| With the drastic development of broadband networks, the speed of Ethernet is from 10/100/1000M tolOG, and even to 40G and 100G. Gigabit passive optical networks (PON) such as EPON and GPON are widely used in the access networks, and the proposal standard of 10G EPON was formally adopted by IEEE Standards Organization in September last year. Meantime, the wavelength division multiplexing passive optical network (WDM-PON) is also being studied so that the speed of 40G and even 100G can be achieved. Therefore, the speed of access network in future would be higher and higher. Since the access network is a user-oriented network which is vulnerable to security attacks, so how to effectively protect its security becomes the hotspot of research in recent years. Many network applications require to guarantee the confidentiality of the messages, to provide the authentication of the data sources, and to ensure the integrity of the messages as well, so people have paid more and more attention to block cipher mode of operation which can offer encryption and authentication simultaneously. While GCM (Galois/Counter Mode) is such a block cipher mode of operation, and it combines encryption and authentication based on universal hashing over a binary Galois field together. GCM has many advantages such as it can achieve high speed with low cost and low latency when it is implemented in hardware, it has provable security with no intellectual property constraints So GCM is regarded as a good choice which can provide encryption and authentication for high-speed access networks.In this thesis, the GCM algorithm is researched in deep, and a hardware architecture with high-speed, low processing delay is designed. We also simulate and synthesize the GCM algorithm on FPGA viretex5 platform.This thesis's main work and relative summing-up are as following:1. Analyze and summarize the existing security threats of optical access network and the existing encryption and authentication technologies, deep study the GCM encryption and authentication mode, propose the advantage of GCM used in high-speed access network.2. Introduce GCM algorithm briefly, including its encryption and decryption algorithm with authentication. Deep sdudy AES and Ghash which are used in GCM. On the basis of the study, the thesis propose that the encryption technology used in GCM not only can be AES but also can be triple-churning or sms4 to generate different encryption and authentication mode.3. Deep study the encryption and authentication algorithms including AES, triple churning, sms4 and Ghash, design their high speed architectures and implement these algorithms on FPGA viretex5 platform, also verify the correctness of these algorithms.4. Design and implement the architecture for AES-GCM, Triple churning-GCM, SMS4-GCM on FPGA viretex5 platform and verify the correctness of these algorithms.The full text is as follows:The 1st chapter discusses the research background, briefly introduce and summarize the current situation of GCM algorithm, point out the advantages of GCM algorithm.The 2nd chapter describes security threats existing in the current optical access network, the existing encryption and authentication technologies used in optical access network, points out the disadvantage of existing encryption and authentication technologies. The 3rd chapter introduces the principle of GCM algorithm, describes the key technologies used in this AES-GCM mode including the AES algorithm for encryption and Ghash principle for authentication. Introduces Triple churning-GCM and SMS4-GCM algorithms based on the deep study of AES-GCM.The 4th chapter introduces the implementation methodology of AES, Triple churning, SMS4, Ghash. Introduces the overall design of AES-GCM, Triple churning-GCM, SMS4-GCM on FPGA virtex5 board. Verifies the correctness of these algorithms. Discusses different applications of these types of GCM mode.The 5th chapter summaries the research results of this paper and looking into the future. |
PDF Full Text Request