Encryption in GPUs

4.7 Conclusions

The AES experiments prove it is possible to perform encryption within a GPU while illustrating the difficulty in moving existing block ciphers into the GPU. The lessons learned from developing the OpenGL version of AES and from considering other symmetric key ciphers indicate GPUs are suitable for some, but not all symmetric key ciphers. GPUs can be used to offload a shared system CPU in applications using stream ciphers and which allow large segments of data to be combined with the key stream simultaneously. Asymmetric key ciphers are not implementable in existing GPUs, primarily due to the magnitude of the parameters involved.

Since it is feasible to perform encryption within a GPU, encryption and decryption of graphical displays and images may be moved into the GPU to avoid temporarily storing an image as plaintext in system memory. A prototype of this concept is presented in the next chapter. The prototype demonstrates the use of GPU-based decryption to protect displays in two applications from malware on an untrusted system. As GPU processing power and capabilities continue to increase, the potential uses will also increase. Expanding accessibility to internal GPU functions by enhancing existing APIs may be beneficial, allowing applications to take advantage of capabilities currently not available through existing APIs.