200 Gbps Hardware Accelerated Encryption System for FPGA Network Cards
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F18%3APU128759" target="_blank" >RIV/00216305:26220/18:PU128759 - isvavai.cz</a>
Result on the web
<a href="https://dl.acm.org/citation.cfm?id=3266446" target="_blank" >https://dl.acm.org/citation.cfm?id=3266446</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3266444.3266446" target="_blank" >10.1145/3266444.3266446</a>
Alternative languages
Result language
angličtina
Original language name
200 Gbps Hardware Accelerated Encryption System for FPGA Network Cards
Original language description
We present the architecture and implementation of our encryption system designed for 200 Gbps FPGA (Field Programmable Gate Array) network cards utilizing the IPsec (IP security) protocol. To our knowledge, our hardware encryption system is the first that is able to encrypt network traffic at the full link speed of 200 Gbps using a proven algorithm in a secure mode of operation, on a network device that is already available on the market. Our implementation is based on the AES (Advanced Encryption Standard) encryption algorithm and the GCM (Galois Counter Mode) mode of operation, therefore it provides both encryption and authentication of transferred data. The design is modular and the AES can be easily substituted or extended by other ciphers. We present the full description of the architecture of our scheme, the VHDL (VHSIC Hardware Description Language) simulation results and the results of the practical implementation on the NFB-200G2QL network cards based on the Xilinx Virtex UltraScale+ chip. We also present the integration of the encryption core with the IPsec subsystem so that the resulting implementation is interoperable with other systems.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
20206 - Computer hardware and architecture
Result continuities
Project
<a href="/en/project/VI20162018036" target="_blank" >VI20162018036: Cryptographic privacy protection in 100GbE networks</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2018
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
The Second Workshop on Attacks and Solutions in Hardware Security (ASHES’18)
ISBN
978-1-4503-5996-2
ISSN
—
e-ISSN
—
Number of pages
7
Pages from-to
11-17
Publisher name
ACM
Place of publication
Toronto, Canada
Event location
Toronto
Event date
Oct 19, 2018
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
000511312100002