A High-Throughput Hardware Implementation of NAT Traversal For IPSEC VPN

In this paper, we present a high-throughput FPGA implementation of IPSec core. The core supports both NAT and non-NAT mode and can be used in high speed security gateway devices. Although IPSec ESP is very computing intensive for its cryptography process, our implementation shows that it can achieve high throughput and low lantency. The system is realized on the Zynq XC7Z045 from Xilinx and was verified and tested in practice. Results show that the design can gives a peak throughput of 5.721 Gbps for the IPSec ESP tunnel mode in NAT mode and 7.753 Gbps in non-NAT mode using one single AES encrypt core. We also compare the performance of the core when running in other mode of encryption

Ultra high speed SHA-256 hashing cryptographic module for IPSEC hardware/software codesign

Nowadays, more than ever, security is considered to be critical issue for all electronic transactions. This is the reason why security services like those described in IPSec are mandatory to IPV6 which will be adopted as the new IP standard the next years. Moreover the need for security services in every data packet that is transmitted via IPv6, illustrates the need for designing security products able to achieve higher throughput rates for the incorporated security schemes. In this paper such a design is presented which manages to increase throughput of SHA-256 hash function enabling efficient software/hardware co-design.Inst. Syst. Technol. Inf., Control Commun. (INSTICC),University of Piraeus,University of Piraeus - Research Cente

Ultra high speed SHA-256 hashing cryptographic module for IPSEC hardware/software codesign

Nowadays, more than ever, security is considered to be critical issue for all electronic transactions. This is the reason why security services like those described in IPSec are mandatory to IPV6 which will be adopted as the new IP standard the next years. Moreover the need for security services in every data packet that is transmitted via IPv6, illustrates the need for designing security products able to achieve higher throughput rates for the incorporated security schemes. In this paper such a design is presented which manages to increase throughput of SHA-256 hash function enabling efficient software/hardware co-design

FPGA-Based Testbed for Fault Injection on SHA-256

In real world applications, cryptographic algorithms are implemented in hardware or software on specific devices. An active attacker may inject faults during the computation process and careful analysis of faulty results can potentially leak secret information. These kinds of attacks known as fault injection attacks may have devastating effects in the field of hardware and embedded cryptography. This research proposes a partial implementation of SHA-256 along with an onboard fault injection circuit implemented on an FPGA. The proposed fault injection circuit is used to generate glitches in the clock to induce a setup time violation in the circuit and thereby produce error(s) in the output. The main objective of this research is to study the viability of fault injection using the clock glitches on the SHA-256

Simulation-Based Power Estimation for High Throughput SHA-256 Design on Unfolding Transformation

In recent years, security has grown in importance as a research topic. Several cryptographic SHA-256 hash algorithms have been developed to enhance the performance of data-protection techniques. In security system designs where data transmission must be properly encrypted to avoid eavesdropping and unwanted monitoring, the Hash Function is vital. In constructing the SHA-256 algorithm, high speed, compact size, and low power consumption are all factors to be taken into account for an efficient implementation. The purpose of this project is to reduce dynamic thermal power dissipation of SHA-256 unfolding transformation. State encoding is a method used in reducing power design strategies that have been proposed to lower the dynamic power dissipation of the algorithm. The algorithms are successfully designed using the Altera Quartus II platform. The ModelSim is used to test how accurate the results of simulations written in Verilog code are and to validate them. This study presents the unfolding transformation with Gray encoding approach to reduce the SHA-256 design's power consumption and increase its throughput. The SHA-256 unfolding transformation reduces the amount of clock cycles required for conventional architecture. In this research, the dynamic power SHA-256 unfolding factor 4 with Gray encoding reduces by 43.4 percent from Binary encoding with high throughput of the design. Therefore, it was suggested that to provide high performance of the embedded security system design, an unfolding transformation with Gray encoding design can be applied to the hash function design. Thus, the performance of the SHA-256 design can be greatly enhanced by changing the state encoding with the high number of unfolding factors. Based on this technology, the Power Analyzer in Altera Quartus II may produce an accurate simulation-based power assessment