You are on page 1of 13

CHAPTER 1

Introduction:
In order to improve document and border security, the US Department of State has been testing a pilot program of the first US electronic I-cards. The electronic I-cards contain an integrated chip embedded in the cover which stores the same data usually contained in the paper I-cards. They propose to include biometric data such as fingerprint, digital signatures, etc., in the electronic Icards. The cipher key objectives of the initiative are to identify the owner, authenticate the document, and copyright the I-cards [3]. However, there are continuous risks of unauthorized access and modification to the data contained in the I-cards. To prevent unauthorized access, we believe that there is an urgent need for development of chip [2]. Intercepting information could be judicious use of watermarking and encryption at the source end of the biometric process in hardware like digital secure camera or scanners, Intercepting information moves from the chip to the reader etc while watermarking is the process whereby a image is embedded with data for the purpose of copyright protection. Encryption unit is the transformation of data into secret code with the purpose of protecting the secrecy of the data when sent through an insecure channel. In the past, several attempts have been made to create the different units of a digital camera with watermarking capabilities, but few design of the entire digital camera. Only a few of these designs have also incorporated cryptography in the secure digital camera design. As a result, we present a design and the architecture of a digital camera system that incorporates watermarking and encryption.[1]

Objective of the Project:


Two fundamental operations performed by a digital camera are image capturing and storing. The images are subsequently transmitted in various forms over appropriate media. These images are always vulnerable to various forms of copyright attacks and ownership issues. Incorporation of encryption and watermarking together in the digital camera will assist in protecting and authenticating image files. Present work introduces architectural development of the entire Encryption Unit and watermarking Unit for secure camera.

Implementation of AES algorithm for Encryption Unit in verilog. Synthesis of encryption unit in Xilinx9.2i Generation of layout on TSMC CMOS 350nm technology in ICFLOW 2007.1 Integration of encryption and watermarking units.

Scope of the Project:

Encryption and Decryption:


To give sensitive data the highest level of security, it should be stored in encrypted form. The goal of encryption is to make data unintelligible to unauthorized readers and extremely difficult to decipher when attacked. Encryption operations are performed by using random encryption keys. The randomness of keys makes encrypted data harder to attack. Keys are used to encrypt data, but they also perform decryption. This focused on a security solution for protection of data at rest, specifically protection of data that resides in database. The key used in this algorithm is obtained by having the hashed value of the original key generated along with the salt value. Also, the key will be in the rotation mode making quite complex for attacks.
Encryption key @#$%9*&^

Plain text
Mohd nadeem Fig. 1 Encryption unit

Encryption

Ciphertext *&%$#@na*

Decryption key
@#$%9*&^

Ciphertext
*&%$#@na* Fig. 2 Dycryption unit

Dycryption

Plain text
Mohd nadeem

What is AES?
Cryptography plays an important role in the security of data. It enables us to store sensitive information or transmit it across insecure networks so that unauthorized persons cannot read it. The urgency for secure ex-change of digital data resulted in large quantities of different encryption algorithms which can be classified into two groups: Asymmetric encryption algorithms (with public key algorithms) and Symmetric encryption algorithms (with private key algorithms) [1].

Symmetric key algorithms are in general much faster to execute electronically than asymmetric key algorithms. In our case, an external data storage unit in a dependable application has been designed and different symmetric key algorithms have been considered for data encryption. We first considered Data Encryption Standard (DES) as possible candidate because the implementation is relatively simple [2]. Later however this option was rejected due to its vulnerability. As an alternative, AES algorithm was implemented and the results of the experimental feasibility study are reported in the paper. The algorithm originates from the initiative of the National Institute of Standards and Technology (NIST) in 1997 to select a new symmetric key encryption algorithm. From the initial candidates [3], Rijndael algorithm was selected as the Advanced Encryption Standard (AES) [4] due to the combination of security, performance, efficiency, ease of implementation and flexibility. Rijndael is a symmetric byteoriented iterated (each iteration is called a round) block cipher that can process data blocks of 128 bits (4 words), using keys with length of 128, 192 and 256 bits. Rijndael is capable of processing additional block sizes (160, 192 and 244 bits) and key lengths (160 and 244 bits), however they are not adopted in AES. Our implementation refers to AES algorithm. The algorithm is composed of three main parts: Cipher, Inverse Cipher and Key Expansion. Cipher converts data to an unintelligible form called ciphertext while Inverse Cipher converts data back into its original form called plaintext. Key Expansion generates a Key Schedule that is used in Cipher and Inverse Cipher procedure. Cipher and Inverse Cipher are composed of specific number of rounds (Table 1). For the AES algorithm, the number of rounds to be performed during the execution of the algorithm is dependent on the key length [4].

Block Size Nb words AES 128bits key AES 192bits key AES 256bits key Table 1 4 4 4

Key length Nk words 4

Number of rounds Nr 10

12

14

For both its Cipher and Inverse Cipher, the AES algorithm uses a round function that is composed of four different byte-oriented transformations: SubBytes, ShiftRows, MixColumns and AddRoundKey. Inputs and outputs: The input and output for the AES algorithm each consists of sequences of 128 bits. The Cipher Key for the AES algorithm is a sequence of 128, 192 or 256 bits. The basic unit for processing in the AES algorithm is a byte (a sequence of eight bits), so the input bit sequence is first transformed into byte sequence. In the next step a two-dimensional array of bytes (called the State) is built. The State array consists of four rows of bytes, each containing Nb bytes, where Nb is the block size divided by 32 (number of words). All internal operations (Cipher and Inverse Cipher) of the AES algorithms are then performed on the State array, after which its final value is copied to the output (State array is transformed back to the bit sequence). Cipher: Using round function, which is composed of four different byte-oriented transformations, the Cipher converts input data (the input data is first copied to the State array) to an unintelligible form called ciphertext. After an initial Round Key addition, the State array is transformed by implementing a round function with the final round differing slightly from the first Nr 1 rounds. The round function is parameterized using a key schedule that consists of a one-dimensional array of four-byte words (Round Key) derived using the Key Expansion

routine. All Nr rounds (see Table 1) are identical with the exception of the final round, which does not include the MixColumns transformation. Key Schedule: The AES algorithm takes the Cipher Key and performs a Key Expansion routine to generate a Key Schedule. The Key Expansion generates a total Nb(Nr + 1) words ( Nr + 1 Round Keys). Inverse Cipher: At the start of the Inverse Cipher, the input (ciphertext) is copied to the State array. After Round Key addition (the last Round Key is added), the State array is transformed by implementing a round function, that is composed of three different inverse transformations and AddRoundKey transformation (Round Keys are applied in the reverse order when decrypting), with the final round differing slightly from the first Nr 1 rounds. So this procedure converts ciphertext back to its original form called plaintext. All Nr rounds are identical with the exception of the final round, which does not include the Inverse Mix-Columns transformation. The whole AES algorithm is sketched in Figure 1.

ALGORITHM:

Plain text

GENERATE STATE ARRAY

ADD THE FIRST ROUTE KEY

Sub bytes transfor m(s-box)

Shift row transfo rm

Mix column transfor m

Add the i-th round key

i<9

Key schedule

Sub bytes transfor m(s-box)

Shift row transf orm

Add the last round key

CHAPTER 2

Literature Survey: 1) Implementation of Advanced Encryption Standard Algorithm.


M.Pitchaiah, Philemon Daniel, Praveen. International Journal of Scientific & Engineering Research Volume 3, Issue 3, March -2012

Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication and data origin authentication. In data and telecommunications, cryptography is necessary when communicating over any unreliable medium, which includes any network particularly the internet. In this paper, a 128 bit AES encryption and Decryption by using Rijndael algorithm (Advanced Encryption Standard algorithm) is been made into a synthesizable using Verilog code which can be easily implemented on to FPGA. The algorithm is composed of three main parts: cipher, inverse cipher and Key Expansion. Cipher converts data to an unintelligible form called plaintext. Key Expansion generates a Key schedule that is used in cipher and inverse cipher procedure. Cipher and inverse cipher are composed of special number of rounds. For the AES algorithm, the number of rounds to be performed during the execution of the algorithm uses a round function that is composed of four different byte-oriented transformations: Sub Bytes, Shift Rows, Mix columns and Add Round Key. 2) RISC Based Architecture for Customized Cryptographic Instructions.
Fathima Shireen, Syed Musthak Ahmed, G. Krishnamurthy, International Journal of Engineering Science Invention Volume 2 February. 2013

Security is one of the most important features in data communication. Cryptographic algorithms are mainly used for this purpose to obtain confidentiality and integrity of data in communication. Implementing a Cryptographic algorithm on a general purpose processor results in lower throughput and larger power consumption. In this work, we propose processor architecture to perform the cryptographic algorithms that also speeds up the encryption and decryption process of data. This processor will perform the cryptographic operations like general instructions in GPP. The processor architecture is designed using Verilog HDL, with the data size of the processor of 32 bits.

3) A VLSI Architecture for Visible Watermarking in a Secure Still Digital Camera (S2DC) Design.
S. P. Mohanty, Member, IEEE, Nagarajan Ranganathan, Fellow, IEEE, and Ravi K. Namballa (IEEE, VOL.13, NO.8, AUGUST2008)

Watermarking is the process that embeds data called a watermark, a tag, or a label into a multimedia object, such as images, video, or text, for their copyright protection. According to human perception, the digital watermarks can either be visible or invisible. A visible watermark is a secondary translucent image overlaid into the primary image and appears visible to a viewer on a careful inspection. The invisible watermark is embedded in such a way that the modification made to the pixel value is perceptually not noticed, and it can be recovered only with an appropriate decoding mechanism. This paper presents new very large scale integration (VLSI) architecture for implementing two visible digital image watermarking schemes. The proposed architecture is designed to aim at easy integration into any existing digital camera framework. To the authors knowledge, this is the first VLSI architecture for implementing visible watermarking schemes. A prototype chip consisting of 28 469 gates is implemented using 0.35- m technology, which consumes 6.9-mW power while operating at 292 MHz. 4) Data Protection Algorithm Using AES.
Anitha, P. and Palanisamy, V. International Journal of Current Research Vol. 33, Issue, 6, pp.291-294, June, 2011

The paper aims at providing a solution for secure storage of the records in a database. The solution should be prone to less security attacks and should take the optimal time for storage. The algorithm used is AES of stream cipher category. The input and the key can be of variable length. Regarding the key for the algorithm, it is the hashed value of the original key along with the Salt value. Since stream cipher, we will encrypt byte by byte using the key. We have a Permutation box (p-box) and Substitution box (s-box) logic to make the algorithm quite complex and to avoid the security breaches. The Key will be in the rotation mode based on a simple logic being implemented in the algorithm thus making it quite complex for attacks. Thus, the records are stored in the encrypted format in the database.

5) Comparative Analysis of AES and DES security Algorithms.


Sumitra. International Journal of Scientific and Research Publications, Volume 3, Issue 1, January 2013.

In recent years network security has become an important issue. Cryptography has been used to secure data and control access by sharing a private cryptographic key over different devices. Cryptography renders the message unintelligible to outsider by various transformations Data Cryptography is the scrambling of the content of data like text, i mage, audio and video to make it unreadable or unintelligible during transmission. Its main goal is to keep the data secure from unauthorized access. 6) High-Speed VLSI Architectures for the AES Algorithm.
Xinmiao Zhang, Student Member, IEEE, and Keshab K. Parhi, Fellow, IEEE. VLSI SYSTEMS, VOL. 12, NO. 9, SEPTEMBER 2004

This paper presents novel high-speed architectures for the hardware implementation of the Advanced Encryption Standard (AES) algorithm. Unlike previous works which rely on Look up tables to implement the SubBytes and InvSubBytes trans-formations of the AES algorithm, the proposed design employs combinational logic only. As a direct consequence, the unbreakable delay incurred by look-up tables in the conventional approaches is eliminated, and the advantage of subpipelining can be further explored. Furthermore, composite field arithmetic is employed to reduce the area requirements, and different implementations for the inversion in subfield GF(24)are compared. In addition, efficient key expansion architecture suitable for the subpipelined round units is also presented. Using the proposed architecture, a fully subpipelined encryptor with 7 substages in each round unit can achieve a throughput of 21.56 Gbps on a Xilinx XCV1000 e-8bg560 device in non-feedback modes, which is faster and is 79% more efficient in terms of equivalent throughput/slice than the fastest previous FPGA implementation known to date. 7) An Overview of Cryptanalysis Research for the Advanced Encryption Standard.
Alan Kaminsky, Michael Kurdziel, Stanisaw Radziszowski

Since its release in November 2001, the Advanced Encryption Standard (NIST FIPS-197) has been the subject of extensive cryptanalysis research. The importance of this research has intensified since AES was named, in 2003, by NSA as a Type-1 Suite B Encryption Algorithm

(CNSSP-15). As such, AES is now authorized to protect classified and unclassified national security systems and information. This paper provides an overview of current cryptanalysis research on the AES cryptographic algorithm. Discussion is provided on the impact by each technique to the strength of the algorithm in national security applications. The paper is concluded with an attempt at a forecast of the usable life of AES in these applications. 8) Hardware Implementation of AES Algorithm
Marko Mali ,Franc Novak ,Anton Biasizzo. ELECTRICAL ENGINEERING, VOL. 56, NO. 9-10, 2005,

The paper presents a hardware implementation of the AES algorithm developed for an external data storage unit in a dependable application. The algorithm was implemented in FPGA using the development board Celoxica RC1000 and development suite Celoxica DK. The purpose of this prototype version was to test the correctness of the implemented algorithm and to gain experience in optimisation of algorithm structure for the prospective embedded implementation in the target application

You might also like