A novel AES-256 implementation on FPGA using co-processor based architecture
03 Aug 2012-pp 632-638
TL;DR: Hardware design for implementing cryptographic algorithm on various hardware platforms like application specific integrated circuit (ASIC), field programmable gate array (FPGA) and micro-controllers is needed in terms of larger key values, higher throughput and less resource utilization.
Abstract: Efficient hardware architecture for cryptographic algorithms are of utmost need for implementing secured data communication in embedded applications. The hardware implementation of the algorithms though provides less flexibility, but are faster and requires less resource as compared to the software implementation, and hence ideally suited for target specific embedded systems. Though, there exist quite a few research works that propose hardware design for implementing cryptographic algorithm on various hardware platforms like application specific integrated circuit (ASIC), field programmable gate array (FPGA) and micro-controllers, still there lies the need of better hardware design in terms of larger key values, higher throughput and less resource utilization.
Citations
More filters
Journal Article•
TL;DR: Der DES basiert auf einer von Horst Feistel bei IBM entwickelten Blockchiffre („Lucipher“) with einer Schlüssellänge von 128 bit zum Sicherheitsrisiko, und zuletzt konnte 1998 mit einem von der „Electronic Frontier Foundation“ (EFF) entwickkelten Spezialmaschine mit 1.800 parallel arbeit
Abstract: Im Jahre 1977 wurde der „Data Encryption Algorithm“ (DEA) vom „National Bureau of Standards“ (NBS, später „National Institute of Standards and Technology“ – NIST) zum amerikanischen Verschlüsselungsstandard für Bundesbehörden erklärt [NBS_77]. 1981 folgte die Verabschiedung der DEA-Spezifikation als ANSI-Standard „DES“ [ANSI_81]. Die Empfehlung des DES als StandardVerschlüsselungsverfahren wurde auf fünf Jahre befristet und 1983, 1988 und 1993 um jeweils weitere fünf Jahre verlängert. Derzeit liegt eine Neufassung des NISTStandards vor [NIST_99], in dem der DES für weitere fünf Jahre übergangsweise zugelassen sein soll, aber die Verwendung von Triple-DES empfohlen wird: eine dreifache Anwendung des DES mit drei verschiedenen Schlüsseln (effektive Schlüssellänge: 168 bit) [NIST_99]. Der DES basiert auf einer von Horst Feistel bei IBM entwickelten Blockchiffre („Lucipher“) mit einer Schlüssellänge von 128 bit. Da die amerikanische „National Security Agency“ (NSA) dafür gesorgt hatte, daß der DES eine Schlüssellänge von lediglich 64 bit besitzt, von denen nur 56 bit relevant sind, und spezielle Substitutionsboxen (den „kryptographischen Kern“ des Verfahrens) erhielt, deren Konstruktionskriterien von der NSA nicht veröffentlicht wurden, war das Verfahren von Beginn an umstritten. Kritiker nahmen an, daß es eine geheime „Trapdoor“ in dem Verfahren gäbe, die der NSA eine OnlineEntschlüsselung auch ohne Kenntnis des Schlüssels erlauben würde. Zwar ließ sich dieser Verdacht nicht erhärten, aber sowohl die Zunahme von Rechenleistung als auch die Parallelisierung von Suchalgorithmen machen heute eine Schlüssellänge von 56 bit zum Sicherheitsrisiko. Zuletzt konnte 1998 mit einer von der „Electronic Frontier Foundation“ (EFF) entwickelten Spezialmaschine mit 1.800 parallel arbeitenden, eigens entwickelten Krypto-Prozessoren ein DES-Schlüssel in einer Rekordzeit von 2,5 Tagen gefunden werden. Um einen Nachfolger für den DES zu finden, kündigte das NIST am 2. Januar 1997 die Suche nach einem „Advanced Encryption Standard“ (AES) an. Ziel dieser Initiative ist, in enger Kooperation mit Forschung und Industrie ein symmetrisches Verschlüsselungsverfahren zu finden, das geeignet ist, bis weit ins 21. Jahrhundert hinein amerikanische Behördendaten wirkungsvoll zu verschlüsseln. Dazu wurde am 12. September 1997 ein offizieller „Call for Algorithm“ ausgeschrieben. An die vorzuschlagenden symmetrischen Verschlüsselungsalgorithmen wurden die folgenden Anforderungen gestellt: nicht-klassifiziert und veröffentlicht, weltweit lizenzfrei verfügbar, effizient implementierbar in Hardund Software, Blockchiffren mit einer Blocklänge von 128 bit sowie Schlüssellängen von 128, 192 und 256 bit unterstützt. Auf der ersten „AES Candidate Conference“ (AES1) veröffentlichte das NIST am 20. August 1998 eine Liste von 15 vorgeschlagenen Algorithmen und forderte die Fachöffentlichkeit zu deren Analyse auf. Die Ergebnisse wurden auf der zweiten „AES Candidate Conference“ (22.-23. März 1999 in Rom, AES2) vorgestellt und unter internationalen Kryptologen diskutiert. Die Kommentierungsphase endete am 15. April 1999. Auf der Basis der eingegangenen Kommentare und Analysen wählte das NIST fünf Kandidaten aus, die es am 9. August 1999 öffentlich bekanntmachte: MARS (IBM) RC6 (RSA Lab.) Rijndael (Daemen, Rijmen) Serpent (Anderson, Biham, Knudsen) Twofish (Schneier, Kelsey, Whiting, Wagner, Hall, Ferguson).
624 citations
Posted Content•
TL;DR: In this paper, the problem of secure storage and retrieval of information (SSRI) was addressed, and a secret sharing scheme with shorter shares size in the amortized sense was proposed.
Abstract: In his well-known Information Dispersal Algorithm paper, Rabin showed a way to distribute information in n pieces among n servers in such a way that recovery of the information is possible in the presence of up to t inactive servers. An enhanced mechanism to enable construction in the presence of malicious faults, which can intentionally modify their pieces of the information, was later presented by Krawczyk. Yet, these methods assume that the malicious faults occur only at reconstruction time. In this paper we address the more general problem of secure storage and retrieval of information (SSRI), and guarantee that also the process of storing the information is correct even when some of the servers fail. Our protocols achieve this while maintaining the (asymptotical) space optimality of the above methods. We also consider SSRI with the added requirement of confidentiality, by which no party except for the rightful owner of the information is able to learn anything about it. This is achieved through novel applications of cryptographic techniques, such as the distributed generation of receipts, distributed key management via threshold cryptography, and “blinding”. An interesting byproduct of our scheme is the construction of a secret sharing scheme with shorter shares size in the amortized sense. An immediate practical application of our work is a system for the secure deposit of sensitive data. We also extend SSRI to a “proactive” setting, where an adversary may corrupt all the servers during the lifetime of the system, but only a fraction during any given time interval.
6 citations
25 Jul 2015
TL;DR: An AES IP core with an acceptable trade-off between performance and area is presented, which has a certain value for the generalization the wireless communication terminal hardware platform.
Abstract: The Advanced Encryption Standard (AES) issued by the National Institute of Standards and Technology in 2001 has become the new widely-used symmetric block cipher standard. A lot of efforts have been made on the various hardware implementations of the AES algorithm. Some focus on achieving low-cost constructions, while others focus on designing high throughput. Given the specific requirement of wireless communication and portable devices, this article presents an AES IP core with an acceptable trade-off between performance and area. By introducing composite fields Sboxes and researching optimization of MixColumn can reduce resources. The AES IP is designed based on Avalon bus. It is compatible with five modes including ECB, CBC, OFB, CFB, and CTR. 128,196,256 bits key are also supported. Meanwhile, it can be flexibly configured according to the specific circumstances. This design and implementation of the AES core has a certain value for the generalization the wireless communication terminal hardware platform. Keywords-AES; configurable; SoC; Avalon
2 citations
09 Jul 2015
TL;DR: A multi-core system, capable of parallely executing authentication and encryption is proposed, placing a encryption algorithm and a hash algorithm into two ARM cortex processor of ZYNQ 7020-clg484 FPGA board using ISE 14.4 design suite.
Abstract: Security has always been the toughest challenge in data communication, at the same time it is the biggest necessity in transmitting confidential data. Sensitive data are often at stake when they are deployed in a network. Embedded system design is a very popular research activity as it has a wide range of applications namely, security and surveillance, personal digital assistant, biomedical systems, mobile and pervasive communication gadgets, along with its huge speed compared to very popular software designs. Most of the embedded system applications involve data communication between multiple parties. To add to it, sensor technology requires physically secured systems, which can be dealt with cryptographic and hashing algorithms. However, a parallel implementation of Encryption and Hashing algorithm will cost the efficiency and performance speed of the system. To overcome the shortcomings a multi-core system, capable of parallely executing authentication and encryption is proposed. In this proposal a encryption algorithm and a hash algorithm are placed into two ARM cortex processor of ZYNQ 7020-clg484 FPGA board using ISE 14.4 design suite. The true parallel execution of both algorithms increases system throughput. The soft core IPs(RS232 and Ethernet) are placed in FPGA region to handle realtime data.
1 citations
Cites background from "A novel AES-256 implementation on F..."
...It uses a S-box of length N where S=(S[0], S[1], S[2], , S[N-l])[3]....
[...]
...As a result, these algorithms are now compensating with huge resources in both software and hardware medium [1], [2]....
[...]
01 Jan 2020
TL;DR: The article implements seven loop unrolled architectures which are implemented in Xilinx Zynq FPGA using VHDL language in Vivado Design Suit and shows that three basic systems’ parameters such as resource usage, power consumption, and throughput of proposed implementation are satisfactorily optimized compared to existing literature.
Abstract: Crypto core finds implementaions in software, Application Specific Integrated Circuit (ASIC), and Field Programmable Gate Array (FPGA). The crypto software programs achieve very less throughput, whereas ASIC implementations serve reasonably cost-effective design with efficient performance. In ASIC platform, once the design is implemented, it is not possible to alter those circuit connection, whereas FPGA is a flexible solution which can be reconfigured in the field. For huge number of gate applications, FPGA is cost-effective compared to ASIC and software implementation. This submission explores FPGA design spaces of Grain crypto hardware core. The article implements seven loop unrolled architectures which are implemented in Xilinx Zynq FPGA using VHDL language in Vivado Design Suit. The results show that three basic systems’ parameters such as resource usage, power consumption, and throughput of proposed implementation are satisfactorily optimized compared to existing literature.
1 citations
References
More filters
Book•
01 Dec 1989TL;DR: This best-selling title, considered for over a decade to be essential reading for every serious student and practitioner of computer design, has been updated throughout to address the most important trends facing computer designers today.
Abstract: This best-selling title, considered for over a decade to be essential reading for every serious student and practitioner of computer design, has been updated throughout to address the most important trends facing computer designers today. In this edition, the authors bring their trademark method of quantitative analysis not only to high-performance desktop machine design, but also to the design of embedded and server systems. They have illustrated their principles with designs from all three of these domains, including examples from consumer electronics, multimedia and Web technologies, and high-performance computing.
11,671 citations
Book•
19 Aug 1998
TL;DR: The new edition of William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students.
Abstract: William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students. In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience. The new edition has been updated to include coverage of the latest topics including expanded coverage of block cipher modes of operation, including authenticated encryption; revised and expanded coverage of AES; expanded coverage of pseudorandom number generation; new coverage of federated identity, HTTPS, Secure Shell (SSH) and wireless network security; completely rewritten and updated coverage of IPsec; and a new chapter on legal and ethical issues.
3,787 citations
Book•
01 Jan 2003
TL;DR: In this article, the authors present a survey of the most popular methods for teaching creativity in the field of cryptography and apply them in the context of public-key cryptography and RSA.
Abstract: NOTATION PREFACE CHAPTER 0 READER'S GUIDE CHAPTER 1 OVERVIEW PART ONE SYMMETRIC CIPHERS CHAPTER 2 CLASSICAL ENCRYPTION TECHNIQUES CHAPTER 3 BLOCK CIPHERS AND THE DATA ENCRYPTION STANDARD CHAPTER 4 INTRODUCTION TO FINITE FIELDS CHAPTER 5 ADVANCED ENCRYPTION STANDARD CHAPTER 6 MORE ON SYMMETRIC CIPHERS CHAPTER 7 CONFIDENTIALITY USING SYMMETRIC ENCRYPTION PART TWO PUBLIC-KEY ENCRYPTION AND HASH FUNCTIONS CHAPTER 8 INTRODUCTION TO NUMBER THEORY CHAPTER 9 PUBLIC-KEY CRYPTOGRAPHY AND RSA CHAPTER 10 KEY MANAGEMENT OTHER PUBLIC-KEY CRYPTOSYSTEMS CHAPTER 11 MESSAGE AUTHENTICATION AND HASH FUNCTIONS 1 CHAPTER 12 HASH AND MAC ALGORITHMS CHAPTER 13 DIGITAL SIGNATURES AND AUTHENTICATION PROTOCOLS PART THREE NETWORK SECURITY PRACTICE CHAPTER 14 AUTHENTICATION APPLICATIONS CHAPTER 15 ELECTRONIC MAIL SECURITY CHAPTER 16 IP SECURITY CHAPTER 17 WEB SECURITY PART FOUR SYSTEM SECURITY CHAPTER 18 INTRUDERS CHAPTER 19 MALICIOUS SOFTWARE CHAPTER 20 FIREWALLS APPENDICES APPENDIX A STANDARDS AND STANDARD-SETTING ORGANIZATIONS APPENDIX B PROJECTS FOR TEACHING CRYPTOGRAPHY AND NETWORK SECURITY ONLINE APPENDICES APPENDIX C SIMPLIFIED DES APPENDIX D THE MEANING OF mod APPENDIX E MORE ON SIMPLIFIED AES APPENDIX F KNAPSACK PUBLIC-KEY ALGORITHM APPENDIX G PROOF OF THE DIGITAL SIGNATURE ALGORITHM GLOSSARY REFERENCES INDEX LIST OF ACRONYMS
1,569 citations
Journal Article•
TL;DR: Der DES basiert auf einer von Horst Feistel bei IBM entwickelten Blockchiffre („Lucipher“) with einer Schlüssellänge von 128 bit zum Sicherheitsrisiko, und zuletzt konnte 1998 mit einem von der „Electronic Frontier Foundation“ (EFF) entwickkelten Spezialmaschine mit 1.800 parallel arbeit
Abstract: Im Jahre 1977 wurde der „Data Encryption Algorithm“ (DEA) vom „National Bureau of Standards“ (NBS, später „National Institute of Standards and Technology“ – NIST) zum amerikanischen Verschlüsselungsstandard für Bundesbehörden erklärt [NBS_77]. 1981 folgte die Verabschiedung der DEA-Spezifikation als ANSI-Standard „DES“ [ANSI_81]. Die Empfehlung des DES als StandardVerschlüsselungsverfahren wurde auf fünf Jahre befristet und 1983, 1988 und 1993 um jeweils weitere fünf Jahre verlängert. Derzeit liegt eine Neufassung des NISTStandards vor [NIST_99], in dem der DES für weitere fünf Jahre übergangsweise zugelassen sein soll, aber die Verwendung von Triple-DES empfohlen wird: eine dreifache Anwendung des DES mit drei verschiedenen Schlüsseln (effektive Schlüssellänge: 168 bit) [NIST_99]. Der DES basiert auf einer von Horst Feistel bei IBM entwickelten Blockchiffre („Lucipher“) mit einer Schlüssellänge von 128 bit. Da die amerikanische „National Security Agency“ (NSA) dafür gesorgt hatte, daß der DES eine Schlüssellänge von lediglich 64 bit besitzt, von denen nur 56 bit relevant sind, und spezielle Substitutionsboxen (den „kryptographischen Kern“ des Verfahrens) erhielt, deren Konstruktionskriterien von der NSA nicht veröffentlicht wurden, war das Verfahren von Beginn an umstritten. Kritiker nahmen an, daß es eine geheime „Trapdoor“ in dem Verfahren gäbe, die der NSA eine OnlineEntschlüsselung auch ohne Kenntnis des Schlüssels erlauben würde. Zwar ließ sich dieser Verdacht nicht erhärten, aber sowohl die Zunahme von Rechenleistung als auch die Parallelisierung von Suchalgorithmen machen heute eine Schlüssellänge von 56 bit zum Sicherheitsrisiko. Zuletzt konnte 1998 mit einer von der „Electronic Frontier Foundation“ (EFF) entwickelten Spezialmaschine mit 1.800 parallel arbeitenden, eigens entwickelten Krypto-Prozessoren ein DES-Schlüssel in einer Rekordzeit von 2,5 Tagen gefunden werden. Um einen Nachfolger für den DES zu finden, kündigte das NIST am 2. Januar 1997 die Suche nach einem „Advanced Encryption Standard“ (AES) an. Ziel dieser Initiative ist, in enger Kooperation mit Forschung und Industrie ein symmetrisches Verschlüsselungsverfahren zu finden, das geeignet ist, bis weit ins 21. Jahrhundert hinein amerikanische Behördendaten wirkungsvoll zu verschlüsseln. Dazu wurde am 12. September 1997 ein offizieller „Call for Algorithm“ ausgeschrieben. An die vorzuschlagenden symmetrischen Verschlüsselungsalgorithmen wurden die folgenden Anforderungen gestellt: nicht-klassifiziert und veröffentlicht, weltweit lizenzfrei verfügbar, effizient implementierbar in Hardund Software, Blockchiffren mit einer Blocklänge von 128 bit sowie Schlüssellängen von 128, 192 und 256 bit unterstützt. Auf der ersten „AES Candidate Conference“ (AES1) veröffentlichte das NIST am 20. August 1998 eine Liste von 15 vorgeschlagenen Algorithmen und forderte die Fachöffentlichkeit zu deren Analyse auf. Die Ergebnisse wurden auf der zweiten „AES Candidate Conference“ (22.-23. März 1999 in Rom, AES2) vorgestellt und unter internationalen Kryptologen diskutiert. Die Kommentierungsphase endete am 15. April 1999. Auf der Basis der eingegangenen Kommentare und Analysen wählte das NIST fünf Kandidaten aus, die es am 9. August 1999 öffentlich bekanntmachte: MARS (IBM) RC6 (RSA Lab.) Rijndael (Daemen, Rijmen) Serpent (Anderson, Biham, Knudsen) Twofish (Schneier, Kelsey, Whiting, Wagner, Hall, Ferguson).
624 citations
"A novel AES-256 implementation on F..." refers background or methods in this paper
...1 AES Core Design The AES algorithm is a round based block cipher and it was initially proposed to operate on 128-bit data blocks as specified by NIST[7]....
[...]
...In 2000, the National Institute of Standards and Technology (NIST) announced Rijndael as the winner of Advanced Encryption Standard (AES) contest, in an e.ort to address the threatened key size of data encryption standard (DES)[7]....
[...]
...NIST, U.S.department of Commerce, November 2001, 1(1):1 51, November 2001....
[...]
...2.1 AES Core Design The AES algorithm is a round based block cipher and it was initially proposed to operate on 128-bit data blocks as speci.ed by NIST[7]....
[...]
...In 2000, the National Institute of Standards and Technology (NIST) announced Rijndael as the winner of Advanced Encryption Standard (AES) contest, in an effort to address the threatened key size of data encryption standard (DES)[7]....
[...]
TL;DR: Using the proposed architecture, a fully subpipelined encryptor with 7 substages in each round unit can achieve a throughput of 21.56 Gbps on a Xilinx XCV1000 e-8 bg560 device in non-feedback modes, which is faster and 79% more efficient in terms of equivalent throughput/slice than the fastest previous FPGA implementation known to date.
Abstract: This paper presents novel high-speed architectures for the hardware implementation of the Advanced Encryption Standard (AES) algorithm. Unlike previous works which rely on look-up tables to implement the SubBytes and InvSubBytes transformations of the AES algorithm, the proposed design employs combinational logic only. As a direct consequence, the unbreakable delay incurred by look-up tables in the conventional approaches is eliminated, and the advantage of subpipelining can be further explored. Furthermore, composite field arithmetic is employed to reduce the area requirements, and different implementations for the inversion in subfield GF(2/sup 4/) are compared. In addition, an efficient key expansion architecture suitable for the subpipelined round units is also presented. Using the proposed architecture, a fully subpipelined encryptor with 7 substages in each round unit can achieve a throughput of 21.56 Gbps on a Xilinx XCV1000 e-8 bg560 device in non-feedback modes, which is faster and is 79% more efficient in terms of equivalent throughput/slice than the fastest previous FPGA implementation known to date.
450 citations