13-11-2012, 03:17 PM
ES-MPICH2: A Message Passing Interface with Enhanced Security
ABSTRACT
An increasing number of commodity clusters are
connected to each other by public networks, which have
become a potential threat to security sensitive parallel
applications running on the clusters. To address this
security issue, we developed a Message Passing Interface
(MPI) implementation to preserve confidentiality of
messages communicated among nodes of clusters in an
unsecured network. We focus on M PI rather than other
protocols, because M PI is one of the most popular
communication protocols for parallel computing on
clusters. Our MPI implementation-called ES-MPICH2-
was built based on MPICH2 developed by the Argonne
National Laboratory. Like MPICH2, ES-MPICH2 aims at
supporting a large variety of computation and
communication platforms like commodity clusters and
high-speed networks. We integrated encryption and
decryption algorithms into the MPICH2 library with the
standard MPI interface and; thus, data confidentiality of
MPI applications can be readily preserved without a need
to change the source codes of the MPI applications. MPIapplication
programmers can fully configure any
confidentiality services in MPICHI2, because a secured
configuration file in ES-MPICH2 offers the programmers
flexibility in choosing any cryptographic schemes and
keys seamlessly incorporated in ES-MPICH2. We used
the Sandia Micro Benchmark and Intel MPI Benchmark
suites to evaluate and compare the performance of ESMPICH2
with the original MPICH2 version. Our
experiments show that overhead incurred by the
confidentiality services in ES-MPICH2 is marginal for
small messages. The security overhead in ES-MPICH2
becomes more pronounced with larger messages.