Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
IntroductionPrevious WorkMethodology
ResultsSummary
Efficient Hardware Accelerator for IPSec based onPartial Reconfiguration on Xilinx FPGAs
Ahmad Salman Marcin Rogawski Jens-Peter Kaps
Cryptographic Engineering Research Group (CERG)http://cryptography.gmu.edu
Department of ECE, Volgenau School of Engineering,George Mason University, Fairfax, VA, USA
Int. Conference on ReConFigurable Computing and FPGAsReConFig 2011
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 1 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
Outline
1 Introduction
2 Previous Work
3 Methodology
4 Results
5 Summary
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 2 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
Introduction
Internet Protocol Security (IPSec) provides security againstattacks on data transmitted over the Internet.
ProvidesAuthentication → Information SourceConfidentiality → EncryptionData Integrity → Data alteration
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 3 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
Supported Protocols
IPSec uses a series of protocols to provide security services
The Encapsulating Security Payload (ESP) Protocol.
The Authentication Header (AH) protocol.
The Internet Key Exchange (IKEv2) protocol in version two.
These protocols make use of various cryptographic algorithms.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 4 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
Supported Protocols
Protocol Security Service Provided Supported AlgorithmESP confidentiality through
encryption and optionaldata integrity
AES in CBC or CTR modeand AES-XCBC-MAC-96
AH connectionless integrityand data origin authenti-cation
HMAC-SHA1-96, AES-XCBC-MAC-96, HMAC-SHA-256
IKE negotiates connection pa-rameters
Diffie-Hellman scheme in1024 or 2048 bits groupsand AES in PRNG mode
Table: IPSec Supported Protocols and Algorithms
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 5 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
IPSec Implementations
Software
← Flexible
Fast →
Hardware
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 6 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
IPSec Implementations
Software
← Flexible
Fast →
Hardware
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 6 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
FPGA Platforms
Among popular implementations of IPSec in hardware arethose that target FPGAs
Problem
Resource limited devices.
More resources = more money.
Solution
Hardware/Software co-design.
Partial Reconfiguration.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 7 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IntroductionSupported ProtocolsIPSec ImplementationsFPGA Platforms
FPGA Platforms
Among popular implementations of IPSec in hardware arethose that target FPGAs
Problem
Resource limited devices.
More resources = more money.
Solution
Hardware/Software co-design.
Partial Reconfiguration.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 7 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IPSec FPGA ImplementationsIPSec ImplementationsOur Design
Implementations using Partial Reconfiguration
Authors EmbeddedProcessor
Hardware Software Implemen-tation
G.Gogniatet al.
No AES in Differ-ent modes
No IPSec
I. Gonzaleset al.
Microblaze AES, RC4,IDEA
PR Initia-tion
VOIP SSL
I. Gonzaleset al.
Microblaze 3DES, AES MD5 SSH
K.Anjo,T. Awashima
DPR-1 AES, DES,CAST128,256,MD5
HMAC IPSec
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 8 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IPSec FPGA ImplementationsIPSec ImplementationsOur Design
Other Implementations
Author Implementation Hardware Software Applica-tion
A.Dandalis,V. Prasanna
AES Finalists MARS, RC6,Rijndael, Ser-pent, Twofish
No IPSec
KAMEProject
IPSEC SupportedAlgorithms
No Racoon IPSec
J. Lu,J. Lockwood
AES,HMAC-MD5,HMAC-SHA1
AES,HMAC-MD5,HMAC-SHA1
Key Ne-gotiation
IPSec
CommercialProducts
FortiGate, HelionCrypto Accelera-tor 4000
IPSecSSHHTTPS
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 9 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
IPSec FPGA ImplementationsIPSec ImplementationsOur Design
Proposed Design
Table: Hardware-Software co-design implementation details of proposedIPSec system
ImplementationIn Hardware In Software ApplicationAES CBC, CTR modes ESP
MAC-XCBC-96 AHXCBC-PRF-128 IKEv2
SHA-256 HMAC AHMODEXP Pre-Calculations IKEv2- Round Robin PR trigger
scheduling algorithm
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 10 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
Queues
Output Queue
Network
ESP Queue
AH Queue
IKEV2 Queue
Status
NetworkIPSec
coprocessor
Scheduling
Algorithm
Figure: Synchronization Circuit Between Hardware and Software
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 11 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
Partial Reconfiguration
Partial Reconfiguration (PR) is a process of configuring aportion of the FPGA while the other part is still running.
A relatively new techniqueAltera Stratix V.
A PR system is divided intoStatic region known as Base Region (BR).Dynamic regions known as Partial Reconfigurable Regions(PRR).Reconfigurable Modules (RMs)
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 12 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
Partial Reconfigurable Hardware in the System
AES
Embedded
Processor
(MB)Coprocessor
IPsec
(PRR)
On−chip Peripheral Bus
(OPB)
(ICAP)Internal Configuration Access Port
MODEXPSHA256
(RM) (RM)(RM)
ExternalMemory
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 13 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
Hardware/Software Synchronization Circuit
RD_ACK
FFin out
rst
FFin out
rst
32
32 32
32
rst
data_in
data_out
dst_ready
dst_write
SoftwareInputReg
SoftwareOutputReg
OPB
CLKRST
src_read
IPSecCo−ProcessorMicroblaze
rst
rst
src_readyWR_ACK
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 14 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
System Software
Drivers for the hardware peripherals.
Internal Control Access Port (ICAP) API initialization.
Modes of Operations.Cipher Block Chaining (CBC) mode.Counter (CTR) mode.
Hashed Message Authentication Code (HMAC) Calculation
Pre-Computations.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 15 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
System DescriptionPartial ReconfigurationSystem HardwareSystem SoftwareMethodology
Experiment Methodology
Implementation of individual cryptographic algorithms innon-PR designs.
Creation of the PR design with all three algorithms.
Assign Tasks to the system processor through the scheduler.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 16 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
PR Implementation Results
Table: Summary for Implementations on XC4VFX12 Virtex-4 FPGA
Device Utilization Summary PR Design Non-PR DesignStatic Dynamic
Resource Logic Used Used UsedNumber of Slices 1588 2148 5506
Number of Slice Flip Flops 1566 1008 3906Number of 4 input LUTs 2059 3600 8140
Number of DSP48 0 3 3Number of FIFO16/RAMB16s 33 0 0
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 17 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
Utilization Percentage
29% Static
39% Dynamic
32% Unused
PR Design Utilization
0%
20%
40%
60%
80%
100%
120%
Slices FlipFlop 4 Input LUTs DSP48
V4FX12 Resource Percentage
Full Design Implementation
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 18 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
Independent Cores Implementations
Table: Summary for Implementations on XC4VFX12 Virtex-4 FPGA
Device Utilization Implementations for each coreSummary independently
AES SHA-256 MODEXPResource Logic Used Used UsedNumber of Slices 1862 952 499
Number of Slice Flip Flops 807 1008 421Number of 4 input LUTs 3600 1632 861
Number of DSP48 0 0 3Number of FIFO16/RAMB16s 0 0 0
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 19 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
Dynamic Region Utilization
0%
20%
40%
60%
80%
100%
120%
Slices Flip Flops 4 input LUTs DSP48
AES
SHA256
MODEXP
Dynam
ic Region Percentage
Figure: Utilization for each core independentlyReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 20 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
AES Throughput in a PR design
Work AES Throughput [MB/S]A. Dandalis and V. Prasanna 353Y. Hasegawa et al. 363G. Gogniat et al. 422Our Design 711
Table: Comparing our AES throughput to other implementations
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 21 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
ESP Time-Slot
Bit
s B
uff
ered
PR ESP time slot
Processing timeBuffering time
Time
PR IKEV2
0
20
40
60
80
100
120
140
160
180
0
100
200
300
400
500
600
700
800
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 2 2.1 2.2
Throughput
Buffer
Buffe
r Size[M
b]
Throughput[Mb/s]
ESP Time Till PR[s]
Maximum Throughput
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 22 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
PR SystemRM ImplementationsAES ComparisonsSystem Performance
System Latency Vs Throughput
0.1 0.3 0.5 0.7 0.9 1.1 1.3 1.5 1.7 250
300
350
400
450
500
550
600
650
0.1 0.3
0.5 0.7
0.9 1.1
1.3 1.5
1.7
Throughput [M
b\s]
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 23 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
ConclusionFuture Work
Conclusion
The proposed design provides a low cost solution for IPSec inHardware.
A scheduling algorithm was used to handle task assignments.
Benefits of implementing IKEV2 as RM.
Results show that the design performs well with high trafficnetworks.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 24 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
ConclusionFuture Work
Future Work
Implementing the design on Faster FPGA families.
Use new tools.
Extending the number of supported algorithms.
Implementing the AES core as part of the static region.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 25 / 26
IntroductionPrevious WorkMethodology
ResultsSummary
ConclusionFuture Work
Thanks for your attention.
ReConFig 2011 A. Salman, M. Rogawski, J.-P. Kaps HW Accelerator for IPSec using Partial Reconfig. 26 / 26