Configurable Hardware Implementations of Bulk Encryption Units for Wireless Communications
Hardware implementations of bulk encryption units for wireless communications are presented in this paper. These units are based on the Triple DES (TDES) block cipher. The hardware modules can be configured in order to implement either the TDES or the DES block cipher. Three different hardware implementations of TDES are proposed. The first two implementations are based on the pipeline design technique, while the third implementation uses the traditional feedback logic design technique (looping). In addition, the DES block cipher’s S-BOXes have been implemented by Look Up Tables (LUTs) and/or ROM blocks. Comparing with the LUTs, the ROM blocks implementation approach provides higher performance. But, the LUTs implementation approach is used in cases where the ROM blocks are not available. For high-speed performance applications the loop unrolling architecture is selected. The proposed implementation of this architecture achieves 7.36 Gbps data throughput whilst the 16-stage pipeline 2.45 Gbps. The implementation data throughput which is based on the looping architecture is 121 Mbps, but is used significant less hardware resources.
[1] ATM Forum, ATM Security Specification Version 1.0, ATM-SEC-01.0100, The ATM Forum, Security Working Group, 1999.
[2] Chodowiec P., Gaj K., Bellows P., and Schott B., “Experimental Testing of the Gigabit IPSec- Compliant Implementations of Rijndael and Triple DES Using SLAAC-1V FPGA Accelerator Board,” in Proceedings of Information Security Conference, Malaga, Spain, pp. 220-234, October 2001.
[3] Data Encryption Standard, Federal Information Processing Standard (FIPS) 46, National Bureau of Standards, 1977.
[4] ETSI TS 101 761-1 V1.2.1, Broadband Radio Access Networks (BRAN), HIPERLAN Type 2, Data Link Control (DLC) Layer, Part 1: Basic Data Transport Functions, 2000.
[5] ETSI TS 148 018, Digital Cellular Telecommunications System (Phase 2+), General Packet Radio Service (GPRS), Base Station System (BSS)-Serving GPRS Support Node (SGSN), BSS GPRS Protocol, May 2002, available at http://webapp.etsi.org/action/PU/ 20020611/ts_148018v050300p.pdf/. 126 The International Arab Journal of Information Technology, Vol. 1, No. 1, January 2004
[6] Federal Information Processing Standards Publication 140-1, “Security Requirements for Cryptographic Modules,” U. S. Department of Commerce/ NIST, Springfield, VA: NIST, 1994.
[7] Feldmeier C. D. and Karn R. P., “UNIX Password Security-Ten Years Later,” CRYPTO’89, Santa Barbara, California, USA, pp. 44-63, 1989.
[8] Global System for Mobile Communications, Specifications, available at http://www.etsi.org/.
[9] Kwon O., Seike H., Kajisaki H., and Kurokawa T., “Implementation of AES and Triple-DES Cryptography Using a PCI-based FPGA Board,” in Proceedings of the International Technical Conference on Circuits/ Systems, Computers and Communications 2002, ITC-CSCC-2002, Phuket, Thailand, July 16-19, 2002.
[10] Leitold H., Mayerwieser W., Payer U., Posch C. K., Posch R., and Wolkerstorfer J., “A 155 Mbps Triple-DES Network Encryptor,” in Proceedings of Cryptographic Hardware and Embedded Systems (CHES' 2000), USA, August 2000.
[11] NIST Special Pubilication 800-20, “Modes of Operation Validation System for the Triple Data Encryption Algorithm,” National Institute of Standard and Technology, 2000.
[12] Pasham V. and Trimberger S., “High Speed DES and Triple-DES Encryptor/ Decryptor,” on line available in http://www.xilinx.com/xapp/ xapp270.pdf/, August 2001.
[13] Schneier B., Applied Cryptography, Protocols, Algorithms, and Source Code in C, John Wiley & Sons, 1994.
[14] Wireless Application Protocol Forum, http://www wapforum.org/.
[15] Xilinx, Virtex: 2.5 V Field Programmable Gate Arrays, available at www.xilinx. com/, San Jose, California, USA, 2001. Paris Kitsos received the BSc in physics from the University of Patras, Greece. He is currently pursuing his PhD in the Department of Electrical and Computer Engineering at the University of Patras. His research interests include VLSI design, hardware implementations of cryptography algorithms, security protocols for wireless communication systems, and Galois field arithmetic implementations. He has published many technical papers in the areas of his research. Odysseas Koufopavlou received the Diploma of electrical engineering in 1983 and the PhD degree in electrical engineering in 1990, both from University of Patras, Greece. From 1990 to 1994 he was at the IBM Thomas J. Watson Research Center, Yorktown Heights, NY, USA. Currently, he is an associate professor with the ECE Department, University of Patras. His research interests include VLSI design, VLSI crypto systems, and high performance communication subsystems. Dr. Koufopavlou has published more than 90 technical papers and received patents and inventions in these areas. He served as general chairman for the IEEE ICECS’1999. 127 The International Arab Journal of Information Technology, Vol. 1, No. 1, January 2004