You are on page 1of 2

An FPGA Implementation of 30Gbps Security Module for

GPON Systems


Recently, GPONs (Gigabit-capable Passive Optical Networks) are attractive for cost-
effective delivery of high-bandwidth data directly to building, curb, and home. This
creates a strong requirement for access network to be trustworthy, secure, and
reliable.Therefore, encryption module is an essential part in GPON systems for protecting
broadcast data from eavesdropping due to the multicast nature of the GPONs. The ITU-T
G.984 document recommends using the Advanced Encryption Standard (AES) for
payload encryption in GPONs. The National Institute of Standards and Technology
(NIST) defined five modes of operation of AES. However, only AES with counter mode
(CTR-AES) can be used for GPON payload encryption. In this project, we present a
GPON security module using CTR-AES algorithm which is implemented by a full-
pipelined architecture for area and performance optimization.
The AES specifies the Rijndael algorithm, which is a symmetric block cipher that
processes fixed 128 bit data blocks using cipher keys with lengths of 128, 192 and 256
bits. The original Rijndael algorithm had the option of combining data block sizes of 128,
192 or 256 bits with any of key lengths. Due to the hard task of verifying that all possible
combinations were secure against cryptographic attacks. The AES algorithm will be used
for many applications within the government an in the private sector.
GPON systems require gigabit throughput data encryption for security and
privacy. This paper presents an implementation of very high speed security module for
GPON on Virtex4 FPGA. The security module supports payload encryption with constant
delay by using counter mode AES algorithm. Our design of AES has three advanced
features: composite field arithmetic SubByte, efficient MixColumn transformation, and
On-the-Fly Key-Scheduling. Fullpipelined architecture is employed for the AES
architecture in order to achieve the high performance for security module. The
experiment shows that the proposed architecture can achieve a throughput of 30Gbits/s

on a Xilinx Virtex-4 VLX100-12 device. . Software’s/Tools: • The project will be implemented using HDL. The performance of our design is well suitable for encryption applications of GPON systems. • Simulation will be done to verify the functionality and synthesis will be done to get the NETLIST. • Simulation and synthesis will be done using Xilinx Tools.