Parametric, Secure and Compact Implementation of RSA on FPGA

We present a fast, efficient, and parameterized modular multiplier and a secure exponentiation circuit especially intended for FPGAs on the low end of the price range. The design utilizes dedicated block multipliers as the main functional unit and Block-RAM as storage unit for the operands. The adopted design methodology allows adjusting the number of multipliers, the radix used in the multipliers, and number of words to meet the system requirements such as available resources, precision and timing constraints. The architecture, based on the Montgomery modular multiplication algorithm, utilizes a pipelining technique that allows concurrent operation of hardwired multipliers. Our design completes 1020-bit and 2040-bit modular multiplications in 7.62 μs and 27.0 μs, respectively. The multiplier uses a moderate amount of system resources while achieving the best area-time product in literature. 2040-bit modular exponentiation engine can easily fit into Xilinx Spartan-3E 500; moreover the exponentiation circuit withstands known side channel attacks

Constructing cluster of simple FPGA boards for cryptologic computations

In this paper, we propose an FPGA cluster infrastructure, which can be utilized in implementing cryptanalytic attacks and accelerating cryptographic operations. The cluster can be formed using simple and inexpensive, off-the-shelf FPGA boards featuring an FPGA device, local storage, CPLD, and network connection. Forming the cluster is simple and no effort for the hardware development is needed except for the hardware design for the actual computation. Using a softcore processor on FPGA, we are able to configure FPGA devices dynamically and change their configuration on the fly from a remote computer. The softcore on FPGA can execute relatively complicated programs for mundane tasks unworthy of FPGA resources. Finally, we propose and implement a fast and efficient dynamic configuration switch technique that is shown to be useful especially in cryptanalytic applications. Our infrastructure provides a cost-effective alternative for formerly proposed cryptanalytic engines based on FPGA devices

Customisable arithmetic hardware designs

Imperial Users onl

Fast, compact and secure implementation of rsa on dedicated hardware

RSA is the most popular Public Key Cryptosystem (PKC) and is heavily used today. PKC comes into play, when two parties, who have previously never met, want to create a secure channel between them. The core operation in RSA is modular multiplication, which requires lots of computational power especially when the operands are longer than 1024-bits. Although today’s powerful PC’s can easily handle one RSA operation in a fraction of a second, small devices such as PDA’s, cell phones, smart cards, etc. have limited computational power, thus there is a need for dedicated hardware which is specially designed to meet the demand of this heavy calculation. Additionally, web servers, which thousands of users can access at the same time, need to perform many PKC operations in a very short time and this can create a performance bottleneck. Special algorithms implemented on dedicated hardware can take advantage of true massive parallelism and high utilization of the data path resulting in high efficiency in terms of both power and execution time while keeping the chip cost low. We will use the “Montgomery Modular Multiplication” algorithm in our implementation, which is considered one of the most efficient multiplication schemes, and has many applications in PKC. In the first part of the thesis, our “2048-bit Radix-4 based Modular Multiplier” design is introduced and compared with the conventional radix-2 modular multipliers of previous works. Our implementation for 2048-bit modular multiplication features up to 82% shorter execution time with 33% increase in the area over the conventional radix-2 designs and can achieve 132 MHz on a Xilinx xc2v6000 FPGA. The proposed multiplier has one of the fastest execution times in terms of latency and performs better than (37% better) our reference radix-2 design in terms of time-area product. The results are similar in the ASIC case where we implement our design for UMC 0.18 μm technology. In the second part, a fast, efficient, and parameterized modular multiplier and a secure exponentiation circuit intended for inexpensive FPGAs are presented. The design utilizes hardwired block multipliers as the main functional unit and Block-RAM as storage unit for the operands. The adopted design methodology allows adjusting the number of multipliers, the radix used in the multipliers, and number of words to meet the system requirements such as available resources, precision and timing constraints. The deployed method is based on the Montgomery modular multiplication algorithm and the architecture utilizes a pipelining technique that allows concurrent operation of hardwired multipliers. Our design completes 1020-bit and 2040-bit modular multiplications* in 7.62 μs and 27.0 μs respectively with approximately the same device usage on Xilinx Spartan-3E 500. The multiplier uses a moderate amount of system resources while achieving the best area-time product in literature. 2040-bit modular exponentiation engine easily fits into Xilinx Spartan-3E 500; moreover the exponentiation circuit withstands known side channel attacks with an insignificant overhead in area and execution time. The upper limit on the operand precision is dictated only by the available Block-RAM to accommodate the operands within the FPGA. This design is also compared to the first one, considering the relative advantages and disadvantages of each circuit

Efficient Hardware Accelerator for IPSec Based on Partial Reconfiguration on Xilinx FPGAs

Abstract—In this paper we present a practical low-end embed-ded system solution for Internet Protocol Security (IPSec) imple-mented on the smallest Xilinx Field Programmable Gate Array (FPGA) device in the Virtex 4 family. The proposed solution supports the three main IPSec protocols: Encapsulating Security Payload (ESP), Authentication Header (AH) and Internet Key Exchange (IKE). This system uses efficiently hardware-software co-design and partial reconfiguration techniques. Thanks to utilization of both methods we were able to save a significant portion of hardware resources with a relatively small penalty in terms of performance. In this work we propose a division of the basic mechanisms of IPSec protocols, namely cryptographic algorithms and their modes of operation to be implemented either in software or hardware. Through this, we were able to combine the high performance offered by a hardware solution with the flexibility of a software implementation. We show that a typical IPSec protocol configuration can be combined with Partial Reconfiguration techniques in order to efficiently utilize hardware resources. Index Terms—Partial reconfiguration; IPSec; Xilinx FPGA I

Stealthy parametric hardware Trojans in VLSI Circuits

Over the last decade, hardware Trojans have gained increasing attention in academia, industry and by government agencies. In order to design reliable countermeasures, it is crucial to understand how hardware Trojans can be built in practice. This is an area that has received relatively scant treatment in the literature. In this thesis, we examine how particularly stealthy parametric Trojans can be introduced to VLSI circuits. Parametric Trojans do not require any additional logic and are purely based on subtle manipulations on the sub-transistor level to modify the parameters of few transistors which makes them very hard to detect. We introduce a design methodology to insert stealthy parametric hardware Trojans which are based on injecting extremely rare path delay faults into the netlist of the target circuit. As a case study, we apply our method to a 32-bit multiplier circuit resulting in a stealthy Trojan multiplier that computes faulty outputs for specific combinations of input pairs that are applied to the circuit. The multiplier can be used to realize bug attacks, introduced by Biham et al. in 2008. We also extend this concept and show how it can be used to attack ECDH key agreement protocols. Our method is a versatile tool for designing stealthy Trojans for a given circuit and is not restricted to multipliers and the bug attack. In this thesis we also examine how a stealthy side-channel hardware Trojan can be inserted in a provably-secure side-channel analysis protected implementation. Once the Trojan is triggered, the malicious design exhibits exploitable side-channel leakage leading to successful key recovery attacks. The underlying concept is based on a secure masked hardware implementation which does not exhibit any detectable leakage. However, by running the device at a particular clock frequency one of the requirements of the underlying masking scheme is not fulfilled anymore, and the device\u27s side-channel leakage can be exploited. We apply our technique to a Threshold Implementation of the PRESENT block cipher realized in both FPGA and ASIC. We show that triggering the Trojan makes both FPGA and ASIC prototypes vulnerable to certain SCA attacks. True random number generators (TRNGs) are an essential component of cryptographic designs, which are used to generate private keys for encryption and authentication, and are used in masking countermeasures. This thesis also presents a mechanism to design a stealthy parametric hardware Trojan for ring oscillator-based TRNGs. When the Trojan is triggered by operation at a specific high temperature the malicious TRNG generates predictable non-random outputs, yet under normal operating conditions it works correctly. Also we elaborate a stochastic model based on Markov Chains by which the attacker can use their knowledge of the Trojan to predict the TRNG outputs