Journal of KIISE:Information Networking (한국정보과학회논문지:정보통신)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Design and Performance Evaluation of Hardware Cryptography Method

하드웨어 암호화 기법의 설계 및 성능분석

  • 아재용 (고려대학교 컴퓨터학과) ;
  • 고영웅 (고려대학교 컴퓨터학과) ;
  • 홍철호 (고려대학교 컴퓨터학과) ;
  • 유혁 (고려대학교 컴퓨터학과)
  • Published : 2002.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Cryptography is the methods of making and using secret writing that is necessary to keep messages private between two parties. Cryptography is compute-intensive algorithm and needs cpu resource excessively. To solve these problems, there exists hardware approach that implements cryptographic algorithm with hardware chip. In this paper, we presents the design and implementation of cryptographic hardware and compares its performance with software cryptographic algorithms. The experimental result shows that the hardware approach causes high I/O overheads when it transmits data between cryptographic board and host cpu. Hence, low complexity cryptographic algorithms such as DES does not improve the performance. But high complexity cryptographic algorithms such as Triple DES improve the performance with a high rate, roughly from two times to Sour times.

암호화는 송수신자 사이에 메시지 전달이 비밀스럽게 이루어 질 수 있도록 보장해주는 기법이다. 이러한 암호화 알고리즘은 높은 계산량을 필요로 하며, 결과적으로 프로세서 자원을 과도하게 사용하는 문제를 가지고 있다. 이러한 문제점을 해결하기 위하여 암호화 알고리즘을 하드웨어 방식으로 구현함으로써 시스템의 부하를 줄여주는 기법이 제시되고 있다. 본 논문에서는 하드웨어 암호화 기법에 대한 설계 및 구현에 대해서 언급하고 있으며, 하드웨어 암호화 알고리즘과 소프트웨어 암호화 알고리즘에 대한 성능을 비교 분석하였다. 실험 결과에서, 계산 복잡도가 낮은 DES 알고리즘은 하드웨어 방식을 적용하여도 높은 입출력 오버헤드에 의해서 성능이 향상되지 않지만, 계산 복잡도가 높은 Triple DES는 하드웨어 방식을 적용하였을 때, 대략 2-4배 성능이 향상됨을 볼 수 있었다.

Keywords

References

  1. 김 철, 암호학의 이해, 영풍문고, 1996
  2. H. Feistel, 'Cryptography and Computer Privacy,' Scientific American. Vol 228, 1973
  3. National Institute of Standards and Technology, 'Data Encryption Standard,' FIPS Publication 46-1, January 1988
  4. J. Dyer, R. Perez, S.W. Smith, and M. Lindemann, 'Application support architecture for a high-performance, programmable secure coprocessor,' 22nd National Information Systems Security Conference, October 1999
  5. Tygar, J.D. and Yee, B.S., 'Secure Coprocessors in Electronic Commerce Applications,' Proceedings 1995 USENIX Electronic Commerce Workshop, 1995, New York
  6. J. D. Tygar and Bennet Yee. 'Dyad: A system for using physically secure coprocessors,' Technical report, Carnegie Mellon University, May 1991
  7. P. C. Clark and L. J. Hoffmann. 'BITS: A Smartcard Protected Operating System,' Communications of the ACM. 37: 66-70. November 1994 https://doi.org/10.1145/188280.188371
  8. S.W. Smith, S.H. Weingart. 'Building a High-Performance, Programmable Secure Coprocessor,' Computer Networks (Special Issue on Computer Network Security.) 31: 831-860. April 1999 https://doi.org/10.1016/S1389-1286(98)00019-X
  9. S. W. Smith. 'Secure Coprocessing Applications and Research Issues,' Los Alamos Unclassified Release LAUR-96-2805, Los Alamos National Laboratory. August 1996
  10. S. W. Smith and V. Austel. 'Trusting trusted hardware: Towards a formal model for programmable secure coprocessors,' In Proceedings of the Thrid USENIX Workshop on Electronic Commerce, September 1998
  11. S.W.Smith,E.R.Palmer,S.HWeingart.'Using a High-Performance, Programmable Secure Coprocessor,' Proceedings, Second International Conference on Financial Cryptography. Springer-Verlag LNCS, 1998 https://doi.org/10.1007/BFb0055474
  12. C . K. Koc, 'RSA Hardware Implementation,' TR 801, RSA Laboratories, April 1996
  13. A. Elbirt, 'An FPGA Implementation and Performance Evaluation of the CAST-256 Block Cipher,' Technical Report, Cryptography and Information Security Group, Electrical and Computer Engineering Department, Worcester Polytechnic Institute, Worcester, MA, May 1999
  14. Kaps, J., and Paar, C., 'Fast DES Implementation for FPGAs and its Application to a Universal Key-Search Machine,' 5th Annual Workshop on Selected Areas in Cryptography (SAC '98), Queen's University, Kingston, Ontario, Canada
  15. Tom Shanley, Don Anderson, PCI System Architecture, MindShare Inc.
  16. htttp://www.stitec.com/
  17. 128비트 블록 암호알고리즘(SEED) 개발 및 분석보고서, 정보보호진흥원 연구보고서 1998.12
  18. http://www.stitec.com/product/scc1021.html
  19. Writing Device Drivers, Sun Microsystems Inc. 1998