Pushing AES-256-GCM to Limits: Design, Implementation and Real FPGA Tests

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F24%3APU150229" target="_blank" >RIV/00216305:26220/24:PU150229 - isvavai.cz</a>

Výsledek na webu

<a href="https://link.springer.com/book/10.1007/978-3-031-61486-6" target="_blank" >https://link.springer.com/book/10.1007/978-3-031-61486-6</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/978-3-031-61486-6_18" target="_blank" >10.1007/978-3-031-61486-6_18</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Pushing AES-256-GCM to Limits: Design, Implementation and Real FPGA Tests

Popis výsledku v původním jazyce

In this paper, we present the optimization of the AES-256-GCM encryption algorithm for high-speed security solutions based on Field Programmable Gate Arrays (FPGA). We discuss strategies and techniques to achieve the perfect balance between compactness and high throughput, aiming at applications with data rates over 100 Gbps. Using the presented optimizations, we were able to reduce the number of LUTs by 50% and FFs by 85% compared to reference implementation without any effect on security. Moreover, our resulting implementation achieves a frequency of only 200 MHz, which is very practical for a real deployment on existing chips, compared to many purely theoretical solutions that already exist in the literature. Besides the description of optimization techniques, we also present results from implementation on real hardware in a real IP network. All components were not only simulated but also deployed on real FPGA-enabled network cards based on Xilinx UltraScale+ chips. In particular, the performance of network packet encryption was measured in a real physical network, with high-speed data generators and network components. Therefore, we consider our results highly relevant not only for designers but also practitioners seeking cutting-edge solutions for fast networks.

Název v anglickém jazyce

Pushing AES-256-GCM to Limits: Design, Implementation and Real FPGA Tests

Popis výsledku anglicky

In this paper, we present the optimization of the AES-256-GCM encryption algorithm for high-speed security solutions based on Field Programmable Gate Arrays (FPGA). We discuss strategies and techniques to achieve the perfect balance between compactness and high throughput, aiming at applications with data rates over 100 Gbps. Using the presented optimizations, we were able to reduce the number of LUTs by 50% and FFs by 85% compared to reference implementation without any effect on security. Moreover, our resulting implementation achieves a frequency of only 200 MHz, which is very practical for a real deployment on existing chips, compared to many purely theoretical solutions that already exist in the literature. Besides the description of optimization techniques, we also present results from implementation on real hardware in a real IP network. All components were not only simulated but also deployed on real FPGA-enabled network cards based on Xilinx UltraScale+ chips. In particular, the performance of network packet encryption was measured in a real physical network, with high-speed data generators and network components. Therefore, we consider our results highly relevant not only for designers but also practitioners seeking cutting-edge solutions for fast networks.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20206 - Computer hardware and architecture

Projekt

<a href="/cs/project/VJ01010008" target="_blank" >VJ01010008: Kybernetická bezpečnost sítí v postkvantové éře</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Lecture Notes in Computer Science - Applied Cryptography and Network Security Workshops

ISBN

978-3-031-61486-6

ISSN

0302-9743

e-ISSN

—

Počet stran výsledku

16

Strana od-do

303-318

Název nakladatele

Springer

Místo vydání

Berlin

Místo konání akce

Abu Dhabi, UAE

Datum konání akce

5. 3. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001285569600018