High Throughput Implementation of RIPEMD-160 using Unfolding Transformation

Cryptographic hash function is important for digital signature, Hash Message Authentication Code (HMAC) and other data security application. There are different types of hash function such as MD5, SHA-1, RIPEMD-160, SHA-2 and others. In this paper, RIPEMD-160 algorithm has been chosen as one of the hash functions because of the parallel inner structure of this algorithm. The objective of this research is to design and implement RIPEMD-160 with high throughput using different types of methodology. Three types of methodology are iterative, pipelining and unfolding design. These methodologies were applied to this RIPEMD-160 design in order to analyze the results of maximum frequency, area implementation and throughput of the design on Arria II GX FPGA family device. By using unfolding transformation, the throughput of the RIPEMD-160 can be improved which is about 1029.50 Mbps

Cryptoraptor : high throughput reconfigurable cryptographic processor for symmetric key encryption and cryptographic hash functions

textIn cryptographic processor design, the selection of functional primitives and connection structures between these primitives are extremely crucial to maximize throughput and flexibility. Hence, detailed analysis on the specifications and requirements of existing crypto-systems plays a crucial role in cryptographic processor design. This thesis provides the most comprehensive literature review that we are aware of on the widest range of existing cryptographic algorithms, their specifications, requirements, and hardware structures. In the light of this analysis, it also describes a high performance, low power, and highly flexible cryptographic processor, Cryptoraptor, that is designed to support both today's and tomorrow's encryption standards. To the best of our knowledge, the proposed cryptographic processor supports the widest range of cryptographic algorithms compared to other solutions in the literature and is the only crypto-specific processor targeting the future standards as well. Unlike previous work, we aim for maximum throughput for all known encryption standards, and to support future standards as well. Our 1GHz design achieves a peak throughput of 128Gbps for AES-128 which is competitive with ASIC designs and has 25X and 160X higher throughput per area than CPU and GPU solutions, respectively.Electrical and Computer Engineerin

An analyzing process on wireless protection criteria focusing on (WPA) within computer network security

Network security from a long ago approaches to cryptography and hash functions which are tremendous and due to the weakness of different vulnerabilities in the networks and obviously there is a significant need for analyzes. In this manuscript, the state-of-the-art wireless environment is focused solely on the sensor technology, in which security needs to be integrated with the Wireless Protected Access (WPA) standards. Wireless networking includes numerous points of view from wireless sensor systems, ad hoc mobile devices, Wi-Max and many more. The authentication and dynamic encryption is modified by system managers so that general communication can be anchored without any sniper effort in order to perform higher degrees of security and overall execution. The key exchange mechanism in wireless systems such as forward cases is accompanied by the sophisticated cryptography so as to anchor the whole computer state. The manuscript carries out a significant audit of test points of view using the methodologies used for the cryptography angle for protection and honesty in the wireless case, stressing Wi-Fi Secure Protected (WPA) needs

On the Exploitation of a High-throughput SHA-256 FPGA Design for HMAC

High-throughput and area-efficient designs of hash functions and corresponding mechanisms for Message Authentication Codes (MACs) are in high demand due to new security protocols that have arisen and call for security services in every transmitted data packet. For instance, IPv6 incorporates the IPSec protocol for secure data transmission. However, the IPSec's performance bottleneck is the HMAC mechanism which is responsible for authenticating the transmitted data. HMAC's performance bottleneck in its turn is the underlying hash function. In this article a high-throughput and small-size SHA-256 hash function FPGA design and the corresponding HMAC FPGA design is presented. Advanced optimization techniques have been deployed leading to a SHA-256 hashing core which performs more than 30% better, compared to the next better design. This improvement is achieved both in terms of throughput as well as in terms of throughput/area cost factor. It is the first reported SHA-256 hashing core that exceeds 11Gbps (after place and route in Xilinx Virtex 6 board)

Técnicas de segurança para a internet das coisas

Mestrado em Engenharia de Computadores e TelemáticaIoT assume que dispositivos limitados, tanto em capacidades computacionais como em energia disponível, façam parte da sua infraestrutura. Dispositivos esses que apresentam menos capacidades e mecanismos de defesa do que as máquinas de uso geral. É imperativo aplicar segurança nesses dispositivos e nas suas comunicações de maneira a prepará-los para as ameaças da Internet e alcançar uma verdadeira e segura Internet das Coisas, em concordância com as visões atuais para o futuro. Esta dissertação pretende ser um pequeno passo nesse sentido, apresentando alternativas para proteger as comunicações de dispositivos restritos numa perspetiva de performance assim como avaliar o desempenho e a ocupação de recursos por parte de primitivas criptográficas quando são aplicadas em dispositivos reais. Dado que a segurança em diversas ocasiões tem de se sujeitar aos recursos deixados após a implementação de funcionalidades, foi colocada uma implementação de exposição de funcionalidades, recorrendo ao uso de CoAP, num dispositivo fabricado com intenção de ser usado em IoT e avaliada de acordo com a sua ocupação de recursos.IoT comprehends devices constrained in both computational capabilities and available energy to be a part of its infrastructure. Devices which also present less defense capabilities and mechanisms than general purpose machines. It’s imperative to secure such devices and their communications in order to prepare them for the Internet menaces and achieve a true and secure Internet of Things compliant with today’s future visions. This dissertation intends to be a small step towards such future by presenting alternatives to protect constrained device’s communications in a performance related perspective as well as benchmarks and evaluation of resources used by cryptographic primitives when implemented on real devices. Due to security being on multiple occasions subjected to the resources available only after functionalities implementation, a minimalist implementation of functionalities exposure through the use of CoAP was also deployed in an IoT intended device and assessed according to resource overhead

Multilevel adaptive security system

Recent trends show increased demand for content-rich media such as images, videos and text in ad-hoc communication. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such information over resource constrained ad hoc networks. In this work, traditional data security mechanisms, existing ad hoc secure routing protocols and multilevel security are first reviewed. Then a new system, called the Multilevel Adaptive Security System, which incorporates the multilevel security concept at both the application layer and the network layer, is proposed to provide adaptive security services for data and routing processes. MLASS is composed of two subsystems: Content-Based Multi-level Data Security (CB-MLDS) for content-rich data protection and Multi-Level On-demand Secure Mobile Ad hoc Routing (MOSAR) for secure route selection. The structure of each sub-system is explained in detail; experiments for each sub-system were conducted and the performance was analyzed. It is shown that MLASS is a practical security solution that is flexible enough to adapt to a range of security requirements and applies appropriate level of security services to data and its distribution over ad hoc networks. MLASS provides a balance between security, performance and resource

Desempenho de Algoritmos de Hashing e de Cifragem em Dispositivos IoT

O presente trabalho de projeto tem como objetivo realizar um estudo sobre o desempenho de algoritmos de hashing e de cifragem num ambiente IoT. Para tal definiram-se alguns parâmetros de medição considerados cruciais, como a utilização do processador, utilização de memória, latência e taxa de transferência. Foi realizado um estudo teórico que explica conceitos de segurança em IoT, assim como a sua arquitetura, os protocolos de comunicação IoT mais utilizados, o funcionamento e arquitetura dos protocolos CoAP e o MQTT, e é feita uma explicação dos dois tipos de algoritmos em análise. São também detalhados os vários algoritmos de hashing e de cifragem utilizados para a realização dos testes, nomeadamente MD5, SHA-256, Blake2 e RIPEMD-160 para os algoritmos de hashing, e AES, RC4, DES e Blowfish para os algoritmos de cifragem. É apresentada a metodologia seguida para a realização dos testes e apresentado o ambiente IoT simulado com recurso a um Raspberry Pi 3. Foram desenvolvidos scripts que permitiram a medição e envio de mensagens com vários tamanhos e em várias quantidades, por teste, para um broker MQTT. É também detalhado o script padrão e todas as alterações necessárias para a implementação de cada algoritmo. Este trabalho originou um conjunto de resultados que são apresentados no documento e que permitem perceber quais os algoritmos que são vantajosos em diversos cenários IoT, principalmente para dispositivos de fracos recursos