跳到主要內容

臺灣博碩士論文加值系統

(18.97.9.170) 您好!臺灣時間:2024/12/03 13:31
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:白宗堯
研究生(外文):Tsung-Yao Pai
論文名稱:具有可變係數之AES加解密器之矽智產設計與晶片實現
論文名稱(外文):IP-based design and chip implementation of the AES coprocessor with configurable parameter
指導教授:吳炳飛吳炳飛引用關係
指導教授(外文):Bing-Fei Wu
學位類別:碩士
校院名稱:國立交通大學
系所名稱:電機與控制工程系所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2006
畢業學年度:94
語文別:英文
論文頁數:62
中文關鍵詞:密碼學高級加密標準可變係數
外文關鍵詞:CryptographyRijndaelAESconfigurableparameterizable
相關次數:
  • 被引用被引用:0
  • 點閱點閱:337
  • 評分評分:
  • 下載下載:50
  • 收藏至我的研究室書目清單書目收藏:2
在此篇論文中,我們提出了一個具有可變係數的AES (Configurable AES)加解密器,使得在不同的m(x)、c(x) 和affine transformation係數選擇之下,可產生多變的AES演算法,藉以進一步的提高系統的安全性。並由於我們所提出之硬體實現仍能具有高效能的表現,讓此構想可以跟到上網路傳輸速度的進步,運到用Gigabit的光纖與乙太網路安全晶片上。在規格上,除了可調變係數之外,並支援128, 192, 256-bit三種金鑰長度以及ECB, CBC兩種加密模式。對於加解密過程中所需之金鑰,我們也提出了一種可同步計算金鑰的電路,而不需使用額外的記憶體來儲存金鑰。此外,為了降低硬體成本和提升效率,我們採取Composite Field Arithmetic運算來實現演算法的核心S-Box部分,並將架構下的矩陣乘法運算合而為一以縮短運算時間。最後,以強調重複利用的矽智產方式 (IP-based)實現,並遵守AMBA AHB Slave傳輸協定,以助於未來在系統面的開發。在本論文的成果方面,此Configurable-AES加解密器以UMC 0.18μm CMOS製程實現,擁有約81K的gate counts,在最高處理速度下,對於128/192/256三種不同金鑰長度下,分別可達到3.2Gbps、2.67 Gbps和2.29 Gbps。
In this paper, we implement a configurable AES (C-AES) coprocessor, which supports all specified key lengths, such as 128, 192, and 256 bits, and both the ECB and CBC operation modes. The round keys for encryption and decryption are generated on the fly without any internal memory. Specifically, it provides the flexibility to change the parameters of each transformations, such as the irreducible polynomial, the affine matrix, the affine constant, and the row vector of the matrix used in MixColumns(). These parameters are online changeable, i.e., they are also the inputs of the circuit. For increasing the speed, an optimized combination is presented in the proposed architecture. By using basis conversion and composite field in SubBytes(), and pre-calculating the values of every power of xtime() of constants in MixColumns(), the matrix multiplications in SubBytes() and MixColumns() can be integrated into a new transformation to reduce the computation path. Furthermore, all arithmetic components are also reused for the encryption and the decryption data paths. The proposed design has been implemented using a UMC 0.18μm CMOS technology. The throughput is about 3.2Gbps for 128-bit keys, 2.67Gbps for 192-bit keys, and 2.29Gbps for 256-bit keys, respectively. The total gate count is about 81K. This work provides a customized AES cipher to let users change parameters; therefore, it can be utilized in the applications requiring customized security, .e.g., the virtual private networks (VPN).
Chapter 1 Introduction ..........................................................................1
1.1 Background......................................................................................................1
1.2 Motivation........................................................................................................2
1.3 Organization.....................................................................................................3
Chapter 2 AES Algorithm .....................................................................4
Chapter 3 Hardware-Reduction Strategy for C-AES.......................10
3.1 Previous Work................................................................................................10
3.2 S-Box Optimization .......................................................................................11
3.2.1 Composite Field Arithmetic................................................................12
3.2.2 Isomorphism Functions and Basis Transformation.............................13
3.2.2 Multiplicative Inversion over the Composite Field ............................15
3.2.3 The Comparison of Multiplicative Inversion......................................18
3.3 MixColumns() Optimization ..........................................................................20
3.4 The Hardware Architecture............................................................................21
3.4.1 The Direct Architecture.......................................................................22
3.4.2 The Combination of SubBytes() and MixColumns()...........................23
Chapter 4 3-in-1 Key Expansion Design ............................................28
4.1 The Data Flow Graph of Key Expansion.......................................................28
4.1.1 128-bit Key Expansion .......................................................................29
4.1.2 192-bit Key Expansion .......................................................................29
4.1.2 256-bit Key Expansion .......................................................................31
4.2 The Hardware Architecture of 3-in-1 Key Generator ....................................33
Chapter 5 The Implementation of C-AES coprocessor.......................37
5.1 Top-level View...............................................................................................37
5.2 I/O Interface ...................................................................................................39
5.2.1 Input Interface.....................................................................................39
5.2.2 Output Interface ..................................................................................41
5.3 Parameter initialization Engine......................................................................41
Chapter 6 Verification and Result Comparison...................................43
6.1 IP-Based Design.............................................................................................43
6.1.1 IP Qualification Guideline Overview .................................................43
6.1.2 Soft IP Design Flow............................................................................44
6.2 Chip Design Flow ..........................................................................................46
6.3 Verification Strategy ......................................................................................48
6.3.1 Untimed functional model ..................................................................48
6.3.2 Timing Accurate model.......................................................................48
II
6.3.3 FPGA Prototyping...............................................................................49
6.3.4 Coding Style Rule Check....................................................................51
6.3.5 Code Coverage....................................................................................51
6.3.6 Design for Testability..........................................................................52
6.3.7 Physical Verification ...........................................................................53
6.4 Results and Comparisons...............................................................................53
Chapter 7 Conclusions and Future Work.............................................57
7.1 Conclusions....................................................................................................57
7.1 Future Work ...................................................................................................57
[1]
National Institute of Standards and Technology (NIST), Advanced Encryption Standard (AES), National Technical Information Service, Springfield, VA 22161, Nov. 2001.
[2]
National Institute of Standards and Technology (NIST), Data Encryption Standard (DES), National Technical Information Service, Springfield, VA 22161, Oct. 1999.
[3]
W. Stallings, Cryptography and Network Security: Principles and Practice. 3rd ed., Prentice-Hall Inc., Upper Saddle River, N.J., 2003.
[4]
E. Barkan, and E. Biham, “In How Many Ways Can You Write Rijndael?”, Proceedings of ASIACRYPT, Dec. 1-5, 2002, pp. 160-175, Springer-Verlag, 2002.
[5]
P. Fergguson and G. Huston, “What is a VPN?—Part I,” The Internet Protocol Journal, vol. 1, pp. 2–19, June 1998. http://www.cisco.com/warp/public/759/.
[6]
J. Daemen, and V. Rijmen, “AES Proposal: Rijndael,”AES Algorithm Submission, Sep. 3, 2000.
[7]
A. Dandalis, V. K. Prasanna, and J. D. P. Rolim, “A comparative study of performance of AES final candidates using FPGAs,” Cryptographic Hardware and Embedded Systems (CHES) 2000, vol. 1965 of LNCS, pp. 125–140, Springer-Verlag, Aug. 2000.
[8]
K. Gaj and P. Chodowiec, “Fast implementation and fair comparison of the final candidates for advanced encryption standard using field programmable gate arrays,” Proc. RSA Security Conf., Cryptographer’s Track, vol. 2020 of LNCS, pp. 84–99, Springer-Verlag, Apr. 2001.
[9]
P. Chodowiec, K. Gaj, P. Bellows, and B. Schott, “Experimental testing of the Gigabit IPSec compliant implementations of Rijndael and triple DES using SLAAC-1V FPGA accelerator board,” Proc. Information Security Conf. (ISC), vol. 2200 of LNCS, pp. 220–234, Springer-Verlag, Oct. 2001.
[10]
K. U. Jarvinen, M. T. Tommiska, and J. O. Skytta, “A fully pipelined memoryless 17.8 Gbps AES-128 encryptor,” Proc. Int. Symp. Field-Programmable Gate Arrays (FPGA), (Monterey), pp. 207–215, ACM Press, 2003.
[11]
K. U. Jarvinen, M. T. Tommiska, and J. O. Skytta, “A fully pipelined memoryless 17.8 Gbps AES-128 encryptor,” Proc. Int. Symp. Field-Programmable Gate Arrays (FPGA), (Monterey), pp. 207–215, ACM Press, 2003.
[12]
I. Verbauwhede, P. Schaumont, and H. Kuo, “Design and performance testing of a 2.29-GB/s Rijndael processor,” IEEE Journal of Solid-State Circuits, vol. 38, pp. 569–572, Mar. 2003.
[13]
V. Fischer and M. Drutarovsky, “Two methods of Rijndael implementation in reconfigurable hardware,” Cryptographic Hardware and Embedded Systems (CHES) 2001, vol. 2162 of LNCS, pp. 77–92, Springer-Verlag, May 2001.
[14]
S. Morioka and A. Satoh, “A 10Gbps full-AES crypto design with a twisted-BDD S-Box architecture,” Proc. IEEE Int. Conf. Computer Design (ICCD), (Freiburg, Germany), pp. 98–103, Sept. 2002.
[15]
K. Gaj and P. Chodowiec. Comparison of the hardware performance of the AES candidates using reconfigurable hardware. Proc. 3rd AES Conf. (AES3). [Online].
Available: http://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.html
[16]
M. McLoone and J. V. McCanny, “Rijndael FPGA implementation utilizing look-up tables,” IEEE Workshop on Signal Processing Systems, Sept. 2001, pp. 349–360.
[17]
M. McLoone and J.V. McCanny, “Apparatus for Selectably Encrypting and Decrypting Data,” UK Patent Application No. 0107592.8, Filed 27, March 2001.
[18]
V. Rijmen, “Efficient implementation of the Rijndael S-box.”
http://www.esat.kuleuven.ac.be/˜rijmen/rijndael/sbox.pdf.
[19]
A. Satoh, S. Morioka, K. Takano, S. Munetoh, “A Compact Rijndael Hardware Architecture with S-box Optimization”, ASIACRYPT 2001, Lecture Notes in Computer Science 2248, Springer, 2001, pp. 239-254
[20]
J. Wolkerstorfer, E. Oswald, and M. Lamberger, “An ASIC implementation of the AES SBoxes,” CT-RSA 2002, vol. 2271 of LNCS, pp. 67–78, Springer-Verlag, 2002.
[21]
S. Mangard, M. Aigner, and S. Dominikus, “A highly regular and scalable AES hardware architecture,” IEEE Trans. Computers, vol. 52, pp. 483–491, Apr. 2003.
[22]
Xinmiao Zhang; Parhi, K.K., “High-speed VLSI architectures for the AES algorithm”, IEEE Trans. VLSI Systems, Vol 12, Issue 9, pp. 957-967, Sept. 2004
[23]
T.-F. Lin, C.-P. Su, C.-T. Huang, and C.-W. Wu, “A high-throughput low-cost AES cipher chip,” Proc. 3rd IEEE Asia-Pacific Conf. ASIC, (Taipei), pp. 85–88, Aug. 2002.
[24]
H. Kuo and I. Verbauwhede, “Architectural optimization for a 1.82 Gbits/sec VLSI implementation of the AES Rijndael algorithm,” Cryptographic Hardware and Embedded Systems (CHES) 2001, vol. 2162 of LNCS, Springer-Verlag, May 2001.
[25]
J. H. Shim, D.W. Kim, Y. K. Kang, T.W. Kwon, and J. R. Choi, “A Rijndael cryptoprocessor using shared on-the-fly key scheduler,” Proc. 3rd IEEE Asia-Pacific Conf. ASIC, (Taipei), pp. 89–92, Aug. 2002.
[26]
J. Guajardo and C. Paar. “Efficient Algorithms for Elliptic Curve Cryptosystems” Advances in Cryptology—CRYPTO ’97, Lecture Notes in Computer Science, vol. 1294 pp. 342–356. Springer-Verlag, August 1997.
[27]
A. Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi. “Efficient Rijndael Encryption Implementation with Composite Field Arithmetic” Workshop on Cryptographic Hardware and Embedded Systems (CHES2001), pp. 175–188, May 2001.
[28]
C Paar, “Efficient VLSI Architecture for Bit-Parallel Computations in Galois Fields” PhD Thesis, Institute for Experimental Mathematics, University of Essen, Germany, 1994
[29]
A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “Unified hardware architecture for 128-bit block ciphers AES and Camellia”, Cryptographic Hardware and Embedded Systems (CHES) 2003. Aug. 2003, Springer-Verlag.
[30]
IEEE P1363. “IEEE Standard Specifications for Public-Key Cryptography” IEEE Computer Society, August 2000.
[31]
L. Reyzin, B. Kaliski, “Storage-Efficient Basis Conversion Techniques” Contribution to IEEE P1363a, February 2000.
[32]
J.L. Fan and C. Paar. “On Efficient Inversion in Tower Fields of Characteristic Two” International Symposium on Information Theory, page 20. IEEE, June 1997.
[33]
M. H. Jing, Y. H. Chen, Y. T. Chang, and C. H. Hsu, “The design of a fast inverse module in AES,” Proc. Int. Conf. Info-Tech and Info-Net, vol. 3, Beijing, China, Nov. 2001, pp. 298–303.
[34]
S. F. Hsiao, M. C. Chen, C. S. Tu, “Memory-Free Low-Cost Designs of Advanced Encryption Standard Using Common Subexpression Elimination for Sunfunctions in Transformations” IEEE Trans. Circuit and Systems, VOL. 53, NO. 3, MARCH 2006
[35]
C. P. Su, C. L. Horng, C. T. Huang, C. W Wu, “A configurable AES processor for enhanced security” Design Automation Conference, 2005. Proceedings of the ASP-DAC 2005. Asia and South Pacific Vol. 1 Page(s):361 - 366 Jan. 2005
[36]
Chih-Hsu Yen, Tsung-Yao Pai, and Bing-Fei Wu, “The Implementations of the Reconfigurable Rijndael Algorithm with Throughput of 4.9Gbps” Proceedings of 16th VLSI Design/CAD Symposium, 2005.
[37]
Integrator/LM-EP20K600E+ user Guide
http://www.arm.com/pdfs/DUI0146C_LM600.pdf
[38]
J. Wolkerstorfer, E. Oswald, and M. Lamberger, “An ASIC implementation of the SBoxes,” CT-RSA 2002, vol. 2271 of LNCS, pp. 67–78, Springer-Verlag, 2002.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊