8.1. The Triple-DES AlgorithmIn order to evaluate software versus hardware implementations of data encryption, we begin with publicly available source code for the triple-DES encryption algorithm. This source code was originally written by Phil Karn (of Qualcomm) and is based on an algorithm described in Applied Cryptography, written by Bruce Schneier and published in 1995 by John Wiley & Sons. This original source code was written in standard C language and was not optimized for any specific processor target, nor was it written to take advantage of algorithm-level parallelism. We'll use Impulse C library calls to make the conversion from the original C code to a version suitable for hardware compilation in the selected FPGA target, and to perform the required C-to-hardware compilation. Our goal in this evaluation is to quickly evaluate the relative performance and trade-offs of hardware versus software implementations for one specific algorithm (the triple-DES encryption function, represented by approximately 180 lines of C source code). Therefore, we have decided at the outset to make only the minimum changes necessary to allow efficient hardware compilation and to refrain from making non-obvious changes to the algorithm as a whole. Those changes will come later, in Chapter 10, after we have generated a working prototype. The DES (Data Encryption Standard) algorithm was designed to encrypt/decrypt 64-bit blocks of data representing eight characters per block. Large amounts of data are processed by simply applying the same algorithm over and over to these 64-bit blocks, each of which represents the eight characters in an incoming ASCII text stream. In addition to the input data to be encrypted, the algorithm uses key schedule and SP Box data to perform the actual encryption/decryption. The key schedule data is generated from the encryption key and is constant for each stream of data. The SP Box data is a fundamental part of the algorithm and is constant for all streams. The changes made to the encryption function in support of hardware compilation are as follows:
|