Abstract
We are presenting an implementation of the Galois/Counter Mode (GCM) for the Advanced Encryption Standard (AES) in IPsec in this paper. GCM is a so called “authenticated encryption” as it can ensure confidentiality, integrity and authentication. It uses the Counter Mode for encryption, therefore counters are encrypted for an exclusive-OR with the plaintext. We describe a technique where these encryptions are precomputed on a Graphic Processing Unit (GPU) and can later be used to encrypt the plaintext, whereupon only the exclusive-OR and authentication part of GCM are left to be computed. This technique should primarily not limit the performance to the speed of the AES implementation but allow Gigabit throughput and at the same time minimize the CPU load.
Chapter PDF
Similar content being viewed by others
References
NVIDIA Corporation: NVIDIA CUDA C Programming Guide, Developer Manual (2010), http://developer.nvidia.com/object/gpucomputing.html
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. NIST Special Publication 800-38D (2007)
IEEE Computer Society: Standard for Local and metropolitan area networks: Media Access Control (MAC) Security, New York (2006)
Kaufman, C.: Internet Key Exchange (IKEv2) Protocol, RFC 4306 (2005)
Viega, J., McGrew, D.: The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP), RFC 4106 (2005)
Kent, S., Seo, K.: Security Architecture for the Internet Protocol, RFC 4301 (2005)
Kent, S.: IP Encapsulating Security Payload (ESP), Request for Comments 4303 (2005)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Methods and Techniques, NIST Special Publication 800-38A (2001)
Akdemir, K., et al.: Breakthrough AES Performance with Intel AES New Instructions, Intel Whitepaper (2010), http://software.intel.com/file/27067
Gopal, V., et al.: Optimized Galois-Counter-Mode Implementation on Intel Architecture Processors, Intel Whitepaper (2010), http://download.intel.com/design/intarch/PAPERS/324194.pdf
Hoban, A.: Using Intel AES New Instructions and PCLMULQDQ to Significantly Improve IPSec Performance on Linux, Intel Whitepaper (2010), http://download.intel.com/design/intarch/papers/324238.pdf
Manavski, S.A.: Cuda compatible GPU as an efficient hardware accelerator for AES cryptography. In: Proceedings IEEE International Conference on Signal Processing and Communication, ICSPC (2007)
Ottesen, A.: Efficient parallelisation techniques for applications running on GPUs using the CUDA framework, Universitt Oslo (2009), http://www.duo.uio.no/sok/work.html?WORKID=91432
Di Biagio, A., Barenghi, A., Agosta, G.: Design of a Parallel AES for Graphics Hardware using the CUDA framework. In: International Parallel and Distributed Processing Symposium (2009)
Jang, K., et al.: SSLShader: Cheap SSL Acceleration with Commodity Processors. In: Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (2011)
Han, S., et al.: PacketShader: a GPU-Accelerated Software Router. In: Proceedings of ACM SIGCOMM (2010)
McGrew, D.A., Viega, J.: The Galois/Counter Mode of Operation (GCM) - revised, Technical Report (2005), http://www.csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Schönberger, G., Fuß, J. (2011). GPU-Assisted AES Encryption Using GCM. In: De Decker, B., Lapon, J., Naessens, V., Uhl, A. (eds) Communications and Multimedia Security. CMS 2011. Lecture Notes in Computer Science, vol 7025. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24712-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-24712-5_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24711-8
Online ISBN: 978-3-642-24712-5
eBook Packages: Computer ScienceComputer Science (R0)