a security pda system based on cryptoprocessor

7/29/2019 A Security PDA System Based on Cryptoprocessor

1/19

Seminar report 2007-08 A Security PDA system based on Cryptoprocessor

ACKNOWLEDGEMENT

Acknowledgement would be hollow and unfound if we fail to thank the entire

faculty of the Electronics and Communication Dept. of Govt. College of Engg.,

Kannur.

We are highly indebted to our respected Head of the Department and guide for

their excellent guidance and cooperation.

In addition we express our heartfelt gratitude to the seminar coordinator Asst.

for his support.

We are also grateful to the faculty of the Dept. Computer Lab for their timely

help.

We would also like to thank all our friends, who were source of constant

encouragement.

Finally, we owe everything to our parents who have been making supreme

sacrifice every time we cross a milestone in our life.

DHANALAKSHMI. P.P

Dept. of Electronics and Communication Govt. College of Engineering, Kannur


2/19


ABSTRACT

. The crypto algorithms comprised the ECC public

algorithm, the AES and ARIA private key algorithms, the MD5 and

SHA-1 hash algorithms and a random number generator. The design

was based on a 0.25um CMOS standard cell library. The proposed

crypto-processor is good security level better than the compared

design. A security circuit board accommodating the cryptography

chip was developed for secure services of various applications.



3/19


CONTENTS

1. Introduction 1

2. Cryptoprocessor Design 2

2.1 Public Key Algorithm 3

2.2 Block Cipher Algorithm 4

2.3 Hash and Random Number Generator 83. Performance results 9

4. Features of the Cryptoprocessors 10

5. Application 11

6. Conclusion 14

7. References 15



4/19


Chapter 1

INTRODUCTION

Cryptography algorithms provide secure

services such as message confidentiality, data integrity,

authentication and identification in communication. The mobile

systems need secure services. The cryptography algorithms need to

be implemented as hardware. Because cryptography algorithms

demand heavy arithmetic operations their efficiency can be

decreased, when we implement the cryptography algorithms as

software. Security applications such as Crypto API consume more

than 95% of CPU resource for arithmetic . Crypto-processors and

security accelerators are developing for a solution of this problem .

This paper presents a design and implementation of a crypto-

processor comprising major cryptography algorithms to cover vast

areas of security system applications. The design focuses not only

on highthroughput for network applications but also smaller size for

portable devices. A PDA system the cryptoprocessor has been

developed for verification purposes.

Dept. of Electronics and Communication Govt. College of Engineering, Kannur1


5/19


Chapter 2

CRYPTOPROCESSOR DESIGN

This section presents an integration chip design by a crypto-

processor including ECC, Block Cipher (AES, ARIA), Hash, and

Random Number Generator.

2.1. Public Key Algorithm

The authentication and identification services use the asymmetric

ciphers such as ECC. The ECC block in this paper has a new

architecture based on GF(p). We modify the Montgomery multiplier

using precomputation and high-radix multiplication . It can increase

throughput by simpler carry propagations in additions and easier

quotient estimations. Figure 1 shows the ECC block structure. The

ECC block comprises three components: Main Controller (MC),

Arithmetic Controller (AC) and Arithmetic Unit (AU). MC controls the

computation of kp in the ECC algorithm, and interfaces with the host

CPU of its PDA. AC performs point additions, point doubling and

coordinate translations, and controls AU. AU is the main processing

unit of the ECC block. It comprises a register file, adders and

multiplier, and performs addition, squaring, multiplication and

inversion in GF(p) under the control of AC.



6/19


Fig 2.1.1 Structure of ECC Block



7/19


2.2. Block Cipher Algorithm

The AES algorithm implemented in this research employs the full AES

standards including variable length keys of 128/192/256 bits [6]. In this, the

architecture for 128-bit AES has been designed. The number of rounds depend on

both of these parameters . Therefore, the cipher in all configurations presented

operates in Nr = 10 rounds.



8/19


Fig. 2.2.1: Structure of AES algorithm

Fig. 2.2.1 shows the encryption and decryption structure of the AES

algorithm applied in this work. In encryption, after he initial roundkey addition, Nr

rounds are performed. The operations are the same in the first Nr -1 rounds, with a

small difference in the final round. As shown in Fig. 2.2.1(a), each of the first Nr-1

rounds consists of four transformations: SubBytes, ShiftRows, MixColumns and

AddRoundKey. The final round excludes the MixColumns transformation. The

decryption algorithm uses a different ordering of the inverse forms of the

transformations used in the encryption algorithms as shown in Fig. 2.2.1(b). The four

transformation operations are summarized as follows:

SubBytes: This transformation is a non-linear byte substitution using a substitution

table (S-box). The S-box is constructed of the compositions of two transformations:

multiplicative inverse in GF(28) with irreducible polynomial m(x) = x8+x4+x3+x+1,

and an affine mapping over GF(2). Inthe decryption process, the inverse S-box is

used.

ShiftRows: In this transformation, the rows of the State shift cyclically to the left

with different offsets. In the decryption process, the shifting offsets have different

values.

MixColumns: The MixColumns transformation is performed on the State column-

by-column. Each column is considered as s four-term polynomial over GF(28)

anmultiplierby a(x) modulo x4 + 1, given by a(x) = {03}x3+ {01}x2 + {01}x + 1 for

encryption and a(x) = {0B}x3 + {0D}x2 + {09}x + {0E} for decryption process.



9/19


AddRoundKey: In this transformation, a round key is added to the State using a

bitwise Exclusive-OR (XOR) operation. AddRoundKey is the same for the decryption

process.

The decryption model given in Fig. 2.2.1(b) is modified from the

original described in the NIST standard. It has been rearranged with some changes to

the key generation unit to obtain a structure similar to the encryption model. This

modification is based on the properties of the AES algorithm, which is:

InvShiftRows transformation immediately followed by an InvSubBytes

transformation is equivalent to InvSubBytes transformation immediately followed by

an InvShiftRows transformation.

InvMixColumns transformation is linear, which means: InvMixColumns(State

XOR roundkey) = InvMixColumns(State) XOR InvMixColumns(roundkey)

Fig. 2.2.2 shows the hardware architecture of AES crypto processor

core designed in this work. It combines encryption and decryption into one block,

permitting the sharing of common modules. This crypto processor is designed based

on 4-state pipeline so as to increase the maximum running frequency and timing

performance. It consists of three main modules, which are KeyGen, Control Unit and

Encryption/Decryption Unit. The KeyGen is designed to generate the roundkey for

AddRoundKey transformation in every round. The data path for

encryption/decryption is as follows:

Pt/Ct m2 ARK M-SB M-SR M-MC m1m2ARK Ct/Pt. We

implemented the SubBytes block (S-box) based on the calculation of multiplicative

inverse and affine transform instead of using ROM-based lookup table to reduce the

hardware logic count



10/19


.

Fig 2.2.2 Block Diagram of AES 128 Core

The symmetric ciphers such as Block Cipher (AES,

ARIA) are for confidential message exchanges. The proposed symmetric cipher

module complies with the AES and ARIA standard. It operates in Cipher Block



11/19


Chaining (CBC) and Electronic Code Block (ECB) modes. There is no throughput

degradation in the CBC mode even under the feedback operation. Both AES and

ARIA algorithms employ the one round loop structure for high performance.

2.3. Hash and Random Number Generator

Hash algorithms are for message

authentication. SHA-1 implemented in this design employs the key

length of 160bits [8]. The circuit for SHA-1 comprises control,

parsing, internal number generation, hashing operation and output

circuit units as shown in Figure 4. The control unit fetches user

commands and generates control signals for hashing operations.

The internal number generator schedules hashing operations

processing incoming data. The hash value generated by the hash

computation is used to determine the message digest. Carry save

adders in this design yield higher throughput. The random number

generator is an essential element achieving a high level of security.



12/19


Fig 2.3.1 Hash Function For SHA-1

Chapter 3

PERFORMANCE RESULTS

This section reports the performance of the proposed crypto-

processor. The crypto-processor was modeled in Verilog-HDL and

VHDL. It was synthesized using Synopsys Design Analyzer based on

the 0.25 m CMOS standard cell library. In Table 1 summarizes the performance comparison of the two crypto-processors.



13/19


Table 3.1 Performance Comparison Of Two Cryptoprocessors at

33MHz 40MHz

The ADSP-2141L is commercial crypto processor from Analog

Device Inc. [11]. The proposed design yield similar performace, but

new crypto algorithms such as ECC, AES and ARIA are added to

enhance the security level. Figure 6 shows the crypto-processor die

photo. We fabricated the crypto-processor chip exploiting a 0.25 m

CMOS standard cell library. The target frequency is 40MHz. Also,

hardware size has about 445K EG. Table 2 summarizes the crypto-

processor features.



14/19


Chapter 4

FEATURES OF THE CRYPTOPROCESSORS

Table 4.1:Features

Figure4.1 Crypto-processor chip photo



15/19


Chapter 5

APPLICATION

We designed a C (crypto)-PDA system including the crypto-processor for a test in mobile environment test. We designed a

security circuit board carrying the crypto-processor. Figure 7 shows

a structure connecting the PDA base board and a security

accelerator.

Fig 5.1 C-PDA Device with proposed cryptoprocessor

The bus controller design aims at high bus usage

among functional modules and the proposed 32 bit CTM bus. Figure

8 shows a structure connecting the PDA board and the functional

units.



16/19


Fig 5.2 Structure of a C-PDA System

The PDA board assumes an AMBA bus. The overall secure

communication system consists of two PDA base boards and a

security accelerator board. The PDA base boards and the security

acceleratorboard communicate by the memory mapped I/O method.

The PDA base board includes a 32bit RISC type ARM920T processor.

This system can exchange data with other system through wireless.

The communication employs the IP-sec protocol. Two CPDA systems

exchanges security keys according to the Diffie-Helman method as

shown in Figure 9. Figure 10 shows a secure video communication

between the two C-PDA systems. The C-PDA (ALICE) encrypts a

movie file with an exchanged key and sends to another C-PDA (BOB)

system though wireless media. Th receiver C-PDA (BOB) decrypts



17/19


the received encrypted movie data with the same key and displays

the original movie on a screen.

Fig 5.3 Key Exchange of two C-PDA System

Fig 5.4 Secure video communication between two C-pdaSystem



18/19


Chapter 6

CONCLUSION

This paper presents a design andimplementation of a crypto-processor for a security system. The

cryptoprocess comprises ECC, AES, ARIA, MD5, SHA-1, and a

random number generator. Proposed design can match ADSP-2141L

in performance. But, new crypto algorithms are added to increase

security level. The onboard algorithms support most secrecy

services on various security applications such as a mobile system, a

network system and storage devices without compromising speedand cost. A C-PDA system accommodating the cryptography

modules was designed for demonstration purposes. The designed

crypto-processor should help the protection of personal information

and sensitive proprietary data from unwanted eavesdroppers.



19/19


Chapter 7

REFERENCES

1. http/www.analog.com/technical library/datasheets.html

2. www.wikipedia.com
http://www.wikipedia.com/http://www.wikipedia.com/

a security pda system based on cryptoprocessor

Documents