Enhancing NVMe SSD Security with AES256-XTS-STG Encryption

Welcome to our AES256-XTS-STG series demo! Discover how AES-XTS encryption enhances NVMe SSD data security without compromising speed.

In a typical scenario, an NVMe SSD performs reads and writes to store user data.

The data written to the NVMe SSD includes user data, and this data is stored on the SSD in a format that allows anyone with access to the NVMe SSD to directly read it.

In other words, the data on the NVMe SSD is typically not encrypted by default, making it accessible to anyone who has physical access to the storage device.

To enhance data security, data encryption has been implemented, and the chosen algorithm for encrypting data for storage is AES-XTS.

This algorithm helps protect the data stored on the storage device, ensuring that it remains confidential and secure.

DG offers AES256-XTS-STG as a solution for securing your data storage with high performance, without negatively impacting the transfer speed of NVMe SSDs.

It's designed to be user-friendly, it does not require a CPU or external memory, simplifying its implementation and operation.

DG provides AES256-XTS-STG-IP demonstration with NVMe SSD on Agilex7 I-Series development kit.

During the demonstration, the AES256-XTS-STG IPs are employed to showcase the encryption and decryption of data between the test logic and an NVMe SSD within an FPGA environment.

This serves as a practical illustration of how the IP cores can secure data communication between these components.

AES256-XTS-STG can encrypt data and decrypt data without significantly impacting the write and read speed of the NVMe SSD.

This efficient encryption process ensures that data security is maintained without sacrificing the storage device's performance.

Write data to NVMe SSD

To measure the performance of data transfer, we’ve designed a test logic to writes 32-bit incremental data pattern.

When 156 GB data is written to 2 TB CFD Gaming Gen5 SSD, the outstanding write speed is displayed on serial console which is about 10,000 MB/s.

The results of capturing the incoming and outgoing pins of AES256-XTS-STG, it's observed that the incoming data is 32-bit incremental data pattern, while the outgoing data is encrypted.

Read data from NVMe SSD

Testing reads from the same SSD is conducted. 156-GB data is read and decrypted to user.

The report shows an outstanding read speed of 8,474 MB/s.

The results of capturing the incoming and outgoing pins of AES256-XTS-STG, it's observed that the incoming data is encrypted, while the outgoing data is 32-bit incremental data pattern.

There are three products of AES256-XTS-STG series IP which are AES256-XTS-STG-IP, AES256-XTS-STG-2X-IP, AES256-XTS-STG-4X-IP for different speed application.

• AES256-XTS-STG-IP can operate 128-bit data every clock cycles and speed up to 4.4 GB/s at maximum frequency 275 MHz.This IP is suitable for Gen3 NVMe SSD and secure communication applications.
• AES256-XTS-STG-2X-IP can operate 256-bit data every clock cycles and speed up to 12.8 GB/s at maximum frequency 400 MHz. This IP is suitable for Gen4 NVMe SSD and secure communication applications.
• AES256-XTS-STG-4X-IP can operate 512-bit data every clock cycles and speed up to 25.6 GB/s at maximum frequency 400 MHz.This IP is suitable for Gen5 NVMe SSD and secure communication applications.

Join us as we showcase secure data communication between FPGA and NVMe SSD, illustrating practical applications of AES256-XTS-STG. Don't miss out—stay tuned for more exciting insights and demos! ?????

??https://dgway.com/ASIP_E.html#AESXTS

YouTube: https://youtu.be/g_xEEv5uXG0