Hardware Acceleration of OpenSSL Cryptographic Functions for High-Performance Internet Security

The transport layer security (TLS) protocol is currently the predominant method of implementing Internet security. This paper proposes an FPGA-based embedded system integrating hardware that accelerates the cryptographic algorithms used in the SSL/TLS protocol. OpenSSL, an open source implementation of the SLL v3 and TLS v1 protocol, is deployed in the proposed embedded system powered with a Nios-2 embedded soft-core processor. Nios2-Linux RTOS is applied, which serves to provide Ethernet connectivity, multitasking, and support for the OpenSSL library. Key cipher functions used in SSL-driven connections, which include AES-256 symmetric encryption, SHA-2 hashing, RSA-2048 publickey cryptography, are accelerated in hardware. The embedded cryptosystem is prototyped completely on an Altera Stratix II FPGA development board. Experimental results show significant improvements in performance of the SSL transactions when the proposed embedded cryptosystem is deployed in the networking system.