New version page

A High-Performance Flexible Architecture for Cryptography

Upgrade to remove ads

This preview shows page 1-2-3-4-5 out of 15 pages.

Save
View Full Document
Premium Document
Do you want full access? Go Premium and unlock all 15 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 15 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 15 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 15 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 15 pages.
Access to all documents
Download any document
Ad free experience

Upgrade to remove ads
Unformatted text preview:

IntroductionReconfigurable ComputingCustom Instructions: The $q_x$ Permutation from TwoFishA System ArchitectureCipher ComponentsPipeRenchApplicationsIDEAIDEA in Embedded SystemsCryptonRC6TwofishOther AES AlgorithmsRelated WorkConclusionsA High-Performance Flexible Architecture forCryptographyR. Reed Taylor1and Seth Copen Goldstein21Department of Electrical and Computer Engineering, Carnegie Mellon University,Pittsburgh, PA, 15213, [email protected],WWW home page: http://ece.cmu.edu/˜rt2i2Computer Science Division, School of Computer Science, Carnegie MellonUniversity, Pittsburgh, PA, 15213, [email protected],WWW home page: http://cs.cmu.edu/˜sethAbstract. Cryptographic algorithms are more efficiently implementedin custom hardware than in software running on general-purpose proces-sors. However, systems which use hardware implementations have sig-nificant drawbacks: they are unable to respond to flaws discovered inthe implemented algorithm or to changes in standards. In this paper weshow how reconfigurable computing offers high performance yet flexiblesolutions for cryptographic algorithms. We focus on PipeRench, a recon-figurable fabric that supports implementations which can yield betterthan custom-hardware performance and yet maintains all the flexibilityof software based systems. PipeRench is a pipelined reconfigurable fabricwhich virtualizes hardware, enabling large circuits to be run on limi-ted physical hardware. We present implementations for Crypton, IDEA,RC6, and Twofish on PipeRench and an extension of PipeRench, Pipe-Rench+. We also describe how various proposed AES algorithms couldbe implemented on PipeRench. PipeRench achieves speedups of between2x and 12x over conventional processors.1 IntroductionMost cryptographic algorithms function more efficiently when implemented inhardware than in software. This is largely because customized hardware cantake advantage of bit-level and instruction-level parallelism that is not accessi-ble to general-purpose processors. Hardware implementations, lacking flexibility,can only offer a fixed number of algorithms to system designers. In this paperwe describe a reconfigurable fabric which delivers high performance hardwareimplementations with the flexibility of general-purpose processors.The efficiency of an implementation is directly related to the degree to whichit is customized to perform a given task. Hardware implementations are evenmore efficient when they are customized for a specific instance of an algorithm.For example, a hardware multiplier with one constant operand will generallytake much less area than a general-purpose two operand multiplier.C¸ .K. Ko¸c and C. Paar (Eds.): CHES’99, LNCS 1717, pp. 231–245, 1999.c Springer-Verlag Berlin Heidelberg 1999232 R.R. Taylor and S.C. GoldsteinOf course implementing circuits with such a high degree of specificity in VLSIis generally infeasible because the cost of development and manufacturing mustbe offset by the chip’s applicability. Furthermore, to be responsive, a system musthave some control over its embedded algorithms. For example, if a particularalgorithm is discovered to be insecure, the system is rendered useless unlessa different algorithm can be implemented. Reconfigurable hardware strikes abalance between customization and performance on the one hand and flexibilityand cost on the other hand by permitting any algorithm to be highly customized.Reconfigurable hardware is a general term that applies to any device whichcan be configured, at run-time, to implement a function as a hardware circuit.Reconfigurable devices occupy a middle ground between traditional computingdevices, e.g., microprocessors, and custom hardware. Microprocessors computea function over time by multiplexing a limited amount of hardware using in-structions and registers. They are thus general-purpose and can compute manydifferent functions. At the other end of the spectrum, custom hardware is used toimplement a single function, fixed at chip fabrication time. A reconfigurable de-vice, of which the most common is a Field Programmable Gate Array (FPGA),has sufficient logic and routing resources that it can be configured, or program-med, to compute a large set of functions in space. Later, it can be re-programmedto perform a different set of functions. It shares attributes of microprocessors,in that it can be programmed post-fabrication, and of custom hardware, in thatit can implement a circuit directly; avoiding the need to multiplex hardware.The primary ways in which reconfigurable devices are tailored to an appli-cation are by matching application parallelism with as many function units asneeded, by sizing function units to the word size of the application, by creatingcustomized instructions, by introducing pipelining, and, by eliminating controloverhead associated with the multiplexing of function units as in a microproces-sor.In the next section, we describe how reconfigurable computing devices canachieve the efficiency of highly customized designs while maintaining both cost-effectiveness and security. Section 3 focuses on how the components of typicalcryptographic algorithms map to reconfigurable devices. Section 4 describes apipelined reconfigurable device called PipeRench which overcomes many of theproblems of using commercial FPGAs to implement datapaths. In particularPipeRench supports hardware virtualization which, like virtual memory, allowsdesigns that do not fit on the physical device to run. Section 5 describes ourimplementations of several algorithms on PipeRench and our support of on-the-fly customization even in embedded systems. Related work is covered inSection 6. We conclude in Section 7.2 Reconfigurable ComputingFunctions for which a reconfigurable fabric can provide a significant benefit ex-hibit one or more of the following features:A High-Performance Flexible Architecture for Cryptography 2331. The function operates on bit-widths that are different from the processor’sbasic word size.2. The data dependencies in the function allow multiple function units to ope-rate in parallel.3. The function is composed of a series of basic operations that can be combinedinto a single specialized operation.4. The function can be pipelined.5. Constant propagation can be performed, reducing the complexity of theoperations.6. The input values are reused many times within the computation.These functions take two forms. Stream-based


Download A High-Performance Flexible Architecture for Cryptography
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view A High-Performance Flexible Architecture for Cryptography and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view A High-Performance Flexible Architecture for Cryptography 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?