978-1-7281-3044-6/19/$31.00 ©2019 IEEE Abstract— Cost of data breach is frightfully alarming and software-based solutions for addressing information security may not just be enough. The need for hardware-level cryptography gave rise to the conception of this research aiming at the ASIC implementation of a Blowfish cryptographic core in 0.13 µm CMOS process technology, and at the employment of pipelining and datapath modification to the Blowfish algorithm for propagation delay reduction and performance enhancement. The original 32-bit datapath of the Blowfish algorithm is sectioned to four to arrive at byte-level data processing. Modification to 8-bit datapath reduces the delay associated with 32-bit addition brought by the propagation of carry between full adders. The clock cycle number increase during datapath modification is compensated by pipelining several processes with the application of iterative design which will allow for lesser area during synthesis. The RTL model for the implementation is written in Verilog HDL and the final design after synthesis and optimization yields an operating frequency of up to 425.5319 MHz with a power rating of 5.25 mW and an area of only 928 standard cells. Index Terms— ASIC implementation, Blowfish algorithm, cryptography, pipelining I. INTRODUCTION Cryptography is a mathematical science which involves transformation of information to render its meaning unintelligible and unusable by an unauthorized user. It is being used in information security to address data confidentiality, data integrity, entity authentication, data origin authentication and non-repudiation [1]. If information security is compromised, data breach can be very costly. A Ponemon study reports that the cost of a data breach for an organization increased from $5.4 million to $5.9 million over the past two years. A more alarming finding is that, in addition to increase in cost, companies are losing more customers following a data breach which is affecting industries especially financial services [2]. Employing cryptography for information security can be either done in software or hardware. Considerations for the option of implementation may depend on several factors but taking security as the main concern, software implementations are significantly less secure than its equivalent hardware implementations. Several reasons for this include (1) software solutions make use of an externally available memory whereas hardware solutions can contain their own internally managed memory, (2) code alteration is possible with software-based solutions while impossible in hardware-based solutions since everything has been burnt onto a chip, (3) software solutions are more vulnerable to reverse engineering and power analysis attacks, (4) key storage is more secure in hardware implementations, and (5) software-based implementations are dependent on the operating system security [2]. Cryptography can be either symmetric or asymmetric where the former uses identical secret key for encryption and decryption while the latter uses separate secret keys for encryption and decryption. A survey from Ponemon institute revealed that system performance and latency is the encryption feature considered to be most important [3]. This makes symmetric cryptography a better choice than asymmetric cryptography for hardware implementations because it enjoys faster speed, lesser memory usage and lower power consumption over the latter [4]. Four of the most commonly used symmetric cryptography algorithms are Data Encryption Standard (DES), Triple Data Encryption Standard (3DES), Blowfish and Advanced Encryption Standard (AES). Among these four, Blowfish algorithm is the fastest requiring the least memory usage [5] and power consumption and produces the highest encryption and decryption throughput [6]. Blowfish algorithm is a Feistel network symmetric block cipher designed by Bruce Schneier in 1993 as a fast alternative and replacement for Data Encryption Standard (DES). It is unpatented and can be freely used by anyone with no license required [7]. There has been no effective cryptanalysis of the full 16-round Blowfish and the closest so far was the second differential attack introduced by Vinvent Rijimen in his Ph.D. thesis which can only break four rounds and no more [8]. Report on the cost of data breach is alarming for companies and organizations and cryptography for information security at the software level may not just be enough. In addition, performance and latency as the most important feature for a cryptographic solution for use in low-power, high-speed applications make Blowfish a fitting algorithm for a cryptographic core hence the conception of this research. ASIC Implementation of Pipelined Blowfish Cryptographic Core in 0.13 µm CMOS Process Technology Blesshe Mae B. Beron, Varrie T. Duhaylungsod, Kister Genesis Jimenez, Jefferson Hora, Re-Ann Cristine O. Calimpusan, and Olga Joy Gerasta Microelectronics Laboratory, MSU-Iligan Institute of Technology Iligan City, Philippines jefferson.hora@g.msuiit.edu.ph