GCM implementations of Camellia-128 and SMS4 by optimizing the polynomial multiplier

In some scenarios, the cryptographic primitives should support more than one functionality. Authenticated Encryption/Verified Decryption (AEVD) combines encryption and authentication at the same time, which is useful in communication protocols (DNS, IPSEC, etc.). Nevertheless, authenticated encrypti...

Full description

Saved in:
Bibliographic Details
Published in:Microprocessors and microsystems 2016-08, Vol.45, p.129-140
Main Authors: Martínez-Herrera, Alberto F., Mancillas-López, Cuauhtemoc, Mex-Perera, Carlos
Format: Article
Language:English
Subjects:
Architectures
Authentication
Block ciphers
Encryption
FPGAs
GCM
Hardware
IP (Internet Protocol)
Mathematical models
Multipliers
Optimization
Pipeline
Polynomials
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In some scenarios, the cryptographic primitives should support more than one functionality. Authenticated Encryption/Verified Decryption (AEVD) combines encryption and authentication at the same time, which is useful in communication protocols (DNS, IPSEC, etc.). Nevertheless, authenticated encryption needs some optimizations to ensure fast performance. One solution could be the use of the Galois Counter Mode (GCM) scheme. To reach fast performances, this work broadens some GCM models described in Chakraborty et al.’s [D. Chakraborty, C. Mancillas Lopez, F. Rodriguez Henriquez, P. Sarkar, Efficient hardware implementations of BRW polynomials and tweakable enciphering schemes, Comput IEEE Trans 62 (2) (2013) 279–294, doi:10.1109/TC.2011.227] work with two changes. The first one is focused on speeding-up the polynomial multiplier necessary to perform the authentication process. That polynomial multiplier is extended for supporting four stages, based on the well-known Karatsuba–Ofman algorithm. The second one is the modification of two known block ciphers such as Camellia-128 and SMS4 with the GCM scheme. The constructed GCM is able to support variable-length messages greater than 512 bits. The throughput of the polynomial multiplier is greater than 28 Gbps for all the tested platforms. The independent block ciphers in encryption-only mode reach a throughput greater than 28 Gbps, and for all the GCM cases reported in this manuscript the throughput is greater than 9.5 Gbps.
ISSN:0141-9331
1872-9436
DOI:10.1016/j.micpro.2016.04.006