R.DEEPA
, IJRIT 570 International Journal of Research in Information Technology
(IJRIT) www.ijrit.com
www.ijrit.com www.ijrit.com
www.ijrit.com ISSN 2001-5569
Design And Implementation Of Advanced Encryption Standard By Using Soft Core Processor
R.DEEPA1, A.YOGANANTH2, PG scholar, Dept of VLSI Design1, Assistant Professor, Dept of ECE2,
Sembodai R.V.Engineering College, Vedharaniyam1,2, deepuu.412@gmail.com1
Abstract: This paper proposes a technique for parallel encryption of electronic data (converting electronic data to unknown format) using advanced encryption standard for the soft core processor in field programmable gate array. This paper proposes an efficient FPGA implementation of advanced encryption standard (AES). An AES encryptor is designed and implemented in FPGA, which is shown to be more efficient than published approaches. An AES decryptor is also designed and integrated with the AES encryptor to yield a full functional AES en/ decryptor
.
Keywords: Advanced Encryption Standard (AES), FPGA, Soft core processor.
I.INDRODUCTION
The main aim of this project is to design FPGA based processor which encrypts / decrypts the data from the PC to PC. In this project the encryption / decryption algorithm is designed and programmed in to the FPGA and data transfer between the PCs is controlled by the FPGA. The plain text from PC is converted to binary format and transferred to the FPGA kit through the serial port. The internal buffer collects the data from PC and according to the function like (encryption / decryption) block will be selected. The encryption and decryption algorithm used in our design in based on AES. The output of the encryption block is called cipher text or cryptogram will be transferred from PC in order to decrypt the data. The output of these blocks are stored in the output buffer and then transferred to another PC through serial port.
The success of the secure data communication in this world can directly be attributed to the nature of the Cryptosystems. Cryptosystems comprises a cryptographic algorithm, all the possible keys and all the protocols that make it work effectively. The security of encrypted data is entirely dependent on two things, one the strength of the cryptographic algorithm and the other the secrecy of the key while transmission over a channel. One claims a secret key cipher is safe if no known attack’s complexity is any better than a full search on all possible keys.
Advancement in this direction is the newly approved and widely adopted secret-key algorithm known as
“Advanced Encryption Standard” (AES) algorithm that operates on 128-bit plaintext and 128/192/256-bit cipher key to offer the greatest security for the sensitive data. This standard, also known as Rijndael Algorithm has been selected as a standard algorithm by the National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardization process. Though there are several designs and implementations of this algorithm in Software and Hardware, many lack coordination, optimization and justification among the parameters of interest-Throughput, Speed, Power, Cost, etc. In this project, we aim at designing a high speed and high performance but cost-effective FPGA based processor which encrypts and /or decrypts the data that has to be transferred from one PC to the other, based on the Advanced Encryption Standard (AES) algorithm.
The AES algorithm involves the process of giving the data and key as input to the encryption block and then implementing several blocks such as key schedule block, control block, round function block, etc. Initially, the AES encryption/decryption
Algorithm is designed and programmed into the target device (FPGA) and finally, the data transfer between the PCs is directly controlled by the configured FPGA based AES processor.
R.DEEPA
, IJRIT 571
II.AES
AES is a block cipher with a block length of 128 bits. AES allows for three different key lengths: 128, 192, or 256 bits. Most of our discussion will assume that the key length is 128bits. Encryption consists of 10 rounds of processing for 128-bit keys, 12 rounds for192-bit keys, and 14 rounds for 256-bit keys. Except for the last round in each case, all other rounds are identical. Each round of processing includes one single-byte based substitution step, a row-wise permutation step, a column-wise mixing step, and the addition of the round key. The order in which these four steps are executed is different for encryption and decryption. To appreciate the processing steps used in a single round, it is best to think of a 128-bit block as consisting of a 4×4 matrix of bytes. Therefore, the first four bytes of a 128-bit input block occupy the first column in the 4 × 4 matrix of bytes. The 4 × 4 matrix of bytes is referred to as the state array. AES also has the notion of a word. A word consists of four bytes,that is 32 bits.
Therefore, each column of the state array is a word
.
Each round of processing works on the input state array and produces an output state array. The output state array produced by the last round is rearranged into a 128-bit output block.II. THE ENCRYPTION KEY AND ITS EXPANSION
Assuming a 128-bit key, the key is also arranged in the form of a matrix of 4 × 4 bytes. As with the input block, the first word from the key fills the first column of the matrix, and so on. The four column words of the key matrix are expanded into a schedule of 44 words.
The key expansion algorithm ensures that AES has no weak keys. A weak key is a key that reduces the security of a cipher in a predictable manner. For example, DES is known to have weak keys. Weak keys of DES are those that produce identical round keys for each of the 16 rounds. An example of DES weak key is when it consists of alternating ones and zeros. This sort of a weak key in DES causes all the round keys to become identical, which, in turn, causes the encryption to become self-inverting. That is, plain text encrypted and then encrypted again will lead back to the same plain text. Since the small numbers of weak keys of DES are easily recognized, it is not considered to be a problem with that cipher.
III. STRUCTURE OF AES
For encryption, each round consists of the following four steps:
1) Substitute bytes, 2) Shift rows, 3) Mix columns, and 4) Addround key.
The last step consists of XORing the output of the previous three steps with four words from the key schedule. For decryption, each round consists of the following four steps:
1) Inverse shift rows, 2) Inverse substitute bytes, 3) Add round key, and 4) Inverse mix columns.
The third step consists of XORing the output of the previous two steps with four words from the key schedule. Note the differences between the order in which substitution and shifting operations are carried out in a decryption round vis-a-vis the order in which similar operations are carried out in an encryption round. The last round for encryption does not involve the “Mix columns” step. The last round for decryption does not involve the “Inverse mix columns” step.
R.DEEPA
, IJRIT 572
128 plain text block 128 plain text block
W0-W3 W0-W3
W4-W7 W4-W7
W8-W11 W8-W11
. . . . . W40-W43 W40-W43
128 cipher text block 128cipher text block AES ENCRYPTION AES DECRYPTION
IV.SOFT CORE PROCESSOR
Hard cores are optimized once, when they are implemented by the IP provider. Because the core is optimized only once, the IP provider can afford to spend significant resources. Thus, a hard core will typically run faster than a comparable soft core for that one technology in which it is implemented. But, even in that single technology, it is only optimized for one set of goals. If the goal is low area at reasonable performance, the highly tuned performance- optimized hard core may be too large for the application. Soft cores, on the other hand, can be “application optimized”: Timing, area and power targets can be adjusted to fit the specific embedded SOC design.
V.BLOCK DIAGRAM
The HDL (VHDL/Verilog) ultimately aims at developing flexible and technology independent architectures. And the FPGAs with their highly pipelined concurrent architectures, effectively overcomes the limitations of existing Microprocessors/ DSP based processors which can only perform the sequential execution, that took over a limited number of instructions. Thus, the project ultimately aims at implementing the AES encryption and decryption algorithm on the FPGA trainer kit using a serial interface with the PC to achieve a cost effective as well as a highly pipelined AES based processor that meets the security demands of a wide variety of customers. Application areas include VPN software, file compression, public domain software such smart cards, etc. The focus here is to produce a low area IP achieving good performance. To do that, we propose a architecture using mixed bit
Add roundkey Round 10
Round 1
Round 9
Round 2
Round 9
Round 10 Add round key
K ey s ch ed u le
PC
PC
INPUT BUFFER
CONTROL BUFFER
ENCRYPTION BLOCK
DECRYPTION BLOCK
OUTPUT BUFFER
R.DEEPA
, IJRIT 573
size processing. The usage of memory has a significant decrease. The same methodology is used to implement three versions: the first one only encrypts the data, the second one decrypts and the third one performs both operation at same device. The implementation choice was Acex1K and Cyclone devices of Altera. The paper presents a introduction of cryptography, the AES contest that defined Rijndael as the new standard, the AES- 128 structure and some results, such as device occupation, clock frequency, throughput anlatency.
a. COMBINATIONAL LOGIC DESIGN FOR AES SUBBYTE TRANSFORMATION ON MASKED DATA In this paper we propose a new solution to the problem of hardware implementation of AES secure against DPA attacks. Namely, we designed a combinational logic block to compute inversion on
masked data, without ever revealing the actual data
bits in a process. Our solution is, in fact, rather general, and can be applied to other cryptographic algorithms. It is quite different from the dual rail logic design, but provides comparable protection. Taking into account that dual rail logic is very hard to implement in real life, our design offers an alternative solution to hardware protection.
b. AN EFFICIENT FPGA IMPLEMENTATION OF ADVANCED ENCRYPTION STANDARD ALGORITHM:
Reprogrammable devices such as Field Programmable Gate Arrays (FPGA) are highly attractive options for hardware implementations of cryptographic algorithm. This paper proposes an efficient FPGA implementation of advanced encryption standard (AES). An AES encryptor is designed and implemented in FPGA, which is shown to be more efficient than published approaches. An AES decryptor is also designed and integrated with the AES encryptor to yield a full functional AES en/decryptor. The proposed implementation is efficient and suitable for hardware-critical applications.
c. VERY COMPACT FPGA IMPLEMENTATION OF THE AES ALGORITHM
In this paper the feasibility of creating a very compact, low-cost FPGA implementation of the AES was examined. The proposed folded architecture achieves good performance and occupies less area than previously reported designs. This compact design was developed by thorough examination of each of the components of the AES algorithm and matching them into the architecture of the FPGA. The demonstrated implementation fits in a very inexpensive, off-the-shelf Xilinx Spartan II XC2S30 FPGA, which cost starts below $10 per unit. Only 50% of the logic resources available in this device were utilized, leaving enough area for additional glue logic. This implementation can encrypt and decrypt data streams up to 166 Mbps. The encryption speed, functionality, and cost make this solution perfectly practical in the world of embedded systems and wireless communication .
VI. CONCLUSION
This paper propese a architecture using mixed size processing to produce low area IP which is used to achieve good performance. Overall, soft core system has been demonstrated to be a very promising platform for software AES implementations.
VII. REFERENCES
[1] NIST, “Advanced Encryption Standard (AES),” http://csrc.nist.-gov/publications/fips/fips197/fips-197.pdf, Nov.
2001.
[2] NIST, “Data Encryption Standard (DES),” http://csrc.nist.gov/
publications/fips/fips46-3/fips46-3.pdf, Oct. 1999.
[3] I. Verbauwhede, P. Schaumont, and H. Kuo, “Design and Performance Testing of a 2.29 gb/s Rijndael Processor,” IEEE J. Solid-State Circuits, vol. 38, no. 3, pp. 569-572, Mar. 2003.
[4] D. Mukhopadhyay and D. RoyChowdhury, “An Efficient end to End Design of Rijndael Cryptosystem in 0:18_m CMOS,” Proc. 18th Int’l Conf. VLSI Design, pp. 405-410, Jan. 2005.
R.DEEPA
, IJRIT 574
[5] J.L. Hennessy and D.A. Patterson, Computer Architecture: A Quantitative Approach, fourth ed. Morgan Kaufmann, 2007.
[6] S. Morioka and A. Satoh, “A 10-gbps full-AES Crypto Design with a Twisted BDD s-Box Architecture,” IEEE Trans. Very Large Scale
Integration Systems, vol. 12, no. 7, pp. 686-691, July 2004.
[7] J. Daemen and V. Rijmen, The Design of Rijndael. Springer-Verlag, 2002.
[8] A.Hodjat and I. Verbauwhede, “Area-Throughput Trade-Offs for Fully Pipelined 30 to 70 Gbits/s AES Processors,” IEEE Trans.Computers, vol. 55, no. 4, pp. 366-372, Apr. 2006
.
[9] S.K. Mathew, F. Sheikh, M. Kounavis, S. Gueron, A. Agarwal, S.K. Hsu, H. Kaul, M.A. Anders, and R.K.
Krishnamurthy, “53 gbps Native GF(ð24Þ2) Composite-Field AES-Encrypt/Decrypt Accelerator
for Content-Protection in 45 nm High-Performance Microprocessors,” IEEE J. Solid-State Circuits, vol. 46, no. 4, pp. 767 776, Apr. 2011.
[10] A. Hodjat and I. Verbauwhede, “A 21.54 gbits/s Fully Pipelined AES Processor on FPGA,” Proc. IEEE 12th Ann. Symp.Field-Programmable Custom Computing Machines, pp. 308-309, Apr. 2004
.
[11] C.-J.Chang, C.-W. Huang, K.-H. Chang, Y.-C. Chen, and C.-C.Hsieh, “High Throughput 32-Bit AES Implementation in FPGA,”Proc. IEEE Asia Pacific Conf. Circuits and Systems, pp. 1806-1809,
Nov. 2008.
