View
249
Download
0
Category
Tags:
Preview:
Citation preview
Lecture 5
Block Diagrams
Modes of Operation of
Block Ciphers
ECE 448 – FPGA and ASIC Design with VHDL
Modes of Operationof Block Ciphers
Block vs. stream ciphers
Stream cipher
Internal state - ISBlock cipher
KK
M1, M2, …, Mn m1, m2, …, mn
C1, C2, …, Cn c1, c2, …, cn
Ci=fK(Mi) ci = fK(mi, ISi) ISi+1=gK(mi, ISi)
Every block of ciphertext is a function of only one
corresponding block of plaintext
Every block of ciphertext is a function of the current block
of plaintext and the current internal state of the cipher
Typical stream cipher
Sender Receiver
PseudorandomKeyGenerator
mi
plaintext
ci
ciphertext
kikeystream
keyinitialization vector (seed)
PseudorandomKeyGenerator
mi
plaintext
ci
ciphertext
ki keystream
key initializationvector (seed)
Standard modes of operation of block ciphers
Block cipher Block cipherturned into
a stream ciphers
ECB mode Counter modeCFB modeCBC mode
ECB (Electronic CodeBook) mode
Electronic CodeBook Mode – ECBEncryption
M1 M2 M3
E
Ci = EK(Mi) for i=1..N
MN-1 MN
E E E E. . .
C1 C2 C3 CN-1 CN
K K K K K
Electronic CodeBook Mode – ECBDecryption
C1 C2 C3
D
Mi = DK(Ci) for i=1..N
CN-1 CN
D D D D. . .
M1 M2 M3 MN-1 MN
K K K K K
Electronic CodeBook Mode – ECB(simplified block diagram)
EK
IN
OUT
Ci
Mi
DK
IN
OUT
Ci
Mi
Ci = EK(Mi)
Mi = DK(Ci)
Electronic CodeBook Mode – ECB(combined block diagram)
EK
IN
OUT
DK
IN
OUT
bdo
bdi
bdi = Mi for Encryption Ci for Decryption
bdo = Ci for Encryption Mi for Decryption
Counter Mode
Counter Mode - CTREncryption
m1m2 m3
E
ci = mi ki
ki = EK(IV+i-1) for i=1..N
mN-1 mN
. . .
E E E E. . .
c1 c2 c3 cN-1 cN
IV IV+1 IV+2 IV+N-2 IV+N-1
k1k2 k3
kN-1 kN
K K K K K
Counter Mode - CTRDecryption
c1c2 c3
E
mi = ci ki
ki = EK(IV+i-1) for i=1..N
cN-1 cN
. . .
E E E E. . .
m1 m2 m3 mN-1 mN
IV IV+1 IV+2 IV+N-2 IV+N-1
k1k2 k3
kN-1 kN
K K K K K
Counter Mode – CTR(simplified block diagram)
EK
IN
OUT
counter
IV
ci
mi
EK
IN
OUT
counter
IV
ci
mi
IS1 = IVci = EK(ISi) mi
ISi+1 = ISi+1
IS1 = IVmi = EK(ISi) ci
ISi+1 = ISi+1
ISi ISi
Counter Mode – CTR(combined block diagram)
EK
IN
OUT
counter
IV
bdo
bdi
ISi
bdi = mi for Encryption ci for Decryption
bdo = ci for Encryption mi for Decryption
CFB (Cipher FeedBack) Mode
Cipher Feedback Mode - CFBEncryption
m1 m2 m3
E
mN-1 mN
. . .
E E E E. . .
c1 c2 c3 cN-1 cN
IV
ci = mi ki
ki =EK(ci-1) for i=1..N, and c0 = IV
k1 k2 k3 kN-1kN
Cipher Feedback Mode - CFBDecryption
m1 m2 m3
E
mN-1 mN
. . .
E E E E. . .
c1 c2 c3 cN-1 cN
IV
mi = ci ki
ki =EK(ci-1) for i=1..N, and c0 = IV
k1 k2 k3 kN-1kN
Cipher Feedback Mode – CFB(simplified block diagram)
EK
IN
OUT
ci
mi
EK
IN
OUT
ci
mi
IV
IS1 = IVci = EK(ISi) mi
ISi+1 = ci
IV
ISi ISi
register register
IS1 = IVmi = EK(ISi) ci
ISi+1 = ci
Cipher Feedback Mode – CFB(combined block diagram)
EK
IN
OUT
bdo
bdi
IV
ISi
register
bdi = mi for Encryption ci for Decryption
bdo = ci for Encryption mi for Decryption
bdi
CBC (Cipher Block Chaining) Mode
Cipher Block Chaining Mode - CBCEncryption
m1 m2 m3
E
IV
ci = EK(mi ci-1) for i=1..N c0=IV
mN-1 mN
. . .
E E E E. . .
c1 c2 c3cN-1
cN
Cipher Block Chaining Mode - CBCDecryption
mi = DK(ci) ci-1 for i=1..N c0=IV
m1 m2 m3 mN-1 mN
IV . . .
D D D D D. . .
c1 c2 c3cN-1
cN
Cipher Block Chaining Mode – CBC(simplified block diagram)
EK
IN
OUT
ci
mi
DK
IN
OUT
ci
mi
IV
IS1 = IVci = EK(ISi mi)
ISi+1 = ci
IS1 = IVmi = DK(ci) ISi
ISi+1 = ci
IV
ISi
ISi
register
register
Cipher Block Chaining Mode – CBC(combined block diagram)
EK
IN
OUT
DK
IN
OUT
IV
ISi
register
ci
bdi
bdo
bdi
bdi
ECE 448 – FPGA and ASIC Design with VHDL
Advanced Encryption Standard (AES)
Pseudocode
AES Encryption
AES Decryption
ECE 448 – FPGA and ASIC Design with VHDL
AES: Symbols, Block Diagrams,
Interfaces
AES_Enc
•Encryption Only•Key scheduling done as a part of initialization
Symbol
Block Diagram – AES_Enc
Block Diagram – Round
Block Diagram – KeyUpdate
AES_Enc: Interface with the Division into the Datapath and Controller
AES_Enc_KOF
•Encryption Only•Key scheduling done On the Fly
Symbol
Block Diagram – AES_Enc_KOF
Block Diagram – Round
Block Diagram – KeyUpdate
AES_Enc_KOF: Interface with the Division into the Datapath and Controller
AES_EncDec
•Encryption and Decryption•Key scheduling done as a part of initialization
Symbol
Block Diagram – AES_EncDec
Block Diagram – Round
Block Diagram – InvRound
Block Diagram – KeyUpdate
AES_EncDec: Interface with the Division into the Datapath and Controller
ECE 448 – FPGA and ASIC Design with VHDL
Example of a HierarchicalBlock Diagram
JH hash function
Top Level
R8/R6
L
ECE 448 – FPGA and ASIC Design with VHDL
Example of a HierarchicalBlock Diagram
BLAKE hash function
Top Level
Permute8
Core8
G_mod
ECE 448 – FPGA and ASIC Design with VHDL
Interface ofCipherCore
Datapath
59
Block Diagram of AEAD
Input Ports
(nonce, IV)
(only few candidates)
(AD, M, C)(we will not use it)
ECE 448 – FPGA and ASIC Design with VHDL
Timeline
Thursday 10/15, 12 noon:
First draft of block diagrams (Blackboard)
Thursday 10/15, 1:00-4:30pm
Friday 10/16, 1:00-8:00pm
Discussion of draft block diagrams
(30 minutes per person,
60 minutes per group,
electronic sign-up using Doodle)
Project Timeline: Draft Block Diagrams
Thursday 10/22, 12 noon
Revised block diagrams due (Blackboard)
Thursday 10/22, 1:00-4:30pm
Friday 10/23, 1:00-8:00pm
Discussion of revised block diagrams
(30 minutes per person,
60 minutes per group,
electronic sign-up using Doodle)
Project Timeline: Revised Block Diagrams
Recommended