全流水线高速AES_GCM算法的FPGA优化设计  被引量：1

作　　者：赵亮[1] 李斌[1] 周清雷[1] 陈晓杰 ZHAO Liang;LI Bin;ZHOU Qing-lei;CHEN Xiao-jie(School of Computer and Artificial Intelligence,Zhengzhou University,Zhengzhou 450001,China;State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China)

机构地区：[1]郑州大学计算机与人工智能学院,郑州450001 [2]数学工程与先进计算国家重点实验室,郑州450001

出　　处：《小型微型计算机系统》2023年第8期1833-1841,共9页Journal of Chinese Computer Systems

基　　金：国家重点研发计划“公共安全风险防控与应急技术装配”重点专项项目(2018XXXXXXX01)资助;国家自然科学基金项目(61702518)资助。

摘　　要：随着高速有线网络的快速发展,应用场景越来越多样,相应带来的数据传输等安全问题也越来越突出,所以需要研究适用于更高速度网络的数据加密及认证方法.本文结合高速网络发展和应用背景,对AES_GCM算法深入分析,缩短其关键路径,使其效率最大化,采用Karatsuba乘法器和快速求余对GHash算法进行了进一步优化,设计了一种基于GHash结构优化的高速并行的全流水线AES_GCM松耦合加密结构.同时,根据碰撞攻击的特点提出了基于随机矩阵和随机时延的SBoX电路结构,使得电路具有较高效率的同时也具有较高的抗攻击性.实验表明,本文所提方法具有较高的吞吐量和计算性能,能够满足100G网络需求,同时保证电路自身的安全性,具有较高的灵活性、易用性.With the rapid development of high-speed wired networks,the application scenarios are more and more diverse,and the corresponding security problems such as data transmission are more and more prominent.Therefore,it is necessary to study data encryption and authentication methods suitable for higher speed networks.In this paper,based on the development and application background of high-speed network,AES_GCM algorithm is deeply analyzed to shorten its critical path and maximize its efficiency.Karatsuba multiplier and fast redundancy are used to further optimize GHash algorithm.A high-speed parallel full pipeline AES_GCM loosely coupled encryption structure is designed based on GHash structure optimization.Meanwhile,according to the characteristics of collision attack,the SBox circuit structure based on random matrix and random delay is proposed,which makes the circuit have high efficiency and high anti-attack capability.Experimental results show that the proposed method has high throughput and computational performance,and can meet the requirements of 100G network,and at the same time ensure the circuit's own security,with high flexibility and ease of use.

关 键 词：FPGA AES GHash 加密认证 网络安全 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]