Conference Paper

Very High Speed 17 Gbps SHACAL Encryption Architecture.

DOI: 10.1007/978-3-540-45234-8_12 Conference: Field Programmable Logic and Application, 13th International Conference, FPL 2003, Lisbon, Portugal, September 1-3, 2003, Proceedings
Source: DBLP


Very high speed and low area hardware architectures of the SHACAL-1 encryption algorithm are presented in this paper. The
SHACAL algorithm was a submission to the New European Schemes for Signatures, Integrity and Encryption (NESSIE) project and
it is based on the SHA-1 hash algorithm. To date, there have been no performance metrics published on hardware implementations
of this algorithm. A fully pipelined SHACAL-1 encryption architecture is described in this paper and when implemented on a
Virtex-II X2V4000 FPGA device, it runs at a throughput of 17 Gbps. A fully pipelined decryption architecture achieves a speed
of 13 Gbps when implemented on the same device. In addition, iterative architectures of the algorithm are presented. The SHACAL-1
decryption algorithm is derived and also presented in this paper, since it was not provided in the submission to NESSIE.

10 Reads
  • Source
    • "Virtex • • U Serpent [4] Virtex • • U 0.18 µm Rijndael [5] Virtex-E • • U Camelia [6] Virtex-E • • U Khazad [7] Virtex-E • • U Misty1 [7] Virtex-E • • U Rijndael [5] Virtex-E • • L 0.15 µm RC6 [8] Virtex-II • • U IDEA [9] Virtex-II • • U SHACAL-1 [10] Virtex-II • • U 3DES [11] Virtex-II "
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents FPGA (field programmable gate array) implementations of ICEBERG, a block cipher designed for reconfigurable hardware implementations and presented at FSE 2004. All its components are involutional and allow very efficient combinations of encryption/decryption. The implementations proposed also allow changing the key and encrypt/decrypt (E/D) mode for every plaintext, without any performance loss. In comparison with other recent block ciphers, the implementation results of ICEBERG show a significant improvement of hardware efficiency. Moreover, the key and E/D agility allows considering new encryption modes to counteract certain side-channel attacks.
    International Symposium on Information Technology: Coding and Computing (ITCC 2005), Volume 1, 4-6 April 2005, Las Vegas, Nevada, USA; 01/2005
  • Source
    • "[8] "
    [Show abstract] [Hide abstract]
    ABSTRACT: Intrusion Detection Systems such as Snort scan incoming packets for evidence of security threats. The computation-intensive part of these systems is a text search of packet data against hundreds of patterns, and must be performed at wire-speed. FPGAs are particularly well suited for this task and several such systems have been proposed. In this paper we expand on previous work, in order to achieve and exceed OC192 processing bandwidth (10 Gbps).We employ a scalable architecture, and use extensive fine-grained pipelining to tackle the fan-out, match, and encode bottlenecks and achieve operating frequencies in excess of 340 MHz for fast Virtex devices. To increase throughput, we use multiple comparators and allow for parallel matching of multiple search strings. We evaluate the area and latency cost of our approach and find that the match cost per search pattern character is between 4 and 5 logic cells.
    12/2004: pages 195-207;
  • Source
    • "[8] "
    [Show abstract] [Hide abstract]
    ABSTRACT: The eXtreme Processing Platform (XPP) is a coarse-grained dynamically reconfigurable architecture. Its advanced reconfiguration features make feasible the configure-execute paradigm, the natural paradigm of dynamically reconfigurable computing. This chapter presents a compiler aiming to program the XPP using a subset of the C language. The compiler, apart from mapping the computational structures onto the available resources on the device, splits the program in temporal sections when it needs more resources than the physically available. In addition, since the execution of the computational structures in a configuration needs at least two stages (e.g., configuring and computing), a scheme to split the program such that the reconfiguration overheads are minimized, taking advantage of the overlapping of the execution stages on different configurations is presented.
    12/2004: pages 105-115;
Show more