EFFECTIVE IMPLEMENTATION OF RECONFIGURABLE
advertisement
EFFECTIVE IMPLEMENTATION OF RECONFIGURABLE CRYPTOGRAPHIC PROCESSOR ABSTRACT Protecting the digital data through encryption using tools and external codes are highly cost effective and also results in performance degradation. To achieve much efficiency in encryption a reconfigurable cryptographic microprocessor is designed in this project to offer maximum digital security. With the conventional design of Rijndeal and DES encryption standards as supporting coprocessors, a brute force attack algorithm also been implemented in the design to ensure the robustness of this processor design to serve all kind of encryption and decryption needs. A typical CPU unit with RAM, ALU, PC, Register bank and Buses are included as prioritized units for utilizing the Cryptographic co-processors which consists of Parallel Processing Unit, Bit permutation unit, sequencing cache and Byte permutation units. A sophisticated instruction sets have been derived to issue control signals to the main processor to initiate and control cryptographic operations. The performance evaluation of this processing design also analyzed through a programmable FPGA kit. Novel RISC microprocessor can be utilized to rapidly develop a reprogrammable and high performance embedded securityprocessing system in SoC designs. The prevalence of microprocessors in all aspects of everyday life has led to information being easily and widely distributable in digital format. RlSC microprocessors are used abundantly in numerous communication systems, such as smart cards, mobile handsets, set-top boxes (STBs) and Personal Digital Assistants (PDAs). In this project, the various arithmetic and logical functions that are common to block ciphers and cryptographic hashes have been identified. This analysis has lead to the creation of instructions to provide a RISC microprocessor with a more efficient means of performing hashing and private-key cryptography. A three-stage RISC microprocessor has been developed as programmable silicon IP core to be rapidly integrated into SoCdesigns. In the creation of the instruction set, particular emphasis has been placed on support for the five AES finalists, and established cipher and hash algorithms such as DES, IDEA, MDS and SHn-1. ALGORITHM ANALYSIS INTRODUCTION Many modern cryptographic algorithms are developed with the design rationale of efficient operation on 32-bit processors. This was a feature used by the National Institute of Standards and Technology (NIST) to evaluate the performance of AES candidates. The AES candidates MARS and RC6 exclusively use 32-bit operations for efficient implementation on such processors. As such, generic acceleration of these ciphers is limited and more specific hardware acceleration is required to improve performance. Rijndaeland Two fish both utilize Galois Field arithmetic, known as the Mixcolumn and Maximum Distance Separable (MDS) functions respectively, and both perform polynomial multiplication of 4 bytes with a 4x4 matrix within the Galois Field. Ciphers such as Rijndael, DES and Serpent utilize substitution operations that replace values of 8 bits or less. Performing such substitutions on a microprocessor requires numerous instructions to isolate each relative address, perform the table look-up within memory, and substitute the value to form the result. constantly at risk. Either remotely with the use of programs developed to examine or modify the existing data and the systems usage (e.g. virus and worms), or locally through the monitoring of the systems behavior (e.g. printing a document form an unauthorized computer) or through physical attacks (e.g. observation of the power consumption, reading the data stored in memory). A significant part of these security issues are resolve with use of encryption algorithms. However these algorithms have significant computational requirements and different computational characteristics, so even if hardware accelerators exist to speed up these calculations they cannot efficiently improve all the existing algorithms. With this in mind this paper proposes a methodology in order to normalize and to catalyze the use of security systems and to achieve more trustworthy computational systems. MESSAGE SEND TO OS AND PROCESSOR EXECUTE AND STORE RAW DATA IN MEMORY NEED TO TRANSMIT? NO YES 1.1.1. Existing System Modern cryptography follows a strongly scientific approach, and designs cryptographic algorithms around computational hardness assumptions that are assumed hard to break by an adversary. Such systems are not unbreakable in theory but it is infeasible to do so for any practical adversary. With the increase and proliferation of communication systems, the users privacy and is data coherence is ENCRYPT AND TRANSMIT Fig.1.1.Functional flow diagram of existing system Figure 1.1 depicts a general function of the existing cryptography methodology. This structure illustrates that the data going to be stored in memory is a raw data and just before transmission only it is getting encrypted. Demerits of the Existing system. In fact, transmission of very large documents is prohibitive. The key sizes must be significantly larger than symmetric Proposed System. Using reconfigurable processor, it eliminates the additional clock pulses required for instruction decoding. Hardware implementation of cryptography provides the overall data security. Encryption modules are separately performed using individual co-processor which reduces the complexity of processing. 1.1.4. Cryptographic Processors Need For Cryptography Processors In the existing system, any unauthorized person who is having intelligence in memory hacking can steal the raw data directly from the memory. The other drawback is the user can not modify the software he is using, since that would invalidate its specific digital signature, making it unusable when interacting with other applications that require a valid signature or when trying to access previously saved data with the Sealed Storage mechanism. With the evolution of the encryption algorithms the system will became obsolete, since the existing system has no adaptation capability. For example only in the recent revision of the trusted computing group as the AES encryption been included, becoming a mandatory algorithm. With such a static system older versions of software will became unusable and new software will not be able to access data stored by older application that used different encryption algorithms. The machine owner is obligated to use the existing platform module has a black box, having no knowledge on how the module is implemented, if it is properly implemented, or if there are any backdoors to the system. Reconfigurable cryptographic Processor Some of the drawbacks of the existing Module can be solved with the use of reconfigurable systems. Current reconfigurable systems are capable of achieving a computational capability, which allows them to be used instead of dedicated hardware structures. In this project, the various arithmetic and logical functions that are common to block ciphers and cryptographic hashes have been identified. This analysis has lead to the creation of instructions to provide a RISC microprocessor with a more efficient means of performing hashing, public and privatekey cryptography. MAIN MEMORY CRYPTOGRAPHIC PROCESSOR CRYPTOGRAPHIC SUPPORTING UNITS INTERNAL MEMORY & ROM CONTROL AND ARBITER INTERCONNECTION NETWORK DES AES HYBRID I/O Figure 1.2: Reconfigurable Cryptographic Processor Organization A three-stage, DES, AES and Hybrid RISC microprocessor has been developed as programmable silicon IP core to be rapidly integrated into SOC designs. Figure 1.2 illustrates the reconfigurable organization of the cryptographic processor which embeds DES, AES and the proposed Hybrid algorithm as various co-processor units to achieve encryption and decryption with necessary requirements. 2.1. ADVANCED ENCRYPTIONS STANDARDS Rijmen and Daemen developed the Rijndael algorithm from Square, an algorithm they had collaborated on earlier. The Rijndael algorithm is a block cipher, an alternative to a stream cipher. The data is processed in 128 bit blocks, and keys may be 156 bits, 192 bits, or 256 bits. The purpose of AES [3], [4], [13]was to replace DES, the Data Encryption Standard, as a more secure substitute. Figure 2.1.1: Rijindeal AES The three criteria taken into account in the design of Rijndael • Resistance against all known attacks • Speed and code compactness on a wide range of platforms. • Design simplicity Advantages of Advanced Encryption Standards: Rjindael can be implemented to run at speeds unusually fast for a block cipher on a Penitum (Pro). There is a trade-Off between table size/performance. It can be implemented on a Smart Card in a small amount of code, using a small amount of RAM and taking a small number of cycles. There is some ROM/performance trade-off. The round transformation is parallel by design, an important advantage in future processors and dedicated hardware. As the cipher does not make use of arithmetic operations, it has no bias towards big or little Indian processor architectures. 3.1 RSA Algorithm In hybrid algorithm the message to be stored in the memory is encrypted first in the sieve instruction module by giving the key as number of times to be permuted and giving this cipher text as input to the RSA module. In cryptography there are two types of encryption and decryption named as symmetric and Asymmetric. In symmetric cryptography the same key is used for both encryption and decryption. RSA is an asymmetric public key cryptography that enables two sets of keys to be created: public (encryption) and private (decryption). Public keys are stored in the open so that anyone can encrypt a message. The intended recipient who knows the publicprivate key pair can only get the original message correctly. of e (such as 3) have been shown to be less secure in some settings.[4] Fig:3.1.1 Symmetric and Asymmetric Cryptography Key generation Determine d = e–1 mod φ(n); i.e. d is the multiplicative inverse of e mod φ(n). This is often computed using the extended Euclidean algorithm. d is kept as the private key exponent. The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the private (or decryption) exponent d which must be kept secret. RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys for the RSA algorithm are generated the following way: Choose numbers p and q. two distinct prime For security purposes, the integers p and q should be chosen at random, and should be of similar bit-length. Prime integers can be efficiently found using a primality test. Fig : 3.1.2 Example for RSA Algorithm Compute n = pq. n is used as the modulus for both the public and private keys Compute φ(n) = (p – 1)(q – 1), where φ is Euler's totient function. Choose an integer e such that 1 < e <φ(n) and gcd(e,φ(n)) = 1, i.e. e and φ(n) are coprime. e is exponent. released as the public key e having a short bit-length and small Hamming weight results in more efficient encryption - most commonly 0x10001 = 65537. However, small values Fig : 3.1.3 Proposed architecture 4.1 Top model output with Look-up table content The figure3.12 shows that the 64-bit input data is divided into four 16-bit data namely data1, data2, data3 and data4. Depending on the data, one of the encryption algorithm is selected from DES,AES and hybrid and the information about the same is stored in the look-up table. applying individual encryption schemes. The various results obtained in each simulation is listed in table-- Conclusion Fig: 4.1.1 Simulation of CPU top model 4.2 Summary To reduce the cost of separate software and supporting hardware for giving security to the digital data, the encryption and decryption algorithm is implemented along with the processor architecture itself. So that the security to the digital data is given at the storage place, which not only reduce the cost, and also increase the speed of encryption and decryption. The input 64 bit data is evenly splitted into 16*4 blocks and a random logic is used to encrypt the divided blocks parallel by Implementing the hardware cryptographic processor got its own merits of reduced time consumption, increases in performance and assures the most security. Thus by implementing the hybrid standard, the protection is enhanced multiple times and unique. The processor can handle field arithmetic for cryptography algorithms by using microcode sequences without modifying hardware. It shows that the developed cryptographic processor exhibits obvious speed and performance advantages in comparison with related works, and can accommodate a large number of cryptosystem applications. The application of Cryptographic processor is very vast ranges from domestic to defense purpose. Implementing this cryptography processor as hardware has its unique advantages in terms of Portability, Power Consumption, Accuracy & Flexibility. REFERENCES National Institute of Standards and Technology, “Specification for the Advanced Encryption Standard (AES),” Federal Information Processing Standard 197 , November 26, 2001; Ricardo Chaves, Georgic Kasyanov, Reconfigurable memory based AES co-processor in Proceedings of the 13th Reconfigurable Architectures Workshop , 2006. William M .Daley, Data Encryption Standard (DES) in Federal Information Processing Standards Publication,2002 IEEE Standard Specifications for Public-Key Cryptography, IEEE Std 1363– 000, 2000. R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, pp. 120– 26, Feb. 1978. Y. Wang, J. Leiwo, and T. Srikanthan, “A unified architecture for cryptoprocessing in embedded systems,” in Proc. IEEE Conf. Embedded Softw. Syst., Dec. 2005, pp. 1–7. ARULVENKATESAN M M.E., DIS., Student of Final year Department of ECE. Bharathidasan Engineering College, Natrampalli – 635 854 Email: arulvenkatesan@gmail.com Mr.C. NARASIMHAN,M.Tech, MIE., Head of the Department, Department of electronics and Communication Engineering, Bharathidasan Enginnering College,Natrampalli – 635 854. Mr.A.SUDHAKAR M.E., (Ph.D)., MISTE., Head of the Department, Department of Computer and Science Engineering, Bharathidasan Enginnering College, Natrampalli – 635 854.
