FPGA BASED CRYPTOGRAPHY - PowerPoint PPT Presentation

1 / 41
About This Presentation
Title:

FPGA BASED CRYPTOGRAPHY

Description:

How Secure Are FPGA's in Cryptographic Applications. Thomas Wollinger and ... attacker can induce a fault and deactivate the key or use other counter measures ... – PowerPoint PPT presentation

Number of Views:476
Avg rating:3.0/5.0
Slides: 42
Provided by: SRI103
Category:

less

Transcript and Presenter's Notes

Title: FPGA BASED CRYPTOGRAPHY


1
FPGA BASED CRYPTOGRAPHY
  • By,
  • Sai Ranganath Srinivasan
  • Srihari Sridharan

2
Papers Discussed
  • How Secure Are FPGAs in Cryptographic
    Applications
  • Thomas Wollinger and Christof Paar
  • An Adaptive Cryptographic Engine for IPSec
    Architectures
  • Andreas Dandalis and Viktor K. Prasanna

3
General Flow
  • Section 1 Introduction
  • Section 2 Algorithm Discussion
  • Section 3 Advantages and Shortcomings of
    FPGA
  • Section 4 Adaptive Cryptographic Engine

4
Section 1 Introduction
5
Cryptographic Goals
  • Cryptography
  • study of mathematical techniques related to
    aspects of information security.
  • Confidentiality
  • helps to keep content of information from
    snoopers.
  • numerous approaches ranging from physical
    protection to mathematical algorithms
  • Data integrity
  • addresses the unauthorized alteration of data.
  • must have the ability to detect data manipulation
    by unauthorized parties(such insertion, deletion,
    and substitution)

6
Cryptographic Goals
  • Authentication
  • related to identification of both entities and
    information itself.
  • two major classes entity authentication and data
    origin authentication.
  • Non-repudiation
  • prevents an entity from denying previous
    commitments or actions.
  • disputes arise due to entity denying certain
    actions
  • means to resolve situation is necessary

7
Encryption and Decryption
  • Encryption and Decryption
  • process of transforming information and make it
    unreadable
  • special knowledge called key required to read it
  • encryption also implicitly refers to the reverse
    process decryption
  • make the encrypted information readable again
    (i.e. to make it unencrypted).
  • Two types Of Encryption Algorithm
  • Private Key Algorithm
  • Public Key Algorithm

8
Section 2 Algorithm Discussion
9
Symmetric Key Algorithm
  • Symmetric-key algorithms
  • Class of algorithms that use trivially related or
    identical cryptographic keys for both decryption
    and encryption.
  • The keys represent a shared secret between two or
    more parties.
  • Divided into two types of algorithms
  • Block Ciphers
  • Stream Ciphers

10
Block Ciphers
  • Block Cipher
  • operates on fixed-length groups of bits, termed
    blocks, with an unvarying transformation.
  • takes an input secret key.
  • takes blocks of plain texts as inputs and
    combines it with the key to give an output cipher
    text.

11
Stream Cipher
  • Stream Cipher
  • plaintext bits combined with pseudorandom bit
    stream (keystream)
  • typically XOR operation.
  • plaintext digits are encrypted one at a time

12
Public Key Algorithm
  • Public-key cryptography
  • known as asymmetric cryptography
  • a user has a pair of cryptographic keys - a
    public key and a private key.
  • private key kept secret, public key may be widely
    distributed.
  • keys are mathematically related
  • private key cannot be derived based on the public
    key.
  • message encrypted with the public key can be
    decrypted only with the corresponding private
    key.

13
Public Key Algorithm
  • A message encrypted with a recipient's public
    key cannot be decrypted by anyone except the
    recipient possessing the corresponding private
    key. This is used to ensure confidentiality.

14
Symmetric Key Advantages
  • have higher rates of data throughput when
    compared to public keys.
  • hardware implementations achieve encrypt rates of
    hundreds of megabytes per second
  • software implementations attain throughput rates
    in the megabytes per second
  • much less computationally intensive than public
    key algorithm.
  • key generation is the main draw back

15
DES Algorithm
  • a block cipher
  • takes a fixed-length string of plaintext bits
  • performs a series of complicated operations and
    gives another cipher text bitstring of the same
    length.
  • block size is 64-bits
  • key is 64 bits, 56-bits used for encryption and 8
    bits used for parity checks.

16
Limitations of DES and AES
  • relatively small 56-bit key.
  • vulnerable to Brute Force Attacks.
  • keys have been broken in less than 24 hours.
  • designed primarily for hardware, so software
    implementation was really slow.
  • gave way to AES algorithm
  • 5 algorithms considered as finalist (from about
    15)
  • Rjandel
  • RC6
  • MARS
  • Serpent
  • Two Fish

17
Rjandel
  • Overview
  • 128 bit block size
  • key sizes of 128, 192 or 256 bytes.
  • operates on 4x4 array of bytes called as states.
  • calculations are done on a special finite field
    GF.
  • Algorithm Steps
  • Key Expansion- Rijndael's key schedule
  • Initial Round
  • Add Round key
  • Rounds (9 times)
  • SubBytes- a non-linear substitution step each
    byte replaced with another according to a lookup
    table.
  • Shift Rows- a transposition step each row of the
    state shifted cyclically a certain number of
    steps.
  • Mix Columns- a mixing operation operates on
    columns of state, combining four bytes in each
    column
  • Add Round Key- each byte of the state combined
    with round key each round key derived from the
    cipher key using a key schedule.
  • Final Round- No Mixing Rows

18
High Level Algorithm
19
Twofish
  • Twofish is a symmetric key block cipher.
  • block size of 128 bits
  • key sizes up to 256 bits.
  • uses of pre-computed key-dependent S-boxes and a
    relatively complex key schedule.

20
Serpent
  • Serpent symmetric key block cipher.
  • block size of 128 bits.
  • key sizes up to 128, 192 and 256 bits.
  • a 32-round substitution-permutation network
    operating on blocks of four 32-bit words
  • in each round one of the eight 4-bit by 4-bit
    S-Boxes applied 32 times in parallel.
  • designed so that all operations can be executed
    in parallel, using 32 1-bit slices.
  • lost to Rjandel it was most conservative approach
    that was most computation intensive

21
RC6 and MARS
  • RC6 is a symmetric key block cipher.
  • block size of 128 bits.
  • key sizes up to 128, 192 and 256 bits.
  • can be parameterised to support a wide variety of
    word lengths, key sizes and rounds.
  • uses data-dependent rotations, modular addition
    and XOR operations.
  • MARS is a block cipher that was developed by IBM.
  • block size of 128-bits.
  • variable key lengths between 128 and 448 bits (in
    32-bit increments).

22
Section 3 Advantages and Shortcomings of FPGAs
23
Software and Hardware Based Cryptography
  • Software
  • Pros
  • Ease of Upgrade
  • Portability
  • Flexibility
  • Cons
  • Limited Physical Security
  • Less throughput
  • Greater key latency time
  • Does not use inherent parallelism
  • Hardware
  • Pros
  • Good physical security
  • Very high throughput
  • Very less key latency time
  • Uses inherent parallelism
  • Cons
  • Inflexible
  • Cannot be used for different parameters.

24
FPGA Based Cryptography
  • advantages of both the hardware and software
  • lesser performance than ASICs
  • much better than software
  • flexible (configured dynamically)
  • very high throughput
  • very less key latency time
  • exploit inherent parallelism in the algorithms
  • match very well for operations required for
    private key
  • Eg bit-permutations, bit- substitution etc.

25
Why FPGAS for Cryptography
  • Algorithm agility switching algorithms during
    operation.
  • Algorithm Upload modifications of algorithm
    easily uploaded.
  • Algorithm modification The parameters can be
    varied during runtime.
  • Eg vary the key length.
  • Architecture efficiency hardware architecture
    much more efficient when designed for specific
    set of parameters.
  • FPGAs designed and optimized for different
    parameters
  • Throughput slower than ASICs but faster than
    s/w
  • Cost cost and time for implementing lesser than
    ASICs

26
Security Shortcomings of FPGAs
  • general objective of any attacker is to extract
    the encryption key.
  • enables him to decrypt the message details.
  • general types of attacks possible on FPGAs
  • Black Box Attack
  • Read Back Attack
  • Cloning of SRAM FPGAs
  • Physical Attack
  • Side Channel Attack

27
Black Box Attack
  • Cause
  • method of reverse engineering a chip.
  • all possible combinations of inputs are fed and
    the corresponding outputs are saved
  • logic of chip is extracted from resulting table
    using techniques like K-Map or any other
    algorithm.
  • affects smaller FPGAs
  • Prevention
  • not a real threat nowadays because of the
    complexity of the FPGAs
  • AES algorithm uses a 128-bit key.
  • not practical to make a brute force attack when
    there are more than 280 possible combinations.

28
Read Back Attack
  • Cause
  • read back is a feature in FPGAs
  • gives configuration of the FPGA that helps in
    debugging
  • needs security bits provided by the manufacturer.
  • attacker can induce a fault and deactivate the
    key or use other counter measures to extract the
    configuration and get the key.
  • Prevention
  • security bits can be used to prevent these
    attacks.
  • FPGA has to be in a secure environment.
  • if any fault or interference has been detected
    then the entire configuration should be deleted
    or FPGA has to be destroyed.

29
Cloning of SRAM FPGAs
  • Cause
  • configuration data is stored in external memory.
  • transmitted during power up to configure the FPGA
  • attacker can extract the information during this
    transmission
  • Prevention
  • best solution is to have a on-chip RAMs
  • prevents transmission of data from an external RAM

30
Physical Attack
  • Cause
  • investigates the chip design to get information
    about the algorithm.
  • secret key is extracted by probing points inside
    the chip.
  • requires complex methods like focussed ion beam
    technique.
  • Prevention
  • no known prevention technique.
  • this attack is only possible for huge
    organizations.
  • FPGA should be kept isolated and made
    inaccessible to outsiders

31
Side Channel Attack
  • Cause
  • any physical implementation might leak unwanted
    information
  • this could relate to power, timing or
    electromagnetic radiation
  • two known attacks- Simple Power Ananlysis and
    Differential Power Analysis.
  • Prevention
  • there are no known techniques for FPGAs yet.
  • common technique is to isolate the FPGA from
    outsiders.

32
Section 4 Adaptive Cryptographic Engine
33
Adaptive Cryptographic Engine
  • ACE adapts to diverse security parameters on the
    fly
  • gives very high throughput when compared to
    software
  • decreased Key Setup latence time
  • gives a throughput speed up or 4-20 times
  • key- setup latency time reduced by 20-700 times
  • gives a compression technique to decrease the
    memory requirements

34
Architecture
  • The ACE consists of
  • The Cryptographic Library
  • Configuration Controller
  • The Core FPGA

35
Cryptographic Library
  • consists of a list of FPGA configurations for
    different cryptographic algorithm stored in the
    memory.
  • ACE can adapt to different configurations based
    on the Security Associations during runtime.
  • library can be updated for new configurations by
    updating the memory contents.
  • this is the key problem in designing the ACE
  • minimal memory has to be used in order to reduce
    the cost.

36
Configuration Controller and FPGA
  • FPGA
  • core of ACE is the virtex based FPGA.
  • FPGA is programmed on the fly to attain vey high
    throughputs and very low Key setup latency time.
  • Configuration Controller
  • FPGA is configured on the fly by the
    configuration controller.
  • determines the configuration to be chosen based
    on the SA.
  • resolves external requests.

37
AES Performance Evaluation
  • key performance metrics are throughput and key
    setup latency.
  • key Latency denotes the time required to adapt to
    an input key.
  • throughput refers to the amount of data
    encrypted/ decrypted per unit time.
  • in software the cryptography process cannot start
    till the key for all rounds is completed.
  • on FPGA the cryptography process can start as
    soon as the key for the first round is available
    both the processes can happen at the same time.
  • key latency is reduced.

38
AES Performance Evaluation
  • five final candidates implemented on virtex based
    FPGA.
  • speed up comparison made based on the software
    execution on a 64 MB RAM 200 MHZ Pentium
    processor.

39
Configuration Compression
  • a dictionary based technique
  • compressed config. stored in memory and
    decompressed at runtime.
  • encodes variable length strings of symbols as
    single code words.
  • code words form an index to a phrase dictionary.
  • uses the LZW scheme.
  • dictionary corresponds to configuration data
  • index corresponds to way a configuration is
    synthesized
  • dictionary and index for each algorithm is
    created in phase 1
  • repeating phrases further compressed to decrease
    the memory in phase 2
  • superior compression ratios obtained when
    compared to normal LZ based scheme (compress,
    gzip etc)

40
Compression Results
41
Conclusions
  • FPGAs can be used efficiently to exploit the
    inherent parallelism present in encryption
    algorithms
  • 4-20 times speed up in throughputs achieved
  • 20-700 times reduction in key latency achieved
  • 40 reduction in memory was achieved using the
    compression technique
Write a Comment
User Comments (0)
About PowerShow.com