Optimized Architecture for AES

This paper presents a highly optimized architecture for Advanced Encryption Standard (AES) by dividing and merging (combining) different sub operations in AES algorithm. The proposed architecture uses ten levels of pipelining to achieve higher throughput and uses Block-RAM utility to reduce slice utilization which subsequently increases the efficiency. It achieves the data stream of 57 Gbps at 451 MHz working frequency and obtains 36% improvement in efficiency to the best known similar design throughput per area (Throughput/Area) and 35% smaller in slice area. This architecture can easily be embedded with other modules because of significantly reduced slice utilization

An IoT Endpoint System-on-Chip for Secure and Energy-Efficient Near-Sensor Analytics

Near-sensor data analytics is a promising direction for IoT endpoints, as it minimizes energy spent on communication and reduces network load - but it also poses security concerns, as valuable data is stored or sent over the network at various stages of the analytics pipeline. Using encryption to protect sensitive data at the boundary of the on-chip analytics engine is a way to address data security issues. To cope with the combined workload of analytics and encryption in a tight power envelope, we propose Fulmine, a System-on-Chip based on a tightly-coupled multi-core cluster augmented with specialized blocks for compute-intensive data processing and encryption functions, supporting software programmability for regular computing tasks. The Fulmine SoC, fabricated in 65nm technology, consumes less than 20mW on average at 0.8V achieving an efficiency of up to 70pJ/B in encryption, 50pJ/px in convolution, or up to 25MIPS/mW in software. As a strong argument for real-life flexible application of our platform, we show experimental results for three secure analytics use cases: secure autonomous aerial surveillance with a state-of-the-art deep CNN consuming 3.16pJ per equivalent RISC op; local CNN-based face detection with secured remote recognition in 5.74pJ/op; and seizure detection with encrypted data collection from EEG within 12.7pJ/op.Comment: 15 pages, 12 figures, accepted for publication to the IEEE Transactions on Circuits and Systems - I: Regular Paper

High-speed Side-channel-protected Encryption and Authentication in Hardware

This paper describes two FPGA implementations for the encryption and authentication of data, based on the AES algorithm running in Galois/Counter mode (AES-GCM). Both architectures are protected against side-channel analysis attacks through the use of a threshold implementation (TI). The first architecture is fully unrolled and optimized for throughput. The second architecture uses a round-based structure, fits on a relatively small FPGA board, and is evaluated for side-channel attack resistance. We perform a Test Vector Leakage Assessment (TVLA), which shows no first-order leakage in the power consumption of the FPGA. To the best of our knowledge, our work is (1) the first to describe a throughput-optimized FPGA architecture of AES-GCM, protected against first-order side-channel information leakage, and (2) the first to evaluate the side-channel attack resistance of a TI-protected AES-GCM implementation

Survey and Benchmark of Block Ciphers for Wireless Sensor Networks

Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far.We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications

Parallelization of cycle-based logic simulation

Verification of digital circuits by Cycle-based simulation can be performed in parallel. The parallel implementation requires two phases: the compilation phase, that sets up the data needed for the execution of the simulation, and the simulation phase, that consists in executing the parallel simulation of the considered circuit for a certain number of cycles. During the early phase of design, compilation phase has to be repeated each time a bug is found. Thus, if the time of the compilation phase is too high, the advantages stemming from the parallel approach may be lost. In this work we propose an effective version of the compilation phase and compute the corresponding execution time. We also analyze the percentage of execution time required by the different steps of the compilation phase for a set of literature benchmarks. Further, we implemented the simulation phase exploiting the GPU architecture, and we computed the execution times for a set of benchmarks obtaining values comparable with literature ones. Finally, we implemented the sequential version of the Cycle-based simulation in such a way that the execution time is optimized. We used the sequential values to compute the speedup of the parallel version for the considered set of benchmarks

Cryptography Engine Design for IEEE 1609.2 WAVE Secure Vehicle Communication using FPGA

Department Of Electrical EngineeringIn this paper, we implement the IEEE 1609.2 secure vehicle communication (VC) standard using FPGA by fast and efficient ways. Nowadays, smart vehicle get nearer to our everyday life. Therefore, design of safety smart vehicle is critical issue in this field. For this reason, secure VC is must implemented into the smart vehicle to support safety service. However, secure process in VC has significant overhead to communication between objectives. Because of this overhead, if circumjacent vehicles are increased, communication overhead of VC is exponentially increased along the number of adjacent vehicles. To remove this kind of overhead, we design fast and efficient IEEE 1609.2 cryptography engine using FPGA. This engine consists of AES-CCM encryption, SHA-256 hash function, Hash_DRBG random bit generator, and ECDSA digital signature algorithm and each algorithm is analyzed carefully and optimized with specific technics. For the AES-CCM, we optimized AES encryption engine. First, we use 32-bit S-box structure to remove 8-bit operation of AES. Second, we employ the key save register file architecture to reduce frequently key expansion operation when input of key value is always same for AES encryption engine. Third, to protect external attacks, we use internal register files to save processed data. Finally, we design parallel architecture for both CBC-MAC and counter in AES-CCM algorithm. SHA-256 hash function is frequently used in ECDSA algorithm that is significant reason of optimization. So, we use parallel architecture for the preprocessing block and the hash computation block. And, we design latest schedule block to reduce usage of register and combinational logics. In ECDSA, Hash-DRBG is used to generate key value and signature for vehicle message. To make Hash-DRBG, we use our SHA-256 design much fast generation of random value. ECDSA is most critical and complex module in our cryptography engine. For this module, we use affine representation of elliptic curve in ECDSA. So, we can replace the prime arithmetic operation by right shift operation and bit operation. And, we implement scalar multiplier to optimize arithmetic operation of ECDSA. This kind of replacement is hardware kindly, so we can reduce complexity of ECDSA hardware design. To implement all of algorithm in IEEE 1609.2 standard, we use Xilinx Virtex-5 FPGA chip with ISE 14.6 synthesis tool and Verilog-HDL.ope