ASIP architecture exploration for efficient IPSec encryption: A case study

Application-Specific Instruction-Set Processors (ASIPs) are becoming increasingly popular in the world of customized, application-driven System-on-Chip (SoC) designs. Efficient ASIP design requires an iterative architecture exploration loop---gradual refinement of the processor architecture starting from an initial template. To accomplish this task, design automation tools are used to detect bottlenecks in embedded applications, to implement application-specific processor instructions, and to automatically generate the required software tools (such as instruction-set simulator, C-compiler, assembler, and profiler), as well as to synthesize the hardware. This paper describes an architecture exploration loop for an ASIP coprocessor that implements common encryption functionality used in symmetric block cipher algorithms for internet protocol security (IPSec). The coprocessor is accessed via shared memory and, as a consequence, our approach is easily adaptable to arbitrary main processor architectures. This paper presents the extended version of our case study that has been already published on the SCOPES conference in 2004. In both papers, a MIPS architecture is used as the main processor and Blowfish as encryption algorithm.

[1]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[2]  Jason Gait,et al.  Report of the Workshop on Cryptography in Support of Computer Security , 1977 .

[3]  Rainer Leupers,et al.  RTL processor synthesis for architecture exploration and implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[4]  Stephen E. Deering,et al.  IP Version 6 Addressing Architecture , 1995, RFC.

[5]  Rainer Leupers,et al.  A universal technique for fast and flexible instruction-set architecture simulation , 2002, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[6]  Kingshuk Karuri,et al.  A methodology and tool suite for C compiler generation from ADL processor models , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[7]  Nikil D. Dutt,et al.  Introduction of local memory elements in instruction set extensions , 2004, Proceedings. 41st Design Automation Conference, 2004..

[8]  Markus Freericks,et al.  Describing instruction set processors using nML , 1995, Proceedings the European Design and Test Conference. ED&TC 1995.

[9]  Gert Goossens,et al.  Chess: retargetable code generation for embedded DSP processors , 1994, Code Generation for Embedded Processors.

[10]  H. Feistel Cryptography and Computer Privacy , 1973 .

[11]  Rajat Moona,et al.  Processor modeling for hardware software codesign , 1999, Proceedings Twelfth International Conference on VLSI Design. (Cat. No.PR00013).

[12]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[13]  Rainer Leupers,et al.  A system level processor/communication co-exploration methodology for multi-processor system-on-chip platforms , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[14]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[15]  Pierre G. Paulin,et al.  Network processors: a perspective on market requirements, processor architectures and embedded S/W tools , 2001, Proceedings Design, Automation and Test in Europe. Conference and Exhibition 2001.

[16]  Rainer Leupers,et al.  Architecture exploration for embedded processors with LISA , 2002 .

[17]  Thorsten Grotker,et al.  System Design with SystemC , 2002 .

[18]  Nikil D. Dutt,et al.  EXPRESSION: a language for architecture exploration through compiler/simulator retargetability , 1999, Design, Automation and Test in Europe Conference and Exhibition, 1999. Proceedings (Cat. No. PR00078).

[19]  Kurt Keutzer,et al.  Network Processors: Origin of Species , 2002 .

[20]  Todd M. Austin,et al.  Architectural support for fast symmetric-key cryptography , 2000, SIGP.

[21]  Monk-Ping Leong,et al.  Tradeoffs in Parallel and Serial Implementations of the International Data Encryption Algorithm IDEA , 2001, CHES.

[22]  Naganand Doraswamy,et al.  IP Security Document Roadmap , 1998, RFC.

[23]  Brian Zill,et al.  Implementing IPv6 for Windows NT , 1998 .

[24]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[25]  Monk-Ping Leong,et al.  A bit-serial implementation of the international data encryption algorithm IDEA , 2000, Proceedings 2000 IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00871).

[26]  T. Austin,et al.  Architectural support for fast symmetric-key cryptography , 2000, ASPLOS IX.

[27]  Kris Gaj,et al.  Fast implementations of secret-key block ciphers using mixed inner- and outer-round pipelining , 2001, FPGA '01.

[28]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[29]  Michael J. Flynn,et al.  Hardware software tri-design of encryption for mobile communication units , 1998, Proceedings of the 1998 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP '98 (Cat. No.98CH36181).