Моделювання режиму вибіркового гамування із прискореним виробленням імітовставки

This article discusses the selective Galois counter mode with rapid generation of Galois message authentication code (Galois/Counter Mode and GMAC - GCM & GMAC). Specification of this coding mode is presented in NIST SP 800-38D. This coding mode is designed for realization of rapid cryptotransformation in providing information security services using different cryptographic primitives, such as polynomial hashing, counter and other. Using of proposed coding mode ensures the integrity and confidentiality of information. The article developed a reduced model of the mode. Reduced model preserves the algebraic structure of all main cryptotransformations by their scaling. Developed reduced model will use for experimental studies of collision properties of generated message authentication codes using the methods of statistical testing of hypotheses and mathematical statistics. This article discusses practical examples of cryptoprimitives and cryptotransformations.Рассматривается режим выборочного гаммирования с ускоренной выработкой имитовставки (Galois/Counter Mode and GMAC), спецификация которого представлена в NIST SP 800-38D. Разрабатывается уменьшенная модель режима, которая сохраняет алгебраическую структуру всех основных криптопреобразований и позволяет за счёт их масштабирования провести экспериментальные исследования коллизионных свойств сформированных имитовставок с последующим прогнозированием уровня криптографической стойкости полной версии шифра.Розглядається режим вибіркового гамування із прискореним виробленням імітовставки (Galois/Counter Mode and GMAC), специфікацію якого наведено у стандарті NIST SP 800-38D. Розробляється зменшена модель режиму, яка зберігає алгебраїчну структуру всіх основних криптоперетворень та дозволяє за рахунок їхнього масштабування провести експериментальні дослідження колізійних властивостей формованих імітовставок з подальшим прогнозуванням рівня криптографічного стійкості повної версії шифру

Моделювання режиму вибіркового гамування із прискореним виробленням імітовставки

This article discusses the selective Galois counter mode with rapid generation of Galois message authentication code (Galois/Counter Mode and GMAC - GCM & GMAC). Specification of this coding mode is presented in NIST SP 800-38D. This coding mode is designed for realization of rapid cryptotransformation in providing information security services using different cryptographic primitives, such as polynomial hashing, counter and other. Using of proposed coding mode ensures the integrity and confidentiality of information. The article developed a reduced model of the mode. Reduced model preserves the algebraic structure of all main cryptotransformations by their scaling. Developed reduced model will use for experimental studies of collision properties of generated message authentication codes using the methods of statistical testing of hypotheses and mathematical statistics. This article discusses practical examples of cryptoprimitives and cryptotransformations.Рассматривается режим выборочного гаммирования с ускоренной выработкой имитовставки (Galois/Counter Mode and GMAC), спецификация которого представлена в NIST SP 800-38D. Разрабатывается уменьшенная модель режима, которая сохраняет алгебраическую структуру всех основных криптопреобразований и позволяет за счёт их масштабирования провести экспериментальные исследования коллизионных свойств сформированных имитовставок с последующим прогнозированием уровня криптографической стойкости полной версии шифра.Розглядається режим вибіркового гамування із прискореним виробленням імітовставки (Galois/Counter Mode and GMAC), специфікацію якого наведено у стандарті NIST SP 800-38D. Розробляється зменшена модель режиму, яка зберігає алгебраїчну структуру всіх основних криптоперетворень та дозволяє за рахунок їхнього масштабування провести експериментальні дослідження колізійних властивостей формованих імітовставок з подальшим прогнозуванням рівня криптографічного стійкості повної версії шифру

High-speed Side-channel-protected Encryption and Authentication in Hardware

This paper describes two FPGA implementations for the encryption and authentication of data, based on the AES algorithm running in Galois/Counter mode (AES-GCM). Both architectures are protected against side-channel analysis attacks through the use of a threshold implementation (TI). The first architecture is fully unrolled and optimized for throughput. The second architecture uses a round-based structure, fits on a relatively small FPGA board, and is evaluated for side-channel attack resistance. We perform a Test Vector Leakage Assessment (TVLA), which shows no first-order leakage in the power consumption of the FPGA. To the best of our knowledge, our work is (1) the first to describe a throughput-optimized FPGA architecture of AES-GCM, protected against first-order side-channel information leakage, and (2) the first to evaluate the side-channel attack resistance of a TI-protected AES-GCM implementation

A reconfigurable and scalable efficient architecture for AES

ix, 77 leaves : ill. ; 29 cm.A new 32-bit reconfigurable FPGA implementation of AES algorithm is presented in this thesis. It employs a single round architecture to minimize the hardware cost. The combinational logic implementation of S-Box ensures the suitability for non-Block RAMs (BRAMs) FPGA devices. Fully composite field GF((24)2) based encryption and keyschedule lead to the lower hardware complexity and convenience for the efficient subpipelining. For the first time, a subpipelined on-the-fly keyschedule over composite field GF((24)2) is applied for the all standard key sizes (128-, 192-, 256-bit). The proposed architecture achieves a throughput of 805.82Mbits/s using 523 slices with a ratio throughput/slice of 1.54Mbps/Slice on Xilinx Virtex2 XC2V2000 ff896 device

Parallel Multiplier Designs for the Galois/Counter Mode of Operation

The Galois/Counter Mode of Operation (GCM), recently standardized by NIST, simultaneously authenticates and encrypts data at speeds not previously possible for both software and hardware implementations. In GCM, data integrity is achieved by chaining Galois field multiplication operations while a symmetric key block cipher such as the Advanced Encryption Standard (AES), is used to meet goals of confidentiality. Area optimization in a number of proposed high throughput GCM designs have been approached through implementing efficient composite Sboxes for AES. Not as much work has been done in reducing area requirements of the Galois multiplication operation in the GCM which consists of up to 30% of the overall area using a bruteforce approach. Current pipelined implementations of GCM also have large key change latencies which potentially reduce the average throughput expected under traditional internet traffic conditions. This thesis aims to address these issues by presenting area efficient parallel multiplier designs for the GCM and provide an approach for achieving low latency key changes. The widely known Karatsuba parallel multiplier (KA) and the recently proposed Fan-Hasan multiplier (FH) were designed for the GCM and implemented on ASIC and FPGA architectures. This is the first time these multipliers have been compared with a practical implementation, and the FH multiplier showed note worthy improvements over the KA multiplier in terms of delay with similar area requirements. Using the composite Sbox, ASIC designs of GCM implemented with subquadratic multipliers are shown to have an area savings of up to 18%, without affecting the throughput, against designs using the brute force Mastrovito multiplier. For low delay LUT Sbox designs in GCM, although the subquadratic multipliers are a part of the critical path, implementations with the FH multiplier showed the highest efficiency in terms of area resources and throughput over all other designs. FPGA results similarly showed a significant reduction in the number of slices using subquadratic multipliers, and the highest throughput to date for FPGA implementations of GCM was also achieved. The proposed reduced latency key change design, which supports all key types of AES, showed a 20% improvement in average throughput over other GCM designs that do not use the same techniques. The GCM implementations provided in this thesis provide some of the most area efficient, yet high throughput designs to date

Reliable and High-Performance Hardware Architectures for the Advanced Encryption Standard/Galois Counter Mode

The high level of security and the fast hardware and software implementations of the Advanced Encryption Standard (AES) have made it the first choice for many critical applications. Since its acceptance as the adopted symmetric-key algorithm, the AES has been utilized in various security-constrained applications, many of which are power and resource constrained and require reliable and efficient hardware implementations. In this thesis, first, we investigate the AES algorithm from the concurrent fault detection point of view. We note that in addition to the efficiency requirements of the AES, it must be reliable against transient and permanent internal faults or malicious faults aiming at revealing the secret key. This reliability analysis and proposing efficient and effective fault detection schemes are essential because fault attacks have become a serious concern in cryptographic applications. Therefore, we propose, design, and implement various novel concurrent fault detection schemes for different AES hardware architectures. These include different structure-dependent and independent approaches for detecting single and multiple stuck-at faults using single and multi-bit signatures. The recently standardized authentication mode of the AES, i.e., Galois/Counter Mode (GCM), is also considered in this thesis. We propose efficient architectures for the AES-GCM algorithm. In this regard, we investigate the AES algorithm and we propose low-complexity and low-power hardware implementations for it, emphasizing on its nonlinear transformation, i.e., SubByes (S-boxes). We present new formulations for this transformation and through exhaustive hardware implementations, we show that the proposed architectures outperform their counterparts in terms of efficiency. Moreover, we present parallel, high-performance new schemes for the hardware implementations of the GCM to improve its throughput and reduce its latency. The performance of the proposed efficient architectures for the AES-GCM and their fault detection approaches are benchmarked using application-specific integrated circuit (ASIC) and field-programmable gate array (FPGA) hardware platforms. Our comparison results show that the proposed hardware architectures outperform their existing counterparts in terms of efficiency and fault detection capability