High-Speed Parallel Hardware Architecture for Galois Counter Mode

Parallel hardware architecture for an authenticated encryption mode GCM (Galois counter mode) capable of a throughput higher than 100 Gbps is proposed. In GCM, the CTR mode can encrypt multiple data blocks independently, but a hash function performs multiply-add operation with the cipher-text blocks sequentially. Therefore, a parallel multiply-adder was designed and integrated into the GCM hardware with a 14-stage pipelined AES circuit and two kinds of S-box, composite field and BDD (binary decision tree) versions. Performance of a 4-parallel version was evaluated by using a 0.13-mum CMOS standard cell library, and very high throughputs of 102 Gbps with 600 Kgates and 162 Gbps with 979 Kgates were obtained by the composite and BDD S-boxes, respectively. Higher hardware efficiency (throughput/gate) in comparison with prior art was also achieved. The critical path of the design is the multiply-adder in each local processing block, and is not affected by the number of the parallel blocks. Therefore the proposed architecture has almost linear scalability in terms of hardware speed versus size.