61 research outputs found

    Design and Verification of a Pipelined Advanced Encryption Standard (AES) Encryption Algorithm with a 256-bit Cipher Key Using the UVM Methodology

    Get PDF
    Encryption is the process of altering information to make it unreadable by anyone except those having the key that allows them to change information back to the original readable form. Encryption is important because it allows you to securely protect the data that you don’t want anyone else to have access to. Today, the Advanced Encryption Standard (AES) is the most widely adopted encryption method. Till date there are no cryptanalytic attacks discovered against AES. Hence the verification of the hardware implementation of the AES Core is of utmost importance. In this research paper, the design and verification of a pipelined AES hardware module using a 256-bit cipher key is discussed in detail. The verification environment is developed using the Universal Verification Methodology (UVM) and SystemVerilog. The verification environment will validate the implementation of the AES Encryption Algorithm by comparing the outputs of the hardware design Design Under Test and a reference model developed in C

    Functional verification framework of an AES encryption module

    Get PDF
    Over the time, the development of the digital design has increased dramatically and nowadays many different circuits and systems are designed for multiple purposes in short time lapses. However, this development has not been based only in the enhancement of the design tools, but also in the improvement of the verification tools, due to the outstanding role of the verification process that certifies the adequate performance and the fulfillment of the requirements. In the verification industry, robust methodologies such as the Universal Verification Methodology (UVM) are used, an example of this is [1], but they have not been implemented yet in countries such as Peru and they seem inconvenient for educational purposes. This research propose an alternative methodology for the verification process of designs at the industry scale with a modular structure that contributes to the development of more complex and elaborated designs in countries with little or none verification background and limited verification tools. This methodology is a functional verification methodology described in SystemVerilog and its effectiveness is evaluated in the verification of an AES (Advance Encryption Standard) encryption module obtained from [2]. The verification framework is based on a verification plan (developed in this research as well) with high quality standards as it is defined in the industry. This verification plan evaluates synchronization, data validity, signal stability, signal timing and behavior consistency using Assertions, functional coverage and code coverage. An analysis of the outcomes obtained shows that the AES encryption module was completely verified obtaining 100% of the Assertions evaluation, 100% of functional verification and over 95% of code coverage in all approaches (fsm, block, expression, toggle). Besides, the modular structure defines the intercommunication with the Design only in the bottom most level, which facilitates the reuse of the verification framework with different bus interfaces. Nonetheless, this unit level verification framework can be easily instantiated by a system level verification facilitating the scalability. Finally, the documentation, tutorials and verification plan templates were generated successfully and are aimed to the development of future projects in the GuE PUCP (Research group in Microelectronics). In conclusion, the methodology proposed for the verification framework of the AES encryption module is in fact capable of verifying designs at the industry scale with high level of reliability, defining a very detailed and standardized verification plan and containing a suitable structure for reuse and scalability.Tesi

    ASIC BENCHMARKING FOR PROPOSED LIGHTWEIGHT CRYPTOGRAPHY STANDARD XOODYAK

    Get PDF
    The U.S. National Institute of Standards and Technology (NIST) has initiated a process to standardize a “lightweight” cryptographic algorithm. Lightweight algorithms are designed for use in gate and performance-limited devices. This report compares an Application Specific Integrated Circuit (ASIC) implementation of the NIST Advanced Encryption Standard-128 (AES-128) and a competition finalist, Xoodyak. Implementations were written in SystemVerilog. Testing was performed using Vivado field programmable gate array simulations. Twenty six instances of AES and Xoodyak were built. These builds were optimized for throughput, clock frequency, and cell area, respectively. Size and performance benchmarks were obtained from builds using an 5nm and 16nm ASIC technology. Results indicate Xoodyak is capable of higher throughput than AES-128 while using a lower cell area.Outstanding ThesisLieutenant, United States NavyApproved for public release. Distribution is unlimited

    FPGA IMPLEMENTATION OF ADVANCE ENCRYPTION STANDARD WITH SINGLE KEY

    Get PDF
    Advanced Encryption Standard (AES), is known as most secured encryption standard now a days. Many researchers have implemented it in different languages like java, C and C++ with different algorithms. Recently the AES 128-bit has been implemented using Verilog on FPGA with equipped key being encrypted along with data input in whole process. In this paper the AES 128-bit encryption and decryption process with key which is only used for data input and is not encrypted throughout the encryption/decryption process. Results are same but our algorithm is slightly faster because only data is encrypted in the process of encryption, thus process time and area is optimized

    Crypto accelerators for power-efficient and realtime on-chip implementation of secure algorithms

    Get PDF
    The demand for data exchange is ever growing. Internet of Things (IoT), industry 4.0, smart city and next-generation interconnected vehicles are some examples of scenarios in which a high volume of nodes share data across networks. Hence, the data protection plays a fundamental aspect to avoid disclosure or manipulation of sensitive information and disruption of services, particularly in safety critical applications. On the other hand, also the compute power at disposal of possible attackers and hackers is growing, and next-future post-quantum capabilities will require the usage of longer keys, certificates and digital signatures, to preserve the security level offered by cryptographic functions. This will affect not only the amount of exchange data, but also the computational resources to secure data, increasing processing time, latencies and power consumption, and lowering data rates. In this work, we investigate different implementation strategies to overcome such performance limitations. This work provides a comparison among pure software approach (both on 32b and 64b processors) and hardware-based solutions we developed for FPGA and ASIC System-on-Chip platforms, for the most common symmetric-key and public-key cryptographic algorithms. The proposed hardware accelerators feature one order of magnitude higher throughput (and lower latency) and more than two orders lower power consumption than their software counterparts. A highly configurable cryptographic suite is proposed that can be customized according to the application requirements and thus able to increase as much as possible the efficiency in terms of energy per enciphered bits per secon

    Extensões para design de hardware digital em aplicações aeroespaciais

    Get PDF
    Dissertação de mestrado integrado em Engenharia de ComunicaçõesA comunicação é considerada por especialistas como uma necessidade básica para a sobrevivência dos seres humanos. Com os constantes avanços tecnológicos e conectividade eletrónica universal sente-se cada vez mais a necessidade e a importância do sigilo para a realização de operações de envio e receção de informação em aplicações, de forma a garantir segurança e fiabilidade da informação. Isto leva a uma maior consciência da necessidade de proteger dados e recursos de divulgação, para garantir a autenticidade da informação, e para proteger os sistemas de ataques na rede. Atualmente, dispositivos programáveis do tipo FPGA (Field Programmable Gate Array) são a principal opção para a implementação física de sistemas eletrónicos integrados, como tal diversas técnicas de tolerância a falhas têm sido propostas para a aplicação em FPGAs, por forma a tornar os sistemas confiáveis e com um alto desempenho, mesmo na ocorrência de falhas. O uso de HDLs (Hardware Description Language) para conceber implementações em FPGAs de elevada densidade é vantajoso, uma vez que as HDLs podem ser usadas para criar projetos grandes e complexos onde seja necessário que vários projetistas trabalhem em equipa, é possível que cada um possa trabalhar de forma independente em partes separadas de código. A base deste trabalho consiste no estudo de diferentes HDLs, e identificar os pontos onde o nível de abstração pode ser aumentando. Identificando possíveis constructs que permitirão um desenvolvimento mais rápido e uma mais fácil compreensão por terceiros, surgindo uma futura extensão do SystemVerilog. Nesta dissertação são implementadas novas metodologias para extensão da linguagem SystemVerilog tendo em conta o insuficiente nível de abstração na implementação de sistemas que requerem propriedades que implicam codificação minuciosa, como é o caso de sistemas com tolerância a falhas. É realizadoum case studyutilizando HDLs,que consiste na implementação, em hardware, de um algoritmo de encriptação eficiente para aplicações aeroespaciais com tolerância a falhas. A implementação, das técnicas de tolerância a falhas para aplicações aeroespaciais é essencial, devido a taxa de falhas por radiações cósmicas e ruido eletromagnéticoseja elevada no espaço quando comparada ao nível do mar, o que torna a análise das melhores técnicas de tolerância a falhas de suma importância. Uma vez que não existe nenhuma técnica capaz de garantir que um sistema seja totalmente imune a falhas, torna-se necessário a análise de qual das técnicas aplicadas amenizará a vulnerabilidade com menores custos a nível de implementação e desempenho.Communication is considered by specialists as a basic need for the survival of human beings. With the constant advances in technology and universal electronic connectivity is perceived the growing need and importance of secrecy to conduct transmission and reception operations of information in applications, to ensure safety and reliability of information. This leads to a greater awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of information, and to protect systems from network attacks. Nowadays, devices like programmable FPGA (Field Programmable Gate Array) are the main option for the physical implementation of integrated electronic systems, such as different fault tolerance techniques have been proposed for implementation on FPGAs, in order to make systems reliable and with high performance even in the occurrence of failures. The use of HDLs to design high density FPGAs implementations is advantageous since the HDLs can be used to create large and complex designs where it is necessary that several designers workas a team, it is possible that each can work independently on separate parts of code. The basis of this work consists on the study of different HDLs, and identifies the points where the level of abstraction can be increased. Identifying possible constructs that enable faster development and more easily understood by others, creating a future extensionofSystemVerilog. In this dissertation are implemented new methodologies for extension of SystemVerilog taking into consideration the insufficient level of abstraction in implementing systems that require properties which implymeticulous coding, as systems with fault tolerance. It is performed a case study using HDLs, which consists in the implementation in hardware of an efficient encryption algorithm for aerospace fault tolerant applications. The implementation techniques of fault tolerance are critical for aerospace applications, because the failure rate for cosmic radiation and electromagnetic noise is high in space when compared to sea level, which makes analysis of the best techniques for fault tolerance of great importance. Since there is not any technique which guarantees a system fully fault tolerant, it is necessary to analyze which the applied techniques will ease the vulnerability level with the lower costs implementation and performance

    Power Profile Obfuscation using RRAMs to Counter DPA Attacks

    Get PDF
    Side channel attacks, such as Differential Power Analysis (DPA), denote a special class of attacks in which sensitive key information is unveiled through information extracted from the physical device executing a cryptographic algorithm. This information leakage, known as side channel information, occurs from computations in a non-ideal system composed of electronic devices such as transistors. Power dissipation is one classic side channel source, which relays information of the data being processed. DPA uses statistical analysis to identify data-dependent correlations in sets of power measurements. Countermeasures against DPA focus on hiding or masking techniques at different levels of design abstraction and are typically associated with high power and area cost. Emerging technologies such as Resistive Random Access Memory (RRAM), offer unique opportunities to mitigate DPAs with their inherent memristor device characteristics such as variability in write time, ultra low power (0.1-3 pJ/bit), and high density (4F2). In this research, an RRAM based architecture is proposed to mitigate the DPA attacks by obfuscating the power profile. Specifically, a dual RRAM based memory module masks the power dissipation of the actual transaction by accessing both the data and its complement from the memory in tandem. DPA attack resiliency for a 128-bit AES cryptoprocessor using RRAM and CMOS memory modules is compared against baseline CMOS only technology. In the proposed AES architecture, four single port RRAM memory units store the intermediate state of the encryption. The correlation between the state data and sets of power measurement is masked due to power dissipated from inverse data access on dual RRAM memory. A customized simulation framework is developed to design the attack scenarios using Synopsys and Cadence tool suites, along with a Hamming weight DPA attack module. The attack mounted on a baseline CMOS architecture is successful and the full key is recovered. However, DPA attacks mounted on the dual CMOS and RRAM based AES cryptoprocessor yielded unsuccessful results with no keys recovered, demonstrating the resiliency of the proposed architecture against DPA attacks

    Design and Verification of an RSA Encryption Core

    Get PDF
    Cryptoprocessors are becoming a standard to make the data-usage more discrete. A wellknown elector-mechanical cipher machine called the “enigma machine” was used in early 20th century to encrypt all confidential military and diplomatic information. With the advent of microprocessors in late 20th century the world of cryptography revolutionized. A cryptosystem is system on chip which contains cryptography algorithms used for encryption and decryption of data. These cryptoprocessors are used in ATM’s and highly portable communication systems. Encryption and decryption are the fundamental processes behind any cryptosystem. There are many encryption and decryption algorithms available; one such algorithm is known as the RSA (Rivest-Shamir-Adlean) algorithm. This project focuses on development of an encryption cryptoprocessor which will deal with key generation, key distribution, and encryption parts of the RSA algorithm and also discusses the verification environment required to verify this core

    DIVAS: An LLM-based End-to-End Framework for SoC Security Analysis and Policy-based Protection

    Full text link
    Securing critical assets in a bus-based System-On-Chip (SoC) is imperative to mitigate potential vulnerabilities and prevent unauthorized access, ensuring the integrity, availability, and confidentiality of the system. Ensuring security throughout the SoC design process is a formidable task owing to the inherent intricacies in SoC designs and the dispersion of assets across diverse IPs. Large Language Models (LLMs), exemplified by ChatGPT (OpenAI) and BARD (Google), have showcased remarkable proficiency across various domains, including security vulnerability detection and prevention in SoC designs. In this work, we propose DIVAS, a novel framework that leverages the knowledge base of LLMs to identify security vulnerabilities from user-defined SoC specifications, map them to the relevant Common Weakness Enumerations (CWEs), followed by the generation of equivalent assertions, and employ security measures through enforcement of security policies. The proposed framework is implemented using multiple ChatGPT and BARD models, and their performance was analyzed while generating relevant CWEs from the SoC specifications provided. The experimental results obtained from open-source SoC benchmarks demonstrate the efficacy of our proposed framework.Comment: 15 pages, 7 figures, 8 table

    DPA-Resistant ASIC implementation of AES

    Get PDF
    With the increased proliferation of small embedded systems connected to the internet and the internet-of-things, the security concerns becomes increasingly important. Encryption, and the protection of encrypted circuits can be of great importance. With this thesis the aim was to design an encryption chip that was able to operate without leaking sensitive information even in the presence of a malicious adversary, specifically to be able to withstand differential power analysis attacks. A masked 128-bit data-path AES encryption and decryption architecture is proposed, supporting AES-128, 192 and 256 using cipher-block chaining mode of operation. Synthesized to 65nm technology, the system achieves a keymode- dependent throughput of 0.99-1.32 Gb/s operating at 400MHz with an average power consumption of 167.9mW. Our masking approach should withstand second order DPA-attacks at an area cost of 486% compared to the unmasked equivalent circuit
    corecore