Are FPGAs faster than microcontrollers in cryptography?

So, for my capstone project, I've been working on a cryptographic algorithm accelerator on an FPGA. While it did get approved, I've been suggested to work on a more application-based idea that could incorporate my accelerator, where its use can be justified. I'm trying to find examples where using FPGAs over Microcontrollers in encryption would be practically a better option

One common area of application of FPGAs in cryptography is cryptanalysis, for things like password cracking (that's a small underground industry, apparently) or solving the DLP in some group.

Another could be very high speed symmetric encryption for e.g. a fiber optic link.

Yet another could be fast implementation of some (possibly post-quantum) asymmetric cryptographic algorithm, in preparation of integration in low-power production MCUs/CPUs.

Are FPGAs faster than micro-controllers in cryptography?

Yes they are, unless there's a bottleneck (e.g. moving the data to encrypt/decrypt), or/and the microcontroller has dedicated hardware for the cryptography (e.g. a SHA-256 or AES engine). A factor of 10 is common, a factor factor of 100 is not unseen.

Hardware gives you flexibility where you do not have it in software. As someone who has made cryptographic hardware, most of the application oriented designs are around making something faster or harder to create a power attack. As you seem as if you've already designed something, you could show a comparison between software and hardware approaches to the same cipher from the standpoint of speed or power. Another interesting option is that you could produce a power attack by stopping the clock, and then have a dual-rail encoded design that took the same power for both "1" and "0" states.

Many microcontrollers nowadays have AES hardware built into them that will run at 10s (or maybe even 100s of MB/s), so ideally you are looking for an application where that is not sufficient. The primary way that FPGAs can out-do normal processors is in doing many things in parallel (as you can stamp out multiple processing engines to do the same, or different, things a the same time). A multi-channel system performing several independent streams of encryption/decryption might be a suitable project which would make use of this. You could demonstrate in hardware with a couple of development boards with one performing encryption and the other decryption.

Alternatively (if your studies are more geared towards security analysis), you could implement something which offers a different type of key security (so the microcontroller gets the FPGA to perform cryptographic operations, and its software never gets to see the keys), by hanging an FPGA off the side of a microcontroller (using SPI for example). Trusted Platform Modules (TPMs) already exist which give this functionality, so it would be "only" an educational project. Comparing the potential attack paths involving the micro and/or FPGA which might reveal the key would be instructive. When the keys are in the microcontroller, they are often easier to defend against a physical attacker, but an attacker who can get code to run on the micro has an easier time. With the FPGA "TPM", this is harder (although this attacker can still ask the FPGA to do all the cryptographic operations the original software could!). A physical attacker may have different options (for example, reading the keys out of the flash chip the FPGA uses).

Let's assume by better you mean speed and encryption you mean AES encrypt.

For this case I would say the FPGA is better. Other factors like power and implementation security can also be better in an FPGA design.

One example is here:

Abstract:AES (Advanced Encryption Standard) is an algorithm which is used to protect electronic data. The AES can be implemented in software as well as hardware. However implementing in Field Programmable Gate Array (FPGA) is much faster than implementing in software. In this project we have done a comparison between software implementation of AES algorithm and FPGA implementation of AES Algorithm. We have used XILINX Vivado 2017.4 software for coding the algorithm and simulating the same. We used Verilog as the HDL language for coding the AES algorithm. The algorithm was also implemented on ARTIX-7 FPGA.

Many more can be found online.