AU2021106723A4 - A method for fpga implementation of aes algorithm with enhanced security features - Google Patents
A method for fpga implementation of aes algorithm with enhanced security features Download PDFInfo
- Publication number
- AU2021106723A4 AU2021106723A4 AU2021106723A AU2021106723A AU2021106723A4 AU 2021106723 A4 AU2021106723 A4 AU 2021106723A4 AU 2021106723 A AU2021106723 A AU 2021106723A AU 2021106723 A AU2021106723 A AU 2021106723A AU 2021106723 A4 AU2021106723 A4 AU 2021106723A4
- Authority
- AU
- Australia
- Prior art keywords
- bit
- states
- value
- aes algorithm
- aes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 125000004122 cyclic group Chemical group 0.000 claims abstract description 6
- 238000013461 design Methods 0.000 claims description 4
- 238000004458 analytical method Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 claims description 2
- 230000008901 benefit Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 4
- 238000013478 data encryption standard Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present disclosure relates toa method for an efficient AES implementation using a
FPGA with an enhanced security features. The method comprises: creating a PN sequence
generator using a Linear Feedback Shift Register wherein, a number of states generated by
the LFSR is determined by a feedback taps of a Generator Polynomial wherein, the feedbacks
taps comprising a bits are XO Red and a feedback from a MSB side on each clock cycle
results in cyclic shifting of previous value; and storing an output states of 8-bit each of the
PN Sequence Generator in a Look up Table (LUT) and the output states are given as an input
to 256:1 multiplexer wherein, an 8-bit counter generates a value of 8-bit select lines of the
multiplexer and wherein, a counter is designed to count 16 states so as to select 16 input bytes
and form the 128-bit value at the output.
10
c~S
a
Cd _ II"~I 44 U
- g----~~
.0 LSJ ~'
C-.
Cd
Cd ri
a')
1~
a KY
bO
U
a
*
~
Co
N _____ :2
N - _____ -
Description
c~S
a
Cd _ II"~I 44 U - g----~~ .0 LSJ C-. ~'
Cd
Cd ri a') 1~ a KY bO U
a *
~
Co
N _____ :2
The present disclosure relates to a method for an efficient AES implementation using a FPGA with an enhanced security features.
With the growth of data communications and its uses, there is a larger need for more security systems and devices to protect personal data conveyed across the transmission channel. Data encryption is one of the most significant strategies for protecting information. Symmetric and asymmetric cryptosystems are two types of cryptographic algorithms that have already been developed and are widely used. Symmetric encryption approaches, such as the Data Encryption Standard (DES), Triple DES, and Advanced Encryption Standard (AES), encrypt and decrypt data using a key that is identical to the transmitter and receiver.
The evaluation of cypher strength is an important aspect of any company's or university's security assessment. According to Cipher experts, around 8 out of 10 rounds of AES can be brute forced successfully on today's contemporary hardware systems. The last two rounds cannot be broken in a sufficient amount of time for the attacker to have a serious attack on the system. Due to the present trend of increasing computational power, it may not be long before the complete AES cypher is deciphered in a given time frame, posing a threat to the system under test. As a result, substantial research is presently being conducted to develop strategies to improve AES algorithm security.
In order to make the existing solutions more efficient there is need to develop a method for an efficient AES implementation using a FPGA with an enhanced security features.
The present disclosure relates to a method for an efficient AES implementation using a FPGA with an enhanced security features. This disclosure comprises techniques for improving the encryption quality of the AES algorithm and its implementation on FPGA. First, a PN Sequence Generator is used to create the S-box values in the modified AES algorithm. Second, the PN Sequence Generator output is also used to generate the first key required for encryption and decryption. FPGAs are utilized to implement the updated AES algorithm in hardware efficiently. The findings for throughput and area are compared to current non-pipelined and pipelined designs, and the results show that the pipelined design outperforms the non-pipelined version. When synthesized on an XC6VLX240T device with a maximum frequency of 463.42MHz, the approach achieves a throughput of 59.3Gbps, and 30.39Gbps when implemented on an XC6SLX150 device with a maximum frequency of 237.45MHz.
In an embodiment, a method 100 for an efficient AES implementation using a FPGA with an enhanced security features, wherein, the said method comprises the following steps: at step 102, creating a PN sequence generator using a Linear Feedback Shift Register (LFSR) wherein, a number of states generated by the LFSR is determined by a feedback taps of a Generator Polynomial wherein, the feedbacks taps comprising a bits are XO Red and a feedback from a MSB side on each clock cycle results in cyclic shifting of previous value; and at step 104, storing an output states of 8-bit each of the PN Sequence Generator in a Look up Table (LUT) and the output states are given as an input to 256:1 multiplexer wherein, an 8-bit counter generates a value of 8-bit select lines of the multiplexer wherein, a counter is designed to count 16 states so as to select 16 input bytes and form the 128-bit (16x8) value at the output and wherein, a key will comprise 16 distinct bytes and a large number of distinct keys can be obtained by changing an initial value of the counter for the select lines wherein, the keys can then be dynamically applied to different blocks of 128-bit plaintext from an entire message to be encrypted.
To further clarify advantages and features of the present disclosure, a more particular description of the invention will be rendered by reference to specific embodiments thereof, which is illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail with the accompanying drawings.
These and other features, aspects, and advantages of the present disclosure will become better understood when the following detailed description is read with reference to the accompanying drawings in which like characters represent like parts throughout the drawings, wherein:
Figure 1 illustrates a method for an efficient AES implementation using a FPGA with an enhanced security features in accordance with an embodiment of the present disclosure.
Figure 2 illustrates (a)A block diagram of AES algorithm; (b) An8-bit PN sequence generator; and (c)A key generation block in accordance with an embodiment of the present disclosure.
Further, skilled artisans will appreciate that elements in the drawings are illustrated for simplicity and may not have necessarily been drawn to scale. For example, the flow charts illustrate the method in terms of the most prominent steps involved to help to improve understanding of aspects of the present disclosure. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the drawings by conventional symbols, and the drawings may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the drawings with details that will be readily apparent to those of ordinary skill in the art having benefit of the description herein.
For the purpose of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the invention is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of the invention as illustrated therein being contemplated as would normally occur to one skilled in the art to which the invention relates.
It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and are not intended to be restrictive thereof
Reference throughout this specification to "an aspect", "another aspect" or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present disclosure. Thus, appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.
The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such process or method. Similarly, one or more devices or sub-systems or elements or structures or components proceeded by "comprises...a" does not, without more constraints, preclude the existence of other devices or other sub-systems or other elements or other structures or other components or additional devices or additional sub-systems or additional elements or additional structures or additional components.
Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The system, methods, and examples provided herein are illustrative only and not intended to be limiting.
Embodiments of the present disclosure will be described below in detail with reference to the accompanying drawings.
Referring to Figure 1 illustrates a method for an efficient AES implementation using a FPGA with an enhanced security features in accordance with an embodiment of the present disclosure. The method 100 for an efficient AES implementation using a FPGA with an enhanced security features, wherein, the said method comprises the following steps: at step 102, creating a PN sequence generator using a Linear Feedback Shift Register (LFSR) wherein, a number of states generated by the LFSR is determined by a feedback taps of a Generator Polynomial wherein, the feedbacks taps comprising a bits are XO Red and a feedback from a MSB side on each clock cycle results in cyclic shifting of previous value; and at step 104, storing an output states of 8-bit each of the PN Sequence Generator in a Look up Table (LUT) and the output states are given as an input to 256:1 multiplexer wherein, an 8-bit counter generates a value of 8-bit select lines of the multiplexer wherein, a counter is designed to count 16 states so as to select 16 input bytes and form the 128-bit (16x8) value at the output and wherein, a key will comprise 16 distinct bytes and a large number of distinct keys can be obtained by changing an initial value of the counter for the select lines wherein, the keys can then be dynamically applied to different blocks of 128-bit plaintext from an entire message to be encrypted.
In an embodiment, the method, wherein, the method enhances an encryption quality of the AES algorithm and its implementation on the FPGA wherein, the method when tested on a Strict Avalanche Criterion for 2048 variations and an average percentage avalanche effect of 60% is achieved for a modified AES algorithm as compared to a traditional AES algorithm and wherein, the FPGAs are used for an efficient hardware implementation of the modified AES algorithm.
In another embodiment, the method, wherein, a results of the method for a throughput and an area are compared with an existing non-pipelined and a pipelined designs and are found to achieve better performance and wherein, the modified AES algorithm achieves a throughput of 59.3Gbps when synthesized on a XC6VLX240T device with a maximum frequency of 463.42MHz and 30.39Gbps when implemented on a XC6SLX150 with a maximum frequency of 237.45MHz.
In yet another embodiment, the method, wherein, the modified AES algorithm is implemented on a Spartan6 FPGA device and wherein, an Abysmal analysis of the traditional AES algorithm implies that a security of AES lies in the S-box operations and hence, generating the S-box values (modified S-box) and the initial key required for the encryption/encryption (the improved key generation) using the PN sequence generator will help in increasing the AES algorithm security.
Figure 2 illustrates (a)A block diagram of AES algorithm; (b) An8-bit PN sequence generator; and (c)A key generation block in accordance with an embodiment of the present disclosure.
In an implementation, the AES algorithm works with 128-bit plaintext and utilizes the same key for both encryption and decryption. The AES algorithm analyses data in 128-bit chunks and executes 10, 12, and 14 rounds of operations, respectively, using a cypher secret of 128-bits, 192-bits, and 256-bits. The technique works with a data block called the state, which is composed of a 4 x 4-byte matrix. On the state, the AES algorithm's fundamental steps are carried out. Figure 2a depicts the processes of the AES Encryption algorithm with a 128-bit key size.
Bits 8, 6, 5, 4 are XO Red and feedback from the MSB side on each clock cycle, as shown in Fig. 2b, resulting in cyclic shifting of the preceding value. By merging elements from shift register taps and providing feedback to the generator's input, a random sequence with a very long repetition period is generated. The randomness of the PN Sequence Generator's output values is determined not just by the feedback taps, but also by the generator's non-zero initial 8-bit seed value. Changes in the seed value shifts the initial value and the sequence in which values are generated. This results in generating sequence known only to the designers. The S-box can then be formed using these values. The invertible S-box is in terms of enforcing the AES algorithm from numerous threats. The AES algorithm will be invulnerable to attacks due to the attackers' lack of knowledge of the taps and seed values chosen.
The PN Sequence Generator's output states (each of 8 bits) are stored in the Look up Table (LUT) and fed into a 256:1 multiplexer, as shown in Fig.2c. The value of the multiplexer's 8-bit select lines is generated by an 8-bit counter. The counter is programmed to count 16 stages in order to select 16 input bytes and generate a 128-bit (16x8) output value. As a result, the key will have 16 distinct bytes, and a large number of separate keys can be obtained by adjusting the counter's initial value for a few lines. These keys can then be applied dynamically to different blocks of 128-bit plaintext from the total encrypted message.
The drawings and the forgoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, orders of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all of the acts necessarily need to be performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples. Numerous variations, whether explicitly given in the specification or not, such as differences in structure, dimension, and use of material, are possible. The scope of embodiments is at least as broad as given by the following claims.
Benefits, other advantages, and solutions to problems have been described above with regard to specific embodiments. However, the benefits, advantages, solutions to problems, and any component(s) that may cause any benefit, advantage, or solution to occur or become more pronounced are not to be construed as a critical, required, or essential feature or component of any or all the claims.
Claims (8)
1. A method for an efficient AES implementation using a FPGA with an enhanced security features, wherein, the said method comprises: creating a PN sequence generator using a Linear Feedback Shift Register (LFSR) wherein, a number of states generated by the LFSR is determined by a feedback taps of a Generator Polynomial wherein, the feedbacks taps comprising a bits are XO Red and a feedback from a MSB side on each clock cycle results in cyclic shifting of previous value; and
storing an output states of 8-bit each of the PN Sequence Generator in a Look up Table (LUT) and the output states are given as an input to 256:1 multiplexer wherein, an 8-bit counter generates a value of 8-bit select lines of the multiplexer wherein, a counter is designed to count 16 states so as to select 16 input bytes and form the 128-bit (16x8) value at the output and wherein, a key will comprise 16 distinct bytes and a large number of distinct keys can be obtained by changing an initial value of the counter for the select lines wherein, the keys can then be dynamically applied to different blocks of 128-bit plaintext from an entire message to be encrypted.
2. The method as claimed in claim 1, wherein, the method enhances an encryption quality of the AES algorithm and its implementation on the FPGA.
3. The method as claimed in claim 1, wherein, the method when tested on a Strict Avalanche Criterion for 2048 variations and an average percentage avalanche effect of 60% is achieved for a modified AES algorithm as compared to a traditional AES algorithm.
4. The method as claimed in claim 1, wherein, the FPGAs are used for an efficient hardware implementation of the modified AES algorithm.
5. The method as claimed in claim 1, wherein, a results of the method for a throughput and an area are compared with an existing non-pipelined and a pipelined designs and are found to achieve better performance.
6. The method as claimed in claim 1, wherein, the modified AES algorithm achieves a throughput of 59.3Gbps when synthesized on a XC6VLX240T device with a maximum frequency of 463.42MHz and 30.39Gbps when implemented on a XC6SLX150 with a maximum frequency of 237.45MHz.
7. The method as claimed in claim 1, wherein, the modified AES algorithmis implemented on a Spartan6 FPGA device.
8. The method as claimed in claim 1, wherein, an Abysmal analysis of the traditional AES algorithm implies that a security of AES lies in the S-box operations and hence, generating the S-box values (modified S-box) and the initial key required for the encryption/encryption (the improved key generation) using the PN sequence generator will help in increasing the AES algorithm security.
creating a PN sequence generator using a Linear Feedback Shift Register (LFSR) wherein, a number of states generated by the LFSR is determined by a feedback taps of a Generator Polynomial wherein, the feedbacks taps comprising a bits are XORed and a feedback from a 102 MSB side on each clock cycle results in cyclic shifting of previous value; and
storing an output states of 8-bit each of the PN Sequence Generator in a Look up Table (LUT) and the output states are given as an input to 256:1 multiplexer wherein, an 8-bit counter generates a value of 8-bit select lines of the multiplexer wherein, a counter is designed to count 16 states so as to select 16 input bytes and form the 128-bit (16x8) value at the output 104 and wherein, a key will comprise 16 distinct bytes and a large number of distinct keys can be obtained by changing an initial value of the counter for the select lines wherein, the keys can then be dynamically applied to different blocks of 128-bit plaintext from an entire message to be encrypted.
Figure 1
(b)
(c) (a) Figure 2
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2021106723A AU2021106723A4 (en) | 2021-08-24 | 2021-08-24 | A method for fpga implementation of aes algorithm with enhanced security features |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2021106723A AU2021106723A4 (en) | 2021-08-24 | 2021-08-24 | A method for fpga implementation of aes algorithm with enhanced security features |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| AU2021106723A4 true AU2021106723A4 (en) | 2022-02-17 |
Family
ID=80224828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU2021106723A Ceased AU2021106723A4 (en) | 2021-08-24 | 2021-08-24 | A method for fpga implementation of aes algorithm with enhanced security features |
Country Status (1)
| Country | Link |
|---|---|
| AU (1) | AU2021106723A4 (en) |
-
2021
- 2021-08-24 AU AU2021106723A patent/AU2021106723A4/en not_active Ceased
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tunstall et al. | Differential fault analysis of the advanced encryption standard using a single fault | |
| Kumar et al. | Development of modified AES algorithm for data security | |
| Mandal et al. | Performance evaluation of cryptographic algorithms: DES and AES | |
| Hong et al. | Related-key rectangle attacks on reduced versions of SHACAL-1 and AES-192 | |
| US8971526B2 (en) | Method of counter-measuring against side-channel attacks | |
| Agrawal et al. | Implementation and analysis of various symmetric cryptosystems | |
| Liu et al. | Chaos-based image hybrid encryption algorithm using key stretching and hash feedback | |
| Najm et al. | A proposed hybrid cryptography algorithm based on GOST and salsa (20) | |
| Kendhe et al. | A survey report on various cryptanalysis techniques | |
| El_Deen | Design and implementation of hybrid encryption algorithm | |
| Arshad et al. | New extension of data encryption standard over 128-bit key for digital images | |
| Wu et al. | Resynchronization Attacks on WG and LEX | |
| Sanap et al. | Analysis of encryption techniques for secure communication | |
| Mankotia et al. | A critical analysis of some symmetric key block cipher algorithms | |
| Mateescu et al. | A hybrid approach of system security for small and medium enterprises: Combining different cryptography techniques | |
| AlRoubiei et al. | Critical analysis of cryptographic algorithms | |
| AU2021106723A4 (en) | A method for fpga implementation of aes algorithm with enhanced security features | |
| Dandekar et al. | Design of AES-512 algorithm for communication network | |
| Sulaiman et al. | A new shift column transformation: an enhancement of Rijndael key scheduling | |
| Gupta et al. | Correlation power analysis on KASUMI: attack and countermeasure | |
| Rayarapu et al. | Securing files using AES algorithm | |
| Gnanambika et al. | AES-128 bit algorithm using fully pipelined architecture for secret communication | |
| Huang et al. | Securing an Efficient Lightweight AES Accelerator | |
| Landge et al. | Iterative architecture AES for secure VLSI based system design | |
| D’souza et al. | Design and implementation of AES using hybrid approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGI | Letters patent sealed or granted (innovation patent) | ||
| MK22 | Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry |