Electrical computers and digital processing systems: support – Data processing protection using cryptography
Reexamination Certificate
2000-02-23
2002-11-05
Hayes, Gail (Department: 2131)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
C713S161000
Reexamination Certificate
active
06477646
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to the field of cryptography, and more particularly to an architecture and method for cryptography acceleration.
2. Description of the Related Art
Many methods to perform cryptography are well known in the art and are discussed, for example, in
Applied Cryptography
, Bruce Schneier, John Wiley & Sons, Inc. (1996, 2
nd
Edition), herein incorporated by reference. In order to improve the speed of cryptography processing, specialized cryptography accelerator chips have been developed. For example, the Hi/fn™ 7751 and the VLSI™ VMS115 chips provide hardware cryptography acceleration that out-performs similar software implementations. Cryptography accelerator chips may be included in routers or gateways, for example, in order to provide automatic IP packet encryption/decryption. By embedding cryptography functionality in network hardware, both system performance and data security are enhanced.
However, these chips require sizeable external attached memory in order to operate. The VLSI VMS118 chip, in fact, requires attached synchronous SRAM, which is the most expensive type of memory. The additional memory requirements make these solutions unacceptable in terms of cost versus performance for many applications.
Also, the actual sustained performance of these chips is much less than peak throughput that the internal cryptography engines (or “crypto engines”) can sustain. One reason for this is that the chips have a long “context” change time. In other words, if the cryptography keys and associated data need to be changed on a packet-by-packet basis, the prior art chips must swap out the current context and load a new context, which reduces the throughput. The new context must generally be externally loaded from software, and for many applications, such as routers and gateways that aggregate bandwidth from multiple connections, changing contexts is a very frequent task.
Recently, an industry security standard has been proposed that combines both “DES/3DES” encryption with “MD5/SHA1” authentication, and is known as “IPSec.” By incorporating both encryption and authentication functionality in a single accelerator chip, over-all system performance can be enhanced. But due to the limitations noted above, the prior art solutions do not provide adequate performance at a reasonable cost.
Thus it would be desirable to have a cryptography accelerator chip architecture that is capable of implementing the IPSec specification (or any other cryptography standard), that does not require external memory, and that can change context information quickly.
SUMMARY OF THE INVENTION
In general, the present invention provides an architecture for a cryptography accelerator chip that allows significant performance improvements over previous prior art designs. Specifically, the chip architecture enables “cell-based” processing of random-length IP packets. The IP packets, which may be of variable and unknown size, are split into smaller fixed-size “cells.” The fixed-sized cells are then processed and reassembled into packets. For example, the incoming IP packets may be split into 64-byte cells for processing.
The cell-based packet processing architecture of the present invention allows the implementation of a processing pipeline that has known processing throughput and timing characteristics, thus making it possible to fetch and process the cells in a predictable time frame. The present architecture is scalable and is also independent of the type of cryptography performed. In preferred embodiments, the cells may be fetched ahead of time (pre-fetched) and the pipeline may be staged in such a manner that attached (local) memory is not required to store packet data or control parameters.
In a first embodiment, an IPSec processing chip may be implemented by having 3DES-CBC and MD5/SHA1 processing blocks. The processing of the cells is pipelined and the sequencing is controlled by a programmable microcontroller. In a second embodiment, Diffie-Hellman or RSA and DSA public key processing may be added as well. Additional processing blocks may be implemented as well. The present invention provides a performance improvement over the prior art designs, without requiring any additional external memory.
REFERENCES:
patent: 5297206 (1994-03-01), Orton
patent: 5796836 (1998-08-01), Markham
patent: 5870474 (1999-02-01), Wasilewski et al.
patent: 5936967 (1999-08-01), Baldwin et al.
patent: 5943338 (1999-08-01), Duclos et al.
patent: 6111858 (2000-08-01), Greaves et al.
patent: 6216167 (2001-04-01), Momirov
“Secure Products VMS115”, VLSI Technology, Inc., Printed in USA, Document Control: VMS115, VI, 0, Jan. 1999, pp. 1-2.
“VMS115 Data Sheet”, VLSI Technology, Inc., a subsidiary of Philips Semiconductors, Revision 2:3, Aug. 10, 1999, pp. 1-64.
“Data Sheet 7751 Encryption Processor”, Network Security Processors, Jun. 1999, pp. 1-84.
Senie, D., “NAT Friendly Application Design Guidelines”, Amaranth Networks, Inc., NAT Working Group, Internet-Draft, Sep. 1999, pp. 1-7.
Floyd, Sally, et al., “Random Early Detection Gateways for Congestion Avoidance”, Lawrence Berkeley Laboratory, University of California, IEEE/ACM Transactions on Networking, Aug. 1993, pp. 1-32.
Egevang, K., et al., “The IP Network Address Translator (NAT)”, Network Working Group, May 1994, pp. 1-10.
Pall, G. S., et al., “Microsoft Point-To-Point Encryption (MPPE) Protocol”, Microsoft Corporation, Network Working Group, Internet Draft, Oct. 1999, pp. 1-12.
Deutsch, P., “DEFLATE Compressed Data Format Specification Version 1.3”, Aladdin Enterprises, Network Working Group, May 1996, pp. 1-17.
Kent, S., “IP Authentication Header”, Network Working Group, Nov. 1998, pp. 1-22.
Kent, S., et al., “IP Encapsulating Security Payload (ESP)”, Network Working Group, Nov. 1998, pp. 1-22.
Maughan, D, et al., “Internet Security Association and Key Management Protocol (ISAKMP)”, Network Working Group, Nov. 1998, pp. 1-20.
Harkins, D., et al., “The Internet Key Exchange (IKE)”, Cisco Systems, Network Working Group, Nov. 1998, pp. 1-12.
Srisuresh, P., “Security Model with Tunnel-mode Ipsec for NAT Domains”, Lucent Technologies, Network Working Group, Oct. 1999, pp. 1-11.
Shenker, S., “Specification of Guaranteed Quality of Service”, Network Working Group, Sep. 1997, pp. 1-20.
Srisuresh, P., et al., “IP Network Address Translator (NAT) Terminology and Considerations”, Lucent Technologies, Network Working Group, Aug. 1999, pp. 1-30.
Kent, S., et al., “Security Architecture for the Internet Protocol”, Network Working Group, Nov. 1998, pp. 1-66.
“Compression for Broadband Data Communications”, BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-9.
“Securing and Accelerating e-Commerce Transactions”, BlueSteel Networks, Inc., Revision 2.0, Oct. 20, 1999, pp. 1-7.
“Securing Broadband Communications” BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-10.
Analog Devices: “ADSP2141 SafeNetDPS User's Manual, Revision 6”, Analog Devices Technical Specifications, Mar. 2000, XP002163401, 87 Pages.*
C. Madson, R. Glenn: “RFC 2403- The Use of HMAC-MD5-96 within ESP and AH”, IETF Request for Comments, Nov. 1998, XP002163402, Retrieved from Internet on Mar. 20, 2001,http://www.faqs.org/rfcs/frc2403.html, 87 Pages.*
S. Kent, R. Atkinson: “RFC 2406-IP Encapsulating Security Payload (ESP)” IETF Request for Comments, Nov. 1998, XP002163400, Retrieved from the Internet on Mar. 20, 2001,http://www.faqs.org/rfcs/frc2406.html, 5 Pages.*
Keromytis, et al., “Implementing IPsec”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 1948-1952.
Pierson, et al., “Context-Agile Encryption for High Speed Communication Networks”, Computer Communications Review, Association for Computing Machinery, vol. 29, No. 1, Jan. 1999, pp. 35-49.
Sholander, et al., “The Effect of Algorithm-Agile Encryption on ATM Quality of Service”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 470-474.
Smirni, et al., “Evaluation of Multiprocessor Allocation Policies”, Technical Report, Vanderbilt Univers
Krishna Suresh
Owen Christopher
Beyer Weaver & Thomas LLP
Broadcom Corporation
Hayes Gail
Song Ho S.
LandOfFree
Security chip architecture and implementations for... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security chip architecture and implementations for..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security chip architecture and implementations for... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2978248