As demands for secure communication bandwidth grow, efficient processing of cryptographic server at the host has become a constraint that prevents the achievement of acceptable secure services at large e-commerce and e-governments. To overcome this limitation, this paper proposes an innovative design in cryptographic server architecture, which based on the hardware of high performance and programmable secure crypto module. The architecture provides a well scalability framework by using a general device API, as well as obtains high performance by carrying cryptography computations in parallel between crypto chips in crypto modules. The system is implemented on an IBM Services345 and hardware of crypto modules. Preliminary measurements are also performed to study the trade-off between numbers of crypto modules parallel computing and performance of generate 1024-bit RSA digital signature. Results indicate that the system implemented by the architecture with high performance and scalability.
展开▼