GCM Mode • Galois/Counter Mode (GCM) is a block cipher mod…
GCM Mode
• Galois/Counter Mode (GCM) is a block cipher mode that employs the Advanced Encryption Standard (AES) algorithm, supporting key lengths of 128, 192, or 256 bits.
• GCM processes data in fixed-sized blocks of 128 bits and requires the lengths of both the payload and additional authenticated data (AAD) to be specified in bits.
• The implementation of GCM on FPGA supports both encryption and decryption, with specific bit-widths for parameters detailed in a table.
• The initialization vector (IV) must be exactly 96 bits to ensure compatibility and efficiency, following standard guidelines.
• During decryption, a Message Authentication Code (MAC) is used instead of a failure flag, and matching MACs from both encryption and decryption confirm data authenticity.
• The GCM encryption process involves two components: Counter Mode (CTR) for converting plaintext to ciphertext and Galois Message Authentication Code (GMAC) for generating the MAC.
• The decryption process is similar to encryption, primarily differing in the conversion of ciphertext back to plaintext.
• The encryption module consists of two parallel components: aesGctrEncrypt and genGMAC, which communicate through data streams to optimize resource usage.
• Profiling data for GCM-AES128, GCM-AES192, and GCM-AES256 includes resource utilization metrics (CLB, LUT, FF, etc.) and critical path timing for both encryption and decryption.
• GCM-AES128 encryption requires 3836 CLBs with a critical path of 3.165 ns, while decryption needs 3711 CLBs and has a critical path of 2.885 ns.
• GCM-AES192 encryption utilizes 4324 CLBs with a critical path of 2.854 ns, and decryption requires 4504 CLBs with a critical path of 2.899 ns.
• GCM-AES256 encryption demands 4777 CLBs and has a critical path of 2.955 ns, while decryption requires 5130 CLBs with a critical path of 3.077 ns.