All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Hardware-Accelerated Encryption with Strong Authentication

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F17%3APU123797" target="_blank" >RIV/00216305:26220/17:PU123797 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Hardware-Accelerated Encryption with Strong Authentication

  • Original language description

    With the growing amount of data transferred over communication networks, the high-speed encryption systems are becoming a hot topic. The paper is focused on the design and implementation of a hardware-accelerated encryption system based on 100 Gbps FPGA (Field Programmable Gate Array) network cards. First, an AES (Advanced Encryption Standard)-based encryption system is designed and implemented on the FPGA platform using the VHDL (VHSIC Hardware Description Language). The AES core is implemented using the GCM (Galois/Counter Mode) so that both confidentiality and integrity of data are provided. The AES core is then integrated with a strong authentication subsystem based on programmable smart-cards used for storing sensitive cryptographic material. The authentication subsystem implements the IKE protocol using shared secrets. In contrast to existing implementations, the keys used for authentication never leave a tamper-proof device in our system, all cryptographic operations are implemented on the smart-cards. The use of smart-cards significantly increases the security of the system as the keys do not have to be stored on a shared vulnerable file system any more. The resulting system is compliant with IPsec specification and will be interoperable with existing implementations. The paper contains the description of the system, results of the implementation benchmarks on the NFB-40G2 (Xilinx, Virtex-7) cards and proposals for next development.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    20201 - Electrical and electronic engineering

Result continuities

  • Project

    <a href="/en/project/VI20162018036" target="_blank" >VI20162018036: Cryptographic privacy protection in 100GbE networks</a><br>

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2017

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Security and Protection of Information

  • ISBN

  • ISSN

    2336-5587

  • e-ISSN

  • Number of pages

    10

  • Pages from-to

    1-10

  • Publisher name

    Neuveden

  • Place of publication

    Neuveden

  • Event location

    Brno

  • Event date

    Jun 1, 2017

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

200 Gbps Hardware Accelerated Encryption System for FPGA Network CardsHardware accelerated cryptographic security for high-speed data networksSymmetric encryption on the FPGA card