Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs

Samuel Lemes-Perera, Miguel R. Alarcon, Pino Caballero-Gil, Miquel Serra-Ricart

TL;DR

The solution provides a robust mechanism for data providers to enforce access policies, ensuring both confidentiality and integrity without hindering research workflows, thereby facilitating a secure and managed transition of data to public, FAIR archives.

Abstract

The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable (FAIR) principles guide the eventual public dissemination of data, traditional security methods for restricted phases often lack granularity or incur prohibitive performance penalties. To address this, we present a framework that integrates a flexible policy engine for fine-grained access control with a novel GPU-accelerated implementation of the AES-GCM authenticated encryption protocol. The novelty of this work lies in the adaptation and optimization of a parallel tree-reduction strategy to overcome the main performance bottleneck in authenticated encryption on GPUs: the inherently sequential Galois/Counter Mode (GCM) authentication hash (GHASH). We present both the algorithmic adaptation and its efficient execution on GPU architectures. Although similar parallelization techniques have been explored in cryptographic research, this is, to our knowledge, the first demonstration of their integration into a high-throughput encryption framework specifically designed for large-scale astronomical data. Our implementation transforms the sequential GHASH computation into a highly parallelizable, logarithmic-time process, achieving authenticated encryption throughput suitable for petabyte-scale image analysis. Our solution provides a robust mechanism for data providers to enforce access policies, ensuring both confidentiality and integrity without hindering research workflows, thereby facilitating a secure and managed transition of data to public, FAIR archives.

A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs

TL;DR

The solution provides a robust mechanism for data providers to enforce access policies, ensuring both confidentiality and integrity without hindering research workflows, thereby facilitating a secure and managed transition of data to public, FAIR archives.

Abstract

The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable (FAIR) principles guide the eventual public dissemination of data, traditional security methods for restricted phases often lack granularity or incur prohibitive performance penalties. To address this, we present a framework that integrates a flexible policy engine for fine-grained access control with a novel GPU-accelerated implementation of the AES-GCM authenticated encryption protocol. The novelty of this work lies in the adaptation and optimization of a parallel tree-reduction strategy to overcome the main performance bottleneck in authenticated encryption on GPUs: the inherently sequential Galois/Counter Mode (GCM) authentication hash (GHASH). We present both the algorithmic adaptation and its efficient execution on GPU architectures. Although similar parallelization techniques have been explored in cryptographic research, this is, to our knowledge, the first demonstration of their integration into a high-throughput encryption framework specifically designed for large-scale astronomical data. Our implementation transforms the sequential GHASH computation into a highly parallelizable, logarithmic-time process, achieving authenticated encryption throughput suitable for petabyte-scale image analysis. Our solution provides a robust mechanism for data providers to enforce access policies, ensuring both confidentiality and integrity without hindering research workflows, thereby facilitating a secure and managed transition of data to public, FAIR archives.
Paper Structure (47 sections, 2 equations, 5 figures, 6 tables)

This paper contains 47 sections, 2 equations, 5 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Data Context and Access Challenges
  3. Characteristics of Astronomical Image Catalogs
  4. Common Data Access Patterns and Security Integration
  5. Limitations of Existing Security Approaches and the Role of FAIR Principles
  6. Framework Architecture
  7. Conceptual Components: The Control Plane
  8. The Cryptographic Module: GpuFitsCrypt
  9. Cryptographic Protocol: AES-GCM
  10. Authenticated FITS File Format
  11. Context Binding via Associated Data (AAD)
  12. Application Programming Interface
  13. GPU Acceleration Strategy
  14. Parallel GHASH Reduction
  15. Asynchronous Streams Pipeline
  16. ...and 32 more sections

Figures (5)

  • Figure 1: Architecture and granular enforcement workflow. The diagram integrates the Control Plane components with the parallel Data Plane execution. Unlike monolithic approaches, it illustrates the compartmentalized verification logic: specific keys determine the execution path in independent streams (H/D). Crucially, the workflow demonstrates the fail-safe mechanisms: absence of a Data Key or integrity failure triggers Payload Suppression (zero-filling), while Header issues activate Fallback Header generation, ensuring a valid FITS container is returned even in partial access scenarios.
  • Figure 2: Structure of the Authenticated FITS Format. The original file (left) is split into a dual-key container (right). The Primary HDU (HDU 0) acts as a metadata vault, storing cryptographic nonces, authentication tags, and the original header encrypted within the ENCHDR keyword. Critical structural metadata (ORIG_*) remains in plaintext to allow file parsing but is cryptographically bound to the encrypted pixel data (HDU 1) via the AES-GCM Associated Data (AAD) mechanism. This ensures that any tampering with the plaintext WCS or dimensions triggers an authentication failure in AUTHTAG_D.
  • Figure 3: Comparison of GHASH strategies. (a) The standard serial approach creates a dependency chain where each step waits for the previous one. (b) The proposed parallel approach uses a binary reduction tree. By precomputing powers of $H$ ($H^{2^0}, H^{2^1}, \dots$), independent blocks can be combined in parallel steps ($O(\log N)$), saturating the GPU cores.
  • Figure 4: Execution Time Breakdown for AES-GCM (Large File). The chart illustrates the split between GPU Kernel Computation (Blue) and System/Disk I/O & Overhead (Red) on a logarithmic scale. For this moderate workload size ($\approx 600$ MB), the process operates in a latency-bound regime, where the GPU kernel accounts for a small fraction of the total execution time. This visualizes how system overheads and I/O latency dominate performance when the GPU is not fully saturated, explaining the parity between consumer and datacenter hardware in this specific scenario.
  • Figure 5: Visual validation of confidentiality and integrity using real scientific data. The test utilizes a raw exposure from the Two-meter Twin Telescope (TTT3). (a) The original FITS image allows the GPUPHOT pipeline to detect 182 point sources with a mean FWHM of 6.84 pixels (green apertures). (b) The AES-GCM encrypted payload appears as high-entropy noise; the photometry software fails to identify any structure (0 sources detected), confirming semantic confidentiality. (c) The decrypted image is bitwise identical to the original, recovering the exact source catalog with identical photometric parameters.