Encryption approaches and protocols are continually being compromised as the field of cryptanalysis, and available computing power, advances. And if cryptanalysts overcome an encryption approach, then devices which incorporate that encryption approach in fixed-logic are themselves compromised. The only way to restore security to a compromised fixed-logic device is to replace the device, the cost and inconvenience of which may be substantial.
One potential architectural approach to mitigate the inflexibility of fixed logic is to implement the protocol in software, which would then be run on some type of programmable processor. This option can, and has, been used when the protocol of interest does not have to manipulate data in a high speed manor and the programmable device can be protected such that a copy of the software implementation can not be compromised by unauthorized physical or virtual access. These very restrictive qualifying requirements remove software implemented security protocols from a large number of market segments.
By contrast, an encryption approach implemented in reconfigurable logic could be modified in response to being compromised, reestablishing security without the costs of replacing compromised fixed-logic encryption devices. Because reconfigurable logic based security algorithms operate at hardware circuit speeds, they can also be used when high processing speed, lower power draw or higher physical security requirements would exclude a software implementation.
Efforts in academic, industrial, military, and other areas to improve encryption have focused disproportionately on fixed-logic designs rather than reconfigurable-logic designs. The bias toward fixed-logic design has been influenced by, among other factors, policies and procedures of the National Security Agency (NSA). The NSA reviews encryption devices for the US government Defense and Intelligence communities and type approves those meeting certain standards. The NSA's traditional policies and procedures have been oriented towards fixed-logic designs primarily because fixed function devices are more easily verified to have no communications or processing channels through which information could be maliciously or inadvertently exposed external to the device. Since NSA type approval is required before a security device can be used by US Defense or Intelligence departments, this has heretofore effectively foreclosed type approval of encryption approaches using reconfigurable logic. Accordingly, serious encryption efforts employing reconfigurable logic for production systems have been uncommon. Likewise software based encryption systems have also heretofore had difficulty in obtaining NSA type certification for higher security purposes.
What is needed is a highly effective encryption approach for securing data which can be modified to overcome advances in cryptanalysis by virtue of being implemented with reconfigurable logic.