The Community for Technology Leaders
RSS Icon
Issue No.07 - July (2009 vol.58)
pp: 917-930
Akashi Satoh , National Institute of Advanced Industrial Science and Technology, Tokyo
Takeshi Sugawara , Tohoku University, Sendai
Takafumi Aoki , Tohoku University, Sendai
Various high-performance hardware architectures for Galois Counter Mode (GCM) in conjunction with various Advanced Encryption Standard (AES) circuits and multiplier-adders are proposed. A total of 17 GCM-AES circuits were synthesized by using a 130-nm CMOS standard cell library, and the trade-offs between speed and hardware resources were evaluated. Our flexible architectures achieved a wide variety of performances from compact (2.56 Gbps with 34.5 Kgates) to high speed (62.6 Gbps with 979.3 Kgates). All of our architectures support key sizes of 128, 192, and 256 bits, while only one previous approach does. Even with variable-length key support, our architecture also achieved the highest hardware efficiency (defined as throughput per gate) among the designs using the same generation of process technology.
AES, ASIC, high-speed hardware, GCM, multiplier, S-box, VLSI.
Akashi Satoh, Takeshi Sugawara, Takafumi Aoki, "High-Performance Hardware Architectures for Galois Counter Mode", IEEE Transactions on Computers, vol.58, no. 7, pp. 917-930, July 2009, doi:10.1109/TC.2008.217
[1] D.A. McGrew and J. Viega, “The Galois/Counter Mode of Operation (GCM),” proposedmodes/gcmgcm-revised-spec.pdf, May 2005.
[2] D.A. McGrew and J. Viega, “The Security and Performance of the Galois/Counter Mode (GCM) of Operation (Full Version),” proposedmodes/gcmgcm-ad.pdf, 2008.
[3] D.A. McGrew and J. Viega, “Flexible and Efficient Message Authentication in Hardware and Software,” http://www. , 2005.
[4] J. Viega and D.A. McGrew, “The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (EPS),” RFC 4106,, June 2005.
[5] T. Kohno, J. Viega, and D. Whiting, “Carter Wegman (Authentication) with Counter (Encryption),” http://csrc.nist. gov/CryptoToolkit/modes/ proposedmodes/cwccwc-spec.pdf, May 2003.
[6] The National Institute of Standards and Technology (NIST), “Recommendation for Block Cipher Modes of Operation: Methods and Techniques,” Special Publication 800-38A, http://csrc.nist. gov/CryptoToolkit/modes/ 800-38_Series_PublicationsSP800-38A.pdf , Dec. 2001.
[7] NIST, “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) for Confidentiality and Authentication,” Draft Special Publication 800-38D, http://csrc. Draft-NIST_SP800-38D_Public_ Comment.pdf , Apr. 2006.
[8] NIST, “Advanced Encryption Standard (AES) FIPS Publication 197,” fips-197.pdf, Nov. 2001.
[9] IEEE, “802.1AE—Media Access Control (MAC) Security,” Draft 3.5, , June 2005.
[10] IEEE, “P1619.1/D12a—Standard for Authenticated Encryption with Length Expansion for Storage Devices,” http://grouper. 1619/email bin00084.bin, Nov. 2006.
[11] B. Gladman, “AES and Combined Encryption/Authentication Modes,”, 2008.
[12] B. Yang, S. Mishra, and R. Karri, “High Speed Architecture for Galois/Counter Mode of Operation (GCM),” Cryptology ePrint Archive: Report 2005/146,, June 2005.
[13] Elliptic Semiconductor Inc., “CLP-15/-16/-24 AES-GCM Core Preliminary Data Sheet,” http:/, 2004.
[14] IP Cores, Inc., “GCM1/GCM2 802.1ae (MACSec) GCM/AES Cores,” http://www.ipcores.comIEEE802.1AE-AES-GCM-Core. htm , 2006.
[15] S. Wang, “An Architecture for the AES-GCM Security Standard,” , Aug. 2006.
[16] A. Satoh, “High-Speed Hardware Architectures for Authenticated Encryption Mode GCM,” Proc. IEEE Int'l Symp. Circuits and Systems (ISCAS '06), May 2006.
[17] A. Satoh, “High-Speed Parallel Hardware Architecture for Galois Counter Mode,” Proc. IEEE Int'l Symp. Circuits and Systems (ISCAS'07), pp. 1863-1866, May 2007.
[18] A. Satoh, T. Sugawara, and T. Aoki, “High-Speed Pipelined Hardware Architecture for Galois Counter Mode,” Proc. Information Security Conf. (ISC '07), pp. 118-129, Oct. 2007.
[19] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” Proc. Advances in Cryptology (Asiacrypt '01), pp. 239-254, Dec. 2001.
[20] N. Sklavos and O. Koufopavlou, “Architectures and VLSI Implementations of the AES-Proposal Rijndael,” IEEE Trans. Computers, vol. 51, no. 12, pp. 1454-1459, Dec. 2002.
[21] IBM Corp., “IBM Cu-11 Standard Cell/Gate Array ASIC,” productscu-11.html, 2008.
19 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool