IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

FPGA Implementation of Encryption Primitives Vinay Chandra1, Kiran Kumar V G 2 1

IV Semester, M.Tech, Electronics and Communication Engineering, Sahyadri College of Engineering and Management, Mangaluru, Karnataka, India [email protected] 2

Associate professor, Department of Electronics and Communication Engineering, Sahyadri College of Engineering and Management, Mangaluru, Karnataka, India [email protected]

Abstract In my project, circuit design of an arithmetic module applied to cryptography i.e. Modulo Multiplicative Inverse used in Montgomery algorithm is presented and results are simulated using Xilinx. This algorithm is useful in doing encryption algorithms in binary arithmetic because all computers only deal with binary numbers. Encryption algorithms rely on modulo arithmetic in which a modulus p is not a power of two unlike in binary arithmetic. This makes encryption algorithms more complex as we would need to carry out modulus p operations especially residue computation in binary arithmetic. Also encryption using this multiplicative inverse is presented with simulation results. This multiplicative inverse function has iterative computations of multiplication, division and subtraction with variable loop times.

Keywords: cryptography, simulated, Xilinx, residue, iterative, multiplicative inverse.

1. Introduction With the increasing importance of information security, research works on cryptography and cipher design become more and more significant. As the cryptographer’s mathematics, modular arithmetic, which is also called clock arithmetic, is the central mathematical concept in cryptography and used in almost any cipher from Caesar Cipher to the RSA Cipher. Different from some basic mod calculations, modulo multiplicative inverse is a relatively complex iterative procedure and time-consuming calculation with unfixed loop times. Most used public key cryptosystems are based on modular arithmetic. For example RSA requires exponentiation mod n where n is a product of two primes; Diffie-Helman, ElGamal and DSA are based on exponentiation modulus a prime; ECC, etc. P. Montgomery proposed a method for computing modular multiplication efficiently. He proposed to move the representation of numbers from the ring Zn to a different domain, called Montgomery Residual representation or Montgomery Domain. It is well suited to hardware implementations. Montgomery multiplication is a method for computing a × b mod p for positive integers a, b, and p. It reduces execution time on a computer when there are a large number of multiplications to be done with the same modulus p.

2. System description Montgomery algorithm is useful in doing encryption algorithms in binary arithmetic because all computers only deal with binary numbers. Encryption algorithms rely on modulo arithmetic in which a

Vinay Chandra, IJRIT-148

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

modulus p is not a power of two unlike in binary arithmetic. This makes encryption algorithms more complex as we would need to carry out modulus p operations especially residue computation in binary arithmetic.

2.1 Modulo Arithmetic Basic binary arithmetic operations Let u and v be the two operands 1. u + v % p = u + v – p [u + v / p ] = u + v – p ,if u + v ≥ p u+v if u + v < p 2. u – v % p = u – v – p [u – v / p ] = u – v – p ,if –p < u – v < 0 u–v if 0 ≤ u – v < p 3. u × v % p = u × v – p [u × v / p ] 4. u / v % p = u × v-1 – p [u × v-1 / p ] v × v-1 - p × z = 1 v-1 is called multiplicative inverse of v.

(1) (2) (3) (4)

In 3 and 4 since u and v can be as large as p – 1, in worst case we may have log p iteration of division with repeated subtraction. v-1 is that number which when multiplied with v gives remainder of 1. This makes the two numbers congruent. These four operations may have to be done repeatedly in encryption algorithms where mod p is a prime or a prime power.

2.2 Congruence (Equivalence) mod p Two integers are said to be congruent mod p and we write, u ≡ v (% p) or just u ≡ v % p if and only if u – v = p × z, for some integer z. Example: 11 ≡ 5 % 6, 2 ≡ 4 ≡ 6 % 2. Here u and v need not be less than p. When we look at any number mod p, the result is any number between 0 and p – 1. And other numbers will be mapped between 0 and p – 1. For example p will be mapped to 0, p + 1 will be mapped to 1 and so on. All numbers outside 0 and p – 1 will be mapped to any number between 0 and p – 1. We can write u – v or v – u, both are the same. Congruence is an equivalence relation, i.e. all numbers are congruent to itself. Congruence is also symmetric, i.e. if a is congruent to b then b is congruent to a, whatever mod we pick. Congruence is also transitive, i.e. if a is congruent to b and b is congruent to c, then a is congruent to c. So what we do here is take all integers (plus and minus) and divide them into p classes (equivalence classes). And these classes are divided into 0, 1, 2…. P – 1. These are called equivalence classes under congruence relationship. Note 1: The congruence relation over a modulus p is an equivalence relation and partitions all integers into p congruence classes. Class 0, class 1, ...class p – 1. Note 2: An inverse u-1 of an integer u mod p exists if and only if u × u-1 ≡ 1 % p. i.e. the multiplication (u × u-1) must be congruent to 1. With this relationship we will be able to do multiplication operation under congruence. And will be helpful in understanding the Montgomery algorithm. Note 3: For any prime number p and a positive integer r, there exists two integers v and z such that r × v – p × z = 1 or v ≡ r -1 % p. (5) Proof: Given that p is prime there exists two integers v, t < p such that

Vinay Chandra, IJRIT-149

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

(r % p) × v – p × t = 1. Or (r – p [r / p]) × v – p × t = 1 r × v – p ([r / p] × v + t) = 1 z = [r / p] × v + t ↔

(6) ↔ r×v%p=1

r × v – p × z =1 where or v ≡ r -1 % p

(7) (8) (9)

Where r is relatively prime to p or when p is a prime, then it happens by itself then we get an inverse for that r mod p. So if we pick any r and a prime, then r is always invertible with respect to mod p and that gives us r inverse (r -1) which we call v because that’s what the formula indicates.

2.3 Idea Idea is to transform mod p arithmetic to mod r arithmetic where p is a prime number, r = 2k, k is a positive integer and 2k-1 < p < 2k .r picked in note 3 had no restriction on it. We can pick any r as long as p is prime. The inverse relation applies. I.e. there is an inverse of r mod p. Inverting r is very critical in computation of mod p arithmetic in binary.

2.4 Montgomery pair Montgomery pair of a positive integer u < p with respect to a prime modulus p is defined as: v = g (u) = u × r % p (10) We take u < p and map it to another number u × r % p which is still less than p. This relation is one to one and onto. The inverse Montgomery pair of v is defined as: u = g -1 (v) = v × r -1 % p It is obvious that u = g -1 (v) = v × r -1 % p = (u × r % p) r -1 % p = u Since (u × r % p) r -1 % p = (u × r × r-1 % p) % p = (u % p) % p = u

(11) (12) (13)

2.5 Montgomery Transformation We start with the direct product of two numbers. We begin with a pair and the pair of numbers we are interested in is (u, v).

Fig. 1 Montgomery transform

Vinay Chandra, IJRIT-150

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

Multiplication in transformed domain is defined as. z = g (u) × g (v) × r -1 % p

(14)

To transform back to original domain, we have to multiply by r -1. u × r × v × r × r -1 × r -1 % p = u × v % p

(15)

The curved path gives same result as the vertical path on the left. The diagram is commutative. Vertical edge on left gives: (u, v) → u × v % p Curved path gives: (u, v) → (g (u), g (v)) → (u × r % p, v × r % p) → × r × v %p → u × r × v × r -1 % p = u × v % p

(16) u × r × v × r × r-1 % p = u (17)

2.6 Montgomery algorithm comes in here Let x be an integer, 0 ≤ x ≤ p × r. The inverse Montgomery transform is defined by a pair. m=x%r×z%r t = (x + m × p) / r

(18) (19)

x could be the product of u and v (u × v). We have r > p, therefore u × v < p × r (since u, v < p). Also r is a power of 2 (2k) r = 2k (20) 2k-1 < p < 2k Mod r means truncating the rightmost k bits because r = 2k. And divide by r means shift k bits to the right. Montgomery showed that t is x × r -1 mod p. And also t is an integer. So after doing divide by r, we don’t get a fraction which later requires flooring.

2.7 Forward and backward transforms Here we see how to compute u × r % p. conversion of an integer u mod p to its Montgomery pair g (u) is done. u × r % p = (u × r -1 × r2) % p = (u × (r2 % p)) × r -1 % p (21) Conversion of an integer u mod p to its inverse Montgomery pair g -1 (u) is directly computed by inverse Montgomery transform. We have complicated the process only a little bit by introducing one extra multiplication (u × (r2 % p)). And r2 % p is a constant because r and p are fixed. Computation of the remaining part (i.e. r -1 % p) is seen previously. Modulo addition and subtraction mod p can also be transformed to Montgomery domain and transformed back using commutative diagram. This can be done as follows: u→u×r%p v→v×r%p In transformed domain u × r % p ± v × r % p = (u ± v) × r % p (22) (u ± v) × r × r -1 % p = (u ± v) % p (23)

3. Hardware Implementation Described below are hardware architectures used in VHDL.

3.1 multiplicative inverse using extended Euclid algorithm Vinay Chandra, IJRIT-151

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

Given: b mod a Compute: inverse of b (i.e. multiplicative inverse of b) given by b-1. Procedure: Initialize:

While (r2 > 0) { q = r1 / r2; r = r1 – q × r2; r1 = r2; r2 = r; t = t1 – q × t2; t1 = t2; t2 = t; } If (r1 = 1) then b-1 = t1

r1 ← a, r2 ← b, t1 ← 0 and t2 ← 1

Note: if t1 is negative then b-1 = t1 + a Example: p = 65437 r = 216 = 65536 65536 mod 65437 Compute inverse of 65536 q 0 1 660 1 48 2

Table 1 Multiplicative inverse computation by tabular method r1 r2 r t1 t2 65437 65536 65437 0 1 65536 65437 99 1 0 65437 99 97 0 1 99 97 2 1 -660 97 2 1 -660 661 2 1 0 661 -32388 1 -32388

t 0 1 -660 661 -32388 65437

Inverse of 65536 mod 65437 is: – 32388 + 65437 = 33049 Check step: r × r -1 – p × z = 1 65536 × 33049 – 65437 × z = 1 z = 33099

3.2 Divider Long division in decimal (135 divided by 13) is shown below.

13

Table 2 Decimal long division 1 1 3 1 3 0

0 5 ↓ 5 0

Vinay Chandra, IJRIT-152

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

5 Quotient: 10 Remainder: 5 Long division in binary (135 divided by 13)

1101

1

Table 3 Long division in binary arithmetic 1 0 0 0 0 1 1 0 1 0 0 1 1 0 0 0 1 1 1 1 0 0 0

0 1 ↓ 1 0 1 0 1 0 1

1 1 ↓ ↓ ↓ 1 1 0 0 0

0 1 ↓ ↓ ↓ ↓ ↓ 1 0 1

Algorithm used to do division in VHDL Step1: Step2: Step3:

store numerator in combination n1: n2 store denominator d repeat 4 times Shift n1: n1 left one bit If n1 ≥ d n1 = n1 – d n2 (0) = 1 quotient = n2 remainder = n1 (3:0)

Step4:

n1 d n1 n1 d n1 d n1 n1

Table 4 Division architecture in VHDL 10000 1110 n2 01101 00011 1111 n2 00111 1110 n2 01101 01111 1100 n2 01101 00010 1101 n2 00101 1010 n2 Remainder Quotient

shl n1: n2 n1 = n1 – d, n2(0) = 1 shl n1: n2 shl n1: n2 n1 = n1 – d, n2(0) = 1

Note: if quotient is more than 4 bits, this technique doesn’t work. E.g. 10110101 / 10000 Quotient = 00010110 Remainder = 101 So to overcome this problem we do the 4 bit division twice.

Vinay Chandra, IJRIT-153

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

Fig. 2 Eight bit by four bit divider

00001011 / 1000 00110101 / 1000

= q (00000001) r (011) = q (00000110) r (101)

Therefore the quotient is 00010110 and the remainder is 101 after the division is complete.

3.3 Multiplier Below is an example for four bit by four bit multiplier. Append four zeros to the multiplicand i.e. make it 8 bits and store it in bp. Initially set eight bit product to zero. Multiplier ‘a’ is the input control line to the mux. And because it is a four bit by four bit multiplier, we have four copies of the same circuit i.e. a adder, a mux and a shift left. Depending on the value of the control line of the mux, the sum of bp and p is passed through or only p is passed. If control input to the mux is ‘1’, then sum of bp and p is passed through. And if the control input to the mux is ‘0’, then only p is passed through. Also note that on every interation, bp is shifted left by one bit position.

Vinay Chandra, IJRIT-154

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

Fig. 3 Four bit by four bit multiplier

3.4 r computation Given a prime p Compute r = 2k Such that 2k-1 < p < 2k Say for example the prime number is stored in 8 bits. Create another variable temp with one extra bit i.e. 9 bits in this case, set its most significant bit to one and set remaining all bits to zero. Shift left the contents of pime till its most significant bit becomes one. Simultaniously shift the contents of temp to the right. And all this operation is put inside a loop. At the end of the loop when most significant bit of the prime becomes, temp holds the value or r = 2k.

Fig. 4 r computation

Vinay Chandra, IJRIT-155

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

3.5 Random number generation Random numbers can be generated by simply shuffling the bits randomly. Initially to start with any random number is taken. Here bit positions 4 to 7 is exored with bit positions 9 to 12 and result is stored in bit position 12 to 15 on every clock cycle. Also bit position 4 to 15 is shifted to bit position 2 to 13 on every clock cycle. Thus on every clock cycle a new number is generated.

Fig. 5 Random number generator

4. Simulation Results 4.1 Encryption Encrypting the word “sahyadrian” by entering the ascii value of each letter.

Fig. 6 ASCII table

Vinay Chandra, IJRIT-156

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

Fig. 7 Simulation result for encryption

4.2 Random number inverse computation Result below shows multiplicative inverse generated for the random numbers.

Fig. 8 Simulation result for random number generation

Vinay Chandra, IJRIT-157

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

4.3 Decryption Result below shows multiplicative decrypting the encrypted word “sahyadrian”.

Fig. 9 Simulation result for decryption

4.3 Decryption Figure below shows the synthesis report of Montgomery transform.

Fig. 10 Synthesis report

Vinay Chandra, IJRIT-158

IJRIT International Journal of Research in Information Technology, Volume 3, Issue 6, June 2015, Pg.148-159

5. Conclusion As most encryption algorithms rely on modulus operation, proposed method describes the design of a circuit module applied to cryptography i.e. Modulo Multiplicative Inverse used in Montgomery algorithm and results are simulated using Xilinx. Montgomery multiplication computes a × b mod p for positive integers a, b, and p. Execution time on a computer is reduced when there are a large number of multiplications to be done with the same modulus p. The multiplicative inverse is computed using extended Euclid algorithm. Technique used for division is shift and subtract. And the multiplier block is implemented using shift and add operation. Also a simple technique used to generate random numbers is presented. And finally the word “sahyadrian” is encrypted and decrypted. This technique can be used for image encryption. Random numbers generated using the technique described can be used for encrypting each pixel of the image. This technique of pixel by pixel encryption makes the encryption process very fast as it eliminates long and tedious task of modulus operation by simple shift and truncate operations. The shift and add multiplier can be replaced by a more efficient multiplier which could save hardware resources. Various Vedic multipliers like the Karatsuba multiplier can also be used for fast multiplication. The technique can also be extended to encrypt text files by encrypting each character.

6. References [1] Xiaoying, “Modulo Multiplicative Inverse Circuit Design”, 1Department of Computer and Information Science, FST, University of Macau, Macao, China [2] A. Daly, W. Marnane, “Efficient architectures for implementing montgomery modular multiplication and RSA modular exponentiation on reconfigurable logic”, Proceedings of the 2002 ACM/SIGDA tenth international symposium on Field-programmable gate arrays, Monterey, California, USA, pp.40 – 49, 2002. [3] D. W. Matula, A. Fit-Florea, M. A. Thornton, “Table Lookup Structures for Multiplicative Inverses Modulo 2^k“, 17th IEEE Symposium on Computer Arithmetic (ARITH'05) pp. 156-163, 2005 [4] Xilinx, “Xilinx System Generator”, Version 6.2, Xilinx Inc., USA, http://www.xilinx.com/ise/optional_prod/system_generator.htm. [5] Thomas Blum, “High Radix Montgomery Modular Exponentiation on Reconfigurable Hardware”, ECE Department Worcester Polytechnic Institute 100 Institute Road, Worcester, MA 01609, USA

Vinay Chandra, IJRIT-159

FPGA Implementation of Encryption Primitives - International Journal ...

Abstract. In my project, circuit design of an arithmetic module applied to cryptography i.e. Modulo Multiplicative. Inverse used in Montgomery algorithm is presented and results are simulated using Xilinx. This algorithm is useful in doing encryption algorithms in binary arithmetic because all computers only deal with binary ...

1MB Sizes 0 Downloads 337 Views

Recommend Documents

FPGA Implementation of Encryption Primitives - International Journal ...
doing encryption algorithms in binary arithmetic because all computers only deal with binary ... This multiplicative inverse function has iterative computations of ...

FPGA IMPLEMENTATION OF THE MORPHOLOGICAL ...
used because it might be computationally intensive in some applications, however, the available current hardware resources overcome this disadvantage.

FPGA Implementation Cost & Performance Evaluation ...
IEEE 802.11 standard does not provide technology or implementation, but introduces ... wireless protocol for both ad-hoc and client/server networks. The users' ...

FPGA Based Implementation of Compact Genetic ...
1 [email protected] , 2 [email protected] , 3 [email protected]. Abstract. This paper presents implementation of compact ...

An FPGA Implementation of 8-Channel Arbitrary Waveform ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, .... is basically a scaled down version of SONAR in the ocean, although, of course, there ... evaluated and the best one meeting the requirements is selected.

FPGA Implementation of a Fully Digital CDR for ...
fully digital clock and data recovery system (FD-CDR) with .... which carries the actual phase information in the system, changes .... compliance pattern [10]. Fig.

FPGA Implementation of a Configurable Cache ...
... by allowing explicit control and optimization of data placement and transfers. .... this allows a low-cost virtualized DMA engine where every process/thread can ...

FPGA Based Implementation of Compact Genetic ...
The software implementation is always restricted in term of high real time application ... population-based nature, that is, they handle a set of potential solutions instead ..... NASA/ESA Conference on Adaptive Hardware and Systems, 2008, pp.

On the Implementation of FPGA-Based Adaptive ...
high computational load for many conventional processors. In this paper, we present a configurable hardware for ... both algorithms and the field programmable gate array. (FPGA) implementation and experimental result. ... realized, which we use mean

An FPGA Implementation of 8-Channel Arbitrary Waveform ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, ... does not fit the requirements of flexibility, data access, programmability, ... is basically a scaled down version of SONAR in the ocean, although, of course, .

Design And Implementation Of Advanced Encryption Standard ... - IJRIT
high performance but cost-effective FPGA based processor which encrypts and /or decrypts the data .... optimized hard core may be too large for the application.

Design And Implementation Of Advanced Encryption Standard ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 4, April ... Sembodai R.V.Engineering College, Vedharaniyam1,2, ... single round, it is best to think of a 128-bit block as consisting of a 4×4 matrix of bytes.

International Journal of
review focuses on the possible role of NF-κB, one ... C-terminal domains are responsible for dimeriza- ..... important for the host defense, underlying the pro-.

INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES ...
OOK over eleven different dispersion map. Figures 2. (a1), (b1), (c1), (d1) and (e1) present the performance of. RZ signal with 33% duty-cycle for the case that ...

A Review on Neural Network Implementation Using FPGA
Implementation method with resource/speed tradeoff is proposed to handle signed ... negative value for a weight indicates an inhibitory connection while a ..... Derivative using Back Gate Effect”, VLSI Design and Test Workshop-2003, pp.

Discussion of - International Journal of Central Banking
data set for the euro area as well as a new empirical approach. The .... has the highest information criterion scores, is almost identical to the response in the ...

Discussion of - International Journal of Central Banking
International Journal of Central Banking. March 2012 previous studies using international prices underestimate the degree of pass-through. Second, the paper ...

Geophysical Journal International - GitHub
Sep 3, 2013 - SUMMARY. We have presented a joint inversion of all gravity-gradient tensor components to estimate the shape of an isolated 3-D geological ...

Studies International Journal of Cultural
years, what was affectionately called the 'Qalandia Duty Free' had visibly expanded. ... was on its way to becoming the West Bank version of Erez,2 albeit much more .... and between them by severing trade routes (Hammami, 2004; OCHA, 2006, ... market

International Journal of Health Geographics
Dec 18, 2008 - PDF and full text (HTML) versions will be made available soon. Habitat analysis of ..... center with urban areas, depicted in black, on the right.

Journal of International Development
E-mail: j.t.thoburn Guea.ac.uk ... reduction in Vietnam through potential employment expansion. ..... quality through the inspections carried out by the buyers. ... The key value added functions of design, advertising and marketing remain the ...

man-144\international-journal-of-business-communication.pdf ...
man-144\international-journal-of-business-communication.pdf. man-144\international-journal-of-business-communication.pdf. Open. Extract. Open with. Sign In.

Download PDF - International Journal of Advanced Research
It is described and illustrated here based on recent collection from Wayanad (E.S. Santhosh Kumar 56416, TBGT) to facilitate its easy identification. Thottea dalzellii (Hook.f.) Karthik. & Moorthy, Fl. Pl. India 156. 2009. Bragantia dalzellii Hook.f.