Nuray At

Compact Keccak Hardware Architecture for Data Integrity and Authentication on FPGAs

ABSTRACT Cryptographic hash functions play a crucial role in networking and communication security, including their use for data integrity and message authentication. Keccak hash algorithm is one of the finalists in the next generation SHA-3 hash algorithm competition. It is based on the sponge construction whose hardware performance is worth investigation. We developed an efficient hardware architecture for the Keccak hash algorithm on Field-Programmable Gate Array (FPGA). Due to the serialization exploited in the proposed architecture, the area needed for its implementation is reduced significantly accompanied by higher efficiency rate. In addition, low latency is attained so that higher operating frequencies can be accessed. We use the coprocessor approach which exploits the use of RAM blocks that exist in most FPGA platforms. For this coprocessor, a new datapath structure allowing parallel execution of multiple instructions is designed. Implementation results prove that our Keccak coprocessor achieves high performance in a small area.

Improving the computational efficiency of modular operations for embedded systems

Abstract Security protocols such as IPSec, SSL and VPNs used in many communication systems employ various cryptographic algorithms in order to protect the data from malicious attacks. Thanks to public-key cryptography, a public channel which is exposed to security risks can be used for secure communication in such protocols without needing to agree on a shared key at the beginning of the communication. Public-key cryptosystems such as RSA, Rabin and ElGamal cryptosystems are used for various security services such as key exchange and key distribution between communicating nodes and many authentication protocols. Such public-key cryptosystems usually depend on modular arithmetic operations including modular multiplication and exponentiation. These mathematical operations are computationally intensive and fundamental arithmetic operations which are intensively used in many fields including cryptography, number theory, finite field arithmetic, and so on. This paper is devoted to the analysis of modular arithmetic operations and the improvement of the computation of modular multiplication and exponentiation from hardware design perspective based on FPGA. Two of the well-known algorithms namely Montgomery modular multiplication and Karatsuba algorithms are exploited together within our high-speed pipelined hardware architecture. Our proposed design presents an efficient solution for a range of applications where area and performance are both important. The proposed coprocessor offers scalability which means that it supports different security levels with a cost of performance. We also build a system-on-chip design using Xilinx’s latest Zynq-7000 family extensible processing platform to show how our proposed design improve the processing time of modular arithmetic operations for embedded systems.

Compact Implementation of Threefish and Skein on FPGA

The SHA-3 finalist Skein is built from the tweak able Threefish block cipher. In order to have a better understanding of the computational efficiency of Skein (resource sharing, memory access scheme, scheduling, etc.), we design a low-area processor for Threefish and describe how to implement Skein on our architecture. We harness the intrinsic parallelism of Threefish to design a pipelined ALU and interleave several tasks in order to achieve a tight scheduling. From our point of view, the main advantage of Skein over other SHA-3 finalists is that the same coprocessor allows one to encrypt or hash a message.

Compact Hardware Architecture for Hummingbird Cryptographic Algorithm

Hummingbird is an ultra-lightweight cryptographic algorithm aiming at resource-constrained devices. In this paper, we present an enhanced hardware implementation of the Hummingbird cryptographic algorithm that is based on the memory blocks embedded within Spartan-3 FPGAs. The enhancement is not only from the introduction of the coprocessor approach but also from the employment of serialized data processing principles. Due to the compactness of the proposed architecture, remaining reconfigurable area in FPGAs can be used for other purposes. Comparisons to the other reported FPGA implementation of the Hummingbird cryptographic algorithm indicate that the proposed architecture outperforms the previous work in terms of both efficiency and area. We remark that our architecture can also be used as stand-alone although it is built via coprocessor approach.

Compact Hardware Implementations of ChaCha, BLAKE, Threefish, and Skein on FPGA

The cryptographic hash functions BLAKE and Skein are built from the ChaCha stream cipher and the tweakable Threefish block cipher, respectively. Interestingly enough, they are based on the same arithmetic operations, and the same design philosophy allows one to design lightweight coprocessors for hashing and encryption. The key element of our approach is to take advantage of the parallelism of the algorithms considered in this work to deeply pipeline our Arithmetic and Logic Units, and to avoid data dependencies by interleaving independent tasks. We show for instance that a fully autonomous implementation of BLAKE and ChaCha on a Xilinx Virtex-6 device occupies 144 slices and three memory blocks, and achieves competitive throughputs. In order to offer the same features, a coprocessor implementing Skein and Threefish requires a substantial higher slice count.

A low-area unified hardware architecture for the AES and the cryptographic hash function Grstl

This article describes the design of a compact 8-bit coprocessor for the Advanced Encryption standard (AES) (encryption, decryption, and key expansion) and the cryptographic hash function Grstl. Our Arithmetic and Logic Unit has only one instruction that allows for implementing AES encryption, AES decryption, AES key expansion, and Grstl at all levels of security (i.e. 128-, 192-, and 256-bit encryption keys; 256- and 512-bit message digests). A fully autonomous implementation of Grstl and AES on a Virtex-6 FPGA requires 169 slices and a single 36k memory block, and achieves a competitive throughput (up to 217 Mbits/s and 92 Mbits/s for encryption and hashing, respectively). The proposed coprocessor is well-suited for resource-constrained embedded systems, where several security protocols rely only on block ciphers and hash functions. One can exploit the design philosophy presented in this paper in order to design a unified architecture for other algorithms. An 8-bit coprocessor for the AES and Grstl at all levels of security is proposed.An implementation of the AES and Grstl with a single instruction set architecture is presented.The ALU is deeply pipelined to achieve a high clock frequency.A careful scheduling allows us to avoid data dependency issues.

Efficient paillier cryptoprocessor for privacy-preserving data mining

Paillier cryptosystem is extensively utilized as a homomorphic encryption scheme to ensure privacy requirements in many privacy-preserving data mining schemes. However, overall performance of the applications employing Paillier cryptosystem intrinsically degrades because of modular multiplications and exponentiation operations performed by the cryptosystem. In this study, we investigate how to tackle with such performance degradation because of Paillier cryptosystem. We first exploit parallelism among the operations in the cryptosystem and interleaving among independent operations. Then, we develop hardware realization of our scheme using field-programmable gate arrays. As a case study, we evaluate our cryptoprocessor for a well-known privacy-preserving set intersection protocol. We demonstrate how the proposed cryptoprocessor responds promising performance for hard real-time privacy-preserving data mining applications. Copyright

Design of a scenario-based synthetic mixed pulse generator

Electronic Support Measures (ESM) plays an important role in modern Electronic Warfare (EW) systems. The main purpose of an ESM system is to intercept as many emissions as it can, and then to deinterleave mixed streams of pulses that are interleaved in natural time of arrival order, and thus to identify surrounding emissions. In real life, such systems may encounter with a continuous stream of pulses accompanied by many imperfections, and it should work on real-time basis. In order to handle such circumstances and to develop better deinterleaving algorithms, a simulation tool is needed. In this study, design of a scenario-based mixed pulse generator (simulator) is presented.

On Increasing the Computational Efficiency of Long Integer Multiplication on FPGA

This paper presents a compact hardware architecture for long integer multiplication and proposes a strategy to increase the computational efficiency of the Karatsuba algorithm on FPGA. The presented architecture aims to provide an efficient and compact architecture to be used where long integer multiplication is definitely required such as Cryptography, especially Public Key Cryptography (PKC), Coding theory, DSP and many more. There are several studies in the literature related to increase the efficiency of multiplication, especially in public key cryptography. From our point of view, the main advantage of this method over other existing methods is that recursive utilization of hardware resources with tight scheduling brings better performance with smaller logic area. Our coprocessor is also suitable for multiplications of polynomials in GF(p) and GF(2k). Our method achieves highest available frequency of FPGA. We compare our hardware performance figures for different bit width multiplication with other reported studies. The results show that our architecture combines performance with small area size.

Membership set identification with periodic inputs and orthonormal regressors

In this paper, we study the central and the projection algorithms in membership-set estimation with periodic input signals and orthonormal basis functions for the special case that the number of the estimated parameters equals the input period (or overparameterized model structures). First, we derive explicit formulae for a central algorithm and the diameter of the membership set. Then, we characterize the set of all projection algorithms.