George N. Selimis

VLSI implementation of the keyed-hash message authentication code for the wireless application protocol

Security has become a highly critical issue in the provision of mobile services. The Wireless Application Protocol (WAP) has specified a powerful security layer, the WTLS. The Keyed-Hash Authentication Code (HMAC) has been adopted by the WTLS in order to support the special demands for authentication with security of high-level strength. A VLSI architecture and the FPGA implementation of HMAC for the WTLS are proposed in this work. The introduced design is based on the SHA-1 hash function. The implementation results for both the HMAC and the SHA-1 proposed architectures are compared with other related works. From these comparisons, it is proven that the proposed system performs better in all of the cases. It is also superior to the conventional hardware implementations by using the area-delay product. In addition to the WAP protocol, the proposed architecture can be implemented for any authentication system of computer networks and wireless protocols, with high-performance demands and hard secure authentication needs at the same time.

Improved throughput bit-serial multiplier for GF(2m) fields

High throughput is a crucial factor in bit-serial GF(2^m) fields multiplication for a variety of different applications including cryptography, error coding detection and computer algebra. The throughput of a multiplier is dependent on the required number of clock cycles to reach a result and its critical path delay. However, most bit-serial GF(2^m) multipliers do not manage to reduce the required number of clock cycles below the threshold of m clock cycles without increasing dramatically their critical path delay. This increase is more evident if a multiplier is designed to be versatile. In this article, a new versatile bit-serial MSB multiplier for GF(2^m) fields is proposed that achieves a 50% increase on average in throughput when compared to other designs, with a very small increase in its critical path delay. This is achieved by an average 33.4% reduction in the required number of clock cycles below m. The proposed design can handle arbitrary bit-lengths upper bounded by m and is suitable for applications where the field order may vary.

Throughput Optimization of the Cipher Message Authentication Code

A new algorithm for producing message authenticating code (MAC) was recently proposed by NIST. The MAC protects both a messages integrity - by ensuring that a different MAC will be produced if the message has changed - as well as its authenticity - because only someone who knows the secret key could be able to generate a valid MAC. The proposed process incorporates a FIPS approved and secure block cipher algorithm which was standardized by NIST in May, 2005. The first implementation of the CMAC is presented in this paper. Throughput has been the main design target. The proposed implementation goes one step further introducing an optimized ciphering core to achieve competitive throughput for CMAC, compared to alternative MACs.

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the Wired Equivalent Privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the Advanced Encryption Standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A Field Programmable Gate Array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

A Low Power Design for Sbox Cryptographic Primitive of Advanced Encryption Standard for Mobile End-Users

Most known Sbox Advanced Encryption Standard implementations aim at minimizing chip covered area or achieving high throughput, and usually power consumption is a secondary metric of their cost. However, the need for low power applications with strict chip covered area constrains is great especially in mobile devices. In this paper low power architectures in limited area resources are proposed for Sbox, the basic cryptographic primitive of AES. Those architectures support encryption and decryption operation modes. In our proposed implementations, retaining a small chip covered area cost, hardware techniques for low power design, such as re-ordering of the components,

Applying Low Power Techniques in AES MixColumn/InvMixColumn Transformations

In low power resources environments with increased security needs, like smart cards or RFIDs tags, power consumption plays a crucial role in system efficiency. Since AES algorithm is widely used in the above applications, power efficient design of this algorithm is essential. However few researchers have extensively studied this issue but rather focus on high throughput designs. In this paper the low power techniques of Resource Sharing and Power Management are applied in a 32-bit architecture for the MixColumn/InvMixColumn transformation of the Advanced Encryption Standard. The proposed architecture performs multiplication in GF(28) field of a byte Si,j . with specific constants, using a common data path. Low power consumption is also achieved by deactivating the unused parts of the data path when MixColumn Transformation is performed. The proposed architecture achieves low power consumption and low area resources compared to other designs.

A Hardware Implementation of CURUPIRA Block Cipher for Wireless Sensors

An architecture and VLSI implementation of a new block cipher called Curupira is presented in this paper. This cipher is suitable for wireless sensors and RFID applications. Our 0.13 mum implementation requires resources of 9450 gate equivalences and is capable to encrypt a plaintext in 10 clock cycles. The cipher achieves a maximum throughput up to 2361 Mbps at 246 MHz for encrypting/decrypting. When clocked at 100 KHz a throughput of up to 960 Kbps is achieved and an average power of 0.04 mW is drawn.

Multi-Operation cryptographic engine: VLSI design and implementation

The environment of smart card lacks of system resources but the commercial and economic transactions via smart cards demand the use of certificated and secure cryptographic methods. In this paper a cryptographic approach in hardware for smart cards is proposed. The proposed system supports two basic operations of cryptography, authentication and encryption. The basic component of system is the one round of DES algorithm which supports the DES, Triple DES and the ANSI X9.17 standards. The proposed system is efficient in terms of area resources and techniques for low power consumption have applied. Due to the fact that the system is for smart card applications the overall throughput outperforms the typical smart card throughput standards.