-
An Indigenous, Customized ,Multi key and
MultiMode Cryptographic Engine in FPGA
Freeha Azmat, Asim Rafiq, Muhammad Nadeem, Zarar Khanzada
Department of Computer and Software Engineering
Bahria University
Islamabad, Pakistan
[email protected],[email protected], [email protected],
[email protected]
AbstractIn this paper, a cryptographic processor is
designed by implementing Advanced Encryption Standard
(AES) as the algorithm for encryption/decryption in Field
Programmable Gate Arrays (FPGAs) which will ensure
the secure transmission of the Ethernet data. The proposed
processor has the ability to encrypt/decrypt in three
different modes i.e. OFB, CFB and CTR .Moreover the
ultimate security is guaranteed by providing the capability
to use three different key lengths i.e. 128 bits,192bits and
256 bits. The processor is indigenous and can be
reconfigurable according to user requirements.(Abstract)
Index TermsCryptographic Algorithm, Reconfigurable
Computing, AES and Security.(Key words)
I. INTRODUCTION
As we are living in 21st century where technology is
advancing day by day, and in order to meet the customer
needs, engineers have to keep up with all the newly emerging
advance technologies. They are trying to make new cost-
effective tools which can help people in daily life but at
the
same time meeting the criteria of security and reliability.
The
usage of computer and internet is becoming unavoidable as
its
importance in the various fields of life including education
sector, banks, government sector, armed forces, and business
sector is increasing. Some of these sectors like armed
forces
and government departments exchange confidential data over
those mediums. In order to maintain confidentiality between
two entities, end-end encryption is introduced.
Maximum numbers of companies are accessing internet using
Ethernet lines, therefore it is very important to secure our
Ethernet data while transmission. Methods should be devised
which can provide ultimate security.
The data security can be provided by encrypting the data
using
encryption algorithms before transmission and consequently
decrypting on the other end. The data encryption is
dependent
on two main parameters: one is encryption algorithm used and
the other key. In this paper, we have designed and
implemented a cryptographic processor in FPGA by
addressing both parameters for data security. We have used
the most secure algorithm for encryption i.e. Advance
Encryption Standard (AES) and provided the choice to user to
encrypt using three different key lengths i.e. 128,192 and
256
bits. With the longest key 256bits, we can assure the
maximum security. We have also provided the option to user
to encrypt/decrypt in three different mode of operation i.e.
CTR (Counter Mode), CFB (Cipher Feedback Mode) and
OFB (Output Feedback Mode).
The proposed design in FPGAs provides a customized
solution for securing government, military and civil
applications. This is a holistic solution which includes
cryptographic algorithm design, key management and
capability to encrypt in various modes. The device offer
customers to change encryption algorithms and other key
parameters according to their own security requirements.
This
is one the reasons to choose FPGA platform for building
customized and reliable security solutions. There are
several
high speed security solutions dealing with implementation of
AES are discussed in [1][2][3] which reduces the area
utilization of the hardware and also make the the utilization
of
resources efficient during encryption and decryption.
Moreover [4][5][6] deals with the pipelined implementation
of
AES and methods are discussed for low power consumption
while providing high performance network security at the
same time. The novelty about our solution is that its
compact
and all the modules AES Encryption/Decryption, Key
generation using three key lengths and encryption in three
different modes are integrated into one chip which consumes
less hardware.
Another question arises that why to build this cryptographic
engine in presence of already available cryptographic
solutions for securing Ethernet data in market? . This is due
to
the following factors: firstly the products available in the
market become useless when encryption algorithm is need to
be replaced because the authority to change algorithm rests
with vendor due to which customers in our country suffers in
terms of cost and reliability. The proposed Cryptographic
engine design facilitates the companies to introduce the
desired changes whenever they need. This design can be
configured in shorter time because the product is indigenous
978-1-4673-4450-0/12/$31.00 2012 IEEE
-
instead of bringing new product every time and if the
encryption algorithm is broken then it can be replaced
without
affecting other modules. Moreover the designed methodology
is cheap as involves less hardware equipment.
The paper is organized as follows. Section II is dealing
with
proposed methodology for our cryptographic engine described
that is followed by performance results explained in section
III
.Finally conclusion is presented in Section IV which is
followed by references illustrated in Section V.
II. PROPOSED METHADOLOGY
The proposed design of our cryptographic processor that is
encrypting/decrypting Ethernet data with varying key lengths
and modes is shown in figure1.The detailed explanation of
each module is as follows:
Figure 1: Proposed Cryptographic Processor Design in FPGA
A. De-composition of Ethernet Frame
The Ethernet frame structure (IEEE 802.3) is shown in figure
1 where Preamble, SOF, CRC, Length, Source and
Destination Address are the header bits while the data in
frame
can vary from 46 bytes to 1500 bytes. As we need to encrypt
data only, so we segregate data and header bits in this
module.
The minimum data length is 46 bytes however AES can
encrypt 16 bytes (128 bits) of block using varying key
lengths
i.e. 128, 192 and 256 bits respectively. For encrypting 46
bytes (16 bytes*2 +14 bytes) of one Ethernet frame, we
divide
the data into three blocks each of 16 bytes with 2 bytes of
zeros padded in the last block which consequently make 48
bytes (16 bytes *2+14 bytes +2 bytes(Zeros)) of data that
can
be fed into AES in three blocks that is show in figure 2.
B. Key Selector
The security of cryptographic algorithm increases with
increase in Key Length. Similarly AES algorithm will be
more secure if the same data (i.e. 128 bits) is encrypted
with longer key lengths i.e. 192 and 256 bits. We have
implemented AES algorithm in our cryptographic
processor with three key lengths i.e. 128, 192 and 256
bits.
Figure 2: Ethernet Frame
For selecting different keys, we have defined key select in
our
system that will be a input from the user e.g. if user wants
ultimate security then he can encrypt his 128 bits of data
with
256 bits of key by selecting key select 2 as shown in table
1. As the keys are longer so more time is required for
computation as well that consequently makes 12 rounds of
encryption for 192 bits and 14 rounds for 256 bits [10].
AES NO. of Rounds Key Select
128 10 0
192 12 1
256 14 2
Table 1: Key Selector
C. Mode Selector
As we have implemented block cipher encryption in our
system by splitting the Ethernet frame into three blocks, so
all
three blocks will be encrypted using same key at one
time.Modes of operation is the procedure of enabling the
repeated and secure use of a block cipher under a single key
by introducing randomization in the blocks .There are
different modes defined for AES Encryption/decryption that
can be utilized e.g. Electronic Codebook (ECB) , Cipher
block
chaining (CBC) ,CTR (Counter Mode), CFB (Cipher
Feedback Mode) and OFB (Output Feedback Mode)[11]. Each
of the modes has its own pros/cons however we have
implemented CTR, CFB and OFB modes in our system. The
advantage of implementing OFB mode is that it can increase
speed by providing parallel encryption of all three blocks,
CFB reduces overhead by utilizing same AES algorithm for
encryption/decryption and CTR increases security between
consecutive blocks of data by introducing randomization.
We have defined Mode select input in our system where user
can choose a particular mode of operation depending upon its
requirement. The Mode select is abbreviated in table 2.
Preamble
7-Byte
Start
of
Frame
1-Byte
Destination
MAC
Address
6-Byte
Source
MAC
Address
6-Byte
Length
2-Byte
Data
46
-
AES Mode Mode Select
OFB 0
CFB 1
CTR 2
Table 2: Mode Selector
C.AES Crypto Core
AES is an algorithm that was approved as most secure
algorithm for encryption/decryption in 2002 by federal
government information processing (FIPS)[8].
The AES encryption is presented in figure 3 where RND0 is
ARK (Add round key) step: the userkey and plain-text of 128
bits are added. The RND1-9 block includes the four AES
steps, namely BS (Byte substitution), SR (Shift Rows), MC
(Mix Columns) and ARK. There are total 10 rounds required
for 128 bit key length Encryption. Round keys are generated
for all iterations of algorithm [9].
Figure 3: AES Encryption Algorithm (for 128 bit length key
and
data)
D. Re-Composition of Ethernet Frame
In our system, the data of Ethernet frame acts as plain text
which comes from de-composition of Ethernet Frame
module that will be encrypted using the key length specified
by the user from Key selector Module .Finally encryption
will be performed by a specific scheme selected by Mode
Selector Module. The encrypted data will be passed to the
Re-Composition of Ethernet Frame Module where
encrypted data and header bits are concatenated again to
form
a encrypted Ethernet frame structure.
III. PERFORMANCE RESULTS
We have implemented our system in Virtex-4sx35ff668 device
using Verilog. We have 9 main operating modes for our
cryptographic engine considering three key lengths and three
modes. E.g. OFB is implemented using three key lengths
which constitute three operating modes and same is true for
CFB and CTR as shown in table 3.
Operating Mode Mode Select, Key select
OFB-128 0,0
OFB-192 0,1
OFB-256 0,2
CFB-128 1,0
CFB-192 1,1
CFB-256 1,2
CTR-128 2,0
CTR-192 2,1
CTR-256 2,2
Table 3: Operating Modes
RTL
The Register Transfer Level diagram for our system is shown
in figure4. MUX is used for the selection of key length
(i.e.128,192 and 256 bits) and encryption modes( i.e.
CTR,OFB,CFB).As we have nine operating combinations with
three key lengths and three modes, so we have shown only one
operating mode in RTL i.e. CTR mode with 128 bit length
key.
In figure4 PT_1 , PT_2 and PT_3 stands for three chunks of
plaintext each of 128 bits length. Ld_key is one bit signal
that
is used to load the key for any certain mode. Initial
vector(IV)
is required for encryption mode that is also fed as input to
the
system.wo,w1,w2 and w3 represents 128 bit length key
where each word wo,w1,w2 and w3 contains 32 bits In
AES-192 and AES-256 case it will be configured to six
words of 32 bits i.e. ( w0,w1,w2,w3,w4,w5) and eight words
each of 32 bits i.e.( w0,w1,w2,w3,w4,w5,w6 and w7)
respectively.Cipher_1,2,3 are corresponding Cipher Text of
three plaintext chunks while rst signal is used to Reset the
system and clk is used for system clock that synchronizes
the system.
Figure 4: RTL Schematic
The results for CFB mode with key lengths 128,192,256 is
shown in figure 5(a),(b) and (c) respectively.
-
Figure 5(a) Encryption in CFB mode (128 bit key)
Figure 5(a) illustrates the encryption/decryption of
Ethernet
frame using CFB mode and key length of 128 bits where
Key_sel=0 select key of 128 bits, and mode_sel=1 select
the Cipher feedback mode operation. Plain1,Plain2 and
Plain3 represents plain text each of 16 bytes. As our
minimum length Ethernet frame constituted three blocks of
plaintext and we have initialized it to be zero which is
shown
in the figure. The Ethernet frame containing all zeros will
be
encrypted using AES and produces three blocks i.e.
Cipher_cfb, Cipher_cfb1, Cipher_cfb2 respectively. All of
these three blocks contain different values and contains
maximum randomization in a manner that nobody can predict
that they were all initialized with the same values,
encrypted
using same key and they belonged to same Ethernet frame.
Moreover decryption is also illustrated in the simulation
with
registers named Plain_dec1, Plain_dec1, Plain_dec1
respectively. The decryption results depict that both
plaintext
and decrypted text are same and that verifies our process as
well.
In Figure5(b) the key_sel=1 and mode_sel=1 depicts the
encryption/decryption using AES in CFB mode with 192 bit
key length .Now the encrypted data is more secure because
the
longer key is used. While Figure5(c) depicts the
encryption/decryption using AES in CFB mode with key
length of 256 bits.
Figure 5(b) Encryption in CFB mode (192 bit key)
Figure 5(c) Encryption in CFB mode (256 bit key)
The Device utlization summary for our system is tabulated in
table4 which shows that 47% of the total resources are
utilized
for implementation 9 different operating mode in FPGA. It is
considerably improved when compared to previous
approaches e.g. in [7] the implementation of the AES on the
same FPGA device is discussed that supports various key
lengths and consumes 8378 slices while our processor
consumes less resources i.e. 7315 slices and provides the
feature to encrypt not only with varying key lengths but
also
with various modes.
Device Utilization of Cryptographic Engine
Number of
Slices
7315 / 15360 47%
Number of
Slice Flip
Flops
5841 / 30720 19%
Number of 4
input LUTs
10439 / 30720 33%
Number of
bonded IOBs
259 / 448 57%
Number of
GCLKs
1 / 32 3%
Table 4: Device Utilization
The burning results produced using chip-scope pro software
is illustrated in figure 6 where least significant bits of
the
encrypted output is shown.
IV. CONCLUSION
In this paper we have designed a cryptographic processor
which supports compact, customized and re-configurable
implementation of AES in FPGA. The security is improved by
providing the option to user to encrypt in three modes and
by
using three different key lengths. The product is indigenous
and cost-effective. The solution provides flexibility to
customers by providing the capability to change the
-
encryption algorithm if its broken and can bring the
required
customization according to specifications.
Figure 6: Implementation Results using Chip Scope Pro
V. REFERENCES
[1] Banraplang Jyrwa and Roy Paily, An Area-Throughput
Efficient FPGA implementation of Block Cipher AES
algorithm, Advances in Computing, Control, and
Telecommunication Technologies ACT 2009, Trivandrum,
Kerala, 28 and 29 Dec 2009.
[2] Jun Shu, YIwen Wang, Wenchang Li and Zhiyong Gan
Realization of a resource sharing fast encryption and
decryption
AES algorithm Intelligent Signal Processing and
Communication
Systems (ISPACS), 2010 International Symposium on 6-8 Dec.
2010.
[3]Ai-Wen Luo, Qing Ming Yi, Min Shi Design and
Implementation
of Area Optimized AES based on FPGA Business Management
and Electronic Information (BMEI), 2011 International
Conference
on 13-15 May 2011.
[4] Yingjie Ji, Liji Wu,Xiangmin Zhang and Xiangyu Li Power
Analysis Resistant AES Crypto Engine Design and FPGA
Implementation for a Network Security Co-processor. ASIC,
2009.
ASICON '09. IEEE 8th International Conference on 20-23 Oct.
2009
[5]Selma Laabidi, Bruno Robisson and Michael Agoyan An
evaluation methodology for the security of crypto systems
September 18, 2008.
[6] Namin Yu, Howard M.heys Investigation of Compact
hardware
implementation of the Advanced Encryption standard Canadian
Conference on Electrical and Computer Engineering (CCECE)
2005.
[7] Refik Sever, A. Neslin Ismailoglu, Yusuf C.Tekmen, Murat
Askar
and Burak OksanA high speed FPGA implementation of the
Rinjdael Algorithm Digital System Design, 2004. DSD 2004.
Euromicro Symposium on 31 Aug.-3 Sept. 2004.
[8]Advance Encryption Standard.
http://searchsecurity.techtarget.com/definition/Advanced-
Encryption-Standard
[9] Arturo Diaz Perez, N.A.Saqib, Francisco
Rodriguez-Henriquez
and Cetin Kaya Koc. Cryptographic Algorithms on
Reconfigurable
Hardware. Springer science (2006).
[10] Federal Information Processing Standards Publication
197 November 26, 2001 Announcing the, advance
encryption standard (AES)
[11]Block Cipher Mode of Operation.
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
/ColorImageDict > /JPEG2000ColorACSImageDict >
/JPEG2000ColorImageDict > /AntiAliasGrayImages false
/DownsampleGrayImages true /GrayImageDownsampleType /Bicubic
/GrayImageResolution 300 /GrayImageDepth -1
/GrayImageDownsampleThreshold 1.50000 /EncodeGrayImages true
/GrayImageFilter /DCTEncode /AutoFilterGrayImages false
/GrayImageAutoFilterStrategy /JPEG /GrayACSImageDict >
/GrayImageDict > /JPEG2000GrayACSImageDict >
/JPEG2000GrayImageDict > /AntiAliasMonoImages false
/DownsampleMonoImages true /MonoImageDownsampleType /Bicubic
/MonoImageResolution 600 /MonoImageDepth -1
/MonoImageDownsampleThreshold 1.50000 /EncodeMonoImages true
/MonoImageFilter /CCITTFaxEncode /MonoImageDict >
/AllowPSXObjects false /PDFX1aCheck false /PDFX3Check false
/PDFXCompliantPDFOnly false /PDFXNoTrimBoxError true
/PDFXTrimBoxToMediaBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ]
/PDFXSetBleedBoxToMediaBox true /PDFXBleedBoxToTrimBoxOffset [
0.00000 0.00000 0.00000 0.00000 ] /PDFXOutputIntentProfile (None)
/PDFXOutputCondition () /PDFXRegistryName (http://www.color.org)
/PDFXTrapped /False
/Description >>> setdistillerparams>
setpagedevice
