http://iet.metastore.ingenta.com
1887

Hardware variant NSP with security-aware automated preferential algorithm

Hardware variant NSP with security-aware automated preferential algorithm

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Computers & Digital Techniques — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Efficient and cost-effective hardware design of network security processor (NSP) is of vital importance in the present era due to the increasing need of security infrastructure in a wide range of computing applications. Here, the authors propose an NSP in field programmable gate array (FPGA) platform where according to a strict power, throughput, resource, and security priorities, a proposed preferential algorithm chooses a cipher suite to program the hardware. The choice is based on a rank list of available cipher suites depending on efficient system index evaluated in terms of power, throughput, resource, and security data and their given weights by the user. Encryption, hash, and key exchange algorithm along with their architectural variants serve excellent hardware flexibility whose bit files are stored in secure digital memory. The proposed design used an isolated key memory where secret keys are stored in encrypted form along with the hash value. The design is implemented using ISE14.4 suite with ZYNQ7z020-clg484 FPGA platform. The performances of the variants architecture of the crypto algorithms are considerably better in terms of power, throughput, and resource than the existing works reported in the literature.

References

    1. 1)
      • 1. Kim, H.W., Lee, S.: ‘Design and implementation of a private and public key crypto processor and its application to a security system’, IEEE Trans. Consum. Electron., 2004, 50, (1), pp. 214224.
    2. 2)
      • 2. Mpc 190 security processor fact sheet motorola 2003, publishers-freescale semiconductor. 2003.
    3. 3)
      • 3. BROADCOM. Broadcom (2004). bcm 5840 gigabit security processor.
    4. 4)
      • 4. Wang, C.-H., Lo, C.-Y., Lee, M.-S., et al: ‘A network security processor design based on an integrated soc design and test platform’. Design Automation Conf., 2006 43rd ACM/IEEE, 2006, pp. 490495.
    5. 5)
      • 5. Hifn 2008.hifn 7954 security accelerator data sheet.
    6. 6)
      • 6. Wang, H., Bai, G., Chen, H.: ‘A gbps ipsec ssl security processor design and implementation in an fpga prototyping platform’, J. Signal Process. Syst., 2010, 58, (3), pp. 311324.
    7. 7)
      • 7. Paul, R., Chakrabarti, A., Ghosh, R.: ‘Multi core ssl/tls security processor architecture and its {FPGA} prototype design with automated preferential algorithm’, Microprocess. Microsyst., 2016, 40, pp. 124136.
    8. 8)
      • 8. Kieselmann, O., Kopal, N., Wacker, A.: ‘Ranking cryptographic algorithms’ (Springer International Publishing, Cham, 2014), pp. 151171.
    9. 9)
      • 9. Karlton, P., Frier, A., Kocher, P.: ‘The ssl protocol version 3.0’, November 1996.
    10. 10)
      • 10. Isobe, T., Tsutsumi, S., Seto, K., et al: ‘10 gbps implementation of tls/ssl accelerator on fpga’. 2010 18th Int. Workshop on Quality of Service (IWQoS), June 2010, pp. 16.
    11. 11)
      • 11. United nations statistics division – pcs (2013).
    12. 12)
      • 12. Barker, A.R.E.: ‘Transitions: recommendation for transitioning the use of cryptographic algorithms and key lengths’. volume abs/1609.01389, January 2011.
    13. 13)
      • 13. Paul, R, Shukla, S.K.: ‘A high speed KECCAK coprocessor for partitioned NSP architecture on FPGA platform’ (Springer Singapore, Singapore, 2017), pp. 507518.
    14. 14)
      • 14. Bernstein, D.J., Lange, T., Schwabe, P.: ‘The security impact of a new cryptographic library’ (Springer Berlin Heidelberg, Berlin, Heidelberg, 2012), pp. 159176.
    15. 15)
      • 15. Hell, M., Johansson, T., Meier, W.: ‘Grain: a stream cipher for constrained environments’, Int. J. Wirel. Mobile Comput., 2007, 2, (1), pp. 8693.
    16. 16)
      • 16. Peeters, M., Bertoni, G., Daemen, J., et al: ‘Keccak sponge function family main document’. Available at http://keccak.noekeon.org, April 2009.
    17. 17)
      • 17. Maitra, S, Paul, G.: ‘Analysis of RC4 and proposal of additional layers for better security margin’ (Springer Berlin Heidelberg, Berlin, Heidelberg, 2008), pp. 2739.
    18. 18)
      • 18. Chakrabarti, A., , Ghosh, R., Paul, R., Dey, H.: ‘Accelerating more secure rc4: implementation of seven fpga designs in stages upto 8 byte per clock’. volume abs/1609.01389, 2016.
    19. 19)
      • 19. Paul, R., Saha, S., Pal, C., et al: ‘Novel architecture of modular exponent on reconfigurable system’. 2012 Students Conf. on Engineering and Systems (SCES), March 2012, pp. 16.
    20. 20)
      • 20. ESTREAM. Grain software implementation.
    21. 21)
      • 21. Peeters, M., Bertoni, G., Daemen, J., et al: ‘Keccak software implementation’.
    22. 22)
      • 22. Lu, J., Lockwood, J.: ‘Ipsec implementation on xilinx virtex-ii pro fpga and its application’. 2005. Proc. 19th IEEE Int. Parallel and Distributed Processing Symp., April 2005, p. 158b.
    23. 23)
      • 23. McLoone, M., McCanny, J.V.: ‘A single-chip ipsec cryptographic processor’. IEEE Workshop on Signal Processing Systems, 2002. (SIPS ‘02), October 2002, pp. 133138.
    24. 24)
      • 24. Gupta, S.S., Sinha, K., Maitra, S., et al: ‘One byte per clock: a novel rc4 hardware’. InGong, G., Gupta, K. (Eds.): ‘Progress in cryptology – INDOCRYPT 2010, volume 6498 of Lecture Notes in Computer Science’ (Springer Berlin, Heidelberg, 2010), pp. 347363. 10.1007/978-3-642-17401-8_24.
    25. 25)
      • 25. Gupta, S.S., Chattopadhyay, A., Sinha, K, et al: ‘High-performance hardware implementation for rc4 stream cipher’, IEEE Trans. Comput., 2013, 62, (4), pp. 730743.
    26. 26)
      • 26. Aumasson, J.-P., Dinur, I., Henzen, L., et al: ‘Efficient FPGA implementation of high-dimensional cube testers on the stream cipher grain-128’.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-cdt.2018.0006
Loading

Related content

content/journals/10.1049/iet-cdt.2018.0006
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address