多運作模式的多核心加密器密碼系統被廣泛地以硬體加速的方式運用於現代安全通訊協定。在通訊的某個時段(session)內，安全通訊協定只能使用單一運作模式以及單一加密演算法，我們僅能在兩個時段之間切換加密演算法或運作模式，因而對於系統效能產生非常大的額外耗損。如果我們預先知道接下來的幾個時段會使用到哪些加密演算法，相關的硬體加速模組就可以事先一次下載至可重構的裝置(reconfigurable device)，藉以降低切換加密演算法的效能耗損。本論文提出一個可以有效率地在單一時段內同時運作多個加密演算法的多核心加密器密碼系統，這個系統可以將單一檔案由多個不同的加密演算法搭配多種多樣的參數做加密，搭配一個硬體排程演算法我們可以達到可逆(reversible)與高吞吐量(high throughput)的兩個特性。本論文的實做係架構於元件可程式邏輯閘陣列(FPGA)平台藉由在單一時段內同時使用多個加密演算法硬體降低了切換加密演算法的額外效能耗損，當加密器數目達到管線化(pipelined)硬體排程演算法的需求時，吞吐量可以達到最大值。

Multi-cipher and multi-mode cryptosystems are widely used for hardware acceleration in modern security protocols. In a session of communication, these protocols can only use an algorithm along with its operation mode. The switching of cipher algorithms and operation modes can only occur between sessions of communication. Therefore, there will be much overhead for introducing different cipher accelerators in different sessions of communication. If we foreknow how many cipher algorithms are introduced in the following different sessions of communication, the related hardware accelerators for different cipher algorithms can also be downloaded into the reconfigurable device at one time for reducing the switching overheads. This thesis introduces a multi-cipher Cryptosystem (MCCS) which enables a cryptosystem to use multiple cipher algorithms concurrently and efficiently in a session of communication. With MCCS, a file can be encrypted by different cipher algorithms with diverse parameters. Our implementation reduces the switching overhead of cipher hardware by concurrently employing multiple crypto-processors designed for different secret ciphers with varied parameters in a session of communication. The implementation of a sample MCCS is introduced in this thesis using Field Programmable Gate Array (FPGA). When the number of crypto-processors in a cryptosystem based on MCCS meets the requirements of pipelined scheduling, the throughput can reach its maximum value.

[1] Leibson, S., and Kim, J.: ‘Configurable Processors: A New Era in Chip Design’, COMPUTER, 2005, pp. 51-59
[2] Rowen, C., and Leibson, S.: ‘Engineering the Complex Soc: Fast, Flexible Design with Configurable Processors’ (Prentice Hall, 2004. 2004)
[3] Martin, G.: ‘Overview of the MPSoC design challenge’, Proceedings of the 43rd annual conference on Design automation, 2006, pp. 274-279
[4] Ravi, S., Raghunathan, A., Kocher, P., and Hattangady, S.: ‘Security in embedded systems: Design challenges’, ACM Transactions on Embedded Computing Systems (TECS), 2004, 3, (3), pp. 461-491
[5] Wollinger, T., Guajardo, J., and Paar, C.: ‘Cryptography in Embedded Systems: An Overview’, Proc. Embedded World Conference, 2003
[6] Huang, A.: ‘Processor-In-Memory System Simulator’, in Editor (Ed.)^(Eds.): ‘Book Processor-In-Memory System Simulator’ (MIT AI Lab Abstracts of Research Projects, edn.), pp.
[7] Brown, S.D.: ‘Field-Programmable Gate Arrays’ (Kluwer Academic Publishers, 1992. 1992)
[8] Chan, P.K., and Schlag, M.D.F.: ‘Architectural tradeoffs in field-programmable-device-basedcomputing systems’, FPGAs for Custom Computing Machines, 1993. Proceedings. IEEE Workshop on, 1993, pp. 152-161
[9] Mangione-Smith, W.H., Hutchings, B., Andrews, D., DeHon, A., Ebeling, C., Hartenstein, R., Mencer, O., Morris, J., Palem, K., and Prasanna, V.K.: ‘Seeking Solutions in Configurable Computing’, 1997
[10] Compton, K., and Hauck, S.: ‘Reconfigurable Computing: A Survey of Systems and Software’, ACM Computing Surveys, 2002, 34, (2), pp. 171-210
[11] Bogrow, H.: ‘Field Programmable Gate Arrays: Off-the-shelf QML Components for Rapid Technology Insertion’, Military and Aerospace Applications of Programmable Devices and Technologies Conference (MAPLD), Greenbelt, MD, USA, 1998
[12] Handbook, P.L.: ‘PLDs, CPLDs & FPGAs, by Ashok K’, Sharma, McGrow-Hill
[13] Hutchings, B.L., and Wirthlin, M.J.: ‘Implementation Approaches for Reconfigurable Logic Applications’, Field-Programmable Logic and Applications, 1995, 419, pp. 428
[14] Vuillemin, J.E., Bertin, P., Roncin, D., Shand, M., Touati, H.H., and Boucard, P.: ‘Programmable active memories: reconfigurable systems come of age’, Very Large Scale Integration (VLSI) Systems, IEEE Transactions on, 1996, 4, (1), pp. 56-69
[15] Sima, M., Vassiliadis, S., Cotofana, S., van Eijndhoven, J., and Vissers, K.: ‘A Taxonomy of Custom Computing Machines’, Utrecht, the Netherlands
[16] Estrin, G.: ‘Reconfigurable Computer Origins: The UCLA Fixed-Plus-Variable (F+ V) Structure Computer’, 2002
[17] Diessel, O., Kearney, D., and Wigley, G.: ‘A Webbased Multi-user Operating System for Reconfigurable Computing’, IPPS/SPDP'99 Parallel and Distributed Processing, 1999, pp. 579-587
[18] Xilinx, I.: ‘Virtex-II Pro Platform FPGA Handbook’, published Oct, 2002, 14, pp. 19-71
[19] Kitsos, P., Sklavos, N., Galanis, M.D., and Koufopavlou, O.: ‘64-bit Block ciphers: hardware implementations and comparison analysis’, Computers and Electrical Engineering, 2004, 30, (8), pp. 593-604
[20] Bertoni, G., Breveglieri, L., Fragneto, P., Macchetti, M., and Marchesin, S.: ‘Efficient Software Implementation of AES on 32-Bit Platforms’, Cryptographic Hardware and Embedded Systems-CHES 2002, 2523, pp. 159–171
[21] Thiagarajan, E., and Gourishetty, M.: ‘Study of AES and its Efficient Software Implementation’, in Editor (Ed.)^(Eds.): ‘Book Study of AES and its Efficient Software Implementation’ (Oregon State University Department of Electrical Engineering and Computer Science Technical Report. January, 2003, edn.), pp.
[22] Hamalainen, P., Hannikainen, M., Hamalainen, T., and Saarinen, J.: ‘Configurable hardware implementation of triple-DES encryption algorithm for wireless local area network’, Acoustics, Speech, and Signal Processing, 2001. Proceedings.(ICASSP'01). 2001 IEEE International Conference on, 2001, 2
[23] Gaj, K., and Chodowiec, P.: ‘Fast Implementation and Fair Comparison of the Final Candidates for Advanced Encryption Standard Using Field Programmable Gate Arrays’, Proc. RSA Security Conference-Cryptographer's Track, April, 2001
[24] Wolkerstorfer, J., Oswald, E., and Lamberger, M.: ‘An ASIC implementation of the AES SBoxes’, Proc. RSA Conference, 2002
[25] Verbauwhede, I., Schaumont, P., and Kuo, H.: ‘Design and performance testing of a 2.29-GB/s Rijndael processor’, Solid-State Circuits, IEEE Journal of, 2003, 38, (3), pp. 569-572
[26] Hodjat, A., and Verbauwhede, I.: ‘Speed-area trade-off for 10 to 100 Gbits/s throughput AES processor’, Signals, Systems and Computers, 2003. Conference Record of the Thirty-Seventh Asilomar Conference on, 2003, 2
[27] Kitsos, P., Goudevenos, S., and Koufopavlou, O.: ‘VLSI implementations of the triple-DES block cipher’, Electronics, Circuits and Systems, 2003. ICECS 2003. Proceedings of the 2003 10th IEEE International Conference on, 2003, 1
[28] Caltagirone, C., and Anantha, K.: ‘High throughput, parallelized 128-bit AES encryption in a resource-limited FPGA’, Proceedings of the fifteenth annual ACM symposium on Parallel algorithms and architectures, 2003, pp. 240-241
[29] Rouvroy, G., Standaert, F.X., Quisquater, J.J., and Legat, J.D.: ‘Design strategies and modified descriptions to optimize cipher FPGA implementations: fast and compact results for DES and triple-DES’, Proceedings of the 2003 ACM/SIGDA eleventh international symposium on Field programmable gate arrays, 2003, pp. 247-247
[30] Rouvroy, G., Standaert, F.X., Quisquater, J.J., and Legat, J.D.: ‘Efficient Uses of FPGAs for Implementations of DES and Its Experimental Linear Cryptanalysis’, IEEE TRANSACTIONS ON COMPUTERS, 2003, pp. 473-482
[31] Elbirt, A.J., and Paar, C.: ‘An Instruction-Level Distributed Processor for Symmetric-Key Cryptography’, 2005
[32] Dandalis, A., and Prasanna, V.K.: ‘An adaptive cryptographic engine for internet protocol security architectures’, ACM Transactions on Design Automation of Electronic Systems (TODAES), 2004, 9, (3), pp. 333-353
[33] Wu, L., Weaver, C., and Austin, T.: ‘CryptoManiac: A Fast Flexible Architecture for Secure Communication’, Ann Arbor, 1001, pp. 48109
[34] Keromytis, A.D., Wright, J.L., and de Raadt, T.: ‘The Design of the OpenBSD Cryptographic Framework’, Proceedings of the USENIX Annual Technical Conference, 2003, pp. 181–196
[35] Keromytis, A.D., Wright, J.L., De Raadt, T., and Burnside, M.: ‘Cryptography as an operating system service: A case study’, ACM Transactions on Computer Systems (TOCS), 2006, 24, (1), pp. 1-38
[36] Wigley, G., and Kearney, D.: ‘Research Issues in Operating Systems for Reconfigurable Computing’, Proceedings of the International Conference on Engineering of Reconfigurable System and Algorithms (ERSA), pp. 10–16
[37] Wigley, G., Kearney, D., and Jasiunas, M.: ‘ReConfigME: A Detailed Implementation of an Operating System for Reconfigurable Computing’, Parallel and Distributed Processing Symposium, 2006. IPDPS 2006. 20th International, 2006, pp. 8
[38] Chang, R., and Wawrzynek, J.: ‘Bee2: A high-end reconfigurable computing system. 2005’, IEEE Design and Test of Computers, 2005, 22, (2)
[39] Hamada, T., Fukushige, T., Kawai, A., and Makino, J.: ‘PROGRAPE-1: a programmable special-purpose computer for many-bodysimulations’, FPGAs for Custom Computing Machines, 1998. Proceedings. IEEE Symposium on, 1998, pp. 256-257
[40] Dydel, S., and Bala, P.: ‘Large scale protein sequence alignment using FPGA reprogrammable logic devices’, Proceedings of FPL, 2004, 4, pp. 23–32
[41] Ortigosa, E.M., Ortigosa, P.M., Canas, A., Ros, E., Agis, R., and Ortega, J.: ‘FPGA Implementation of Multi-layer Perceptrons for Speech Recognition’, Field Programmable Logic and Application, 13th International Conference, FPL, 2003, pp. 1048–1052
[42] Sugawara, Y., Inaba, M., and Hiraki, K.: ‘Over 10gbps string matching mechanism for multi-stream packet scanning systems’, Field Programmable Logic and Application: 14th International Conference, FPL 2004, Leuven, Belgium, August 30-September 1, 2004. Proceedings, pp. 484–493
[43] van der Wolf, P., de Kock, E., Henriksson, T., Kruijtzer, W., and Essink, G.: ‘Design and programming of embedded multiprocessors: an interface-centric approach’, Proceedings of the 2nd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, 2004, pp. 206-217
[44] Rowson, J.A., and Sangiovanni-Vincentelli, A.: ‘Interface-based design’, Annual ACM IEEE Design Automation Conference: Proceedings of the 34 th annual conference on Design automation, 1997, 9, (13), pp. 178-183
[45] So, H.K.H., and Brodersen, R.: ‘A unified hardware/software runtime environment for FPGA-based reconfigurable computers using BORPH’, 2008
[46] Donlin, A., Lysaght, P., Blodget, B., and Troeger, G.: ‘A virtual file system for dynamically reconfigurable FPGAs’, Field Programmable Logic and Application, 14th International Conference, FPL, 2004, pp. 1127–1129
[47] Inc, X.: ‘ML310 Development Platform’, URL http://www.xilinx.com/products/boards/ml310/current/index.html, 2004
[48] Alshamsi, A., and Saito, T.: ‘A technical comparison of IPSec and SSL’, Advanced Information Networking and Applications, 2005. AINA 2005. 19th International Conference on, 2005, 2
[49] Paulson, L.C.: ‘Inductive Analysis of the Internet Protocol TLS’, ACM Transactions on Information and System Security, 1999, 2, (3), pp. 332-351
[50] Oppliger, R.: ‘Security Technologies for the World Wide Web’ (Artech House, 2003. 2003)
[51] Rescorla, E.: ‘SSL and TLS: designing and building secure systems’ (Boston: Addison-Wesley, 2001. 2001)
[52] Dierks, T., and Allen, C.: ‘The TLS Protocol Version 1.0–RFC 2246’, Internet Engineering Task Force (January 1999)
[53] Fips, P.U.B.: ‘186’, Digital Signature Standard, 1994
[54] Fips, P.U.B.: ‘186-2’, Digital Signature Standard (DSS), 2000
[55] Ylonen, T., and Lonvick, C.: ‘The Secure Shell (SSH) Authentication Protocol’, in Editor (Ed.)^(Eds.): ‘Book The Secure Shell (SSH) Authentication Protocol’ (RFC 4252, January 2006, edn.), pp.
[56] Ylonen, T., and Lonvick, C.: ‘The Secure Shell (SSH) Protocol Architecture’, in Editor (Ed.)^(Eds.): ‘Book The Secure Shell (SSH) Protocol Architecture’ (RFC 4251, January 2006, edn.), pp.
[57] Ylonen, T., and Lonvick, C.: ‘The Secure Shell (SSH) Transport Layer Protocol’, in Editor (Ed.)^(Eds.): ‘Book The Secure Shell (SSH) Transport Layer Protocol’ (RFC 4253, January 2006, edn.), pp.
[58] Cusack, F., and Forssen, M.: ‘Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)’, in Editor (Ed.)^(Eds.): ‘Book Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)’ (RFC 4256, January 2006, edn.), pp.
[59] Kohl, J., and Neuman, C.: ‘The Kerberos Network Authentication Service (V5)’, in Editor (Ed.)^(Eds.): ‘Book The Kerberos Network Authentication Service (V5)’ (RFC 1510, September 1993, 1993, edn.), pp.
[60] Ylonen, T., and Lonvick, C.: ‘The Secure Shell (SSH) Connection Protocol’, in Editor (Ed.)^(Eds.): ‘Book The Secure Shell (SSH) Connection Protocol’ (RFC 4254, January 2006, edn.), pp.
[61] Daemen, J., and Rijmen, V.: ‘AES Proposal: Rijndael (Version 2)’, NIST AES website csrc. nist. gov/encryption/aes, 1999
[62] Standard, D.E.: ‘FIPS PUB 46’, Appendix A, Federal Information Processing Standards Publication, January, 1977, 15
[63] Standard, D.E.: ‘FIPS PUB 46-3’, Reaffirmed Oct, 1999, 25
[64] Dworkin, M.: ‘Recommendation for Block Cipher Modes of Operation. Methods and Techniques’, 2001
[65] Standard, D.E.: ‘Federal Information Processing Standard (FIPS) 46’, National Bureau of Standards, 1977
[66] Fips, P.U.B.: ‘NIST. FIPS 81: DES Modes of Operation’, in Editor (Ed.)^(Eds.): ‘Book NIST. FIPS 81: DES Modes of Operation’ (December, 1980, edn.), pp.
[67] Fips, P.U.B.: ‘NIST. FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard’, April, 1, pp. 1981
[68] Campbell, K.W., and Wiener, M.J.: ‘DES is not a Group’, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, 1992, pp. 512-520
[69] Standard, A.E.: ‘FIPS 197’, National Institute of Standards and Technology, November, 2001
[70] Xilinx, I.: ‘PLB IPIF (v2. 02a)’, in Editor (Ed.)^(Eds.): ‘Book PLB IPIF (v2. 02a)’ (DS448, edn.), pp.
[71] Kegel, D.: ‘Crosstool web site. web http://kegel.com/crosstool’, in Editor (Ed.)^(Eds.): ‘Book Crosstool web site. web http://kegel.com/crosstool’ (January, 2006, edn.), pp.
[72] Archives, L.K.: ‘Linux Kernel source code’, Web ref: http://www.kernel.org
[73] Young, E.A., and Hudson, T.J.: ‘OpenSSL’, World Wide Web, http://www.openssl.org/, 9
[74] Rapier, C., and Bennett, B.: ‘High speed bulk data transfer using the SSH protocol’, Proceedings of the 15th ACM Mardi Gras conference: From lightweight mash-ups to lambda grids: Understanding the spectrum of distributed computing requirements, applications, tools, infrastructures, interoperability, and the incremental adoption of key capabilities, 2008
[75] Cores, O.: ‘Free open source IP cores and chip design’, http://www.opencores.org, 2006
[76] Xilinx, I.: ‘Processor Local Bus (PLB) v3. 4 (v1. 02a) Product Specification’, in Editor (Ed.)^(Eds.): ‘Book Processor Local Bus (PLB) v3. 4 (v1. 02a) Product Specification’ (Sept, 2004, edn.), pp.
[77] Amdahl, G.M.: ‘Validity of the single processor approach to achieving large scale computing capabilities’, AFIPS Conference Proceedings, 1967, 30, (8), pp. 483-485
[78] Lindemann, M., and Smith, S.W.: ‘Improving DES Coprocessor Throughput for Short Operations’
[79] Tirumala, A., Qin, F., Dugan, J., Ferguson, J., and Gibbs, K.: ‘pages http://dast.nlanr.net/Projects/Iperf/’, in Editor (Ed.)^(Eds.): ‘Book pages http://dast.nlanr.net/Projects/Iperf/’ (Iperf, edn.), pp.
[80] Hodjat, A., and Verbauwhede, I.: ‘High-throughput programmable cryptocoprocessor’, Micro, IEEE, 2004, 24, (3), pp. 34-45
[81] Dandalis, A., Prasanna, V.K., and Rolim, J.D.P.: ‘A Comparative Study of Performance of AES Final Candidates Using FPGAs’, Proc. Cryptographic Hardware and Embedded Systems Workshop, CHES, 2000, pp. 17-18
[82] Lin, S.Y., and Huang, C.T.: ‘A High-Throughput Low-Power AES Cipher for Network Applications’, Proceedings of the 2007 conference on Asia South Pacific design automation, 2007, pp. 595-600
[83] Gao, N., Li, Z., and Wang, Q.: ‘Design and implementation of a high-speed reconfigurable cipher chip’, Journal of Systems Engineering and Electronics, 2006, 17, (4), pp. 712-716
[84] Kim, I., Steele, C.S., and Koller, J.G.: ‘A Fully Pipelined, 700MBytes/s DES Encryption Core’, Proceedings of Ninth Great Lakes Symposium on VLSI, 1999, pp. 386
[85] Schaffer, T., Glaser, A., and Franzon, P.D.: ‘Chip-package Co-implementation of a triple DES Processor’, Advanced Packaging, IEEE Transactions on [see also Components, Packaging and Manufacturing Technology, Part B: Advanced Packaging, IEEE Transactions on], 2004, 27, (1), pp. 194-202
[86] Donato, A., Ferrandi, F., Santambrogio, M., and Sciuto, D.: ‘Operating system support for dynamically reconfigurable SoC architectures’, SOC Conference, 2005. Proceedings. IEEE International, 2005, pp. 233-238
[87] Curino, C.A., Fossati, L., Rana, V., Redaelli, F., Santambrogio, M.D., and Sciuto, D.: ‘The shining embedded system design methodology based on self dynamic reconfigurable architectures’, Proceedings of the 2008 conference on Asia and South Pacific design automation, 2008, pp. 595-600