An Adaptive Cryptographic Engine for IPSec Architectures

  • Authors:
  • Andreas Dandalis;Viktor K. Prasanna;Jose D. P. Rolim

  • Affiliations:
  • -;-;-

  • Venue:
  • FCCM '00 Proceedings of the 2000 IEEE Symposium on Field-Programmable Custom Computing Machines
  • Year:
  • 2000

Quantified Score

Hi-index 0.00

Visualization

Abstract

Architectures that implement the Internet Protocol Security (IPSec) standard have to meet the enormous computing demands of cryptographic algorithms. In addition, IPSec architectures have to be flexible enough to adapt to diverse security parameters. This paper proposes an FPGA-based Adaptive Cryptographic Engine (ACE) for IPSec architectures. By taking advantage of FPGA technology, ACE can adapt to diverse security parameters on-the- fly while providing superior performance compared with software-based approaches.For example, for the case of the Advanced Encryption Standard (AES), our techniques lead to throughput speed-up of 4-20 while the latency time is reduced by a factor of 20-700 compared with software-based approaches. We also develop a compression technique that reduces the memory requirements of ACE without the need for dedicated hardware. Though data compression has been extensively studied before, we are not aware of any prior work that addresses the compression problem of FPGA-based platforms with respect to the implementation cost. Using our technique, we demonstrate up to 40% savings in memory for various configuration bitstreams.