00 upvotes00 downvotes

114 views63 pagesOct 17, 2012

© Attribution Non-Commercial (BY-NC)

DOCX, PDF, TXT or read online from Scribd

Attribution Non-Commercial (BY-NC)

114 views

00 upvotes00 downvotes

Attribution Non-Commercial (BY-NC)

You are on page 1of 63

CHAPTER 1 INTRODUCTION

CRYPTOGRAPHY

The Cryptographic Algorithm which is most widely used throughout the world for protecting by the from information. guarantee valid Cryptography to authenticate .It is the data of art and of secret and writing, protect

followed the

messages and

systems

attacks

comprises

encryption

decryption

operations each associated with a key which is supposed to be kept secret. We have implement RC6 elegant Algorithm. choice RC6 is then used for Which AES due 32 is to bit the considered its and 64 simplicity, 64 bit the bit plain reverse as a secured performance An The on eight and and step

supports to

encipher by

block.

decrypted

operations is done

hardware

implementation Language.

algorithm

using

Hardware

Description

this

implementation

Xilinx

foundation

We evolutionary the Advanced introduce improvement the of RC6 RC5, TM designed block to cipher. meet the RC6 is an of

requirements

of two, and the inclusion of integer multiplication as an additional primitive operation. The use multiplication greatly increases the diffusion achieved per round, allowing for

LDRP-EC

Page 1

RC6 is considered as a secured and elegant choice due to its simplicity, security, performance and efficiency. It appears that RC6 is best suited for implementation in the targeted Xilinx FPGA (Spartan-3). Our studies reveal that multiplication and addition are the major bottlenecks as far as speed of encryption in the RC6 cipher is Concerned. Nevertheless, up to a great extent this shortcoming was Tackled using pipelining in our design.Consequently, since RC6 works best in non-feedback mode, the highest Speed/Area ratio can be achieved in the same RC6 is a symmetric key block cipher derived from RC5. It was designed by Ron Rivest,Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. The algorithm was one of the five finalists, and was also submitted to the NESSIE and CRYPTREC projects. It is a proprietary algorithm, patented by RSA Security. RC6 proper has a block size of 64 OR 128 bits and supports key sizes of 128, 192 and 256 bits, but, like RC5, it can be parameterized to support a wide variety of word-lengths, key sizes and number of rounds. RC6 is very similar to RC5 in structure, using data-dependent rotations, modular addition and XOR operations; in fact, RC6 could be viewed as interweaving two parallel RC5 encryption processes. However, RC6 does use an extra multiplication operation not present in RC5 in order to make the rotation dependent on every bit in a word, and not just the least significant few bits.

1. Symmetric encryption algorithms (secret or private key algorithms) and

2. Asymmetric encryption algorithms (or public key algorithms). The difference is that symmetric encryption algorithms use the same key for encryption and decryption (or the decryption key is easily derived from the encryption key), whereas asymmetric encryption algorithms use a different key for encryption and decryption,

LDRP-EC

Page 2

Symmetric encryption algorithms can be divided into stream ciphers and block ciphers. Stream ciphers encrypt a single bit of plaintext at a time, whereas block ciphers take a number of bits (typically 64 bits in modern ciphers), and encrypt them as a single unit. Some examples of popular symmetric encryption algorithms:

DES (Data Encrytion Standard) DES accepts a 64-bit key, the key setup routines effectively discard 8 bits, giving DES a 56-bit effective keylength.. DES was designed to be implemented only in hardware, and is therefore extremely slow in software. A recent successful effort to crack DES took several thousand computers several months. RC5 RC5 is a group of algorithms designed by Ron Rivest of RSA Data Security that can take on a variable block size, key size, and number of rounds. The block size is generally dependent on the word size of the machine the particular version of RC5 was designed to run on; on 32-bit processors (with 32-bit words), RC5 generally has a 64-bit block size. David Wagner, John Kelsey, and Bruce Schneier have found weak keys in RC5, with the probability of selecting a weak key to be 2-10r, where r is the number of rounds. For sufficiently large r values (greater than 10), this is not a problem as long as you are not trying to build a hash function based on RC5. Kundsen has also found a differential attack on RC5. RC5 is described in this RSA document. RC5 is patented by RSA Security, Inc. RC6 RC6 is Ronald Rivest's AES submission. Like all AES ciphers, RC6 works on 128 bit blocks. It can accept variable length keys. It is very similar to RC5, incorporating the results of various studies on RC5 to improve the algorithm. The studies of RC5 found that not all bits of data are used to determine the rotation amount (rotation is used extensively in RC5); RC6 uses multiplication to determine the rotation amount and uses all bits of input data to determine the rotation amount, strengthening the avalanche effect.

LDRP-EC

Page 3

RIJNDEAL Rijndael is an AES winner by Joan Daemen and Vincent Rijmen. The cipher has a variable block and key length, and the authors have demonstrated how to extend the block length and key length by multiples of 32 bits. The design of Rijndael was influenced by the SQUARE algorithm. The authors provide a Rijndael specification and a more theoretical paper on theirdesign principles. The authors have vowed to never patent Rijndael.

RC4 The RC4 algorithm is a stream cipher from RSA Data Security, Inc. Though RC4 was originally a trade secret, the alleged source code was published anonymously in 1994. The published algorithm performs identically to RC4 implementations in official RSA products. RC4 is widely used in many applications and is generally regarded to be secure. There are no known attacks against RC4. RC4 is not patented by RSA Data Security, Inc; it is just protected as a trade secret. The 40-bit exportable version of RC4 has been broken by brute force! RC4 is implemented in Kremlin. MD5 While MD4 was designed for speed, a more conservative approach was taken in the design of MD5. However, applying the same techniques he used to attack MD4, Hans Dobbertin has shown that collisions can be found for the MD5 compression function in about 10 hours on a PC. While these attacks have not been extended to the full MD5 algorithm, they still do not inspire confidence in the algorithm. RSA is quick to point out that these collision attacks do not compromise the integrity of MD5 when used with existing digital signatures. MD5, like MD4, produces a 128-bit digest. An RFC describing MD5 in detail is available here. The use of MD5, as well as MD4, is not recommended in new applications.

LDRP-EC

Page 4

Asymmetric encryption algorithms (public key algorithms) use different keys for encryption and decryption, and the decryption key cannot (practically) be derived from the encryption key. Public key methods are important because they can be used for transmitting encryption keys or other data securely even when the parties have no opportunity to agree on a secret key in private.

Symmetric encryption algorithms encrypt and decrypt with the same key.Main advantages of symmetric encryption algorithms are its security and high speed. Asymmetric encryption algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric encryption algorithms (also known as public-key algorithms) need at least a 3,000-bit key to achieve the same level of security of a 128-bit symmetric algorithm. Asymmetric algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Generally, symmetric encryption algorithms are much faster to execute on a computer than asymmetric ones. The keys used in public-key encryption algorithms are usually much longer than those used in symmetric encryption algorithms. This is caused by the extra structure that is available to the cryptanalyst. There the problem is not that of guessing the right key, but deriving the matching private key from the public key .In practice they are often used together, so that a public-key algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a symmetric algorithm. This is sometimes called hybrid encryption.

LDRP-EC

Page 5

2.1 BASICS OF RC6 ALGORITHM

2.1.1 RC6 BLOCK DIAGRAM

LDRP-EC

Page 6

FIG.2.1

2.1.2 BASIC OPERATIONS RC6-w/r/b operates on units of four w-bit words using the following six basic operations. The base-two logarithm of w will be denoted by lg w. a + b integer addition modulo 2w a - b integer subtraction modulo 2w a XOR b bitwise exclusive-or of w-bit words

LDRP-EC

Page 7

a X b integer multiplication modulo a<<<b rotate the w-bit word a to the left by the Amount given by the least significant lg w bits of b a>>>b rotate the w-bit word a to the right by the Amount given by the least significant lg w bits of b

\

2.2 ENCRYPTION

LDRP-EC Page 8

A block diagram of the 16-bit RC6 encryptor and decryptor is shown in Figure 1. Control signals are active high. The following gives a description of the input and output signals for the encryptor. 1. Plaintext_e: This 16-bit data input signal corresponds to a word of plaintext data that is to be encrypted. Four consecutive 16-bit plaintext_e values form a 64-bit block that is to be encrypted. 2. Round_keys_e: This 16-bit data input signal corresponds to one encryption round key. A total of 44 round keys are used to encrypt and decrypt the data. Although the encryptor and decryptor use identical round keys for a given block of data, separate encryptor and decryptor round keys are provided, since they receive the round keys at different times and processor the round keys in reverse order. This also allows the decryptor to be deciphering one block, while the encryptor is ciphering the next. 3. Start_e : This 1-bit control input signal tells the encryptor that it will start receiving plaintext_e during the next cycle. This signal should only go high for one cycle. 4. Reset: This 1-bit control input signal resets both the encryptor and decryptor. When reset occurs, all registers are cleared and the controllers go to a known state. 5. Clock : This 1-bit input signal corresponds to the system clock for the encryptor and decryptor. Values are to be latched into registers at the positive edge of the clock. 6. Ciphertext : This 16-bit data output signal corresponds to a word of ciphertext data that has been encrypted and needs to be decrypted. Four consecutive 16-bit ciphertext values form a 64-bit block that has been encrypted. The same signal is used as an input to the decryptor. 7. Ready_e : This 1-bit control output signal indicates that the encryptor is ready to receive new plaintext. It goes high following a reset signal and stays high until the start_e goes high. Once the encryptor has finished encrypting the data ready_e goes high, until the next time start_e goes high. 8. Start_d : This 1-bit control output signal tells the decryptor that the encryptor will start sending ciphertext during the next cycle. This signal should only go high for only one cycle. This same signal is used as an input to the decryptor

LDRP-EC Page 9

Input: Plain text stored in four w-bit input registers A, B, C,D Number r of rounds w-bit round keys S[0, ,2r + 3] Output: Cipher text stored in A, B, C, D Procedure: B = B + S [0] D = D + S [1] for i = 1 to r do { t = (B X (2B + 1)) <<< lg w u = (D X (2D + 1)) <<< lg w A = ((A XOR t) <<< u) + S [2i] C = ((C XOR u) <<< t) + S [2i+ 1] (A, B, C, D) = (B, C, D, A)} A = A + S [2r + 2] C = C + S [2r + 3]

2.3 DECRYPTION

LDRP-EC

Page 10

The following gives a description of the input and output signals for the decryptor.

1. Plaintext_d : This 16-bit data output signal corresponds to a word of plaintext data that has been decrypted. Four consecutive 16-bit plaintext_d values form a 64-bit block that has been decrypted. When the same round_keys are used, the plaintext_d produced should be equivalent to the plaintext_e that was originally input. 2. Round_keys_d : This 16-bit data input signal corresponds to one decryption round key. (see the description of round_key_e for further details). 3. Start_d : (see previous description) 4. Reset : (see previous description) 5. Clock : (see previous description) 6. Ciphertext : (see previous description) 7. Ready_d : This 1-bit control output signal indicates that the decryptor is ready to receive new ciphertext. It goes high following a reset signal and stays high until the start_d goes high. Once the decryptor has finished decrypting the data ready_d goes high, until the next time start_d goes high.

Input: Cipher text stored in four w-bit input registers A, B, C, D Number r of rounds w-bit round keys S[0; ; 2r + 3] Output: Plaintext stored in A, B, C, D Procedure: C = C S [2r + 3] A = A S [2r + 2] for i = r down to 1 do { (A, B, C, D) = (D, A, B, C) u = (D X (2D + 1)) <<< lg w

LDRP-EC Page 11

t = (B X (2B + 1)) <<< lg w C = ((C S [2i + 1]) >>> t) u A = ((A S [2i]) >>> u) t } D = D S [1] B = B S [0]

LDRP-EC

Page 12

3.1 MODULES BLOCK DIAGRAMS

LDRP-EC Page 13

The key schedule of RC6-w/r/b is practically identical to the key schedule of RC5-w/r/b. Indeed, the only difference is that for RC6-w/r/b, more words are derived from the user-supplied key for use during encryption and decryption. is The user supplies a key of b bytes, where 0 _ b _ 255. From this key, 2r + 4 words (w bits each) are derived and stored in the array S[0; : : : ; 2r + 3]. This array is used in both encryption and decryption. The user supplies a key of b bytes. Sufficient zero bytes are appended to give a key length equal to a non-zero integral number of words; these key bytes are then loaded in littleendian fashion into an array of c w-bit (w = 32 bits in our case) words L [0], , L [c - 1]. Thus the first byte of key is stored as the low-order byte of L [0], etc., and L [c - 1] is padded With high-order zero bytes if necessary. The number of w bit (32 bit) words that will be generated for the additive round keys is 2r + 4 and these are stored in the array S [0; ;2r + 3]. the constants P32 = B7E15163 and Q32 = 9E3779B9 (hexadecimal) are the same magic constants" as used in the RC5. You may have wondered why there is array of 44. Because in encryption and decryption process we add round keys to A and C in A = ((A ^ t) <<< u) + S [2i] C = ((C ^ u) <<< t) + S [2i + 1] So we need 20(for a as rounds are 20) +20(for C) +2(in starting for adding to B & D) +2(For adding in end in A and C) = 44

Inputs: User-supplied b byte key preload into the c-word array L[0,..,c-1] Number r of rounds Output: W-bit round keys S [0 2r+3] Procedure:

LDRP-EC Page 14

s(0) <= P ; -- initialize constant array l(0) <= (round_keyse +s(0)); s(1) <= (l(0)+ s(0)+ q); l(1) <= ( l(0)+s(1)); In general: S(i) = l(i-1) + s(i-1) +q ; L(i) = l(i) +s(i);

3.2.1 INTRODUCTION

Outputs are Function of State (and Inputs) Next States are Functions of State and Inputs Used to implement circuits that control other circuits "Decision Making" logic.

State diagram is a representation of different state and each state have different operation. The state diagram of cryptographic algorithms are shown below. The function in each state is also described in diagram.

LDRP-EC

Page 15

LDRP-EC

Page 16

LDRP-EC

Page 17

LDRP-EC Page 18

3.3 MULTIPLIER

The multiplier is used to compute the operation B*(2B+1). It is implemented as 2B2+B. so we need to do a squaring and a addition. the partial product array for a parallel square using a multiplier The boxes indicate which terms may be combined using the equivalence aij+aji=2aij. In the lower portion of figure 2aij is represented by placing aij one column to the left which has a weighting of two times that of the current column. The square of operand a can be computed with the reduced partial product array. So for 2b2 we place whole product one place to left which has weighting 2 times that of previous. Our product is reduced to 9 from 16 due to this technique. In product1 (p1) we have value of B for +B operation in 2B2+B operation and normal 16 products formed are reduced to 8 products due to partial product reduction array. Now you may have wondered that why there are only 16 products while we are multiplying 16*16 so 32 products of 32 bits should be there. But there are only 16 bits and 16 products because we are using only lower 16 bits. This is so because we are having 20 rounds so for 20 rounds we are multiplying b*b so if we use all 32 bits and multiply at end of 20 rounds our product will be too large so we are using only lower 16 bits .

These 9 products formed are then input of Wallace tree multiplier. Wall ace tree will take 9 inputs and will produce final 16 bits one product. This is required by us to use as output of 2B2+B.

LDRP-EC Page 19

Figure below show the diagram of Wallace tree. Wallace tree have 2 components. 1. Carry save adder-CSA 2. Carry look ahead-CLA A Wallace tree is an efficient hardware implementation of a digital circuit that multiplies two integers. The Wallace tree has three steps: 1. Multiply (that is - AND) each bit of one of the arguments, by each bit of the other, yielding n2 results. Depending on position of the multiplied bits, the wires carry different weights, for example wire of bit carrying result of a2b3 is 32 (see explanation of weights below). 2. Reduce the number of partial products to two by layers of full and half adders. 3. Group the wires in two numbers, and add them with a conventional adder.

LDRP-EC

Page 20

The carry-save unit consists of n full adders, each of which computes a single sum and carry bit based solely on the corresponding bits of the three input numbers. Given the three n - bit numbers a, b, and c, it produces a partial sum ps and a shift-carry sc:

The entire sum can then be computed by: 1. Shifting the carry sequence sc left by one place. 2. Appending a 0 to the front (most significant bit) of the partial sum sequence ps. 3. Using a ripple carry adder to add these two together and produce the resulting n + 1-bit value. A ripple carry adder cannot compute a sum bit without waiting for the previous carry bit to be produced, and thus has a delay equal to that of n full adders. A carry-save adder produces all of its output values in parallel. we have seven full adder in our carry save adder.

LDRP-EC Page 21

Carry look ahead logic uses the concepts of generating and propagating carries. Although in the context of a carry look ahead adder, it is most natural to think of generating and propagating in the context of binary addition, the concepts can be used more generally than this. In the descriptions below, the word digit can be replaced by bit when referring to binary addition.

FIG 3.10 CARRY LOOK AHEAD ADDER The addition of two 1-digit inputs A and B is said to generate if the addition will always carry, regardless of whether there is an input carry (equivalently, regardless of whether any less significant digits in the sum carry). For example, in the decimal addition 52 + 67, the addition of the tens digits 5 and 6 generates because the result carries to the hundreds digit regardless of whether the ones digit carries (in the example, the ones digit does not carry (2+7=9)). In the case of binary addition, A + B generates if and only if both A and B are 1. If we write G(A,B) to represent the binary predicate that is true if and only if A + B generates, we have:

LDRP-EC

Page 22

The addition of two 1-digit inputs A and B is said to propagate if the addition will carry whenever there is an input carry (equivalently, when the next less significant digit in the sum carries).. In the case of binary addition, A + B propagates if and only if at least one of A or B is 1. If we write P(A,B) to represent the binary predicate that is true if and only if A + B propagates, In the case of binary addition, this definition is expressed by:

Implementation details

Here we add sum and carry which are the output of carry save adder series and 3rd digit is taken as 0 as we have only two 16 bit arrays to add. We add individual bits for example P0(A,B)=A0 XOR B0 G0=A0 AND B0 C1=G0+(P0.C0) C0=0

LDRP-EC Page 23

As shown in block diagram, first we perform XOR operation between two inputs then store the result into temporary variable. After that temporary variable is further XORed with any of two inputs.so we get swapped output.In RC6 algorithm by performing swap operation we get, (A,B,C,D)=(B,C,D,A) Formula for swapping can be written as, temp_AB:= tempA xor tempB; A<= temp_AB xor tempA;

LDRP-EC

Page 24

4.1 ABOUT XILINX 9.2

`We have used xilinx 9.2 for designing and verifying cryptography. RC6 algorithm for

Integrated Software Environment (ISE) is the Xilinx design software suite that allows you to take your design from design entry through Xilinx device programming. The ISE Project Navigator manages and processes your design through the following steps in the ISE design flow.

Design Entry

Design entry is the first step in the ISE design flow. During design entry, you create your source files based on your design objectives. You can create your top-level design file using a Hardware Description Language (HDL), such as VHDL, Verilog, or ABEL, or using a schematic. You can use multiple formats for the lower-level source files in your design. Note If you are working with a synthesized EDIF or NGC/NGO file, you can skip design entry and synthesis and start with the implementation process.

Synthesis

After design entry and optional simulation, you run synthesis. During this step, VHDL, Verilog, or mixed language designs become netlist files that are accepted as input to the implementation step.

LDRP-EC

Page 25

Implementation

After synthesis, you run design implementation, which converts the logical design into a physical file format that can be downloaded to the selected target device. From Project Navigator, you can run the implementation process in one step, or you can run each of the implementation processes separately. Implementation processes vary depending on whether you are targeting a Field Programmable Gate Array (FPGA) or a Complex Programmable Logic Device (CPLD).

Verification

You can verify the functionality of your design at several points in the design flow. You can use simulator software to verify the functionality and timing of your design or a portion of your design. The simulator interprets VHDL or Verilog code into circuit functionality and displays logical results of the described HDL to determine correct circuit operation. Simulation allows you to create and verify complex functions in a relatively small amount of time. You can also run in-circuit verification after programming your device.

Device Configuration

After generating a programming file, you configure your device. During configuration, you generate configuration files and download the programming files from a host computer to a Xilinx device.

1) Write a program in VHDL or verilog code and check syntax.. 2) A diagram showing the logical hierarchy of your modules including module names and brief descriptions of what each module does. 3) Detailed block diagrams for the encryptor and decryptor, which show registers, functional units, multiplexers, control signals, etc.

LDRP-EC

Page 26

4) State transition graphs or ASM charts for the finite state machines that control your encryptor and decryptor. 5) Vhdl code for your encryptor, decryptor, key scheduler, and testbench. This code should be commented well. 6) Pre-synthesis simulation results for the modules from part 5. Include comments and annotated waveform for ease of interpretation of results. Also indicate whether or not results are correct and any known bugs.

The VHSIC Hardware Description Language (VHDL) is an industry standard language used to describe hardware from the abstract to concrete level

4.2.1 INTRODUCTION

The language not only defines the syntax but also defines very clear simulation semantics for each language construct It is strong typed language and is often verbose to write Provides extensive range of modeling capabilities, it is possible to quickly assimilate a core subset of the language that is both easy and simple to understand without learning the more complex features

Quick Time-to-Market Allows designers to quickly develop designs requiring tens of thousands of logic gates Provides powerful high-level constructs for describing complex logic Supports modular design methodology and multiple levels of Hierchy One language for design and simulation Allows creation of device-independent designs that are portable to multiple vendors. Good for ASIC Migration Allows user to pick any synthesis tool, vendor, or device

Supports for vendor defined libraries Concurrency Supports sequential statements Support for test and simulation

Page 27

LDRP-EC

To describe an entity, VHDL provides five different types of primary constructs, called" design units. They are Entity declaration Architecture body Configuration declaration Package declaration Package body

STEP I) You will come to the blank project (next time will have the most-recent project loaded by default).Click on File > New Project to start a new project STEP II) Be sure to select HDL as the top-level module type. You can name your project in this window.

LDRP-EC

Page 28

STEP III) In the next window, Be sure to select VHDL for Generated Simulation Language. we can also select FPGA & CPLD family like VIRTEX , SPARTAN etc..

STEP IV) While making a new project then You may add new source file later also. ADD SOURCE is used for adding previous VHDL files. REMOVE is used to remove previously added source.

LDRP-EC

Page 29

STEP V) Now add existing source (a pointer) or add Copy of Source (create a new file from the source). Source is usually a DECRYP.vhd. .vhd file. We have made in our project ENCRYP.vhd and

STEP VI) In the next window ,.vhd file is ready to design our phogram.after designing an algorithm we check it using CHECK SYNTAX from processes/ synthesis-xst.if it is successfully checked then RTL schematic can be shown in the simulation.

LDRP-EC

Page 30

5.1 HOW TO SIMULATE & IMPLEMENT RC6 ALGORITHM?

We have implemented cryptography in Xilinx 9.2i edition software.We have seen how to make a program in Xilinx now we will see the results. And we will also come to know that how to give inputs and how to check test bench and see output. RTL schematic shows a functional digital circuit having inputs and outputs. Test bench waveform is used to check whethre our digital circuit works perfectly or not.for that specific steps must be followed as described in this section.

We can test our project by two ways. i)Design project using RTL SCHEMETIC ii) Simulate project using TEST BENCH WAVEFORM

Our design can be viewed using RTLschematic that, 1) A diagram showing the logical hierarchy of your modules including module names and brief descriptions of what each module does. 2) Detailed block diagrams for the encryptor and decryptor, which show registers, functional units, multiplexers, control signals, etc. 3) State transition graphs or ASM charts for the finite state machines that control your encryptor and decryptor. 4) VHDL code for your encryptor, decryptor, key scheduler, and testbench. This code should be commented well.

LDRP-EC

Page 31

After checking syntex successfully, RTL schematic can be viewed from PROCESSES/ VIEW RTL SCHEMATIC .It shows digital circuit input and output diagram for RC6 ENCRYPTION algorithm.

5.2.1.2 RTL SCHEMATIC FOR DECRYPTOR After checking syntex successfully, RTL schematic can be viewed from PROCESSES/ VIEW RTL SCHEMATIC .It shows digital circuit input and output diagram for RC6

DECRYPTION algorithm.

LDRP-EC

Page 32

Our design should be tested by developing a testbench that , (1) Reads in plaintext, user-supplied keys, and expected ciphertext from a file. (2) Uses the key scheduler to take the user-supplied keys and generate the round keys. (3) Send the appropriate the control signals, plaintext, and round keys to the encryptor and decryptor. (4) Tests to ensure that the ciphertext is correctly generated and that the plaintext from the decryptor matches the plaintext to the encryptor. If discrepancies occur between the expected results and actual results, errors should be reported. Now steps for TEST BENCH WAVEFORM are as follows. STEPI:-For giving the inputs we change from synthesis and implementation to behavioral simulation and add a new source by right clicking on project name

LDRP-EC

Page 33

STEP II) then the screen appears as shown below . in that screen select a test bench waveform and write the name we want to give to test bench .

STEP III) then in clock input window select single clock and give clock high and low time as 10ns and all other parameters as shown below.

LDRP-EC

Page 34

STEP IV)In fig below we can see how to give inputs to encryptor .inputs are given after delay of 20ns staring from 50ns and giving 16 bit input after every 20ns. 16 bit round keys are also given as shown and a start_e signal is made high so that program takes inputs.

STEP V)In fig below we can see the output test bench of encryptor the cipher text is available after 1800ns. The cipher text is available after ready_e signal goes high.this cipher text is given to decryptor

LDRP-EC

Page 35

STEP VI:-Similarly output of encryptor is given to decryptor after same time delay as in encryptor and start signal and round keys are also given

STEP VII:-When simulation is done we can see output of decryptor as shown below. The plain text which was given in encryptor is obtained in decryptor output.

LDRP-EC

Page 36

States Transitions Inputs Outputs Clock Reset |Reset type Reset State Encoding Implementation 12 14 2 11 rising edge positive asynchronous 000001 automatic automatic

FSMs Adders/Subtractors 16-bit adder Counters 7-bit up counter Registers Flip-Flops 1 135 135 1 1 197 197

LDRP-EC

Page 37

Latches 16-bit latch Multiplexers 16-bit-16-to-1 multiplexer Xors 16-bit xor2 16-bit xor3

1 1 2 2

16 2 14

RTL Top Level Output File Name encryptor.ngr Top Level Output File Name Output Format Optimization Goal Keep Hierarchy Target Technology Macro Preserve YES YES wysiwyg Design Statistics # IOs encryptor NGC Speed YES SPARTAN 3 YES YES YES NO 52

LDRP-EC

Page 38

AND1 AND2 AND3 AND4 AND5 GND INV OR2 OR3 OR5 VCC XOR2 FlipFlops/Latches FDC FDCE FTC LD IO Buffers IBUF 9915 4468 89 19 3 1 1587 3635 78 1 1 33 200 68 112 4 16 52 35

LDRP-EC

Page 39

OBUF

17

CPU:66.77 / 66.91 s Total memory usage is |Elapsed : 67.00 / 67.00s 265560 kilobytes

States Transitions Inputs Outputs Clock Reset Reset type Reset State Encoding Implementation

# Adders/Subtractors 16-bit adder 135 129

LDRP-EC

Page 40

16-bit subtractor # Counters 7-bit up # Registers 1-bit register 16-bit register # Comparators # Logic shifters 16-bit shifter logical right # Xors 1-bit xor2 16-bit xor2 16-bit xor3

6 1 1 12 1 11 1 2 2 78 62 2 14

RTL Top Level Output decryptor.ngr File Name Top Level Output File decryptor Name Output Format Optimization Goal Keep Hierarchy NGC Speed YES

LDRP-EC

Page 41

# BELS # # # # # # # # # AND2 AND3 AND5 GND INV OR2 OR3 OR4 XOR2 10352 4470 181 2 1 1957 3480 228 1 32 191 84 103 4

LDRP-EC

Page 42

LDRP-EC

Page 43

1. INTERNET E-COMMERCE 2. MOBILE TELEPHON ENETWORKS 3. BENK AUTOMATED TELLER MACHINE 4. SECRET COMMUNICATION

LDRP-EC

Page 44

6.2 CONCLUSION

RC6 Is considered as secured and elegant choice due to its simplicity, security, performance and efficiency RC6 is best suited for implementation in FPGA and XILINX Multiplication and addition are the major bottleneck as far as speed of encryption in RC6 cipher is concerned. Nevertheless up to a great extent this short coming was tackled using pipelining in our design RC6 works best in non feedback mode. The highest speed/area ratio can be achieved in the same

LDRP-EC

Page 45

1. Length of key can be made variable 2. Word size can be increased 3. Smart card, mobile, digital camera and ATM can adopt this scheme by far greater extent 4. This cryptography algorithm can be implemented on FPGA SPARTAN-3 KIT by user defined functions. And hardware gives better results than software.

LDRP-EC

Page 46

CHAPTER 7

REFERENCE AND BIBLIGRAPHY 7.1 APPENDIX 7.1.1 ENCRYPTOR CODE

library IEEE; use IEEE.STD_LOGIC_1164.ALL; use IEEE.STD_LOGIC_ARITH.ALL; use IEEE.STD_LOGIC_UNSIGNED.ALL; -- encryptor module declaration entity encryptor is port ( plaintext_e :in std_logic_vector(15 downto 0);-- 16 bit Plaintext output of decryptor round_keyse :in std_logic_vector(15 downto 0);-- 16 bit roundkeys given to decryptor start_e:in std_logic; --1 bit ready signal for encryptor reset :in std_logic; --reset clock :in std_logic ; --clock ready_e :out std_logic; -- 1 bit ready output of decryptor ciphertext: out std_logic_vector(15 downto 0)) ; end encryptor; Architecture arch_encryptor of encryptor is -------wallace tree component multiplier port( B :in std_logic_vector(15 downto 0); Product :out std_logic_vector(15 downto 0) ); end component;

LDRP-EC

Page 47

-------- constant for key generation. constant p:std_logic_vector(15 downto 0):= "1011011111100001";------constant value p constant q:std_logic_vector(15 downto 0):= "1001111000110111";------constant value q type s_tp is array(43 downto 0) of std_logic_vector(15 downto 0);--array of 44 * 16 signal s :s_tp; type l_tp is array(42 downto 0) of std_logic_vector(15 downto 0);--array of 43 *16 signal l :l_tp; --constant round_keyse : std_logic_vector(15 downto 0):= "0000000000000000"; --------- constants for the plain text fsm constant out_idle:std_logic_vector(3 downto 0):= "0000"; constant out_A :std_logic_vector(3 downto 0):= "0001"; constant out_B :std_logic_vector(3 downto 0):= "0010"; constant out_C :std_logic_vector(3 downto 0):= "0011"; constant out_D :std_logic_vector(3 downto 0):= "0100"; --------- signals needed for internal connections signal cleanup_A,cleanup_C ,start_d1,last_round: std_logic; signal next_state_out: std_logic_vector( 3 downto 0); signal state:std_logic_vector(5 downto 0); --state of primary fsm signal state_out:std_logic_vector(3 downto 0); -- state of plaintext fsm signal utemp1,ttemp1:std_logic_vector(15 downto 0); signal sig3,sig4:INTEGER RANGE 0 TO 15; signal A_final,B_final,C_final,D_final:std_logic_vector(15 downto 0); signal A,B,C,D : std_logic_vector(15 downto 0); signal product1,product2 : std_logic_vector(15 downto 0);

begin --------fsm for input -------a1: multiplier port map (B,product1); b1: multiplier port map (D,product2); sig3<=conv_integer(unsigned(utemp1(3 downto 0))); sig4<=conv_integer(unsigned(ttemp1(3 downto 0)));

LDRP-EC Page 48

--------key generation operation-----s(0) <= P ; -- initialize constant array l(0)<=(round_keyse +s(0)); s(1)<=(l(0)+ s(0)+ q); SIMILARLY. l(42)<=( l(41)+s(41)); s(42)<=(l(41)+ s(41)+ q); s(43)<=(l(42)+ s(42)+ q); process(clock,reset,plaintext_e,sig3,sig4) -----internal variable declaration variable t_pre,u_pre:std_logic_vector(15 downto 0); VARIABLE t,u,A_temp2,C_temp2,A_temp1,C_temp1:std_logic_vector( 15 downto 0); variable tempA,tempB,tempC,tempD :std_logic_vector(15 downto 0); variable temp_AB,temp_BC,temp_CD,temp_DA :std_logic_vector(15 downto 0); variable cnt: std_logic_vector(6 downto 0):="0000000";

begin if (reset='1') then state <= "000001"; -- reset state ready_e <= '0'; cnt:=(others=>'0'); A <= (others=>'0'); B <= (others=>'0'); C <= (others=>'0'); D <= (others=>'0'); ready_e <= '0'; elsif(clock'event and clock='1') then case state is --synopsys parallel_case when"000001"=>

LDRP-EC Page 49

state <= "000001"; else state <= "000010"; ready_e <= '1'; end if; when "000010"=> state <= "000011"; A <= plaintext_e;--read ciphertext into A ready_e <= '0'; when "000011"=> state <= "000100"; B <= plaintext_e; -- read ciphertext into B ready_e <= '0'; when "000100"=> state <= "000101"; C <= plaintext_e ; -- read ciphertext - into C B <= B+ s(0) ;-- Use round keys to calculate new value of B ready_e<= '0'; when "000101"=> state <= "000110"; D <= plaintext_e;--assign ciphertext to D ready_e <= '0';

when "000110"=> -- begin calculation of plaintext loop from r downto 1 state<= "000111" ; D <= D + s(1); -- Use round keys to calculate new value of D ready_e <='0'; when "000111" => STATE <="001000"; --t= (B * (2B+1)) t_pre := product1;

LDRP-EC Page 50

--t= (D * (2D+1)) u_pre := product2; t:= t_pre(11 downto 0)& t_pre(15 downto 12); ttemp1<=t; --t= (B * (2B+1)) <<<4 u:= u_pre(11 downto 0)& u_pre(15 downto 12); utemp1<=u; --u= (D * (2D+1)) <<<4 A_temp1 := (A xor t); C_temp1 := (C xor u); when "001000" => state <="001001" ; A_temp2:=A_temp1(15-sig3 downto 0)& A_temp1(15 downto 15-sig3+1); ---rotate (A xor t) << u C_temp2:=C_temp1(15-sig4 downto 0)& C_temp1(15 downto 15-sig4+1); ---rotate (c xor u) << t

for i in 1 to 20 loop A <= (A_temp2 + s(2*i)); C <= (C_temp2 + s(2*i+1)); end loop; when "001001"=> state <="001010"; -------swap operation--------TEMPA:=A; TEMPB:=B; TEMPC:=C; TEMPD:=D;

LDRP-EC Page 51

temp_BC:= tempB xor tempC; B<= temp_BC xor tempB; temp_CD:= tempC xor tempD; C<= temp_CD xor tempC; temp_DA:= tempD xor tempA; D<= temp_DA xor tempD; ready_e <= '0'; WHEN "001010" => ------start counter-----if(cnt<19)then cnt:=cnt+1 ;

state <="000111"; else state<="001011"; cnt:="0000000" ; last_round <='1'; end if; when "001011" => state <= "001100"; if (last_round ='1') then -- calculate last A value cleanup_A <= '1'; -- calculate last C value cleanup_C <= '1'; else cleanup_A <= '0'; cleanup_C <= '0'; end if; when "001100" => state <= "000001";

LDRP-EC Page 52

--rounds are over --now do the cleanup if (cleanup_A='1') then A_final <= A + s(42); --A_temp2 + round_keys_e_saved; B_final <= B;--B_temp2; D_final <= D;--D_temp2; else A_final <= A_final; B_final <= B_final; D_final <= D_final; end if; if (cleanup_C='1') then C_final <= C + s(43); start_d1 <= '1'; else C_final <= C_final; start_d1 <= '0'; end if; when others => state <="000001" end case; end if; end process; ;

-- current state logic for output FSM process(clock,reset ) begin -- if reset stay idle -- else output based on --state if (reset='1') then

LDRP-EC Page 53

state_out <= out_idle; elsif(clock'event and clock='1') then state_out <= next_state_out; end if; end process; -- next state, output logic for output FSM process(state_out,start_d1,A_final,B_final,C_final,D_final) begin case state_out is --synopsys parallel_case when out_idle=>

-- wait for start_d if (start_d1='1') then next_state_out <= out_A; else next_state_out <= out_idle; ciphertext <= (others=>'0'); end if; when out_A=> next_state_out <= out_B; -- output A ciphertext <= A_final;----------ouput cipher text 1 when out_B=> next_state_out <= out_C; -- output B ciphertext <= B_final;----------ouput cipher text 2 when out_C=> next_state_out <= out_D; -- output C ciphertext <= C_final;----------ouput cipher text 3 when out_D=>

LDRP-EC Page 54

next_state_out <= out_idle; -- output D ciphertext <= D_final;----------ouput cipher text 4 when others=> next_state_out <= out_idle; ciphertext <= (others=>'0'); end case; end process; end arch_encryptor ;

library IEEE; use IEEE.STD_LOGIC_1164.ALL; use IEEE.STD_LOGIC_ARITH.ALL; use IEEE.STD_LOGIC_UNSIGNED.ALL; entity decryptor is port ( plaintext_d :out std_logic_vector(15 downto 0); -- 16 bit Plaintext output of decryptor ready_d :out std_logic;

-- 16 bit ciphertext input to decrytpor which is output of encryptor round_keys_d:in std_logic_vector(15 downto 0); -- 16 bit roundkeys given to decryptor start_d reset clock ); end decryptor; Architecture arch_decryptor of decryptor is

LDRP-EC Page 55

component multiplier port( B :in std_logic_vector(15 downto 0); Product :out std_logic_vector(15 downto 0) ); end component; -- constants for the plain text fsm constant idle:std_logic_vector(3 downto 0):= "0000"; constant out_A :std_logic_vector(3 downto 0):= "0001"; constant out_B :std_logic_vector(3 downto 0):= "0010"; constant out_C :std_logic_vector(3 downto 0):= "0011"; constant out_D :std_logic_vector(3 downto 0):= "0100"; --ct1, ttemp and utemp are temprary registers to hold the values of t, u and C. --signal round_keys_d_saved:std_logic_vector(15 downto 0); signal ready_d_pre: std_logic; -- ready_d_pre is used to trigger the plaintext fsm (earlier version of ready_d) signal state:std_logic_vector(5 downto 0); --state of primary fsm signal state_out:std_logic_vector(3 downto 0); -- state of plaintext fsm signal sig3,sig4:integer range 0 TO 15; signal last_round ,cleanup : std_logic; signal A_final,B_final,C_final,D_final:std_logic_vector(15 downto 0); signal utemp1,ttemp1 :std_logic_vector(15 downto 0);-------a_new signal A, B, C, D :std_logic_vector(15 downto 0); signal product1,product2 : std_logic_vector(15 downto 0);

---key constant-----constant p:std_logic_vector(15 downto 0):= "1011011111100001"; constant q:std_logic_vector(15 downto 0):= "1001111000110111";

type s_tp is array(43 downto 0) of std_logic_vector(15 downto 0); signal s :s_tp; type l_tp is array(42 downto 0) of std_logic_vector(15 downto 0);

LDRP-EC Page 56

signal l :l_tp; begin a1: multiplier port map (B,product1); b1: multiplier port map (D,product2); sig3<=conv_integer(unsigned(utemp1(3 downto 0))); sig4<=conv_integer(unsigned(ttemp1(3 downto 0)));

l(0)<=(round_keys_d + s(0)); s(1)<=(l(0)+ s(0)+ q); SIMILARLY. l(42)<=( l(41)+s(41)); s(42)<=(l(41)+ s(41)+ q); s(43)<=(l(42)+ s(42)+ q);

process(clock,reset,ciphertext,sig3,sig4)

variable tempA,tempB,tempC,tempD :std_logic_vector(15 downto 0); variable temp_AD,temp_BA,temp_CB,temp_DC :std_logic_vector(15 downto 0); VARIABLE t,u,t_pre,u_pre:std_logic_vector( 15 downto 0);--temporary VARIABLE used for calculation of A, C, t and u VARIABLE A_pre_2,C_pre_2,A_pre ,C_pre :std_logic_vector(15 downto 0); variable cnt: std_logic_vector(6 downto 0):="0000000";

begin if (reset='1') then state <= "000001"; -- reset state ready_d <= '0'; cnt :=(others=>'0'); A <= (others=>'0');

LDRP-EC Page 57

B <= (others=>'0'); C <= (others=>'0'); D <= (others=>'0'); ready_d <= '0'; TEMPA:=(others=>'0'); TEMPB:=(others=>'0'); TEMPC:=(others=>'0'); TEMPD:=(others=>'0'); temp_AD:= (others=>'0'); temp_BA:= (others=>'0'); temp_CB:= (others=>'0'); temp_DC:= (others=>'0'); elsif(clock'event and clock='1') then case state is --synopsys parallel_case when"000001"=> if (start_d = '0') then state <= "000001"; else state <= "000010"; ready_d <= '1'; end if; when "000010"=> state <= "000011"; A <= ciphertext;--read ciphertext into A ready_d <= '0'; when "000011"=> state <= "000100"; B <= ciphertext; -- read ciphertext into B ready_d <= '0'; when "000100"=> state <= "000101";

LDRP-EC Page 58

C <= ciphertext; -- read ciphertext into C ready_d <= '0'; when "000101"=> state <= "000110"; D <= ciphertext;--assign ciphertext to D A <= A - s(42); -- Use round keys to calculate new value of A C <= C - s(43); -- read ciphertext - roundkeys into C ready_d <= '0'; when "000110"=> -- begin calculation of plaintext loop from r downto 1 state <= "001000"; TEMPA:=A; TEMPB:=B; TEMPC:=C; TEMPD:=D; --swap the value of A, B ,C and D so that new value of A,B ,C AND D can be used. temp_AD:= tempA xor tempD; A<= temp_AD xor tempA; temp_BA:= tempB xor tempA; B<= temp_BA xor tempB; temp_CB:= tempC xor tempB; C<= temp_CB xor tempC; temp_DC:= tempD xor tempC; D<= temp_DC xor tempD; ready_d <= '0'; when "001000"=> STATE <="001001"; t_pre := product1; u_pre := product2; t:= t_pre(11 downto 0) & t_pre(15 downto 12); ttemp1<=t; u:= u_pre(11 downto 0)& u_pre(15 downto 12);

LDRP-EC Page 59

utemp1<=u; ready_d <= '0'; when "001001"=> state <= "001010"; for in 1 to 20 loop A_pre_2 := (A - s(2*i)); -- A = A-S[2i] C_pre_2 := (C - s(2*i+1)); end loop ; ready_d <= '0'; --sig3<=conv_integer(unsigned(u(3 downto 0))); A_pre :=A_pre_2(sig3-1 downto 0) & A_pre_2(15 downto sig3); -- C = C - S[2i+1]

--sig4<=conv_integer(unsigned(t(3 downto 0))); C_pre:=C_pre_2(sig4-1 downto 0)& C_pre_2(15 downto sig4); C <= (C_pre xor u); -- C = ((C-S[2i+1]>>>t) xor u when "001010"=> state <= "000001"; if(cnt<19 )then cnt:=cnt+1 ;

state <="000110"; else last_round <='1'; state<="001011"; cnt:="0000000" ; end if; when "001011"=> state <= "001100"; D <= D - s(1); -- Calculate final value of D ready_d <= '0'; when "001100" =>

LDRP-EC Page 60

state <= "001101"; B <= B - s(0); -- Calculate final value of B ready_d <= '1'; -- set ready_d signal high as decryption process is over cleanup<='1'; ready_d_pre <= '1';-- Assign ready_d_pre high which essentially starts up second FSM. when "001101" => if(cleanup='1') then A_final <= A; B_final <= B; C_final <= C; D_final <= D; else A_final <= A_final ; B_final <= B_final ; C_final <= C_final ; D_final <= D_final ; end if; when others=> state <= "000001"; ready_d <= '1'; A <= (others=>'0'); B <= (others=>'0'); C <= (others=>'0'); D <= (others=>'0'); end case; end if; end process; process(clock,reset,ready_d_pre,A_final,B_final,C_final,D_final) begin

LDRP-EC Page 61

if (reset='1') then state_out <= idle; plaintext_d <= (others=>'0'); elsif (clock'event and clock='1') then case state_out is --synopsys parallel_case when idle=> if (ready_d_pre='1') then state_out <= out_A; else state_out <= idle; plaintext_d <= (others=>'0'); end if; when out_A=> state_out <= out_B; plaintext_d <= A_final; when out_B=> state_out <= out_C; plaintext_d <= B_final; when out_C=> state_out <= out_D; plaintext_d <= C_final; when out_D=> state_out <= idle; plaintext_d <= D_final; when others=> state_out <= idle; plaintext_d <= (others=>'0'); end case; end if; end process; end arch_decryptor ;

LDRP-EC Page 62

7.2 BIBILOGRAPHY

www.google.com www.wikipedia.com http:/theory.csail.mit.edu/~rivest/RC6.pdf

LDRP-EC

Page 63

## Much more than documents.

Discover everything Scribd has to offer, including books and audiobooks from major publishers.

Cancel anytime.