A >100 Gbps Inline AES-GCM Hardware Engine and Protected DMA Transfers between SGX Enclave and FPGA Accelerator Device

Santosh Ghosh; Luis S Kida; Soham Jayesh Desai; Reshma Lal

Paper 2020/178

A >100 Gbps Inline AES-GCM Hardware Engine and Protected DMA Transfers between SGX Enclave and FPGA Accelerator Device

Santosh Ghosh, Luis S Kida, Soham Jayesh Desai, and Reshma Lal

Abstract

This paper proposes a method to protect DMA data transfer that can be used to offload computation to an accelerator. The proposal minimizes changes in the hardware platform and to the application and SW stack. The paper de-scribes the end-to-end scheme to protect communication between an appli-cation running inside a SGX enclave and a FPGA accelerator optimized for bandwidth and latency and details the implementation of AES-GCM hard-ware engines with high bandwidth and low latency.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint. MINOR revision.
Keywords: cryptographic protection heterogeneous computation protected transfer hardware for AES-GCM TEE SGX FPGA and accelerator
Contact author(s): Santosh Ghosh @ intel com
luis s kida @ intel com
History: 2020-02-14: received
Short URL: https://ia.cr/2020/178
License: CC BY

BibTeX

@misc{cryptoeprint:2020/178,
      author = {Santosh Ghosh and Luis S Kida and Soham Jayesh Desai and Reshma Lal},
      title = {A >100 Gbps Inline {AES}-{GCM} Hardware Engine and Protected {DMA} Transfers between {SGX} Enclave and {FPGA} Accelerator Device},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/178},
      year = {2020},
      url = {https://eprint.iacr.org/2020/178}
}