Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

[P1619-2] A new report about FPGA implementations of tweakable modes

To: P1619-2@xxxxxxxxxxxxxxxxx
Subject: [P1619-2] A new report about FPGA implementations of tweakable modes
From: Shai Halevi <shaih@xxxxxxxxxxxx>
Date: Sat, 24 Nov 2007 20:58:32 -0500
List-Help: <http://listserv.ieee.org/cgi-bin/wa?LIST=P1619-2>, <mailto:LISTSERV@LISTSERV.IEEE.ORG?body=INFO%20P1619-2>
List-Owner: <mailto:P1619-2-request@LISTSERV.IEEE.ORG>
List-Subscribe: <mailto:P1619-2-subscribe-request@LISTSERV.IEEE.ORG>
List-Unsubscribe: <mailto:P1619-2-unsubscribe-request@LISTSERV.IEEE.ORG>
Organization: IBM
Reply-To: Shai Halevi <shaih@xxxxxxxxxxxx>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)

http://eprint.iacr.org/2007/437

Reconfigurable Hardware Implementations of Tweakable Enciphering Schemes

Cuauhtemoc Mancillas-Lopez, Debrup Chakraborty, Francisco
Rodriguez-Henriquez

Abstract:
Tweakable enciphering schemes are length preserving block cipher modes
of operation that provide a strong pseudo-random permutation. It has
been suggested that these schemes can be used as the main building
blocks for achieving in-place disk encryption. In the past few years
there has been an intense research activity towards constructing secure
and efficient tweakable enciphering schemes. But, actual experimental
performance data of these newly proposed schemes are yet to be reported.

Accordingly, in this paper we present optimized FPGA implementations of
five tweakable enciphering schemes, namely, HCH, HCTR, XCB, EME and TET,
using a 128-bit AES core as the underlying block cipher. We report
performance timings of these modes when using both, pipelined and
sequential AES structures. The universal polynomial hash function
included in the specification of HCH, HCHfp (a variant of HCH), HCTR,
XCB and TET, was implemented using a Karatsuba-Ofman multiplier as the
main building block. We provide detailed analyses of each of the schemes
and their experimental performances achieved in various scenarios.

Our experiments show that a sequential AES core is not an attractive
option for the design of these modes as it leads to rather poor
throughputs. In contrast, by using an encryption/decryption pipelined
AES core we get a throughput of 3.67 Gbps for HCTR and by using a
encryption only pipeline AES core we get a throughput of 5.71 Gbps for
EME. The performance results reported in this paper provide experimental
evidence that hardware implementations of tweakable enciphering schemes
can actually match and even outperform the data rates achieved by
state-of-the-technology disk controllers, thus showing that they might
be used for achieving provably secure in-place hard disk encryption.

Follow-Ups:
- Re: [P1619-2] A new report about FPGA implementations of tweakable modes
  - From: james hughes

Prev by Date: Re: [P1619-2] Non-awareness patent statement made by UC Davis
Next by Date: Re: [P1619-2] Non-awareness patent statement made by UC Davis
Prev by thread: Re: [P1619-2] XCB-AES text for .2 draft
Next by thread: Re: [P1619-2] A new report about FPGA implementations of tweakable modes
Index(es):
- Date
- Thread