臺灣博碩士論文加值系統

隨著無線網路以及電子商務的發展，桌上型電腦已經逐漸的被行動計算以及行動通訊所取代。這代表著一個無線通訊的時代已經來臨，人們將可隨時隨地不受空間及時間的限制，進行商業交易或是資料的交換及取得，為了達成這些目的，無線網路以及電子商務將會是未來的趨勢。
當我們在享受無線科技所帶來的便利時，我們如何能確保我們的通訊是安全的呢？當我們進行資料的傳輸時，為了有效的保護這些資料，我們需要對敏感資料進行加密。而目前用於無線網路通訊的IEEE802.11b標準是以WEP(Wired Eqauivalent Privacy)加密技術及RC4(Ron’s Code 4 Pseudo Random)虛擬亂數產生器達成加密處理，這兩樣技術已經可以被惡意者在短時間內破解並取得加密金鑰，所以在本論文中將設計一個安全性更高的加解密系統。現今常用的加密系統可分為兩大類，一是對稱金鑰（Symmetric-Key）系統，如DES (Data Encryption Standard)，另外是公開金鑰（Public-Key）系統，如RSA (Rivest-Shamir-Adelman)，對稱金鑰大多用於資料的加解密，而非對稱金鑰則多用於使用者的認證。由於DES已使用了20幾年了，而且是使用56位元金鑰加密，所以DES已經不能滿足今日對資料安全性的要求了。在本文中我們以AES系統設計了一加密系統並將亂數產生器內建其中。AES是先進的對稱金鑰加密技術，最短的金鑰也有128位元，而內建的真實亂數產生器可以防止金鑰被惡意者竊取。
本論文提出一個適用於通訊系統的AES加解密處理單元，並將亂數產生器內建其中。為了降低晶片面積以符合需求，我們以遞迴的方式設計AES模組，並利用其加解密演算法對稱的特性，結合加解密電路，以有效減小面積。而亂數產生器是利用元件中的熱雜訊和混亂定理來產生一支無法被預測的金錀。
在晶片設計上使用TSMC 0.35 µm CMOS製程及Avanti元件庫。佈局後晶片面積為2970*2970 μm2。根據TimeMill及PowerMill模擬結果此晶片最高工作時脈為65 MHz，晶片平均消耗功率為213mW。此結果將可貢獻於日漸蓬勃的無線網路和電子商務應用。

As wireless LAN and E-commerce becomes popular today, mobile computing and communication device market is poised to overtake the desktop computing market. The widespread adoption of Internet combined with the “anytime anywhere” access of mobile devices is driving a huge growth in mobile e-commerce applications.
We should encrypt and decrypt the sensitive data to protect these data effective. The WEP algorithm is essentially the RC4 cryptographic algorithm from RSA Data Security. To date, there are many papers proposing the weaknesses within RC4, the underlying encryption mechanism used by WEP. We were able to recover the 128 bit secret key used in a wireless network, with a passive attack. We conclude that 802.11 WEP is totally insecure, so we will design a more secure cryptography system in this paper. Today, two cryptosystems are used; one is the symmetric-key cryptosystem, for example, DES (Data Encryption Standard), and another is the public-key cryptosystem, for example RSA (Rivest-Shamir-Adleman). DES cryptosystem are usually used in encrypts and decrypt of the main body, and RSA cryptosystem are used in data authentication. DES, the Data Encryption Standard, can no longer be considered secure because its 56-bit key is too short. We must have a better cryptography system to instead of DES so The Rijndael algorithm was designed by Dr. Joan Daemen and Dr. Vincent Rijmen. AES supports keys of at least 128 bits and the embedded random number generator can prevent the key from being stolen.
In this thesis, we use iteration architecture to design AES modules. Moreover, consider with the feature of the algorithm of encrypt and decrypt are symmetric, we combine these two circuit and using latches instead of registers to reduce the total area. By using analog circuits to make a random generator we can get true random numbers which are aperiodic, unpredictable and statistically random.
We use TSMC 0.35 um process with Avanti high performance cell library to implement our chip. The layout area is 2970 x 2970 um2. The maximum clock rate can reach 65 MHz, and average power consumption is 213 mW. The result can be contribution to wireless LAN and E-commerce application.

Index
摘 要 i
Abstract iii
Index iv
List of Figures vi
Chapter1 Introduction………………………………………………………………… 1
1.1 Wireless LAN technology[2]………………………………………1
1.2 Why security is important in wireless LAN………………….2
Chapter 2 Algorithm………………………………………3
2.1 Classical cipher system 3
2.1.1 Transposition ciphers 4
2.1.2 Substitution ciphers 4
2.2 Cryptography of today 5
2.3 notation and convention for AES 6
2.3.1 Inputs and Outputs 6
2.3.2 Arrays of Bytes 6
2.3.3 The state 7
2.4 specification of AES Algorithm 8
2.4.1 SubByte() 9
2.4.2 ShiftRows() Transformation 9
2.4.3 AddRoundKey() Transformation 11
2.4.4 Key Expansion 12
2.4.5 Inverse Cipher 13
2.5 Random number generator 14
2.5.1 Pseudo-Random Bit Generators 14
2.5.2 Truly Random Bit Generators 15
2.5.3 Chaotic Bit Generators 18
chapter3. Architecture and Implementation 21
3.1 IC card 21
3.2 Architecture of AES 23
3.2.1Encryption and decryption round 23
3.2.2 Input interface module 25
3.2.2.1 Full Register Model 25
3.2.2.2 Hybrid Model 26
3.2.2.3 The full latch 26
3.2.3 output interface 27
3.2.4 Key schedule 29
3.2.4.1On-The-Fly 29
3.2.4.2 Pre-Computed 30
3.2.4.3 Summary 30
3.2.5 Multiplicative inverse 31
3.2.5.1 Architecture1 31
3.2.5.2 Architecture2 33
3.3Architecture of RNG 37
3.3.1 Switched-Capacitor circuit 37
3.3.1.1 Fundamental Switched-Capacitor circuit 37
3.3.1.2 Improved Switched-capacitor circuit 38
3.3.2 current mirror 40
3.3.3 OP Amplifier Circuit 40
3.3.4 1-bit analog-digital converter 41
3.3.5 The eliminating bias circuit 42
3.3.6 true random number generator circuit 42
Chap 4 layout and simulation result 44
4.1 The physical design 44
4.2 Clock distribution and Layout Result 45
4.3 Simulation of AES 47
4.4 Simulation of RNG 49
4.4.1 Simulation of current mirror 49
4.4.2 OP amplifier 49
4.4.3 Phase generation 50
4.4.4 Comparator 51
4.4.5 Simulation of whole RNG system…………………...............………51
Chapter 5 conclusion and future work 53
5.1 conclusions 53
5.2 future work 53
List of Figures
Fig1- 1 Wireless LAN………………………………………………………1
Fig2- 1 Concept of cryptography 3
Fig2- 2 8
Fig2- 3 pseudo code of AES algorithm 8
Fig2- 4 shiftrow transformation 10
Fig2- 5 illustrates the MixColumns() transformation. 11
Fig2- 6 pseudo code of key expansion 12
Fig2- 7 key expansion flow 13
Fig2- 8pseudo code of inverse cipher 14
Fig2- 9 Thévenin and Norton equivalent circuit 17
Fig2- 10 In MOSFET noise 18
Fig2- 11 model of chaotic bit generator 19
Fig2- 12autocorrelation of a binary sequence 19
Fig2- 13 analog iteration…………………………………………………..20
Fig3- 1The Overview of wireless IC Card 22
Fig3- 2whole chip architecture 23
Fig3- 3encryption round and decryption round 24
Fig3-4en_de_round…………….………………………………………… 24
Fig3- 5Byte_sub 25
Fig3- 6 Full Register Model 25
Fig3- 7 time diagram of hybrid model 26
Fig3- 8 time diagram of full latch 27
Fig3- 9 Output Module with Demultiplexer Array 28
Fig3- 10Output Module with Tristate Buffer 29
Fig3- 11Improved Tristate Buffer Tree 29
Fig3- 12The logical block KeyRound 30
Fig3- 13 The logical block InvKeyRound 31
Fig3- 14 Inversion and division in GF(2m) 32
Fig3- 15Multiplier in GF(2m)……………………………..……………….36
Fig3- 16 Low latency inversion in GF(2m) 36
Fig3- 17Switched-Capacitor circuit 37
Fig3- 18 waveform of P1,P1d,P2 and P2d 38
Fig3- 19 map diagram of and 39
Fig3- 20 Improved Switched-capacitor circuit 39
Fig3- 21current mirror 40
Fig3- 22 OP Amplifier Circuit 41
Fig3- 23Schematic of the 1-bit ADC 41
Fig3- 24 schematic of the comparator 42
Fig3- 25Schematic of the random generator………………………………43
Fig4- 1Physical Design Flow……………………………….……………..45
Fig4- 2 Clock Tree……………………………….………………………...46
Fig4- 3 Chip view……………………………….…………………………46
Fig4- 4 simulation of multiplicative inverse………………………………47
Fig4- 5 simulation of key schedule ……………………………………….48
Fig4- 6 simulation of control signal……………………………………..48
Fig4- 7 simulation of AES encryption simulation………………………48
Fig4- 8simulation of AES decryption simulation………………………….49
Fig4- 9 simulation of OP amplifier ………………………………………..50
Fig4- 10frequency response of OP amplifier……………………………...50
Fig4- 11 simulation of phase generator………………………………….51
Fig4- 12 simulation of comparator………………………………………51
Fig4- 13 simulation results of X(n), b(n) and data_out………………….52
Fig4- 14 the power spectral density of the sequence………………………52
Fig4- 15 the relationship of X(n+1) and X(n)…………………………….52

Reference
[1] J. A. Senn, “The emergence of M-Commerce”, IEEE Computer, December 2000, pp. 148-150.
[2] http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/a350w_ov.htm
[3] Jon C. Graff. "Cryptography and e-commerce a Wiley tech brief"New York :/John Wiley & Sons,/c2001.
[4] B. Schneier, Applied Cryptography, p. 1, John Wiley & Sons, New York, 1994.
[5] Craig Steven Petrie "An Integrated Random Bit Generator for Applications in Cryptography" November 1997
[6] J. Daemen and V. Rijmen, "AES Proposal: Rijndael, AES Algorithm Submission"
September 3, 1999,
[7] A. B. Carlson, Communication Systems, p. 118, McGraw-Hill, New York, 1986.
[8] K. Zeng, et al., “Pseudorandom Bit Generators in Stream-Cipher Cryptography,”
Computer, pp. 8-17, February 1991.
[9] D. E. Knuth, The Art of Computer Programmg, Vol. 2: Seminumerical Algorithms,
2nd ed., Addison-Wesley, Reading, MA, 1981.
[10] J. A. Barnes and S. Jarvis, “Efficient Numerical and Analog Modeling of Flicker
Noise Processes,” National Bureau of Standards, NBS Tech. Note 604, 1971.
[11] C. D. Motchenbacher and J. A. Connelly, Low Noise Electronic System Design,
John Wiley & Sons, New York, 1993.
[12] Warsaw Poland "Implementation of the block cipher Rijndael using Altera FPGA"
[13] Min-Hao Chuang "A Design and Implementation of DES/Triple DES Encryption and Decryption for Ic Card" ROC June 2000
[14] R.Rivest A.Shamiar and L.Adleman,”A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, CACM, Vol.21, No.2, pp.120-128, Feb..1978.
[15] Ming-He Li "A Gbps AES Cipher" ROC June 2000
[16] Shyue-Win Wei VLSI architectures for computing exponentiations, multiplicative inverses, and divisions in GF(2/sup m/) IEEE Transactions on , Volume: 44 Issue: 10 , Oct. 1997
[17] J. H. Guo and C. L.Wang, "A Low Time-Complexity, Hardware-Efficient Bit-Parallel Power-Sum Circuit for Finite Fields GF(2m),"ISCAS'99 Proceeding, pp. I-521-524, Orlando, Florida, USA, May 30-June 2, 1999.
[18] Dinh, A.V.; Palmer, R.J.; Bolton, R.J.; Mason, R.A "low latency architecture for computing multiplicative inverses and divisions in GF(2/sup m/)" Electrical and Computer Engineering, 2000 Canadian Conference on , Volume: 1 , 2000 Page(s): 43 -47 vol.1
[19] Federal Information Processing Standards Publication ZZZ
Specification for the ADVANCED ENCRYPTION STANDARD (AES)
2001 MONTH DAY