Cryptology ePrint Archive: Report 2020/178

A >100 Gbps Inline AES-GCM Hardware Engine and Protected DMA Transfers between SGX Enclave and FPGA Accelerator Device

Santosh Ghosh and Luis S Kida and Soham Jayesh Desai and Reshma Lal

Abstract: This paper proposes a method to protect DMA data transfer that can be used to offload computation to an accelerator. The proposal minimizes changes in the hardware platform and to the application and SW stack. The paper de-scribes the end-to-end scheme to protect communication between an appli-cation running inside a SGX enclave and a FPGA accelerator optimized for bandwidth and latency and details the implementation of AES-GCM hard-ware engines with high bandwidth and low latency.

Category / Keywords: implementation / cryptographic protection, heterogeneous computation, protected transfer, hardware for AES-GCM, TEE, SGX, FPGA, and accelerator

Date: received 13 Feb 2020

Contact author: Santosh Ghosh at intel com,luis s kida@intel com

Available format(s): PDF | BibTeX Citation

Version: 20200214:082348 (All versions of this report)

Short URL: ia.cr/2020/178


[ Cryptology ePrint archive ]