We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

Intelligent Machines

A Chip to Encrypt the Web

New hardware should make it possible for all online data to be as secure as a credit card transaction.

A new computer chip will help tackle one of the Web’s weak spots—the fact that most data is exchanged without any protection against hackers or eavesdroppers.

For some communications, such as credit card payments and online banking transactions, it is standard to encrypt the information that users and websites send each other. But most online activity is completely unprotected, largely because encrypting communications requires extra work from Web servers and software, which is costly to implement.

Search queries and social media updates, for example, are almost exclusively sent in forms easily read by a third party snooping on Web traffic. Listening in to Web traffic can be as simple as using the same Wi-Fi network as the target, as Ashton Kutcher found when his Twitter account was hijacked at the TED conference earlier this year, by means of a Firefox add-on called Firesheep.

A microchip developed by semiconductor design company Cavium could allow much more—perhaps even all—Web traffic to be encrypted, by reducing the cost of implementing encryption. Cavium’s Nitrox III chip is designed to be installed in data centers that serve up Web pages and manage Web apps. It’s specialized design is extremely fast and efficient at the mathematical calculations underpinning the encryption that secures Web sites that use the protocol SSL. Sites secured this way have Web addresses that start with HTTPS, instead of HTTP.

When a person accesses an HTTPS site, the computer and the Web server exchange and mathematically verify cryptographic keys to establish a secure link. Any data exchanged over that link is then encrypted and is practically impossible for an attacker to decrypt.

Cavium’s new chip can perform the necessary mathematical calculations much more quickly and efficiently than a general-purpose processor inside a Web server, making it cheaper to secure Web traffic, says Jeff Pangborn, the company’s principal engineer for networking hardware. “The people operating data centers are very concerned about efficiency and how much power they use,” he says.

Pangborn predicts that reducing the cost of securing Web traffic will encourage wider adoption of encryption. “There’s going to be more development of applications that require encryption or just always use it,” he says.

That may enable more Web providers to follow the lead of Google and Facebook, both of which have made it possible for people to use their services over a secure connection. Google’s e-mail service, Gmail, always uses a secure link, and a secure version of Google’s search engine is also available. Facebook allows users to set their accounts to always use HTTPS. The Electronic Frontier Foundation, a digital rights group, has begun a “HTTPS everywhere campaign to encourage more Web sites to make such security a default.

Cavium’s new chip has 64 cores and is between 12 and 16 times faster than a previous, eight core, version. The new version can also process more than twice as much data using the same amount of energy. Such large increases in performance between generations are unusual, says Pangborn, but this one was necessary if encryption is to be used widely rather than just for specific cases like payments. In the next few months the first Nitrox III chips will be made available for testing by companies that make data-center hardware, with final versions expected to debut early next year.

Bob Wheeler, an analyst specializing in networking chips at the Linley Group, says that many data centers don’t use special hardware for their encryption, because only a small percentage of their traffic is encrypted. “If secure connections become more common and a lot of data is encrypted, chips like this will be needed, because data centers are very sensitive to energy efficiency,” says Wheeler.

The growth of cloud computing is dramatically increasing the demand for encrypted data, Wheeler says. When applications reside online instead of on a hard drive, all kinds of data become vulnerable, he notes.

Although Cavium’s chip, when it launches, may offer the most powerful and efficient way to encrypt data, Wheeler says that less capable chips could still compete with it. Intel and other chip manufacturers are starting to add specialized encryption cores to general-purpose chips designed for use in Web servers. Some companies may consider it more practical to use regular chips with limited encryption functionality than to buy extra, dedicated processors.

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivery each weekday to your inbox

    The MIT Technology Review App

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.