An adaptive cryptographic engine for IPSec architectures

A. Dandalis, V.K. Prasanna, J.D.P. Rolim
Proceedings 2000 IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00871)  
Architectures that implement the Internet Protocol Security (IPSec) standard have to meet the enormous computing demands of cryptographic algorithms. In addition, IPSec architectures have to be flexible enough to adapt to diverse security parameters. This paper proposes an FPGAbased Adaptive Cryptographic Engine (ACE) for IPSec architectures. By taking advantage of FPGA technology, ACE can adapt to diverse security parameters on the fly while providing superior performance compared with
more » ... mpared with softwarebased approaches. For example, for the final candidate algorithms of the Advanced Encryption Standard (AES), our techniques lead to throughput speed-up of £ ¥ ¤ § ¦ © while the key-setup latency time is reduced by a factor of ¦ ¤ © © compared with software-based approaches. We also develop a compression technique that reduces the memory requirements of ACE without the need for dedicated hardware. Though data compression has been extensively studied before, we are not aware of any prior work that addresses the compression problem of FPGA-based embedded systems with respect to the implementation cost. Using our technique, we demonstrate up to £ savings in memory for various configuration bit-streams.
doi:10.1109/fpga.2000.903400 dblp:conf/fccm/DandalisPR00 fatcat:jr5lazvhdredtftanpkzhilrqi