![Page 1: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/1.jpg)
Université de Provence
Design and development of areconfigurable cryptographic
co-processor
Daniele Fronte
Soutenance de thèse Marseille, 8 Juillet 2008
Superviseur industriel : Eric PayratDirecteur de thèse : Annie Pérez
![Page 2: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/2.jpg)
2
Daniele Fronte ®
Sommaire
1)1) IntroductionIntroduction Cahier des charges et objectifsCahier des charges et objectifs
Choix des algorithmesChoix des algorithmes
2)2) CoprocesseurCoprocesseur ArchitectureArchitecture
Exécution de micro-instructionsExécution de micro-instructions
3)3) Résultats Résultats Validation FPGAValidation FPGA
Synthèse ASICSynthèse ASIC
4)4) ConclusionsConclusions
![Page 3: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/3.jpg)
3
Daniele Fronte ®
Cahier des charges du Coprocesseur
1)1) Cryptographie Cryptographie
2)2) Multi-algorithmesMulti-algorithmes
3)3) Systèmes embarquésSystèmes embarqués
4)4) Sécurité Sécurité
5)5) Cellules standards d’AtmelCellules standards d’Atmel
6)6) Puces - Lecteurs de cartes à pucePuces - Lecteurs de cartes à puce
![Page 4: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/4.jpg)
4
Daniele Fronte ®
Choix
1)1) CryptographieCryptographie
Clé secrète?Clé secrète?
Clé publique?Clé publique?
2)2) Multi-algorithmesMulti-algorithmes
Algorithmes standards/propriétairesAlgorithmes standards/propriétaires
Multi-algorithmesMulti-algorithmes
Quel degré de reconfigurabilité? Quel degré de reconfigurabilité?
FPGA ou pas de FPGA? FPGA ou pas de FPGA?
3)3) Systèmes embarquésSystèmes embarqués
TailleTaille
PerformancesPerformances
4)4) Sécurité Sécurité
Attaques latérales de canal: SPA, DPA…Attaques latérales de canal: SPA, DPA…
![Page 5: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/5.jpg)
5
Daniele Fronte ®
DES, AES
Cryptographie à clé secrèteCryptographie à clé secrète
Alice Bob
DES DES-1
![Page 6: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/6.jpg)
6
Daniele Fronte ®
DES
Taille du bloc données : 64 bits Taille initiale de la clé : 56 bits
1. Permutation Initiale
2. 16 boucles : Fonction F Ou exclusif
3. Permutation finale
Message en clair
L
Message encrypté
R
L0 R0
L16 R16
16 boucles
IP
FP
F
F
F
F
32 32
32 32
![Page 7: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/7.jpg)
7
Daniele Fronte ®
Détails de DES
Fonction F :
1. Expansion E
2. Ou exclusif
3. Sbox
4. Permutation P
E
S1 S2 S3 S4 S5 S6 S7 S8
P
R Clé
4832
48
32
32
![Page 8: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/8.jpg)
8
Daniele Fronte ®
AES
Taille du blocs données : 128 bits
Taille initiale de la clé : 128, 192, 256 bits
10 boucles, dont 8 avec :
1. Sbox
2. ShiftRows
3. MixColumns
4. AddRoundKeys
![Page 9: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/9.jpg)
9
Daniele Fronte ®
Détails de AES
Transformations :
1. Sbox
2. ShiftRows
3. MixColumns
4. AddRoundKeys
![Page 10: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/10.jpg)
10
Daniele Fronte ®
Détails de AES
Transformations :
1. Sbox
2. ShiftRows
3. MixColumns
4. AddRoundKeys
![Page 11: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/11.jpg)
11
Daniele Fronte ®
Détails de AES
Transformations :
1. Sbox
2. ShiftRows
3. MixColumns
4. AddRoundKeys
![Page 12: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/12.jpg)
12
Daniele Fronte ®
Détails de AES
Transformations :
1. Sbox
2. ShiftRows
3. MixColumns
4. AddRoundKeys
![Page 13: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/13.jpg)
13
Daniele Fronte ®
SHA
Fonction de HachageFonction de Hachage
SHA
000
8AEFB06C 426E07A0
A671A1E2 588B4858
D694A730
input
Hash sum
SHA
001
E193A01E CF8D30AD
0AFFEFD3 32CE934E
32FFCE72
SHA
010
47AB9979 443FB7ED
1C193D06 773333BA
7876094F
![Page 14: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/14.jpg)
14
Daniele Fronte ®
Utilisation de SHA
Message SHA
517F3AB6
Condensé
Alice
Bob
Si oui, le message est authentique et intègre
Message, condensé
Message SHA
517F3AB6
Condensé
=?
![Page 15: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/15.jpg)
15
Daniele Fronte ®
Détails de SHA-256
Taille du blocs données : (multiple de) 512 bits Taille du condensé : 256 bits
64 boucles : 8 variables: A, B, … , H
4 Fonctions: Ch, Maj, Σ0, Σ1
64 valeurs temporaires Wt
Ou exclusif
Ch
Σ1
Σ0
Maj
Wt
Kt
![Page 16: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/16.jpg)
16
Daniele Fronte ®
Opérations requises
Sbox Look up table 8 bits
Shift Rows Rotation à droite 8 bits
Mix Columns xtime, Ou exclusif 8 bits
Add Round Key Ou exclusif 8 bits
Ou exclusif Ou exclusif 32 bits
Rotation Rotation 1 bit
IP, IP-1, PC1, PC2, E Permutations Bit à bit
SBox Look up table Bit à bit
Ou exclusif Ou exclusif 32 bits
Addition Addition 32 bits
Décalage Décalage 32 bits
Rotation Rotation 32 bits
AES
DES
SHA
![Page 17: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/17.jpg)
17
Daniele Fronte ®
Coprocesseur Cryptographique Reconfigurable
krypton, encrypt, crypto etc. déjà utilisés !
Cryptographie en grecque : Kriptós = cacher
Gràfo = écrire
Cryptographie en latin Celare = cacher
= Celator
![Page 18: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/18.jpg)
18
Daniele Fronte ®
Architecture de Celator
![Page 19: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/19.jpg)
19
Daniele Fronte ®
Réseaux systoliques de processeurs
PE PE PE PE
PE PE PE PE
PE PE PE PE
PE PE PE PE
Input data streams
Input data streams
Inp
ut
dat
a st
ream
s
Inp
ut
dat
a st
ream
s
Processing Elements : Grain fin Grain gros 1D, 2D, 3D
![Page 20: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/20.jpg)
20
Daniele Fronte ®
Construisons un Processing Element array
1 2 3 4
5 6 7 8
9 10 11 12
13 14 15 16
Systolic Processor Network Data matrix
![Page 21: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/21.jpg)
21
Daniele Fronte ®
PE Array, Controller
PE PE PEPE
PE PE PEPE
PE PE PEPE
PE PE PEPE
Controller
Data Bus
Processing Element
Control Bus
![Page 22: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/22.jpg)
22
Daniele Fronte ®
PE Array, Controller, CRAM
PE
ArrayCRAM
Controller Reconfigurabilité donnée par :
Réseau systolique de Processing Elements
CRAM
![Page 23: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/23.jpg)
23
Daniele Fronte ®
IF
MainMemory
ARM 7TDMI
PEArray
Controller
Celator
CRAM
Programs
and
Data
Vue générale du système
Other
Peripherals
AHB
![Page 24: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/24.jpg)
24
Daniele Fronte ®
Interface Advanced High-performance Bus (AHB)
HSEL_RAM
HWRITE
HWDATA [31:0]
HRDATA [31:0]
HSEL_REG
HADDR [ 11: 0]
interruptStatus reg
Control reg
Split Address regData/controls
From/to CRAM
Data/controls
From/to Controller
CPU_clock Celator_clock
![Page 25: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/25.jpg)
25
Daniele Fronte ®
PE array
PE00 PE01 PE02 PE03
PE10 PE11 PE12 PE13
PE20 PE21 PE22 PE23
PE30 PE31 PE32 PE33
PE array northern data I/O
PE array southern data I/O
32-bits
32-bits
32-bits32-bits
PE
array eastern d
ata I/OPE
arr
ay w
este
rn d
ata
I/O
MUX_N
MUX_EMUX_W
MUX_S
![Page 26: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/26.jpg)
26
Daniele Fronte ®
Exemple d’exécution
• Remplissage de la CRAM
• Lecture des micro-instructions
• AES Shift Rows
![Page 27: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/27.jpg)
27
Système
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
![Page 28: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/28.jpg)
28
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
![Page 29: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/29.jpg)
29
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
AES-1
![Page 30: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/30.jpg)
30
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
AES-1AES-2
![Page 31: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/31.jpg)
31
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
AES-2AES-3
AES-1
![Page 32: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/32.jpg)
32
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
AES-3AES-4
AES-1AES-2
![Page 33: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/33.jpg)
33
CRAMAES-6
Remplissage de la CRAM
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
PE in 32
Reg XReg Y
AES-3AES-4
AES-1AES-2
AES-7
AES-5
DATA-3
DATA-1DATA-2
CRAM
![Page 34: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/34.jpg)
34
Démarrage de Celator
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
![Page 35: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/35.jpg)
35
Lecture des micro-instructions
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
ControllerPE in 32
Reg XReg Y
AES-1
![Page 36: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/36.jpg)
36
Chargement des données dans le PE array
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
Data 1
![Page 37: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/37.jpg)
37
Chargement des données dans le PE array
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
Data 2
![Page 38: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/38.jpg)
38
Chargement des données dans le PE array
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
Data 3
![Page 39: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/39.jpg)
39
Chargement des données dans le PE array
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
Data 4
![Page 40: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/40.jpg)
40
AES Shift Rows
![Page 41: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/41.jpg)
41
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
PE in 32
Reg XReg Y
![Page 42: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/42.jpg)
42
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
![Page 43: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/43.jpg)
43
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 44: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/44.jpg)
44
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 45: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/45.jpg)
45
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
PE in 32
Reg XReg Y
![Page 46: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/46.jpg)
46
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
![Page 47: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/47.jpg)
47
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 48: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/48.jpg)
48
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 49: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/49.jpg)
49
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
PE in 32
Reg XReg Y
![Page 50: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/50.jpg)
50
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
PE Array
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU
CRAM
32Do
Controller32PE in
Reg XReg Y
![Page 51: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/51.jpg)
51
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 52: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/52.jpg)
52
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
32PE in
Reg XReg Y
![Page 53: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/53.jpg)
53
AES Shift Rows
CPU
32
interface
32
Di CPUDi Controller
Address Controller
12Address CPU 12
Co
ntr
ol i
n
Co
ntr
ol o
ut
6 6
Sta
tus
in
stat
us
ou
t
6 6
32
32
32 HRDATA
HWDATA
HADDR
Status reg
Control reg
Split Address reg
Controller
32
32
PE out
32Do CPU32
Do Controller
CRAM
PE in 32
Reg XReg Y
![Page 54: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/54.jpg)
54
Daniele Fronte ®
FPGA Validation
![Page 55: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/55.jpg)
55
Daniele Fronte ®
FPGA Validation
Celator a été : Ecrit en RTL Verilog HDL Simulé par Mentor Modelsim Synthétisé (FPGA) par Mentor Precision RTL Placé et routé par Xilinx ISE Téléchargé dans une carte FPGA Xilinx Virtex II
Les tests sur FPGA ont été faits à l’aide de la suite ARM developper
![Page 56: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/56.jpg)
56
Daniele Fronte ®
FPGA Validation
AESDESSHA
012345678901
ppm filejpg file
DCD 0x0123DCD 0x4567DCD 0x8901
dcd file
0x92670x23010x4805
926723014805
ppm file
Celator (FPGA)
jpg file
AES-1
DES-1
012345678901
ppm filejpg file
DCD 0x0123DCD 0x4567DCD 0x8901
dcd file Celator (FPGA)
0x45D5BA3
![Page 57: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/57.jpg)
57
Daniele Fronte ®
AES (ECB et CBC modes) : Lena
AES-1
CBC mode
AES128 128
128 128
AES128 128
AES-1
128 128
ECB mode
![Page 58: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/58.jpg)
58
Daniele Fronte ®
DES (ECB et CBC modes) : Lena
DES-1
CBC mode
DES64 64
64 64
DES64 64
DES-1
64 64
ECB mode
![Page 59: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/59.jpg)
59
Daniele Fronte ®
SHA
Condensé :
D0E309A7 88BE2E1B 255BEE42 B18B0675
174E1E05 69063F30 D748EEF4 F236D21D
Lena originale
Lena: un pixel a été modifié
Condensé :
38F26C9A B2DC15A3 845E6AAD 6B94495C
9747FE14 86E513D1 D2FD2CE7 BDA331C3
![Page 60: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/60.jpg)
60
Daniele Fronte ®
Résultats ASIC
![Page 61: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/61.jpg)
61
Daniele Fronte ®
Résultats de synthèse ASIC
Celator a été :
Ecrit en RTL Verilog HDL
Simulé par Mentor Modelsim
Synthétisé (ASIC) par Synopsys Design Compiler
Placé et routé par Cadence Encounter
![Page 62: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/62.jpg)
62
Daniele Fronte ®
Algorithmes exécutés par Celator
0
1000
2000
3000
4000
5000
6000
Cycles
DES AES SHA
Keys scheduling
Encryption
Decryption
Hashing
![Page 63: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/63.jpg)
63
Daniele Fronte ®
DES
0% reconf. FPGA 100% reconfigurable (HW sbox)x% reconf.
0
100
200
300
400
500
600
700
Atmel Celator Saquib Ebiham 1 Ebiham 2
Cycles Bitrate (Mbps)
![Page 64: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/64.jpg)
64
Daniele Fronte ®
SHA
1
10
100
1000
10000
Rchaves Iahmad Cadence Celator
Cycles Bit-Rate
0% reconf. x% reconf.0% reconf. 0% reconf.
![Page 65: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/65.jpg)
65
Daniele Fronte ®
Tailles et performances (pour AES)
0% reconf. 100% reconf.x% reconf. 100% reconf.Technologie 130nm
(*) Les mémoires ne sont pas comptées
1
10
100
1000
10000
Atmel HW Macro Celator µ ARM 7 TDMI µ AVR
Cycles Bit-rate (Mbps)
![Page 66: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/66.jpg)
66
Daniele Fronte ®
Conclusions sur Celator
1)1) Coprocesseur multi-algorithmesCoprocesseur multi-algorithmes
2)2) Algorithmes Standards exécutés : AES, DES, SHA Algorithmes Standards exécutés : AES, DES, SHA
3)3) Possibilité d’implémenter des algorithmes propriétairesPossibilité d’implémenter des algorithmes propriétaires
4)4) Performances : Performances :
AES 47 MbpsAES 47 Mbps
DES 24 MbpsDES 24 Mbps
SHA 5 MbpsSHA 5 Mbps
Améliorations récentes :
• AES + 20%
• DES + 20%
• SHA + 40%
Taille totale estimée : + 5%
![Page 67: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/67.jpg)
67
Daniele Fronte ®
Prévision à court terme
1)1) Intégration dans la nouvelle génération de Intégration dans la nouvelle génération de
lecteurs de cartes à puces lecteurs de cartes à puces
2)2) Marché cible : télé à la demandeMarché cible : télé à la demande
3)3) Certification de sécurité (EAL5+)Certification de sécurité (EAL5+)
4)4) Exécution d’autres algorithmesExécution d’autres algorithmes
![Page 68: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/68.jpg)
68
Daniele Fronte ®
Celator Team
Eric PAYRATAtmel
Annie PEREZIM2NP
Daniele FRONTEAtmel & IM2NP
Vincent MOLLETPolytech’Marseille
Celine HUYNH VAN THIENGPolytech’Marseille
®
![Page 69: Design and development of a reconfigurable cryptographic co-processor](https://reader035.vdocuments.net/reader035/viewer/2022062800/568142b5550346895daef68c/html5/thumbnails/69.jpg)
69
Daniele Fronte ®
Merci pour votre attention