簡易檢索 / 詳目顯示
| 研究生: |
莊任華 Jen-Hua Chuang |
|---|---|
| 論文名稱: |
設計與實現一個高效能AES-GCM加密認證演算法之IP The Design and Implementation of an IP for a High-Efficiency AES-GCM Encrypted Authenticated Algorithm |
| 指導教授: |
林銘波
Ming-Bo Lin |
| 口試委員: |
林書彥
Shu-Yan Lin 蔡政鴻 Cheng-Hung Tsai 陳郁堂 Yu-Tang Chen 林銘波 Ming-Bo Lin |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電資學院 - 電子工程系 Department of Electronic and Computer Engineering |
| 論文出版年: | 2022 |
| 畢業學年度: | 110 |
| 語文別: | 中文 |
| 論文頁數: | 88 |
| 中文關鍵詞: | AES-GCM 、進階加密標準 、加密認證 、平行處理 、管線處理 、ASIC 、FPGA |
| 外文關鍵詞: | AES-GCM, AES, encryption authentication, parallel, pipeline, ASIC, FPGA |
| 相關次數: | 點閱:513 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
本論文根據加密認證演算法中的AES-GCM演算法提出一個具備平行處理與管線處理能力的硬體電路架構,藉由打斷此演算法回授特性所造成的運算停頓,以達到即時處理、高吞吐量、低成本的效果。
為了提升硬體使用效益,在加、解密運算模組的設計上採用了兩個平行處理的混合內部與外部回合管線式架構的AES運算單元。兩個AES運算單元共用一組金鑰擴展單元,達到節省晶片資源的效果。對於AES演算法中的位元組替代轉換單元設計,我們根據硬體的資源特性,提供各自最佳化的設計方法。在FPGA上,透過其內建的BRAM實現S-box的查表,以有效降低LUT的消耗;而在ASIC上,使用複合場運算的方式實現S-box的運算,可以節省約25%的邏輯閘使用量。在GHASH雜湊模組的設計中,我們採用兩個平行處理的管線式有限場GF(2128)乘法器,並搭配適當的資料調度方法,以提高整體的吞吐量。此外,使用Karatsuba快速乘法演算法實現的有限場乘法器,可以節省約50.7%的硬體資源。
完成的AES-GCM設計分別在Xilinx Virtex 5系列的XC5VLX220元件以及TSMC 0.18 μm 標準元件庫上實現與驗證。在FPGA實現的部分,晶片工作頻率為223.314 MHz,最高的吞吐量為57.17 Gbps,使用了5944個Slices與109個BRAMs;在標準元件庫設計的部分,晶片工作頻率197.239 MHz,最高的吞吐量為50.49 Gbps,晶片核心面積為6552.3 μm × 6516 μm,其等效邏輯閘數量約為348.986 k個,核心功率消耗為860.648 mW,I/O Pad功率消耗為605.883 mW。
In this thesis, we propose a hardware architecture capable of parallel and pipeline processing based on the AES-GCM algorithm. By breaking the computational halt caused by the feedback property of this algorithm, the proposed architecture can achieve a real-time, high throughput, and low-cost performance.
In order to boost the hardware efficiency, in the design of the encryption/decryption module, two parallel AES processing units, with each consisting of a mixed inner and outer-round pipelining architecture, are employed. These two AES processing units share a key expansion unit so as to save the chip area or hardware resources. To optimize the design of the SubBytes unit in the AES algorithm, the look-up functionality of the S-box is directly realized with the built-in BRAM on the underlying FPGA device and hence decreases the number of LUTs needed, and it is implemented with the composite field operation on the ASIC technique to save 25% logic gates used. In the GHASH module design, two pipelining finite fields GF(2128) multipliers with appropriate data scheduling are utilized. In addition, realizing the finite field multiplication with the Karatsuba algorithm can further save 50.7% of hardware resources.
The resulting AES-GCM IP has been implemented and verified with a Xilinx Virtex 5 series device, the XC5VLX220, and a TSMC 0.18-μm cell library. In the FPGA implementation, the working frequency can achieve 223.314 MHz, yielding the maximum throughputs of 57.17 Gbps. The number of slices used is 5944, and the number of BRAMs is 109. The resulting ASIC can operate at 197.239 MHz and achieve a high throughput of 50.49 Gbps. The core area of the chip is 6552.3 μm × 6516 μm with 348.986 k gate counts. The core power consumption is 860.648 mW, and the I/O Pad power consumption is 605.883 mW.
[1] K.-S. Han, K.-O. Kim, T. W. Yoo, and Y. Kwon, “The Design and Implementation of MAC Security in EPON,” in Proc. of the IEEE International Conference on Advanced Communication Technology (ICACT), pp. 20-22, Gangwon-Do, Korea, Feb. 20-22, 2006.
[2] D.A. McGrew and J. Viega, “The Galois/Counter Mode of Operation (GCM),” http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm/gcm-revised-spec.pdf, May 2005.
[3] D.A. McGrew and J. Viega, “The Security and Performance of the Galois/Counter Mode (GCM) of Operation (Full Version),”
http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm/gcm-ad.pdf, 2008.
[4] NIST, “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) for Confidentiality and Authentication,” Draft Special Publication 800-38D, http://csrc.nist.gov/publications/drafts/Draft-NIST_SP800-38D_Public_Comment.pdf, Apr. 2006.
[5] IEEE, IEEE Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security, IEEE Std 802.1AE-2006, pp. 1-150, Aug. 18, 2006.
[6] William Stallings, Cryptography and Network Security Principles and Practice, Seventh edition, Pearson, 2016.
[7] Y. Huang, Y. Lin, K. Hung and K. Lin, “Efficient Implementation of AES IP,” in Proc. of the IEEE Asia Pacific Conference on Circuits and Systems, pp. 1418-1421, Singapore, Dec. 04-07, 2006.
[8] FIPS Publication 197, Advanced Encryption Standard (AES), U.S. DoC/NIST, Nov. 2001.
[9] K. Gaj and P. Chodowiec, “Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware,” in Proc. of the Third Advanced Encryption Standard (AES3) Candidate Conference, pp. 1-15, New York, USA, Apr. 13-14, 2000.
[10] X. Zhang and K. K. Parhi, “High-Speed VLSI Architectures for the AES Algorithm,” IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 12, no. 9, pp. 957-967, Sept. 2004.
[11] A. Joshi, P. K. Dakhole and A. Thatere, “Implementation of S-Box for Advanced Encryption Standard,” in Proc. of the 2015 IEEE International Conference on Engineering and Technology (ICETECH), pp. 1-5, Coimbatore, Tamil Nadu, India, Mar. 20, 2015.
[12] A. Karatsuba and Yu. Ofman, “Multiplication of Many-Digital Numbers by Automatic Computers,” in Proc. of the USSR Academy of Sciences, vol. 14, no. 145, pp. 293-294, Dec. 1962.
[13] A. A. Karatsuba, “The Complexity of Computations (PDF),” in Proc. of the Steklov Institute of Mathematics, vol. 211, pp. 169-183, Jan. 1995.
[14] T. Chen, W. Huo and Z. Liu, “Design and Efficient FPGA Implementation of Ghash Core for AES-GCM,” in Proc. of the 2010 International Conference on Computational Intelligence and Software Engineering (CISE), pp. 1-4, Wuhan, China, Dec. 10-12, 2010.
[15] K. M. Abdellatif, R. Chotin-Avot and H. Mehrez, “Improved Method for Parallel AES-GCM Cores Using FPGAs,” in Proc. of the 2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig), pp. 1-4, Cancun, Quintana Roo, Mexico, Dec. 09-11, 2013.
[16] L. Henzen and W. Fichtner, “FPGA Parallel-Pipelined AES-GCM Core for 100G Ethernet Applications,” in Proc. of the European Conference on Solid-State Circuits (ESSCIRC), pp. 202-205, Sevilla, Spain, Sep.13-17, 2010.
[17] G. Zhou and H. Michalik, “Improving Throughput of AES-GCM with Pipelined Karatsuba Multipliers on FPGAs,” Reconfigurable Computing: Architectures, Tools and Applications, pp. 193-203, 2009.
[18] B. Yang, S. Mishra, and R. Karri, “High Speed Architecture for Galois/Counter Mode of Operation (GCM),’’ Cryptology ePrint Archive: Report 2005/146,
http://eprint.iacr.org/2005/146.pdf, Jun. 2005.
[19] IP Cores, Inc., “GCM1/GCM2 802.1ae (MACSec) GCM/AES Cores,” http://www.ipcores.com/IEEE802.1AE-AES-GCM-Core.htm, 2006.
[20] A. Satoh, “High-Speed Hardware Architectures for Authenticated Encryption Mode GCM,” in Proc. of the 2006 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 4831-4834, Kos, Greece, May 21-24, 2006.
[21] A. Satoh, “High-Speed Parallel Hardware Architecture for Galois Counter Mode,” in Proc. of the 2007 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1863-1866, New Orleans, USA, May 27-30, 2007.
[22] 陳思云,設計與實現一個高效能AES-CCM加密驗證演算法之IP,碩士論文-國立台灣科技大學電子工程系,2021年。
[23] 張祐菘,基於AXI4介面的管線是AES矽智財設計與驗證,碩士論文-國立台灣科技大學電子工程系,2019年。
全文公開日期 2025/07/11 (校內網路)全文公開日期 2025/07/11 (校外網路)
全文公開日期 2025/07/11 (國家圖書館:臺灣博碩士論文系統)