Commit 0f4d3da8 authored by Xunnamius (Zara)'s avatar Xunnamius (Zara)

handling new TODOs

parent 83a930f9
......@@ -84,12 +84,11 @@ dynamically with acceptable overhead. \TODO{I just realized the order on these
structure of section 3 (and the challenges at the end of section 2).}
We implement SwitchCrypt and three switching strategies---\emph{Forward},
\emph{Selective}, and \emph{Mirrored}---to dynamically change between
the ChaCha and Freestyle
stream ciphers using our novel API. We then study SwitchCrypt's dynamic
flexibility through four case studies where latency, energy, and desired
\emph{Selective}, and \emph{Mirrored}---to dynamically change between the ChaCha
and Freestyle stream ciphers using our novel API. We then study SwitchCrypt's
dynamic flexibility through four case studies where latency, energy, and desired
security properties change dynamically. SwitchCrypt achieves a reduction of at
least 3.3x in total energy use when compared to static approaches; further, we
see a reduction of 3.1x to 4.8x for read latency and 1.6x to 2.8x for write
latency compared to static approaches that must pick a single point in the
latency compared to static approaches that must pick a single point in the
latency/energy/security tradeoff space.
......@@ -332,15 +332,9 @@ defender})~\cite{scrypt,Freestyle,others2}.
\textbf{1) Output randomization (OR).} A cipher with output randomization
generates different ciphertexts non-\\deterministically given the same key,
%<<<<<<< HEAD
%nonce, and message. This makes chosen-ciphertext (CCA) and other attacks where
%the ciphertext is in full control of the adversary much more difficult.
%\TODO{Can you add a citation here?}
%=======
nonce, and message. This makes chosen-ciphertext (CCA) and other attacks
where the ciphertext is in full control of the adversary much more difficult.
\TODO{Can you add a citation here?}
%>>>>>>> c212222a366c7b905b6d580af590a606317a93c2
nonce, and message. This makes chosen-ciphertext (CCA) and other attacks where
the ciphertext is in full control of the adversary much more
difficult~\cite{Freestyle}.
This is a binary feature in that a cipher either outputs deterministically given
the same input or it does not. A cipher with non-deterministic output given the
......@@ -404,17 +398,10 @@ scores 0 and ChaCha20 scores 1\@.
We revisit the motivating example from \secref{motivation}. Initially, I/O
requests come down from the LFS and are received by the cryptographic driver,
which divides the request by which nuggets it touches. For each nugget, the
%<<<<<<< HEAD
%per-nugget metadata is consulted to determine the cipher with which the nugget is
%encrypted. If it is encrypted with the active cipher, which must be true if we
%have not initiated a cipher switch, the write is handled like prior work:
%encrypted data is read in from the backing storage, the merkle tree and
%=======
per-nugget metadata is consulted to determine with which cipher the nugget is
encrypted. If it is encrypted with the active cipher, which must be true if we
have not initiated a cipher switch, the write is handled similarly to prior
work: encrypted data is read in from the backing storage, the merkle tree and
%>>>>>>> c212222a366c7b905b6d580af590a606317a93c2
work: encrypted data is read in from backing storage, the merkle tree and
monotonic counter are consulted to ensure the integrity of encrypted data, the
transaction journal is consulted during write operations so that overwrites are
handled and pad reuse violations are avoided, and then the keycount store is
......
......@@ -17,26 +17,17 @@
%including both mechanisms and policies for exposing and navigating
%the underlying tradeoff spaces.
%<<<<<<< HEAD
%\TODO{I really wanted a conclusion in here.
% Feel free to edit it in any way you want.}
%\TODO{That is all, folks!}
%=======
Stream ciphers are fast and offer strong security properties, but optimizing for
performance often conflicts with other key concerns. In this paper we presented
SwitchCrypt to navigate the security and latency/energy tradeoff space via
\emph{cipher switching} in space and time. We provided empirical results
demonstrating the conditions under which different switching strategies are
optimal and explored four related cases. In all cases, we found that SwitchCrypt
achieves reduced energy usage and I/O latency compared to static approaches.
Perhaps more importantly, though, in all cases SwitchCrypt achieves flexibility that
is simply not possible with prior designs. We hope
that this work inspires further research into balancing competing security,
energy, and performance tradoeffs,
including both mechanisms and policies for exposing and navigating
achieves reduced energy usage and I/O latency compared to static approaches.
Perhaps more importantly, though, in all cases SwitchCrypt achieves flexibility
that is simply not possible with prior designs. We hope that this work inspires
further research into balancing competing security, energy, and performance
tradeoffs, including both mechanisms and policies for exposing and navigating
these tradeoff spaces.
%>>>>>>> c212222a366c7b905b6d580af590a606317a93c2
\PUNT{\TO\DO{Add David to acknowledgements once we get out of anon reviews.}}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment