efficient hardware accelerator for ipsec based on partial

IntroductionPrevious WorkMethodology

ResultsSummary

Efficient Hardware Accelerator for IPSec based onPartial Reconfiguration on Xilinx FPGAs

Ahmad Salman Marcin Rogawski Jens-Peter Kaps

Cryptographic Engineering Research Group (CERG)http://cryptography.gmu.edu

Department of ECE, Volgenau School of Engineering,George Mason University, Fairfax, VA, USA

Int. Conference on ReConFigurable Computing and FPGAsReConFig 2011

ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 1 / 26

http://cryptography.gmu.edu


ResultsSummary

Outline

1 Introduction

2 Previous Work

3 Methodology

4 Results

5 Summary



ResultsSummary

IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms

Introduction

Internet Protocol Security (IPSec) provides security againstattacks on data transmitted over the Internet.

ProvidesAuthentication → Information SourceConfidentiality → EncryptionData Integrity → Data alteration



ResultsSummary


Supported Protocols

IPSec uses a series of protocols to provide security services

The Encapsulating Security Payload (ESP) Protocol.

The Authentication Header (AH) protocol.

The Internet Key Exchange (IKEv2) protocol in version two.

These protocols make use of various cryptographic algorithms.



ResultsSummary


Supported Protocols

Protocol Security Service Provided Supported AlgorithmESP confidentiality through

encryption and optionaldata integrity

AES in CBC or CTR modeand AES-XCBC-MAC-96

AH connectionless integrityand data origin authenti-cation

HMAC-SHA1-96, AES-XCBC-MAC-96, HMAC-SHA-256

IKE negotiates connection pa-rameters

Diffie-Hellman scheme in1024 or 2048 bits groupsand AES in PRNG mode

Table: IPSec Supported Protocols and Algorithms



ResultsSummary


IPSec Implementations

Software

← Flexible

Fast →

Hardware



ResultsSummary


FPGA Platforms

Among popular implementations of IPSec in hardware arethose that target FPGAs

Problem

Resource limited devices.

More resources = more money.

Solution

Hardware/Software co-design.

Partial Reconfiguration.



ResultsSummary

IPSec FPGA ImplementationsIPSec ImplementationsOur Design

Implementations using Partial Reconfiguration

Authors EmbeddedProcessor

Hardware Software Implemen-tation

G.Gogniatet al.

No AES in Differ-ent modes

No IPSec

I. Gonzaleset al.

Microblaze AES, RC4,IDEA

PR Initia-tion

VOIP SSL

I. Gonzaleset al.

Microblaze 3DES, AES MD5 SSH

K.Anjo,T. Awashima

DPR-1 AES, DES,CAST128,256,MD5

HMAC IPSec



ResultsSummary


Other Implementations

Author Implementation Hardware Software Applica-tion

A.Dandalis,V. Prasanna

AES Finalists MARS, RC6,Rijndael, Ser-pent, Twofish

No IPSec

KAMEProject

IPSEC SupportedAlgorithms

No Racoon IPSec

J. Lu,J. Lockwood

AES,HMAC-MD5,HMAC-SHA1

AES,HMAC-MD5,HMAC-SHA1

Key Ne-gotiation

IPSec

CommercialProducts

FortiGate, HelionCrypto Accelera-tor 4000

IPSecSSHHTTPS



ResultsSummary


Proposed Design

Table: Hardware-Software co-design implementation details of proposedIPSec system

ImplementationIn Hardware In Software ApplicationAES CBC, CTR modes ESP

MAC-XCBC-96 AHXCBC-PRF-128 IKEv2

SHA-256 HMAC AHMODEXP Pre-Calculations IKEv2- Round Robin PR trigger

scheduling algorithm



ResultsSummary

System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology

Queues

Output Queue

Network

ESP Queue

AH Queue

IKEV2 Queue

Status

NetworkIPSec

coprocessor

Scheduling

Algorithm

Figure: Synchronization Circuit Between Hardware and Software



ResultsSummary


Partial Reconfiguration

Partial Reconfiguration (PR) is a process of configuring aportion of the FPGA while the other part is still running.

A relatively new techniqueAltera Stratix V.

A PR system is divided intoStatic region known as Base Region (BR).Dynamic regions known as Partial Reconfigurable Regions(PRR).Reconfigurable Modules (RMs)



ResultsSummary


Partial Reconfigurable Hardware in the System

AES

Embedded

Processor

(MB)Coprocessor

IPsec

(PRR)

On−chip Peripheral Bus

(OPB)

(ICAP)Internal Configuration Access Port

MODEXPSHA256

(RM) (RM)(RM)

ExternalMemory



ResultsSummary


Hardware/Software Synchronization Circuit

RD_ACK

FFin out

rst

FFin out

rst

32

32 32

32

rst

data_in

data_out

dst_ready

dst_write

SoftwareInputReg

SoftwareOutputReg

OPB

CLKRST

src_read

IPSecCo−ProcessorMicroblaze

rst

rst

src_readyWR_ACK



ResultsSummary


System Software

Drivers for the hardware peripherals.

Internal Control Access Port (ICAP) API initialization.

Modes of Operations.Cipher Block Chaining (CBC) mode.Counter (CTR) mode.

Hashed Message Authentication Code (HMAC) Calculation

Pre-Computations.



ResultsSummary


Experiment Methodology

Implementation of individual cryptographic algorithms innon-PR designs.

Creation of the PR design with all three algorithms.

Assign Tasks to the system processor through the scheduler.



ResultsSummary

PR SystemRM ImplementationsAES ComparisonsSystem Performance

PR Implementation Results

Table: Summary for Implementations on XC4VFX12 Virtex-4 FPGA

Device Utilization Summary PR Design Non-PR DesignStatic Dynamic

Resource Logic Used Used UsedNumber of Slices 1588 2148 5506

Number of Slice Flip Flops 1566 1008 3906Number of 4 input LUTs 2059 3600 8140

Number of DSP48 0 3 3Number of FIFO16/RAMB16s 33 0 0



ResultsSummary


Utilization Percentage

29% Static

39% Dynamic

32% Unused

PR Design Utilization

0%

20%

40%

60%

80%

100%

120%

Slices FlipFlop 4 Input LUTs DSP48

V4FX12 Resource Percentage

Full Design Implementation



ResultsSummary


Independent Cores Implementations

Table: Summary for Implementations on XC4VFX12 Virtex-4 FPGA

Device Utilization Implementations for each coreSummary independently

AES SHA-256 MODEXPResource Logic Used Used UsedNumber of Slices 1862 952 499

Number of Slice Flip Flops 807 1008 421Number of 4 input LUTs 3600 1632 861

Number of DSP48 0 0 3Number of FIFO16/RAMB16s 0 0 0



ResultsSummary


Dynamic Region Utilization

0%

20%

40%

60%

80%

100%

120%

Slices Flip Flops 4 input LUTs DSP48

AES

SHA256

MODEXP

Dynam

ic Region Percentage

Figure: Utilization for each core independentlyReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 20 / 26


ResultsSummary


AES Throughput in a PR design

Work AES Throughput [MB/S]A. Dandalis and V. Prasanna 353Y. Hasegawa et al. 363G. Gogniat et al. 422Our Design 711

Table: Comparing our AES throughput to other implementations



ResultsSummary


ESP Time-Slot

Bit

s B

uff

ered

PR ESP time slot

Processing timeBuffering time

Time

PR IKEV2

0

20

40

60

80

100

120

140

160

180

0

100

200

300

400

500

600

700

800

0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 2 2.1 2.2

Throughput

Buffer

Buffe

r Size[M

b]

Throughput[Mb/s]

ESP Time Till PR[s]

Maximum Throughput



ResultsSummary


System Latency Vs Throughput

0.1 0.3 0.5 0.7 0.9 1.1 1.3 1.5 1.7 250

300

350

400

450

500

550

600

650

0.1 0.3

0.5 0.7

0.9 1.1

1.3 1.5

1.7

Throughput [M

b\s]



ResultsSummary

ConclusionFuture Work

Conclusion

The proposed design provides a low cost solution for IPSec inHardware.

A scheduling algorithm was used to handle task assignments.

Benefits of implementing IKEV2 as RM.

Results show that the design performs well with high trafficnetworks.



ResultsSummary


Future Work

Implementing the design on Faster FPGA families.

Use new tools.

Extending the number of supported algorithms.

Implementing the AES core as part of the static region.



ResultsSummary


Thanks for your attention.


efficient hardware accelerator for ipsec based on partial

Documents