200 likes | 461 Views
Design Driver : Network Security Processor. Cheng-Wen Wu August 2004. Outlines. Overall Architecture of NSP Architecture of Crypto-Processor Current Status. Network Security Processor. Applications: IPSec, SSL, VPN, etc. Functionalities: Public key: RSA Private key: AES HMAC
E N D
Design Driver :Network Security Processor Cheng-Wen Wu August 2004
Outlines • Overall Architecture of NSP • Architecture of Crypto-Processor • Current Status
Network Security Processor • Applications: IPSec, SSL, VPN, etc. • Functionalities: • Public key: RSA • Private key: AES • HMAC • Truly random number generator • Target technology: 0.25m to 0.18m • Clock rate: 200MHz or higher (internal) • 32-bit data and instruction word • Throughput: 10Gbps (OC192) • Power: 1 to 10mW/MHz at 3V (LP to HP) • Die size: 50mm2 • On-chip bus: AMBA
NSP Architecture Local SRAM Local SRAM RAM Status Registers CPU CP AMBA B R I D G E APB AHB AHB Arbiter AHB Decoder MUXes External Memory Interface DMA Controller Test Controller BIST
AMBA • Advanced Microcontroller Bus Architecture • Standard system bus for ARM-based chip • Open standard for SOC on-chip bus • Flexible and suitable for a wide range of SOC applications
Encryption Modules • AES core • Supports AES (ECB, CBCmode) encryption and decryption with128-, 192-, and 256-bit keys • On-the-fly key scheduling • AHB slave interface • RSA core • New engine based on Montgomery algorithm • AHB slave interface; 12k bit local RAM • HMAC core • Supports HMAC-SHA-1 and HMAC-MD5 algorithms with shared data-path • AHB slave interface
AES Core • Reduce hardware complexity of S-Box based on composite field arithmetic • 4-stage pipelined encryption/decryption datapath
Technology 0.25 μm CMOS Package 128 CQFP μ Core Size 1,279 x 1,271 m 2 Gate Count 63.4 K Max. Freq. 250 MHz 2.977 Gbps (128 - bit key) Throughput 2.510 Gbps (196 - bit key) 2.169 Gbps (256 - bit key) Silicon Prototype
RSA Core • Based on an improved word-based Montgomery’s modular multiplication algorithm • Supports both GF(p) and GF(2^n) multiplications • Scalable architecture for different key length
HMAC Core • Hashing: the mapping from an arbitrary length message to a fixed length hash value • A security engine for IPSec/SSL applications • An HMAC core supports both SHA-1 and MD-5 algorithms • Hardware is shared by SHA-1 and MD-5 • Supports various security requirements • Reduces hardware cost • For high performance and low power applications
HMAC Architecture Counter Data Length Register Padding Logic DATA 32 32 Controller Constants Word Expansion Unit AHB Wrapper tj 32 Mj 32 Integrated SHA-1/MD5 Unit 160 160 Message Digest Register
Status • Crypto-Processor (CP) • CP-1 (August 2003) • Descriptor-based controller • RSA, AES • CP-2 (June 2004) • RSA, AES, HMAC, RNG • Parallel architecture • Low power technique • Network security processor (NSP) • ARM + CP + AMBA • Architecture evaluation • Performance/power analysis
CP2 Tape-Out (June 2004) • CP2 • Dynamic Voltage Generator
Logic Module Cryptographic Processor AHB Bridge AHB GPIF-AHB Wrapper Memory NSP Prototyping Platform CM920T ARM Integrator PC USB 2.0 Development Board
Future Test Chips Tape-Out • Multiple-clock domain (September 2004) • ARM + CP2 (Winter 2004) • Low-power (Winter 2004)