簡易檢索 / 詳目顯示
| 研究生: |
林品妤 pin-yu lin |
|---|---|
| 論文名稱: |
設計與實現一個應用於IoT之AES-GCM加密認證演算法硬體架構 Design and Implementation of a Hardware Architecture of the AES-GCM Algorithm for IoT Applications |
| 指導教授: |
林銘波
Ming-Bo Lin |
| 口試委員: |
林銘波
Ming-Bo Lin 蔡政鴻 Cheng-Hung Tsai 陳郁堂 Yu-Tang Chen 林書彥 Shu-Yan Lin |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電資學院 - 電子工程系 Department of Electronic and Computer Engineering |
| 論文出版年: | 2023 |
| 畢業學年度: | 111 |
| 語文別: | 中文 |
| 論文頁數: | 95 |
| 中文關鍵詞: | AES-GCM 、進階加密標準 、Karatsuba演算法 、認證加密 、FPGA 、ASIC |
| 外文關鍵詞: | AES-GCM, advanced encryption standard (AES), Karatsuba algorithm, authenticated encryption, FPGA, ASIC |
| 相關次數: | 點閱:335 下載:2 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
物聯網的快速發展使得資料交換和通訊需求大量提升,同時資料安全和隱私保護的需求也提升。具有高效和安全特性的AES-GCM被廣泛應用於資料加密和認證中,然而在物聯網中的邊緣計算或是嵌入式系統裝置之硬體資源是有限的。因此,在本論文中,我們設計與實現一個符合資源有限的物聯網環境的AES-GCM加密認證演算法之低面積的硬體架構。
為了達到低面積的需求,在AES演算法中的位元組替代轉換模組,根據硬體的資源特性,提供各自最佳化的設計方法。在FPGA中,使用直接邏輯映射的方法實現,可以節省約32.9% 的LUTs數量。而在ASIC中,使用複合場運算的方法實現,可以節省約55.6% 的等效邏輯閘數量。在GHASH模組中,為了降低硬體資源,使用Karatsuba乘法演算法實現的有限場乘法器,可以節省約50.7% 的硬體資源。
完成的AES-GCM加解密設計分別使用FPGA與ASIC實現與驗證。在FPGA實現上,使用Xilinx公司的Virtex 7系列的XC7VX330T,其合成結果之工作頻率為181.917 MHz,最高吞吐量為1293.632 Mpbs,使用2767個Registers、8801個LUTs及2815個slices。在ASIC實作上,使用tsmc 0.18 μm 製程元件庫,其合成結果之工作頻率為83.682 MHz,最高吞吐量為595.072 Mpbs,晶片核心面積為1047.345 μm× 1051.26 μm,等效邏輯閘數量約為71677個,核心功率消耗為19.1656 mW,I/O Pad功率消耗為1.4866 mW。
The rapid development of the Internet of Things (IoT) has led to a significant increase in data exchange and communication demands, along with the need for data security and privacy protection. The AES-GCM algorithm, known for its efficiency and security features, is widely used for such requirements of data encryption and authentication. Nevertheless, the hardware resources are limited in the edge-computing devices or embedded systems used in IoT. As a consequence, in this thesis we design and implement a low-area hardware architecture based on the AES-GCM algorithm in compliance with the resource-limited IoT environment.
In order to achieve the low area requirement, an optimized design method is applied for the byte substitution module in the AES algorithm, in accordance with the hardware resource characteristics. In FPGA implementation, the method of direct logic mapping reduces about 32.9% of the number of LUTs. In ASIC implementation, the method of composite field decreases about 55.6% of the equivalent gate count. In the GHASH module, a finite field multiplier implemented using the Karatsuba multiplication algorithm saves about 50.7% of the hardware resources.
The resulting architecture of the AES-GCM encryption and decryption algorithm is implemented and verified by both FPGA and ASIC technologies. In FPGA implementation, a device (XC7VX330T) of Xilinx's Virtex 7 series is used and can operate at a frequency of 181.917 MHz, achieving a maximum throughput of 1293.632 Mbps, with 2767 registers, 8801 LUTs, and 2815 slices. In ASIC implementation, the cell library of the tsmc 0.18 μm process is employed and the resulting chip can operate at a frequency of 83.682 MHz in simulation, achieving a maximum throughput of 595.072 Mbps, with a core area of 1047.345 μm × 1051.26 μm, equivalent to 71677 gates. The core power consumption is 19.1656 mW while the I/O pad power consumption is 1.4866 mW.
A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications,” in IEEE Communications Surveys & Tutorials, volume 17, no. 4, pp. 2347-2376, 2015. doi: 10.1109/COMST.2015.2444095.
David A. McGrew and John Viega, “The Galois/Counter Mode of Operation (GCM),” https://csrc.nist.rip/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf, May 2005.
D.A. McGrew and J. Viega, “The Security and Performance of the Galois/Counter Mode (GCM) of Operation (Full Version),” Lecture Notes in Computer Science, volume 3348, pp 343-355, Springer, Berlin, 2004.
W. Diffie and M. Hellman, “New directions in cryptography,” in IEEE Transactions on Information Theory, volume 22, no. 6, pp. 644-654, November 1976. doi: 10.1109/TIT.1976.1055638.
M. B. Yassein, S. Aljawarneh, E. Qawasmeh, W. Mardini and Y. Khamayseh, “Comprehensive study of symmetric key and asymmetric key encryption algorithms,” in Proceedings of the 2017 International Conference on Engineering and Technology (ICET), pp. 1-7, Antalya, Turkey, 2017. doi: 10.1109/ICEngTechnol.2017.8308215.
M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Methods and Techniques,” NIST Special Publication 800-38A, December 2001.
William Stallings, Cryptography and Network Security Principles and Practice, Seventh edition, Pearson, October 2016. doi: 10.1007/3-540-48658-5_22.
M. Bellare, O. Goldreich, and S. Goldwasser, “Incremental Cryptography: The Case of Hashing and Signing,” Advances in Cryptology — CRYPTO ’94, volume 839, pp. 216–233, Springer, Berlin, Heidelberg, 1994.
Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, Clifford Stein, Asymmetric Cryptography: Primitives and Protocols, third edition, The MIT Press, July 2009.
Y. Huang, Y. Lin, K. Hung and K. Lin, “Efficient Implementation of AES IP,” in Proceedings of the IEEE Asia Pacific Conference on Circuits and Systems, pp. 1418-1421, Singapore, 2006.
FIPS Publication 197, Advanced Encryption Standard (AES), U.S. DoC/NIST, November 2001.
X. Zhang and K. K. Parhi, “High-Speed VLSI Architectures for the AES Algorithm,” IEEE Transactions on Very Large Scale Integration (VLSI) Systems, volume 12, no. 9, pp. 957-967, September 2004.
A. Joshi, P. K. Dakhole and A. Thatere, “Implementation of S-Box for Advanced Encryption Standard,” in Proceedings of the 2015 IEEE International Conference on Engineering and Technology (ICETECH), pp. 1-5, Coimbatore, Tamil Nadu, India, March 20, 2015.
Zhengzheng Ge, G. Shou, Y. Hu and Z. Guo, “Design of low complexity GF(2^m) multiplier based on Karatsuba algorithm,” in Proceedings of the 2011 IEEE 13th International Conference on Communication Technology, pp. 1018-1022, Jinan, China, 2011. doi: 10.1109/ICCT.2011.6158033.
A. Karatsuba and Yu. Ofman, “Multiplication of Many-Digital Numbers by Automatic Computers,” in Proceedings of the USSR Academy of Sciences, volume 14, no. 145, pp. 293-294, October 1962.
A. A. Karatsuba, “The Complexity of Computations,” in Proceedings of the Steklov Institute of Mathematics, volume 211, pp. 169-183, January 1995.
S. Koteshwara, A. Das and K. K. Parhi, “Performance comparison of AES-GCM-SIV and AES-GCM algorithms for authenticated encryption on FPGA platforms,” in Proceedings of the 2017 51st Asilomar Conference on Signals, Systems, and Computers, pp. 1331-1336, Pacific Grove, CA, USA, November 2017.
G. Zhou, H. Michalik and L. Hinsenkamp, “Efficient and High-Throughput Implementations of AES-GCM on FPGAs,” in Proceedings of the 2007 International Conference on Field-Programmable Technology, pp. 185-192, Kitakyusyu, Japan, December 2007.
Bo Yang, Sambit Mishra, and Ramesh Karri, “High Speed Architecture for Galois/Counter Mode of Operation (GCM),” Cryptology ePrint Archive, ECE Department Polytechnic University, Brooklyn, NY, Jun 2005.
A. Satoh, “High-Speed Hardware Architectures for Authenticated Encryption Mode GCM,” in Proceedings of the 2006 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 4831-4834, Kos, Greece, May 2006.
A. Satoh, “High-Speed Parallel Hardware Architecture for Galois Counter Mode,” in Proceedings of the 2007 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1863-1866, New Orleans, USA, May 2007.
莊任華,設計與實現一個高效能 AES-GCM 加密認證演算法之 IP,碩士論文-國立台灣科技大學電子工程系,2022 年。
張祐菘,基於AXI4介面的管線是AES矽智財設計與驗證,碩士論文-國立台灣科技大學電子工程系,2019年。
陳思云,設計與實現一個高效能AES-CCM加密驗證演算法之IP,碩士論文-國立台灣科技大學電子工程系,2021年。
