CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 13073 > Article
Paper
9 February 2024 SEC-RDMA: a scheme to enhance security for RDMA one-sided operations
Xinyi Chen, Zheng Shi, Liguo Qian
Author Affiliations +
Proceedings Volume 13073, Third International Conference on High Performance Computing and Communication Engineering (HPCCE 2023); 130730G (2024) https://doi.org/10.1117/12.3026425
Event: Third International Conference on High Performance Computing and Communication Engineering (HPCCE 2023), 2023, Changsha, China
Abstract
Network systems have seen a significant transformation with the growing acceptance of RDMA for low-latency communications in data centers. Unfortunately, studies have shown that RDMA one-sided operations are subject to security risks such as packet eavesdropping, packet injection, and packet tampering; therefore, we are seeing new RDMA designs taking secure features into account, while most of which still neglecting efficiency in some ways. We propose SEC-RDMA, a scheme being compatible with the original RoCEv2 protocol and enhancing confidentiality and authentication for one-sided operations during RDMA transmissions, mainly focusing on the efficiency of two critical aspects: hard-wired key management and message-based packet authentication. We implement such a scheme on an FPGA-based RDMA network interface card to prove its viability. In testing with this implementation, message-based packet authentication takes roughly 84.6% less time than packet-based one, while hard-wired key management takes approximately 85.5% less time than the typical key exchange strategy at the QP level. This SEC-RDMA implementation adds 45K LUTs and 29K registers to the FPGA-based RDMA network interface card.
(2024) Published by SPIE. Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Xinyi Chen, Zheng Shi, and Liguo Qian "SEC-RDMA: a scheme to enhance security for RDMA one-sided operations", Proc. SPIE 13073, Third International Conference on High Performance Computing and Communication Engineering (HPCCE 2023), 130730G (9 February 2024); https://doi.org/10.1117/12.3026425
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
;
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 9 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Network security
Defense and security
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top