Security Crossing

Intel has long been a leader in performance, and needed something special the RSA event in '08. RSA is "the event" in the security world and Intel asked me to define a demonstration of their capability. Using an off the shelf PC and optimized software I was able to define use cases, data and processes that resulted in the hitting an processing rate of over 5,000 XML digital signature operations per second. This rate worked out to be over 1 billion operations during the conference hours and was the first time anyone had shown this speed on a standalone PC. The demonstration was a success drawing almost 1,000 attendees requesting additional information.

Secure operations ≠ slow It is still a widely held belief that adding security operations, especially XML based operations will slow down response items and vastly increase computational demands in the data center. The cases shown here are great examples, where the initial implementations did not consider performance and the result was an inability to properly scale. With right selection of algorithms, tools and protocols even a modest hardware configuration can support thousands of security operations per second.

STaR (Secure Transmission and Retrieval) predated today’s standard use of SSL and Web Services. STaR provided for non-repudiation of private communications between AOL's NOC and its partners NOC. The work performed included optimization of cryptography algorithms.

After the initial delivery some AOL transmissions were exceeding 2G bytes. This transmission size was well beyond the initial design specification. The client environment was replicated to provide benchmarks of various algorithms under real life circumstances. Cipher seeding proved to be one of the bottlenecks resulting in changes to user tokens. The solution was to benchmark and complete optimizations over a six week period. The optimizations implemented a more efficient replacement key distribution based on PKI, which was rolled out to AOL’s partners.