Field programmable port extender (FPX) for distributed routing and queuing
FPGA '00 Proceedings of the 2000 ACM/SIGDA eighth international symposium on Field programmable gate arrays
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on programmable networks
Implementation of a Content-Scanning Module for an Internet Firewall
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Proceedings of the conference on Design, automation and test in Europe
A Gbps IPSec SSL Security Processor Design and Implementation in an FPGA Prototyping Platform
Journal of Signal Processing Systems
Reconfigurable memory based AES co-processor
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Rescheduling for optimized SHA-1 calculation
SAMOS'06 Proceedings of the 6th international conference on Embedded Computer Systems: architectures, Modeling, and Simulation
Design and implementation of an FPGA-Based 1.452-gbps non-pipelined AES architecture
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Hi-index | 0.00 |
In this paper, we propose an IPSec implementation on Xilinx Virtex-II Pro FPGA1. We move the key management and negotiation into software function calls that run on the PowerPC processor core. On the data path, reconfigurable hardware logic implements time-critical functions for AES encryption and HMAC authentication. In our approach, the fast hardware processing is quasi-independent of the software processing. In traditional hardware systems, it is often the case that fast hardware modules wait for slow softwares to feed input data and retrieve output data. This causes the hardware component to stay in idle and suffer low utilization. Our contribution in this paper is to separate the IPSec data path from the control path, where the hardware has a full control of data processing and invokes the control software only when necessary. We illustrate the use of the IPSec implementation on a reconfigurable network device to secure the control and configuration channel.