URL
https://opencores.org/ocsvn/cryptopan_core/cryptopan_core/trunk
Subversion Repositories cryptopan_core
[/] [cryptopan_core/] [trunk/] [README] - Rev 6
Go to most recent revision | Compare with Previous | Blame | View Log
Crypto-PAn core
---------------
http://www.opencores.org/projects.cgi/web/cryptopan_core/
1. Introduction
---------------
This project is a hardware implementation of the Crypto-PAn technique for
cryptography based prefix preserving anonymization of IP addresses, described in
[1]. A highly pipelined implementation of the AES cipher (Rijndael) [2] is used
as the underlying pseudorandom function.
For every bit of the input IP address, a 128-bit AES block encrypt is
required. To be capable of high line rates, a fully pipelined AES engine
capable of 32Gbit/s throughput on a Xilinx Virtex-4 FPGA was implemented.
The AES engine has a few options for the implementation of the S-boxes, which
affects area and timing performance. It is possible to use a logic
implementation by setting the 'use_bram' constant in 'cryptopan_package' to
'false' and 'syn_romstyle' attribute in 'sbox' to 'logic'. If 'syn_romstyle'
isn't set then block rams may be inferred. Alternatively, if
block rams are present, as in the Xilinx Virtex FPGA's, eight dual port
18Kbit B-RAMs may be used as ROM's by setting 'use_bram' to 'true'.
2. Simulation/Synthesis results
-------------------------------
This core has been simulated using Aldec Riviera 200602, using a compiled
version of the XilinxCoreLib from Xilinx ISE 8.2.
Synthesis for the Virtex-4 FX60 FPGA was carried out using Synplicity Synplify
Pro, and Xilinx ISE 8.2 for map, floorplanning, and place & route. To meet
timing at 250MHz floorplanning constraints were required. The constraints
used for the FX60 part are included in the synth directory as an example.
3. Files
--------
README This file.
COPYING GNU General public license.
rtl/cryptopan_package.vhd A package which provides some global functions,
types and constants.
rtl/mixcolumns.vhd Performs the 'Mix Columns' step of the Rijndael
cipher.
rtl/subbytesshiftrows.vhd Performs the 'Sub bytes' and 'Shift rows' steps of
the Rijndael cipher.
rtl/round_unit.vhd Implements the transformations for a whole round
of the Rijndael cipher.
rtl/sbox.vhd The Rijndael S-box.
rtl/aes_encrypt_unit.vhd A fully pipelined implementation of AES, using
128-bit keys and blocks. Supports online loading
of keys.
rtl/cryptopan_unit.vhd Uses aes_encrypt_unit to perform the Crypto-PAn
technique on IP adresses.
rtl/sbox.coe Coefficiants file for S-Box ROM.
rtl/dual_bram_256x8.vhd Memory init file for dual block ram as in Virtex
FPGAs.
tb/sbsr_tb.vhd Testbench for the subbytesshiftrows unit.
tb/cryptopan_unit_tb.vhd Testbench for the cryptopan_unit.
tb/aes_encrypt_unit_tb.vhd Testbench for the aes_encrypt_unit.
synth/virtex4_area Area usage information for the Xilinx V4 FX60.
synth/virtex4_timing Timing report for the Xilinx V4 FX60.
synth/cryptopan_unit.ucf Timing and floorplan constraints Xilinx V4 FX60 to
run at 250MHz. This gives the AES engine a
throughput of 32Gbit/s.
sim/sample_trace_raw Test vectors from C++ implementation by Jinliang
Fan.
sim/sample_trace_anon Anonymized output from test vectors.
sim/trace_raw_bin Test vectors from C++ implementation by Jinliang
Fan in binary format for easy testbenching.
sim/trace_anon_bin Anonymized output from test vectors in binary
format for easy testbenching.
sim/waveform.vcd Waveform showing initialization and then
anonymization of a stream of IP addresses.
4. References
-------------
[1] J. Fan, J. Xu, M. H. Ammar, S. B. Moon, "Prefix-preserving IP address
anonymization: measurement-based security evaluation and a new
cryptography-based scheme", Computer Networks, Volume 46, Issue 2, 7
October 2004, Pages 253-272, Elsevier
[2] J.Daemen, V. Rijmen, "AES proposal: Rijndael", Technical report, Computer
Security Resource Center, National Institute of Standards and
Technology, February 2001
5. Contact
----------
Please contact Anthony Blake (tonyb33@opencores.org) if you have any questions
about the core. Your comments are highly appreciated.
Go to most recent revision | Compare with Previous | Blame | View Log