Transcript IC-SOC
Design Driver : Network Security Processor Cheng-Wen Wu August 2004 Design Technology Center National Tsing Hua University Outlines Overall Architecture of NSP Architecture of Crypto-Processor Current Status icsoc4.8 Network Security Processor Applications: IPSec, SSL, VPN, etc. Functionalities: Public key: RSA Private key: AES HMAC Truly random number generator Target technology: 0.25m to 0.18m Clock rate: 200MHz or higher (internal) 32-bit data and instruction word Throughput: 10Gbps (OC192) Power: 1 to 10mW/MHz at 3V (LP to HP) Die size: 50mm2 On-chip bus: AMBA icsoc4.8 NSP Architecture Local SRAM CPU Local SRAM CP Status Registers RAM AMBA AHB Arbiter External Memory Interface icsoc4.8 AHB MUXes DMA Controller AHB Decoder Test Controller B R I D G E APB BIST AMBA Advanced Microcontroller Bus Architecture Standard system bus for ARM-based chip Open standard for SOC on-chip bus Flexible and suitable for a wide range of SOC applications icsoc4.8 Crypto-Processor Architecture icsoc4.8 Encryption Modules AES core Supports AES (ECB, CBC mode) encryption and decryption with128-, 192-, and 256-bit keys On-the-fly key scheduling AHB slave interface RSA core New engine based on Montgomery algorithm AHB slave interface; 12k bit local RAM HMAC core Supports HMAC-SHA-1 and HMAC-MD5 algorithms with shared data-path AHB slave interface icsoc4.8 AES Core Reduce hardware complexity of S-Box based on composite field arithmetic 4-stage pipelined encryption/decryption datapath icsoc4.8 Silicon Prototype Technology 0.25 μm CMOS Package 128CQFP Core Size 1,279x 1,271 μm2 Gate Count 63.4K Max. Freq. 250 MHz 2.977Gbps(128-bit key) Throughput 2.510Gbps(196-bit key) 2.169Gbps(256-bit key) icsoc4.8 RSA Core on an improved word-based Montgomery’s modular multiplication algorithm Supports both GF(p) and GF(2^n) multiplications Scalable architecture for different key length Based icsoc4.8 Silicon Prototype icsoc4.8 Technology 0.25um CMOS Package 128CQFP Core size 2.282x2.284mm2 Gate count (32-b word) 210K Clock rate 200MHz Throughput (1024-b RSA) 276K HMAC Core Hashing: the mapping from an arbitrary length message to a fixed length hash value A security engine for IPSec/SSL applications An HMAC core supports both SHA-1 and MD-5 algorithms Hardware is shared by SHA-1 and MD-5 Supports various security requirements Reduces hardware cost For high performance and low power applications icsoc4.8 HMAC Architecture DATA Counter Data Length Register Padding Logic 32 AHB Wrapper Constants Controller 32 Word Expansion Unit tj 32 Mj 32 Integrated SHA-1/MD5 Unit 160 160 Message Digest Register icsoc4.8 Silicon Prototype icsoc4.8 Technology 0.25um standard CMOS 5 layer metal Supply Voltage 2.5 V Gate Count 50K Chip Size 1.68x1.69 mm2 Package 128pin CQFP Clock Speed 71.4 MHz Power Consumption 42.5 mW Status Crypto-Processor (CP) CP-1 (August 2003) Descriptor-based controller RSA, AES CP-2 (June 2004) RSA, AES, HMAC, RNG Parallel architecture Low power technique Network security processor (NSP) ARM + CP + AMBA Architecture evaluation Performance/power icsoc4.8 analysis CP2 Tape-Out (June 2004) CP2 Dynamic Voltage Generator icsoc4.8 NSP Prototyping Platform Logic Module CM920T AHB Bridge AHB Memory Cryptographic Processor GPIF-AHB Wrapper ARM Integrator PC USB 2.0 Development Board icsoc4.8 Future Test Chips Tape-Out Multiple-clock domain (September 2004) ARM + CP2 (Winter 2004) Low-power (Winter 2004) icsoc4.8 Thank You icsoc4.8