Detail publikace

Hardware-Accelerated Cryptography for Software-Defined Networks with P4

MALINA, L. SMÉKAL, D. RICCI, S. HAJNÝ, J. CÍBIK, P. HRABOVSKÝ, J.

Originální název

Hardware-Accelerated Cryptography for Software-Defined Networks with P4

Anglický název

Hardware-Accelerated Cryptography for Software-Defined Networks with P4

Jazyk

en

Originální abstrakt

The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for network-oriented data processing. In order to accelerate cryptographic operations, we implement main cryptographic functions by VHSIC Hardware Description Language (VHDL) directly in FPGA, i.e., a symmetric cipher (AES-GCM-256), a digital signature scheme (EdDSA) and a hash function (SHA-3). Our solution then uses these widely-used cryptographic primitives as basic external P4 functions which can be applied in various customized security use cases. Thus, our solution allows engineers to avoid hardware development (VHDL) and offers rapid prototyping by using the high-level language (P4). Moreover, we test these cryptographic components on the UltraScale+ FPGA card and we present their hardware consumption and performance results.

Anglický abstrakt

The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for network-oriented data processing. In order to accelerate cryptographic operations, we implement main cryptographic functions by VHSIC Hardware Description Language (VHDL) directly in FPGA, i.e., a symmetric cipher (AES-GCM-256), a digital signature scheme (EdDSA) and a hash function (SHA-3). Our solution then uses these widely-used cryptographic primitives as basic external P4 functions which can be applied in various customized security use cases. Thus, our solution allows engineers to avoid hardware development (VHDL) and offers rapid prototyping by using the high-level language (P4). Moreover, we test these cryptographic components on the UltraScale+ FPGA card and we present their hardware consumption and performance results.

Dokumenty

BibTex


@inproceedings{BUT166328,
  author="Lukáš {Malina} and David {Smékal} and Sara {Ricci} and Jan {Hajný} and Peter {Cíbik} and Jakub {Hrabovský}",
  title="Hardware-Accelerated Cryptography for Software-Defined Networks with P4",
  annote="The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for network-oriented data processing. In order to accelerate cryptographic operations, we implement main cryptographic functions by VHSIC Hardware Description Language (VHDL) directly in FPGA, i.e., a symmetric cipher (AES-GCM-256), a digital signature scheme (EdDSA) and a hash function (SHA-3). Our solution then uses these widely-used cryptographic primitives as basic external P4 functions which can be applied in various customized security use cases. Thus, our solution allows engineers to avoid hardware development (VHDL) and offers rapid prototyping by using the high-level language (P4). Moreover, we test these cryptographic components on the UltraScale+ FPGA card and we present their hardware consumption and performance results.",
  address="Springer",
  booktitle="Innovative Security Solutions for Information Technology and Communications",
  chapter="166328",
  howpublished="online",
  institution="Springer",
  number="2021",
  year="2021",
  month="february",
  pages="271--287",
  publisher="Springer",
  type="conference paper"
}