FPGA Implementation using VHDL of the AES-GCM 256-bit Authenticated Encryption Algorithm

Η επίτευξη υψηλών ταχυτήτων μετάδοσης δεδομένων στα τηλεπικοινωνιακά δίκτυα μαζί με την ανάγκη για αξιόπιστη και ασφαλή μετάδοση των πληροφοριών ήταν πάντα μια πρόκληση. Η ανάγκη για επικοινωνία μέσο δημόσιων δικτύων με ασφαλή τρόπο, οδήγησε στην χρήση αλγόριθμων κρυπτογράφηση ασύμμετρου κλειδιού, οπού ένας μηχανισμός «χειραψίας» εξασφαλίζει την ασφαλή μετάδοση δεδομένων και την ακεραιότητα αυτών. Παρόλο που μαθηματικά δεν έχει αποδειχτεί ότι αυτοί οι αλγόριθμοι είναι άτρωτοι σε κρυπτογραφικές επιθέσεις, υπάρχουν ισχυρές ενδείξεις ότι είναι ανθεκτικοί στις περισσότερες κάνοντας την επίθεση ωμής βίας (bruteforce) την μόνη που έχει 100% πιθανότητα επιτυχίας δεδομένης τεράστιας υπολογιστικής ισχύος. Ενώ οι αλγόριθμοι ασύμμετρου κλειδιού ήταν η λύση για τις δημόσιες επικοινωνίες, η συνεχής απαίτηση για μεγαλύτερο εύρος ζώνης, έκανε την χρήση τους μη αποδοτική λόγο του υψηλού κόστους που απαιτούν σε υπολογιστική ισχύ. Η λύση στο πρόβλημα ήρθε με την υβριδική χρήση αλγορίθμων συμμετρικού και ασύμμετρου κλειδιού, έτσι ώστε να διατηρείτε ασφαλή μεταφορά δεδομένων αλλά η ταχύτητα επεξεργασίας των δεδομένων να αυξηθεί σημαντικά. Η ανάλυση στους συμμετρικούς αλγόριθμους οδήγησε στην δημιουργία του αλγορίθμου κρυπτογράφησης Advanced Encryption Standard (AES) που δημοσιεύτηκε από τον οργανισμό NIST το 2001, ως διάδοχο του DES. Η ανάγκη για αυθεντικοποίηση των δεδομένων οδήγησε στην δημιουργίας του αλγορίθμου GCM όπου μπορεί να αυθεντικοποιήσει μια ροή δεδομένων με αξιόπιστο και αποδοτικό τρόπο. Και οι δύο αλγόριθμοι έχουν το πλεονέκτημα ότι μπορεί να υλοποιηθούν εύκολα τόσο σε λογισμικό όσο και σε υλικό. Με την ζήτηση για υψηλές ταχύτητες να είναι μεγάλη, η υλοποίηση σε υλικό γίνεται μια όλο και πιο ελκυστική επιλογή. Οι πυρήνες IP με βάση την τεχνολογία FPGA μπορούν να υλοποιήσουν αυτούς τους αλγόριθμους με την χρήση γλωσσών περιγραφής υλικού όπως η VHDL,και να προσφέρουν αξιόπιστη και υψηλών ταχυτήτων επεξεργασία δεδομένων. Σε αυτή την εργασία σχεδιάσαμε χρησιμοποιώντας την γλώσσα VHDL και υλοποιήσαμε στο FPGA Virtex 5 XC5VFX130T της Xilinx, τον αλγόριθμό κρυπτογράφησης AES με το πρωτόκολλο αυθεντικοποίησης GCM, με μέγεθος κλειδιού στα 256 bits. Η υλοποίηση μας βασίζεται σε μια μη σωληνομένη εκδοχή του αλγορίθμου AES που μπορεί να κρυπτογραφήσει ένα μπλοκ 128 bits σε 15 κύκλους. Η αυθεντικοποίηση του μηνύματος μπορεί να επιτευχθεί σε 16 κύκλους. Η υλοποίηση μας με IV = 96 bits και παράλληλο πολλαπλασιαστή χρειάζεται 5% από τα slices και 1% από τα BRAMs του Virtex-5 XC5VFX130T FPGA. Η μέγιστη δυνατή συχνότητα είναι 227.690 MHz.Achieving high-speed network performance along with data integrity and security was always a challenge. The necessity to communicate through public channels securely led to the use of asymmetric key cryptography algorithms that commonly use a “hand-shake” mechanism allowing the implementation of a “trust” system that could quarantine the security of the transaction and the integrity of the data as long as the algorithm could provide strong resistance to cryptographic attacks. Although, there is no mathematical proof that these algorithms are invulnerable to attacks there is strong indication that they are highly resistant to most of them, making brute force the only attack that can have a 100% success rate which is countered by the huge computational power someone needs to succeed. While asymmetric key cryptography algorithms where the solution to public communication, the ongoing demand for higher bandwidth made the use of them inefficient, because the complexity of the algorithms demanded a processing cost that were creating latency gaps. A solution to this problem was the use of symmetric key algorithms for data transactions were the processing cost is much lower, so that the transaction security was intact but the bottleneck on the encryption/decryption speed limit was increased. The analysis in symmetric cryptographic algorithms resulted in the creation of the Advanced Encryption Standard (AES) published by NIST in 2001. Also the need of authentication and integrity of information transmitted, resulted in the creation of the AES-GCM mode which can authenticate a stream of data (up to 68Gb) with reliable and efficient way. Both algorithms have the advantage to be easily implemented in both software and hardware. With the demand of high speed interaction between networks and systems, it became clear that hardware solutions were the leading option to cover this demand. FPGA-based IP cores can implement those algorithms, with the use of hardware description language like VHDL, and provide accurate, reliable and high speed data process. In this thesis, we have designed in VHDL and implemented in Xilinx Virtex-5 FPGA technology an AES-GCM algorithm that performs authenticated encryption with an encryption key of 256 bits. Our AES-GCM implementation utilizes a non-pipelined version of the AES core and needs 15 cycles to encrypt 128-bits of plaintext, which is the minimum encryption duration supported without pipelining. Concerning the authentication process, our IP core can complete the authenticate process in 16 cycles. Our implementation of the AES-GCM algorithm with AES key = 256 bit, initialization vector (IV) vector = 96 bit, and a full parallel GHASH multiplier on a Xilinx’s Virtex-5 XC5VFX130T FPGA that is pin-to-pin compatible with the Space-grade Xilinx’s Virtex-5QV FPGA requires 5% of slices and 1% of BRAMs. The maximum achievable clock frequency is 227.690 MHz

Data Acquisition Applications

Data acquisition systems have numerous applications. This book has a total of 13 chapters and is divided into three sections: Industrial applications, Medical applications and Scientific experiments. The chapters are written by experts from around the world, while the targeted audience for this book includes professionals who are designers or researchers in the field of data acquisition systems. Faculty members and graduate students could also benefit from the book

A review and open issues of multifarious image steganography techniques in spatial domain

Nowadays, information hiding is becoming a helpful technique and fetch more attention due fast growth of using internet, it is applied for sending secret information by using different techniques. Steganography is one of major important technique in information hiding. Steganography is science of concealing the secure information within a carrier object to provide the secure communication though the internet, so that no one can recognize and detect it’s except the sender & receiver. In steganography, many various carrier formats can be used such as an image, video, protocol, audio. The digital image is most popular used as a carrier file due its frequency on internet. There are many techniques variable for image steganography, each has own strong and weak points. In this study, we conducted a review of image steganography in spatial domain to explore the term image steganography by reviewing, collecting, synthesizing and analyze the challenges of different studies which related to this area published from 2014 to 2017. The aims of this review is provides an overview of image steganography and comparison between approved studies are discussed according to the pixel selection, payload capacity and embedding algorithm to open important research issues in the future works and obtain a robust method

A novel symmetric image cryptosystem resistant to noise perturbation based on S8 elliptic curve S-boxes and chaotic maps

The recent decade has seen a tremendous escalation of multimedia and its applications. These modern applications demand diverse security requirements and innovative security platforms. In this manuscript, we proposed an algorithm for image encryption applications. The core structure of this algorithm relies on confusion and diffusion operations. The confusion is mainly done through the application of the elliptic curve and S8 symmetric group. The proposed work incorporates three distinct chaotic maps. A detailed investigation is presented to analyze the behavior of chaos for secure communication. The chaotic sequences are then accordingly applied to the proposed algorithm. The modular approach followed in the design framework and integration of chaotic maps into the system makes the algorithm viable for a variety of image encryption applications. The resiliency of the algorithm can further be enhanced by increasing the number of rounds and S-boxes deployed. The statistical findings and simulation results imply that the algorithm is resistant to various attacks. Moreover, the algorithm satisfies all major performance and quality metrics. The encryption scheme can also resist channel noise as well as noise-induced by a malicious user. The decryption is successfully done for noisy data with minor distortions. The overall results determine that the proposed algorithm contains good cryptographic properties and low computational complexity makes it viable to low profile applications

Hardware realization of discrete wavelet transform cauchy Reed Solomon minimal instruction set computer architecture for wireless visual sensor networks

Large amount of image data transmitting across the Wireless Visual Sensor Networks (WVSNs) increases the data transmission rate thus increases the power transmission. This would inevitably decreases the operating lifespan of the sensor nodes and affecting the overall operation of WVSNs. Limiting power consumption to prolong battery lifespan is one of the most important goals in WVSNs. To achieve this goal, this thesis presents a novel low complexity Discrete Wavelet Transform (DWT) Cauchy Reed Solomon (CRS) Minimal Instruction Set Computer (MISC) architecture that performs data compression and data encoding (encryption) in a single architecture. There are four different programme instructions were developed to programme the MISC processor, which are Subtract and Branch if Negative (SBN), Galois Field Multiplier (GF MULT), XOR and 11TO8 instructions. With the use of these programme instructions, the developed DWT CRS MISC were programmed to perform DWT image compression to reduce the image size and then encode the DWT coefficients with CRS code to ensure data security and reliability. Both compression and CRS encoding were performed by a single architecture rather than in two separate modules which require a lot of hardware resources (logic slices). By reducing the number of logic slices, the power consumption can be subsequently reduced. Results show that the proposed new DWT CRS MISC architecture implementation requires 142 Slices (Xilinx Virtex-II), 129 slices (Xilinx Spartan-3E), 144 Slices (Xilinx Spartan-3L) and 66 Slices (Xilinx Spartan-6). The developed DWT CRS MISC architecture has lower hardware complexity as compared to other existing systems, such as Crypto-Processor in Xilinx Spartan-6 (4828 Slices), Low-Density Parity-Check in Xilinx Virtex-II (870 slices) and ECBC in Xilinx Spartan-3E (1691 Slices). With the use of RC10 development board, the developed DWT CRS MISC architecture can be implemented onto the Xilinx Spartan-3L FPGA to simulate an actual visual sensor node. This is to verify the feasibility of developing a joint compression, encryption and error correction processing framework in WVSNs

Hardware realization of discrete wavelet transform cauchy Reed Solomon minimal instruction set computer architecture for wireless visual sensor networks

Large amount of image data transmitting across the Wireless Visual Sensor Networks (WVSNs) increases the data transmission rate thus increases the power transmission. This would inevitably decreases the operating lifespan of the sensor nodes and affecting the overall operation of WVSNs. Limiting power consumption to prolong battery lifespan is one of the most important goals in WVSNs. To achieve this goal, this thesis presents a novel low complexity Discrete Wavelet Transform (DWT) Cauchy Reed Solomon (CRS) Minimal Instruction Set Computer (MISC) architecture that performs data compression and data encoding (encryption) in a single architecture. There are four different programme instructions were developed to programme the MISC processor, which are Subtract and Branch if Negative (SBN), Galois Field Multiplier (GF MULT), XOR and 11TO8 instructions. With the use of these programme instructions, the developed DWT CRS MISC were programmed to perform DWT image compression to reduce the image size and then encode the DWT coefficients with CRS code to ensure data security and reliability. Both compression and CRS encoding were performed by a single architecture rather than in two separate modules which require a lot of hardware resources (logic slices). By reducing the number of logic slices, the power consumption can be subsequently reduced. Results show that the proposed new DWT CRS MISC architecture implementation requires 142 Slices (Xilinx Virtex-II), 129 slices (Xilinx Spartan-3E), 144 Slices (Xilinx Spartan-3L) and 66 Slices (Xilinx Spartan-6). The developed DWT CRS MISC architecture has lower hardware complexity as compared to other existing systems, such as Crypto-Processor in Xilinx Spartan-6 (4828 Slices), Low-Density Parity-Check in Xilinx Virtex-II (870 slices) and ECBC in Xilinx Spartan-3E (1691 Slices). With the use of RC10 development board, the developed DWT CRS MISC architecture can be implemented onto the Xilinx Spartan-3L FPGA to simulate an actual visual sensor node. This is to verify the feasibility of developing a joint compression, encryption and error correction processing framework in WVSNs

Energy Saving Mechanisms in the Security of the Internet of Things

Energy consumption is one of the priorities of security on the Internet of Things. It is not easy to find the best solutions that will reduce energy consumption, while ensuring that the security requirements are met. Many of the issues that have been presented so far have covered the basics of security, such as the basic principles of encryption, extension environments, target applications, and so on.This paper examines one of the most effective energy-efficiency mechanisms for providing Internet-based security services. By studying techniques that enable the development of advanced energy-efficient security solutions, we take a closer look at the ideas that have already been introduced in this area. In this study, not only the security issues, but also the energy impacts on solutions have been considered. Initially, the amount of energy related to security services is introduced. Then a classification is proposed for energy efficient mechanisms on the Internet of Things. Finally, the main drivers of the impact of energy saving techniques are analyzed for security solutions

Abstracts 2016: Highlights of Student Research and Creative Endeavors

What follows is a collection of abstracts summarizing the scholarship conducted by undergraduates at Columbus State University during the 2015-2016 academic year. These projects highlight undergraduate research conducted in a wide variety of disciplines, ranging from literary analysis to laboratory based sciences. The abstracts represent many ongoing projects on our campus and catalog those that have been published or presented. This volume begins with projects that have been selected for presentations at national, regional, and statewide disciplinary conferences. Among them are several that have garnered awards for outstanding undergraduate scholarship. Projects that have received competitive research grants, including our campus Student Research and Creative Endeavors (S-RACE) Grants, are also featured. Many undergraduates have presented their work with our local community, either through the dissemination of best practices in nursing to regional hospitals, colloquium presentations of lecture-recitals at the RiverCenter for the Performing Arts, or at Columbus State University\u27s Tower Day held in April 2016. Together these abstracts demonstrate the commitment of our faculty to engage students in their disciplines and represent outstanding mentorship that occurs on and off our campus throughout the year. Our students have amassed an impressive collection of projects that contributes to both academia and our local community, and these abstracts will hopefully inspire others to delve into scientific and creative inquiry.https://csuepress.columbusstate.edu/abstracts/1010/thumbnail.jp

Novel reversible text data de-identification techniques based on native data structures

Technological development in today's digital world has resulted in the collection and storage of large amounts of personal data. These data enable both direct services and non-direct activities, known as secondary use. The secondary use of data can improve decision-making, service experiences, and healthcare systems. However, the widespread reuse of personal data raises significant privacy and policy issues, especially for health- related information; these data may contain sensitive data, leading to privacy breaches if compromised. Legal systems establish laws to protect the privacy of personal data disclosed for secondary use. A well-known example is the General Data Protection Regulation (GDPR), which outlines a specific set of rules for sharing and storing personal data to protect individual privacy. The GDPR explicitly points to data de-identification, especially pseudonymization, as one measure that can help meet the requirements for the processing of personal data. The literature on privacy preservation approaches has largely been developed in the field of data anonymization, where personal data are irreversibly removed or obfuscated and there is no means by which to recover an individual's identity if needed. By contrast, pseudonymization is a promising technique to protect privacy while enabling the recovery of de-identified data. Significantly, many existing approaches for pseudonymization were developed long before the GDPR requirements were established, and so they may fail to satisfy its provisions. Therefore, it is worthwhile to offer technical solutions to preserve privacy while supporting the legitimate use of data. This thesis proposes a novel de-identification system for unstructured textual data, known as ARTPHIL, that generates de-identified data in compliance with the GDPR requirement for strong pseudonymization. The system was evaluated using 2014 i2b2 testing data. The proposed system achieved a recall of 96.93% in terms of detecting and encrypting personal health information, as specified under guidelines provided by the Health Insurance Portability and Accountability Act (HIPAA). The system used a novel and lightweight cryptography algorithm E-ART to encrypt personal data cost-effectively and without compromising security. The main novelty of the E-ART algorithm is the use of the reflection property of a balanced binary tree data structure as substitution method instead of complex and multiple iterations. The performance and security of the proposed algorithm were compared to two symmetric encryption algorithms: The Advanced Encryption Standard and Data Encryption Standard. The security analysis showed comparable results, but the performance analysis indicated that E‐ART had the shortest ciphertext and running time with comparable memory usage, which indicates the feasibility of using ARTPHIL for delay-sensitive or data-intensive application