rajesh kannan megalingam gayathri gopakumar,deepthi … · gayathri gopakumar,deepthi luke,jyothi k...
TRANSCRIPT
201O International Conference on Mechanical and Electrical Technology (ICMET 2010)
A VLSI Implementation and Analysis of Cryptographic Algorithms for Security
and Privacy in Communication Networks
Rajesh Kannan Megalingam Dept. of Electronics and Communication
Amrita Vishwa Vidyapeetham Kerala-690525, India
Abstract- In an age of technological advancements, security
and privacy plays an important role in the day to day communications. With the advent of the internet, data security has become a topic of utmost importance. Through this project we wish to address this concern by carrying out a comparative analytical study of the feasibility of different cryptographic algorithms. The design is done using Verilog HDL and simulated using Modelsim. Synthesis, implementation and power analysis is done using Xilinx ISE 10.1 and the
companion software Xilinx XPower Analyzer. It has been implemented in different device models that are provided by the software Xilinx ISE 10.1 and experimental results have been recorded. The results obtained have been used to carry out a comparative analysis of different factors like memory usage, power consumed, number of input / outputs, speed and frequency of operation
Keywords-component; formatting; style; styling; insert (key words)
I. INTRODUCTION
RC5 is a symmetric encryption algorithm. In RC5, the word size (16, 32, 64), number of rounds (0-255) and number of 8-bit bytes of the key (0-255), all can be of variable length. The plain text block size can be of 32, 64, or 128 bits .The key length can be 0 to 2040 bits. The output cipher text has the same size as the input plain text. RC5 is generally denoted as w/rlb, where w = word size in bits, r =
number of rounds, b = number of 8-bit bytes in the key. The minimum safety version is RC5-32112116.[3]
DES is a symmetric block cipher algorithm. The key length is 56 bits (it is expressed as 64-bits, but every eighth bit is used for parity checking and is ignored.). The algorithm is a combination of the two basic techniques of encryption, confusion and diffusion. DES has 16 rounds; it applies the same combination of techniques on the plain text block 16 times.[I]
AES is a block cipher with variable key length of 128,192, or 256 bits; default 256. It encrypts data blocks of 128 bits in 10, 12 and 14 round depending on the key size. AES encryption is fast and flexible; it can be implemented on various platforms especially in small devices. Also, AES has been carefully tested for many security applications.
978-1-4244-8102-6/10/$26.00 © 2010 IEEE 521
Gayathri Gopakumar,Deepthi Luke,Jyothi K S, Anju Ajit
Dept. of Electronics and Communication Amrita Vishwa Vidyapeetham
Kerala-690525, India [email protected]
II. PROBLEM DEFINITION
In the early days of serious computing (1950s -60s), there was not a great deal of emphasis on security. Protocols used for computer-to-computer communication was not known to the general public. Hence chances of someone accessing information being exchanged were not very high and information security was not an issue. However it was the internet and the open standard of TCP/IP which brought about plethora of new issues and concerns regarding security of information being exchanged. When computer applications were developed to handle financial and personal data, the real need for security was felt like never before.
A good security policy takes care of four aspects: affordability, functionality, cultural issues and legality. Each of the algorithms has certain factors which make them favorable or unfavorable for different types of users. These factors include power consumption, cost efficiency, speed, security, adaptability to different processors, memory usage and simplicity.
We propose to carry out a comparative analysis of the three algorithms based on the aforementioned factors. This would provide the users an opportunity to understand the advantages of one algorithm over the other and hence select an algorithm of their choice.
III. OPERATION PRINCIPLES
A. Re5 algorithm
1) The initial operation and rounds a) the division of original plain text into two blocks of
equal sizes called A & B b) adding A & S[O] to produce C and adding B & S[l]
to produce D where S[O] & S[I] are the sub-keysJormat".
c) In each round there are three operations namely Bitwise xor,left circular shift, Addition with the next subkey for both C & D. This is the addition operation first and then the result of the addition mod 2w
2010 International Conference on Mechanical and Electrical Technology (ICMET 2010)
TABLE!. INITIAL PERMUTATION
58 50 42 34 26
60 52 44 36 28
62 54 46 38 30
64 56 48 40 32
57 49 41 33 25
59 51 43 35 27
61 53 45 37 29
63 55 47 39 31
2) Encryption psuedocode[5}
A=A+S[O], B =B +S[J} For i = 1 to r A = «A XOR B) «<B) + S[2i] B = «B XOR A) «<A) + S[2i+1] Next i
3) Subkey creation
18 10
20 12
22 14
24 16
17 9
19 11
21 13
23 15
2
4
6
8
1
3
5
7
a) Sub-key generation: In this step, two constants P and Q are used. The array of sub-keys to be generated is called as S. The first sub-key S[O] is initialized with the value of P. Each next sub-key S[I], S[2] ... is calculated on the basis of the previous sub-key and the constant value Q, using the addition mod 232 operations[3]. The process is done 2(r+l)-1 times where r is the number of rounds. Here r = 12.So sub-keys S[O], S[1], ... S[25] are generated.
b) Sub-key mixing: In this stage, the sub-keys S[O], S[1] ... are mixed with the sub portions of the original key, i.e. L[O],L[I] ... L[c],where c is the last sub-key position in the original key[5].
B. Triple DES algorithm
3DES is an enhancement of DES; it is 64 bit block size with 192 bits key size. The encryption method is similar to the one in the original DES but it is applied 3 times to increase the encryption level and the average safe time.
DES uses the two basic techniques of cryptography -confusion achieved through the XOR operation and the SBoxes and diffusion achieved through numerous permutations .. This is also called an S-P network. It consists of an initial permutation (lP), 16 rounds of a complex key dependent calculation, a final permutation.
1) Initial permutation.· Initial permutation (IP) is performed on the plain text. It transposes the input block as illustrated below, i.e. the first bit of plain text is replaced with its 58th bit (TABLE I). The output obtained is split into right and left half each of 32 bits [1]
2) Expansion permutation(e-box): This operation expands the right half of the data from 32 bits to 48 bits. (TABLE 11)[1]
522
3) Compression permutation.·After being shifted, 48 out of 56 key bits are selected based on compression permutation as shown in TABLE III[I].
4) PBox:The 32 bit output of s-box is permuted according to pbox. This permutation maps each input bit to a output position; this is called straight permutation(TABLE IV)[1].
5) Final permutation.· It is the inverse of initial permutation and is described below in TABLE V[I].
C. AES algorithm
Each round depends on the encryption key. The different transformations operate on the intermediate result, called the state, a rectangular array of bytes with four rows and four columns.The cipher key is a rectangular array with four rows. The number of columns of cipher key is denoted by Nk and is equal to the key length divided by 32.
TABLE II. EXPANSION PERMUTATION
32 1 2 3 4 5 4 5
6 7 8 9 8 9 10 11
12 13 12 13 14 15 16 17
16 17 18 19 20 21 20 21
22 23 24 25 24 25 26 27
28 29 28 29 30 31 32 1
TABLEm COMPRESSION PERMUTATION
14 17 11 24 1 5 3 28
15 6 21 10 23 19 12 4
26 8 16 7 27 20 13 2
41 52 35 33 48 55 30 40
51 45 33 48 44 49 39 56
34 53 46 42 50 36 29 32
TABLE IV. PBOX PERMUTATION
16 7 20 21 29 12 28 17
1 15 23 26 5 18 31 10
2 8 24 14 32 27 3 9
19 13 30 6 22 11 4 25
2010 International Conference on Mechanical and Electrical Technology (ICMET 2010)
TABLEY. FINAL PERMUTATION
40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 36 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 1 41 9 49 17 57 25
1) Round Transformation:AES uses a variable number of rounds, which are fixed: a key of size 128 has 10 rounds. During each round, the following operations are applied on the state:
a) Sub-Bytes: every byte in the state is replaced by another one, using the Rijndael S-Box(Figure 1.)
b) Shift Row: every row in the 4x4 array is shifted a certain amount to the left
c) Mix Column: a linear transformation on the columns of the state
d) Add Round Key: each byte of the state is combined with a round key, which is a different key for each round and derived from the Rijndael key schedule
2) Key Expansion:The expanded key is a linear array of 4-byte words and is denoted by W[Nb*(Nr+ 1). The first Nk words are filled with cipher key. Every following word W[i] is equal to the XOR of the previous word W[i-l] and the word Nk positions earlier W[i-Nk]. For words in positions that are a multiple of Nk, a transformation is applied to W [i-I] prior to the XOR and a round constant (rcon) is XORed. This transformation consist of a cyclic shift of the bytes in a word (rotbyte), followed by the application of a table lookup to all 4 bytes of the word (subbyte)
y 0 1 2 3 4 5 6 7 B 9 a b e d e f
0 63 7e 77 7b f2 6b 6f e5 30 01 67 2b fe d7 ab 76 1 ea B2 e9 7d fa 59 47 fO ad d4 a2 af ge a4 72 cO 2 b7 fd 93 26 36 3f f7 ee 34 a5 e5 f1 71 dB 31 15 3 04 e7 23 e3 1B 96 05 9a 07 12 BO e2 eb 27 b2 75 4 09 B3 2e 1a 1b 6e 5a aD 52 3b d6 b3 29 e3 2f B4 5 53 d1 00 ed 20 fe b1 5b 6a eb be 39 4a 4e 5B ef 6 dO ef aa fb 43 4d 33 B5 45 f9 02 7f 50 3e 9f aB 7 51 a3 40 Bf 92 9d 3B f5 be b6 da 21 10 ff f3 d2
x B cd Dc 13 ee 5f 97 44 17 e4 a7 7e 3d 64 5d 19 73 9 60 B1 4f de 22 2a 90 BB 46 ee bB 14 de 5e Db db a eO 32 3a Oa 49 06 24 5e e2 d3 ae 62 91 95 e4 79 b e7 eB 37 6d Bd d5 4e a9 6e 56 f4 ea 65 7a ae DB e ba 7B 25 2e 1e a6 b4 e6 eB dd 74 1£ 4b bd Bb Ba d 70 3e b5 66 4B 03 f6 De 61 35 57 b9 B6 e1 1d ge e e1 fB 9B 11 69 d9 Be 94 9b 1e B7 e9 ee 55 2B df f Be a1 B9 Od bf e6 42 6B 41 99 2d Of bO 54 bb 16
Figure 1. Sub bytes table
523
3) Decryption.·In AES decryption, the key is given in the reverse order for the 10 rounds and inverse mix columns is not implemented in the first round .
IV. IMPLEMENT A nON AND RESULTS
A. RC5 algorithm
The algorithm was implemented using VERILOG and the waveforms were simulated using Modelsim 6.3f software. It mainly comprises of a top module and a barrel shifter module.
1) Top Module: It instantiates the barrel shifter module and the decrypt module. The encryption as well as the key expansion process takes place in the top module. (Figure 3.)
2) Barrel Shifter Module:A 32-bit barrel shifter of five stages each stage consisting of 32 2Xl muxes has been implemented in order to perform the left circular shift operation in one clock cycle.[6] The 5 bit selection lines determines the number of times the shift has to take place. We have depicted an 8-bit barrel shifter in Figure 2.
3) Decrypt module:The top module instantiates the decrypt module by passing the cipher text and the decrypt_en signal. We obatin the input plain text. Encryption and decryption are depicted in Figure 4.
B. DES algorithm
1) Top Module:The top module instantiates several lower level modules as depicted in the Figure 5.
00 co
01 Qt
02 02
03 OJ
04 0<
O! os
Q6 06
01 01
Figure 2. 8-bit Barrel Shifter
2010 International Conference on Mechanical and Electrical Technology (ICMET 2010)
PL>.Th'1!XT DATA
CLK £.� BARREL SHIFT ,'ALliE SHIFTER
RST SKlrnDOATA MODULE TEST TOP
MODULE KEY MODULE C1PHE.� TEXT
RO\i:-1lS DECRYPT EN
PL>JNTEJiT MODULE
Figure 3. Module diagram ofRC5
--- ----- . -_ . --- . --- - - --- --
-- --- ---- --- --- --- --- ---
Figure 4. Timing diagram of encIYption and decIYption module ofRC5
2) Lower level modules:The top module instantiates the lower level modules namely key select module, expansion permutation module, and the substitution boxes. Encryption and decryption are depicted in Figure 6. and Figure 7.
respectively.
C. AES algorithm
1) Top Module:The top module instantiates the lower level module namely the key expansion module which in turn instantiates expansion permutation module and the substitution boxes depicted in Figure 8.
2) Decrypt Module:The top module then instantiates the decrypt module to obtain plain text by passing the cipher text and the decrypt_en signal. Encryption and decryption timing diagram is depicted in Figure 9.
Ik , . i/p KEY desjn SELECT
key! MODULE
DES TOP alp i/p TEST MODULE i/p MODULE key2
� EX!' SBOXES
key3 MODULE �
setcrypt alp alp
round_set
1 ciphertext
Figure 5. Top module of 3DES
524
TEST MODULE
!il�/#atil$!S64lOCt! @bl\!ll§t
Figure 6. Timing diagram of encIYption of 3DES
Figure 7. Timing diagram of decIYption of 3DES
elk AESTOP oIp ttxt_1tl. MODULE
by
"I
Id
cipher 1,,1
Figure 8. Top module of AES
lNlml�1 ,
Figure 9. Timing diagram of AES
V. OBSERVATIONS AND COMPARISONS
A. Power Analysis
Power analysis at 20 MHz shows that AES algorithm due to its greater complexity takes up more device power. Re5 algorithm has the least power consumption due to the
2010 International Conference on Mechanical and Electrical Technology (ICMET 2010)
simplicity of its design and implementation. The total quiescent power (TQP), Total Dynamic power and hence total power is lowest for RC5 algorithm and highest for AES algorithm. Power analysis at 40 MHz and 80 MHz clock frequency also gives us similar outputs. Higher the clock frequency greater is the power dissipated. The graphs depicted in Figure 10. and 11. represent the power dissipated while using virtex 5 and Spartan 3.The total power is higher for algorithms implemented in virtex 5.
B. Memeory usage
Figure 12. depicts the amount of memory utilized by the different algorithms in Spartan 3 and Virtex 5. As expected AES occupies the maximum memory due to its complexity.
The table 6 gives us a comparative overview of the three different algorithms. The frequency of operation of AES is the highest while that of RC5 is comparatively lesser and 3DES has the lowest operation frequency. As a result, 3DES takes the longest time to implement AES is the fastest algorithm which has a minimum operation time of 4.036ns.
ACKNOWLEDGMENT
We gratefully acknowledge the Almighty GOD who gave us the strength and health to successfully move forward in this venture. The authors also wish to thank Amrita Vishwa Vidyapeetham, in particular the Digital library, for access to their research facilities.
TABLE VI.
Attribute
Maximum frequency of
operation Minimum period of operation
Number of slices
Number of Flip Flops
Number ofiOs
Number of bonded lOs
0..7
D..6
D..5
0..4
D..3
D.2
D...1
o ToW
VARIOUS ATIRIBUTES AND THEIR COMPARISONS
ReS
138.408MHz
7.225ns
187
74/55296
263
262
Tot.al Dynamic Pow",,"
3DES AES
107.852 MHz 247.770MHz
9.272ns 4.036ns
714 295
120/55296 211/55296
304 388
304 388
Tot.al Power
Figure 10. Power analysis at clock frequency of20 MHz in Spartan 3
525
12 ,---------------------------
10 +-----------------------
8 +-----------------------
6 +------------
4 +---------i
2
o
Tot.al Qllie=t Pow",,"
Total Dynamic Pow�
TotalPow�
lDES
AES
Figure II. Power analysis at clock frequency of20 MHz in virtex5
memory usage
• RiC5
.TDES
AES
Figure 12. Memory utilized in Spartan 3 and Virtex 5
REFERENCES
[I] William Stallings. Cry p tography a n d Network S e curity Princ iples and Pra c tic es
[2] Bruce Schiener, Appli e d Cry p to gra phy Protoc ols Algorithms a n d S o u rc e Co d e in C
[3] Atu l K a ha t e , Cry p to gra p hy a n d Network S e c u rity
[4] Dou gla s L Perry , VH DL Progra m m ing by Exa m p l e
[5] R Rivest The RC5 Encryption Algorithm. Fast Software Encryption - Second International Workshop, Leuven, Belgium, LNCS 10 08, pp. 86 - 96, Springer Verlag, 1995
[6] Neil H Weste , Kamran Eshragain,Digital Design Principles
[7] B. Kaliski and Y. L. Yin. On the security ofRC5 encryption algorithm. CryptoBytes, pp. 13 - 14, Summer 1995