing Symposium, IPDPS 2005

Volumn 2005, Issue , 2005, Pages

  Lee, Manhee ^a   Kim, Eun Jung ^a   Yousif, Mazin ^b  

^a TEXAS A AND M UNIVERSITY   (United States)

^b INTEL CORPORATION   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

DATA PACKETS; INFINIBAND™ ARCHITECTURE (IBA); INVARIANT CRC (ICRC); SYSTEM AREA NETWORKS (SAN);

ADAPTIVE ALGORITHMS; COMPUTER ARCHITECTURE; COMPUTER NETWORKS; OPTIMIZATION; PACKET NETWORKS; TEXT PROCESSING;

SECURITY OF DATA;

EID: 33746298446     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IPDPS.2005.396     Document Type: Conference Paper

References (39)

1. Adcock, J.M. Balenson, D.M. Carman, D.W. Heyman, M. Sherman, A.T., "Trading off strength and performance in network authentication: experience with the ACSA project," In Proceedings of DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00.
2. John Black, Shai Halevi, Hugo Krawczyk, Ted Krovetz, and Phillip Rogaway, "UMAC: Fast and Secure Message Authentication," Advances in Cryptology - CRYPTO '99. Lecture Notes in Computer Science, vol. 1666, Springer-Verlag, 1999, pp. 216-233.
3. A. Bosselaers, "Even faster hashing on the Pentium," presented at the rump session of Eurocrypto '97.
4. Kay Connelly and Andrew A. Chien, "Breaking the Barriers: High Performance Security for HighPerformance Computing," in New Security Paradigms Workshop '02, 2000.
5. Sven Dietrich, Neil Long, and David Dittrich, "Analyzing distributed denial of service attack tools: The shaft case," in 14th Systems Administration Conference, LISA 2000, 2000.
6. Rossen Dimitrov and Matthew Gleeson, "Challenges and New Technologies for Addressing Security in High Performance Distributed Environments," in Proceedings of the 21st National Information Systems Security Conference 457-468.
7. Dave Dittrich, "Distributed Denial of Service (DDoS) attacks/tools resource," http://staff.washington.edu/ittrich/misc/ddos/, 2000.
8. Geer, D. "Just How secure Are security Products?," Computer, Volume 37, Issue 6, Jun. 2004.
9. O. Elkeelnay, M. Mtalgah, K. P. Sheikh, M. Thaker, G. Chaudhry, D. Medhi, J. Qaddour, "Performance Analysis of IPSec Protocol: Encryption and Authentication," In the Proceeding of International Conference on Communication, 2002, 2002.
10. D. Harkins and D. Carrel, "The Internet Key Exchange (IKE)", November 1998, RFC 2409.
11. Ian Foster, Nicholas Karonis, Carl Kesselman and Steven Tuecke, "Managing Security in High- Performance Distributed Computations," Cluster Computing, Vol 1, issue 1, pages 95-107, 1998.
12. S. Kent and R. Atkinson, "Security Architecture for the Internet Protocol," November 1998, RFC 2401.
13. Kohnfelder, "Toward a Practical Public Key Cryptosystem," Bachelor's thesis, MIT Department of Electrical Engineering, May 1978
14. H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," February 1997, RFC 2104.
15. X. Lai, R.A. Rueppel, and J. Woollven, "A Fast Cryptographic Checksum Algorithm Based on Stream Ciphers," Advanced in Cryptology-AUSCRYPT '92 Proceedings, Springer-Verlag, 1993, pp. 339-348.
16. Manhee Lee, Eun Jung Kim, and Cheol Won Lee, "A Source Identification Scheme against DDoS Attacks in Cluster Interconnects," To be appeared in Proceedings of International Workshop on Network Design and Architecture (IWNDA) 2004, 2004.
17. M. Lindemann and S. W. Smith, "Improving DES Coprocessor Throughput for Short Operations," in Proceedings of the 10th USENIX Security Symposium, pages 67-81, August 2001.
18. A. Machie, J. Roculan, R. Russell, and M. V. Velzen, "Nimda Worm Analysis," Tech. Rep., Incident Analysis, SecurityFocus, Sept. 2001.
19. Stefan Miltchev, Sotiris Ioannidis, "A Study of the Relative costs of Network Security Protocols," In Proceedings of the USENIX Annual Technical Conference, Freenix Track, pages 41-48, June 2002.
20. W. W. Reterson and D.T.Brown, "Cyclic codes for error detection," Proceedings IRE, vol. 49, pp. 228-235, Jan. 1961
21. Phillip Rogaway, UMAC: Fast and Secure Message Authentication, http://www.cs.ucdavis.edu/~rogaway/
22. R. Russell and A. Machie, "Code Red II Worm," Tech. Rep., Incident Analysis, SecurityFocus, Aug. 2001.
23. nd ed.
24. D. Song, R. Malan, and R. Stone, "A Snapshot of Global Internet Worm Activity," Tech. Rep., Arbor Networks, Nov.2001.
25. R. Taylor, "An Integrity Check Value Algorithm for Stream Ciphers," Advances in Cryptology-CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 40-48.
26. G. Tsudik, "Message Authentication with One-Way Hash Functions," Proceedings of IEEE INFOCOM 1992.
27. Avishai Wool, "A Quantitative Study of Firewall Configuration Errors," Computer, Volume 37, Issue 6, Jun. 2004.
28. William Yurcik, G.A.Koenig, X. Meng, J. Greenseid, "Cluster Security as a Unique Problem with Emergent Properties: Issues and Techniques," In Proceedings of Linux Revolution 2004, 2004.
29. Lisa Wu, Chris Weaver, Todd Austin, "CryptoManiac: a fast flexible architecture for secure communication," Proceedings of the 28th annual international symposium on Computer architecture (ISCA-2001), Jun. 2001.
30. "Attackers infiltrating supercomputer networks," http://news.com.com/2100-7349-191024.html
31. "CERT/CC, CERT Advisory CA-2001-26 Nimda Worm," http://www.cert.org/advisories/CA-2001 -26.html, Sept. 2001.
32. Committee on National Security Systems, "National Information Assurance Glossary," Available from http://www.nstissc.gov/
33. CRC32 Generator/Checker for 100bps, http://www.morethanip.com/products/tgigeth/index.html
34. HIPP Security Processor, http://www.hifn.com.
35. IBM Cryptographic Coprocessor, http://www.ibm.com/security/cryptocards.
36. InfiniBand Trade Association, "InfiniBand Architecture Specification, Volume 1, Release 1.1," November 2002. Available from http://www.infinibandta.org.
37. Modes of Operation for Symmetric Key Block Cipher, NIST, http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/
38. S. Wilton, N. Jouppi, "Cacti: An enhanced cache access and cycle time model," IEEE Journal of Solid-State Circuits, vol. 31, no. 5, May 1996. pp. 677-688.
39. A. Hodjat, U. Verbauwhede, "Minimum area cost for a 30 to 70 Gbits/ s AES processor," IEEE Computer Society Annual Symposium on VLSI, pp. 83-88, 2004.