Design and Implementation of Authenticated Encryption Co-Processors for Satellite Hardware Security

Abstract

FPGA implementation is attained through either the traditional Register Transfer Level (RTL) flow or High-Level Synthesis (HLS) flow. The Consultative Committee for Space Data Systems (CCSDS) has recommended a standard for security algorithms for space missions. Authenticated encryption, the most important of those algorithms, can be achieved by either cipher-based or hash-based algorithms. In this paper, firstly, a brief explanation of the CCSDS standard authenticated encryption algorithms of both types is provided. Secondly, the algorithms are implemented in both RTL and HLS flows to measure and quantify the gap between the two design flows. Results show that the HLS modules utilize 44% more LUTs and consume an average of 40.8% more power than the RTL ones. In addition, the RTL modules demonstrated 28 times higher throughput than that of the HLS ones. Therefore, it is recommended to use the traditional RTL approach over the HLS one and the cipher-based module over the hash-based one at the expense of longer time-to-market for the RTL design. Additionally, the cipher-based module when compared to the hash-based one has proven higher efficiency utilizing 12% less area, achieving 35% higher throughput, and consuming 17% less energy per bit.