A Security PDA System Based On Cryptoprocessor

Seminar report 2007-08
A Security PDA system based on Cryptoprocessor
ACKNOWLEDGEMENT
Acknowledgement would be hollow and unfound if we fail to thank the entire faculty of the Electronics and Communication Dept. of Govt. College of Engg., Kannur. We are highly indebted to our respected Head of the Department and guide for their excellent guidance and cooperation. In addition we express our heartfelt gratitude to the seminar coordinator Asst. for his support. We are also grateful to the faculty of the Dept. Computer Lab for their timely help. We would also like to thank all our friends, who were source of constant encouragement. Finally, we owe everything to our parents who have been making supreme sacrifice every time we cross a milestone in our life. DHANALAKSHMI. P.P
Dept. of Electronics and Communication
Govt. College of Engineering, Kannur
ABSTRACT
The crypto algorithms comprised the ECC public
algorithm, the AES and ARIA private key algorithms, the MD5 and SHA-1 hash algorithms and a random number generator. The design was based on a 0.25um CMOS standard cell library. The proposed crypto-processor is good security level better than the compared design. A security circuit board accommodating the cryptography chip was developed for secure services of various applications.
CONTENTS
1. Introduction 2. Cryptoprocessor Design 2.1 Public Key Algorithm 2.2 Block Cipher Algorithm 2.3 Hash and Random Number Generator 3. Performance results 4. Features of the Cryptoprocessors 5. Application 6. Conclusion 7. References 11 14 15 3 4 8 9 10 1 2
Chapter 1
INTRODUCTION
Cryptography algorithms provide secure services such as message confidentiality, data integrity, authentication and identification in communication. The mobile systems need secure services. The cryptography algorithms need to be implemented as hardware. Because cryptography algorithms demand heavy arithmetic operations their efficiency can be decreased, when we implement the cryptography algorithms as software. Security applications such as Crypto API consume more than 95% of CPU resource for arithmetic . Crypto-processors and security accelerators are developing for a solution of this problem . This paper presents a design and implementation of a cryptoprocessor comprising major cryptography algorithms to cover vast areas of security system applications. The design focuses not only on highthroughput for network applications but also smaller size for portable devices. A PDA system the cryptoprocessor has been developed for verification purposes.
Chapter 2
CRYPTOPROCESSOR DESIGN
This section presents an integration chip design by a cryptoprocessor including ECC, Block Cipher (AES, ARIA), Hash, and Random Number Generator.
2.1. Public Key Algorithm

The authentication and identification services use the asymmetric ciphers such as ECC. The ECC block in this paper has a new architecture based on GF(p). We modify the Montgomery multiplier using precomputation and high-radix multiplication . It can increase throughput by simpler carry propagations in additions and easier quotient estimations. Figure 1 shows the ECC block structure. The ECC block comprises three components: Main Controller (MC), Arithmetic Controller (AC) and Arithmetic Unit (AU). MC controls the computation of kp in the ECC algorithm, and interfaces with the host CPU of its PDA. AC performs point additions, point doubling and coordinate translations, and controls AU. AU is the main processing unit of the ECC block. It comprises a register file, adders and multiplier, and performs addition, squaring, multiplication and inversion in GF(p) under the control of AC.
Fig 2.1.1 Structure of ECC Block
2.2. Block Cipher Algorithm

The AES algorithm implemented in this research employs the full AES In this, the
standards including variable length keys of 128/192/256 bits [6].
architecture for 128-bit AES has been designed. The number of rounds depend on both of these parameters . Therefore, the cipher in all configurations presented operates in Nr = 10 rounds.
Fig. 2.2.1: Structure of AES algorithm
Fig. 2.2.1 shows the encryption and decryption structure of the AES algorithm applied in this work. In encryption, after he initial roundkey addition, Nr rounds are performed. The operations are the same in the first Nr -1 rounds, with a small difference in the final round. As shown in Fig. 2.2.1(a), each of the first Nr-1 rounds consists of four transformations: SubBytes, ShiftRows, MixColumns and AddRoundKey. The final round excludes the MixColumns transformation. The decryption algorithm uses a different ordering of the inverse forms of the transformations used in the encryption algorithms as shown in Fig. 2.2.1(b). The four transformation operations are summarized as follows: SubBytes: This transformation is a non-linear byte substitution using a substitution table (S-box). The S-box is constructed of the compositions of two transformations: multiplicative inverse in GF(28) with irreducible polynomial m(x) = x8+x4+x3+x+1, and an affine mapping over GF(2). Inthe decryption process, the inverse S-box is used. ShiftRows: In this transformation, the rows of the State shift cyclically to the left with different offsets. In the decryption process, the shifting offsets have different values. MixColumns: The MixColumns transformation is performed on the State columnby-column. Each column is considered as s four-term polynomial over GF(28) anmultiplierby a(x) modulo x4 + 1, given by a(x) = {03}x3+ {01}x2 + {01}x + 1 for encryption and a(x) = {0B}x3 + {0D}x2 + {09}x + {0E} for decryption process.
AddRoundKey: In this transformation, a round key is added to the State using a bitwise Exclusive-OR (XOR) operation. AddRoundKey is the same for the decryption process.
The decryption model given in Fig. 2.2.1(b) is modified from the original described in the NIST standard. It has been rearranged with some changes to the key generation unit to obtain a structure similar to the encryption model. This modification is based on the properties of the AES algorithm, which is: InvShiftRows transformation immediately followed by an InvSubBytes transformation is equivalent to InvSubBytes transformation immediately followed by an InvShiftRows transformation. InvMixColumns transformation is linear, which means: InvMixColumns(State XOR roundkey) = InvMixColumns(State) XOR InvMixColumns(roundkey) Fig. 2.2.2 shows the hardware architecture of AES crypto processor core designed in this work. It combines encryption and decryption into one block, permitting the sharing of common modules. This crypto processor is designed based on 4-state pipeline so as to increase the maximum running frequency and timing performance. It consists of three main modules, which are KeyGen, Control Unit and Encryption/Decryption Unit. The KeyGen is designed to generate the roundkey for AddRoundKey transformation in every round. The data path for encryption/decryption is as follows: Pt/Ct m2 ARK M-SB M-SR M-MC m1m2ARK Ct/Pt. We implemented the SubBytes block (S-box) based on the calculation of multiplicative inverse and affine transform instead of using ROM-based lookup table to reduce the hardware logic count
Fig 2.2.2 Block Diagram of AES 128 Core
The symmetric ciphers such as Block Cipher (AES, ARIA) are for confidential message exchanges. The proposed symmetric cipher module complies with the AES and ARIA standard. It operates in Cipher Block
Chaining (CBC) and Electronic Code Block (ECB) modes. There is no throughput degradation in the CBC mode even under the feedback operation. Both AES and ARIA algorithms employ the one round loop structure for high performance.
2.3. Hash and Random Number Generator

Hash algorithms are for message authentication. SHA-1 implemented in this design employs the key length of 160bits [8]. The circuit for SHA-1 comprises control, parsing, internal number generation, hashing operation and output circuit units as shown in Figure 4. The control unit fetches user commands and generates control signals for hashing operations. The internal number generator schedules hashing operations processing incoming data. The hash value generated by the hash computation is used to determine the message digest. Carry save adders in this design yield higher throughput. The random number generator is an essential element achieving a high level of security.
Fig 2.3.1 Hash Function For SHA-1
Chapter 3
PERFORMANCE RESULTS
This section reports the performance of the proposed cryptoprocessor. The crypto-processor was modeled in Verilog-HDL and VHDL. It was synthesized using Synopsys Design Analyzer based on the 0.25m CMOS standard cell library. In Table 1 summarizes the performance comparison of the two crypto-processors.
Table 3.1 Performance Comparison Of Two Cryptoprocessors at 33MHz 40MHz
The ADSP-2141L is commercial crypto processor from Analog Device Inc. [11]. The proposed design yield similar performace, but new crypto algorithms such as ECC, AES and ARIA are added to enhance the security level. Figure 6 shows the crypto-processor die photo. We fabricated the crypto-processor chip exploiting a 0.25m CMOS standard cell library. The target frequency is 40MHz. Also, hardware size has about 445K EG. Table 2 summarizes the cryptoprocessor features.
10
Chapter 4
FEATURES OF THE CRYPTOPROCESSORS
Table 4.1:Features
Figure4.1 Crypto-processor chip photo
11
Chapter 5
APPLICATION
We designed a C (crypto)-PDA system including the cryptoprocessor for a test in mobile environment test. We designed a security circuit board carrying the crypto-processor. Figure 7 shows a structure connecting the PDA base board and a security accelerator.
Fig 5.1 C-PDA Device with proposed cryptoprocessor The bus controller design aims at high bus usage among functional modules and the proposed 32 bit CTM bus. Figure 8 shows a structure connecting the PDA board and the functional units.
12
Fig 5.2 Structure of a C-PDA System
The PDA board assumes an AMBA bus. The overall secure communication system consists of two PDA base boards and a security accelerator board. The PDA base boards and the security acceleratorboard communicate by the memory mapped I/O method. The PDA base board includes a 32bit RISC type ARM920T processor. This system can exchange data with other system through wireless. The communication employs the IP-sec protocol. Two CPDA systems exchanges security keys according to the Diffie-Helman method as shown in Figure 9. Figure 10 shows a secure video communication between the two C-PDA systems. The C-PDA (ALICE) encrypts a movie file with an exchanged key and sends to another C-PDA (BOB) system though wireless media. Th receiver C-PDA (BOB) decrypts
13
the received encrypted movie data with the same key and displays the original movie on a screen.
Fig 5.3 Key Exchange of two C-PDA System
Fig 5.4 Secure video communication between two C-pda System
14
Chapter 6
CONCLUSION
This paper presents a design and implementation of a crypto-processor for a security system. The cryptoprocess comprises ECC, AES, ARIA, MD5, SHA-1, and a random number generator. Proposed design can match ADSP-2141L in performance. But, new crypto algorithms are added to increase security level. The onboard algorithms support most secrecy services on various security applications such as a mobile system, a network system and storage devices without compromising speed and cost. A C-PDA system accommodating the cryptography modules was designed for demonstration purposes. The designed crypto-processor should help the protection of personal information and sensitive proprietary data from unwanted eavesdroppers.
15
Chapter 7
REFERENCES
1. http/www.analog.com/technical library/datasheets.html 2. www.wikipedia.com
16

A Security PDA System Based On Cryptoprocessor

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A Security PDA System Based On Cryptoprocessor

Uploaded by

Copyright:

Available Formats

Seminar report 2007-08