Mehran Sadeghi Lahijani

Abu Naser, Cong Wu, Mehran Sadeghi Lahijani et al.

The cloud infrastructure must provide security for High-Performance Computing (HPC) applications of sensitive data to execute in such an environment. However, supporting security in the communication infrastructure of today's public cloud is challenging, because current networks for data centers are so fast that adding encryption can incur very significant overheads. In this work, we introduce CryptMPI, a high performance encrypted MPI library that supports communication with both integrity and privacy. We present the techniques in CryptMPI and report our benchmarking results using micro-benchmarks and NAS parallel benchmarks. The evaluation results indicate that the aforementioned techniques are effective in improving the performance of encrypted communication.

Abu Naser, Mehran Sadeghi Lahijani, Cong Wu et al.

In order for High-Performance Computing (HPC) applications with data security requirements to execute in the public cloud, the cloud infrastructure must ensure the privacy and integrity of data. To meet this goal, we consider incorporating encryption in the Message Passing Interface (MPI) library. We empirically evaluate four contemporary cryptographic libraries, OpenSSL, BoringSSL, Libsodium, and CryptoPP using micro-benchmarks and NAS parallel benchmarks on two different networking technologies, 10Gbps Ethernet and 40Gbps InfiniBand. We also develop accurate models that allow us to reason about the performance of encrypted MPI communication in different situations and give guidance on how to improve encrypted MPI performance.

Meysam Ghaffari, Nasser Ghadiri, Mohammad Hossein Manshaei et al.

The location-based services provide an interesting combination of cyber and physical worlds. However, they can also threaten the users' privacy. Existing privacy preserving protocols require trusted nodes, with serious security and computational bottlenecks. In this paper, we propose a novel distributed anonymizing protocol based on peer-to-peer architecture. Each mobile node is responsible for anonymizing a specific zone. The mobile nodes collaborate in anonymizing their queries, without the need not get access to any information about each other. In the proposed protocol, each request will be sent with a randomly chosen ticket. The encrypted response produced by the server is sent to a particular mobile node (called broker node) over the network, based on the hash value of this ticket. The user will query the broker to get the response. All parts of the messages are encrypted except the fields required for the anonymizer and the broker. This will secure the packet exchange over the P2P network. The proposed protocol was implemented and tested successfully, and the experimental results showed that it could be deployed efficiently to achieve user privacy in location-based services.