Hardware-Accelerated Cryptography for Software-Defined Networks with P4

conference paper

English

The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for network-oriented data processing. In order to accelerate cryptographic operations, we implement main cryptographic functions by VHSIC Hardware Description Language (VHDL) directly in FPGA, i.e., a symmetric cipher (AES-GCM-256), a digital signature scheme (EdDSA) and a hash function (SHA-3). Our solution then uses these widely-used cryptographic primitives as basic external P4 functions which can be applied in various customized security use cases. Thus, our solution allows engineers to avoid hardware development (VHDL) and offers rapid prototyping by using the high-level language (P4). Moreover, we test these cryptographic components on the UltraScale+ FPGA card and we present their hardware consumption and performance results.

Cryptography; FPGA; hardware acceleration; digital signing; high-speed encryption; P4; software defined networks

MALINA, L.; SMÉKAL, D.; RICCI, S.; HAJNÝ, J.; CÍBIK, P.; HRABOVSKÝ, J.

25. 2. 2021

Springer

0302-9743

Lecture Notes in Computer Science

12596

2021

Federal Republic of Germany

271

287

16