Detail publikace

Hardware-Accelerated Encryption with Strong Authentication

MARTINÁSEK, Z. HAJNÝ, J. MALINA, L. MATOUŠEK, D.

Originální název

Hardware-Accelerated Encryption with Strong Authentication

Typ

článek ve sborníku ve WoS nebo Scopus

Jazyk

angličtina

Originální abstrakt

With the growing amount of data transferred over communication networks, the high-speed encryption systems are becoming a hot topic. The paper is focused on the design and implementation of a hardware-accelerated encryption system based on 100 Gbps FPGA (Field Programmable Gate Array) network cards. First, an AES (Advanced Encryption Standard)-based encryption system is designed and implemented on the FPGA platform using the VHDL (VHSIC Hardware Description Language). The AES core is implemented using the GCM (Galois/Counter Mode) so that both confidentiality and integrity of data are provided. The AES core is then integrated with a strong authentication subsystem based on programmable smart-cards used for storing sensitive cryptographic material. The authentication subsystem implements the IKE protocol using shared secrets. In contrast to existing implementations, the keys used for authentication never leave a tamper-proof device in our system, all cryptographic operations are implemented on the smart-cards. The use of smart-cards significantly increases the security of the system as the keys do not have to be stored on a shared vulnerable file system any more. The resulting system is compliant with IPsec specification and will be interoperable with existing implementations. The paper contains the description of the system, results of the implementation benchmarks on the NFB-40G2 (Xilinx, Virtex-7) cards and proposals for next development.

Klíčová slova

AES, Authentication, Encryption, IPsec, FPGA, GCM, Security, Smart card

Autoři

MARTINÁSEK, Z.; HAJNÝ, J.; MALINA, L.; MATOUŠEK, D.

Vydáno

2. 6. 2017

ISSN

2336-5587

Periodikum

Security and Protection of Information

Ročník

1

Číslo

1

Stát

Česká republika

Strany od

1

Strany do

10

Strany počet

10

BibTex

@inproceedings{BUT136731,
  author="Zdeněk {Martinásek} and Jan {Hajný} and Lukáš {Malina} and Denis {Matoušek}",
  title="Hardware-Accelerated Encryption with Strong Authentication",
  booktitle="Security and Protection of Information",
  year="2017",
  journal="Security and Protection of Information",
  volume="1",
  number="1",
  pages="1--10",
  issn="2336-5587"
}