Lecture 5 Block Diagrams Modes of Operation of Block Ciphers

ECE 448 – FPGA and ASIC Design with VHDL Modes of Operation of Block Ciphers

Block vs. stream ciphers Stream cipher Internal state - IS Block cipher KK M 1, M 2, …, M n m 1, m 2, …, m n C 1, C 2, …, C n c 1, c 2, …, c n C i =f K (M i )c i = f K (m i, IS i ) IS i+1 =g K (m i, IS i ) Every block of ciphertext is a function of only one corresponding block of plaintext Every block of ciphertext is a function of the current block of plaintext and the current internal state of the cipher

Typical stream cipher SenderReceiver Pseudorandom Key Generator mimi plaintext cici ciphertext kiki keystream key initialization vector (seed) Pseudorandom Key Generator mimi plaintext cici ciphertext kiki keystream key initialization vector (seed)

Standard modes of operation of block ciphers Block cipher turned into a stream ciphers ECB mode Counter mode CFB mode CBC mode

ECB (Electronic CodeBook) mode

Electronic CodeBook Mode – ECB Encryption M1M1 M2M2 M3M3 E C i = E K (M i ) for i=1..N M N-1 MNMN E E EE... C1C1 C2C2 C3C3 C N-1 CNCN K K K K K

Electronic CodeBook Mode – ECB Decryption C1C1 C2C2 C3C3 D M i = D K (C i ) for i=1..N C N-1 CNCN D D DD... M1M1 M2M2 M3M3 M N-1 MNMN K K K K K

Electronic CodeBook Mode – ECB (simplified block diagram) E K IN OUT CiCi MiMi D K IN OUT CiCi MiMi C i = E K (M i ) M i = D K (C i )

Electronic CodeBook Mode – ECB (combined block diagram) E K IN OUT D K IN OUT bdo bdi bdi = M i for Encryption C i for Decryption bdo = C i for Encryption M i for Decryption

Counter Mode

Counter Mode - CTR Encryption m1m1 m2m2 m3m3 E c i = m i  k i k i = E K (IV+i-1) for i=1..N m N-1 mNmN... E E EE c1c1 c2c2 c3c3 c N-1 cNcN IVIV+1 IV+2 IV+N-2 IV+N-1 k1k1 k2k2 k3k3 k N-1 kNkN K K K K K

Counter Mode - CTR Decryption c1c1 c2c2 c3c3 E m i = c i  k i k i = E K (IV+i-1) for i=1..N c N-1 cNcN... E E EE m1m1 m2m2 m3m3 m N-1 mNmN IVIV+1 IV+2 IV+N-2 IV+N-1 k1k1 k2k2 k3k3 k N-1 kNkN K K K K K

Counter Mode – CTR (simplified block diagram) E K IN OUT counter IV cici mimi E K IN OUT counter IV cici mimi IS 1 = IV c i = E K (IS i )  m i IS i+1 = IS i +1 IS 1 = IV m i = E K (IS i )  c i IS i+1 = IS i +1 IS i

Counter Mode – CTR (combined block diagram) E K IN OUT counter IV bdo bdi IS i bdi = m i for Encryption c i for Decryption bdo = c i for Encryption m i for Decryption

CFB (Cipher FeedBack) Mode

Cipher Feedback Mode - CFB Encryption m1m1 m2m2 m3m3 E m N-1 mNmN... E E EE c1c1 c2c2 c3c3 c N-1 cNcN IV c i = m i  k i k i =E K (c i-1 ) for i=1..N, and c 0 = IV k1k1 k2k2 k3k3 k N-1 kNkN

Cipher Feedback Mode - CFB Decryption m1m1 m2m2 m3m3 E m N-1 mNmN... E E EE c1c1 c2c2 c3c3 c N-1 cNcN IV m i = c i  k i k i =E K (c i-1 ) for i=1..N, and c 0 = IV k1k1 k2k2 k3k3 k N-1 kNkN

Cipher Feedback Mode – CFB (simplified block diagram) E K IN OUT cici mimi E K IN OUT cici mimi IV IS 1 = IV c i = E K (IS i )  m i IS i+1 = c i IV IS i register IS 1 = IV m i = E K (IS i )  c i IS i+1 = c i

Cipher Feedback Mode – CFB (combined block diagram) E K IN OUT bdo bdi IV IS i register bdi = m i for Encryption c i for Decryption bdo = c i for Encryption m i for Decryption bdi

CBC (Cipher Block Chaining) Mode

Cipher Block Chaining Mode - CBC Encryption m1m1 m2m2 m3m3 E IV c i = E K (m i  c i-1 ) for i=1..N c 0 =IV m N-1 mNmN... E E EE c1c1 c2c2 c3c3 c N-1 cNcN

Cipher Block Chaining Mode - CBC Decryption m i = D K (c i )  c i-1 for i=1..N c 0 =IV m1m1 m2m2 m3m3 m N-1 mNmN IV... D D D DD c1c1 c2c2 c3c3 c N-1 cNcN

Cipher Block Chaining Mode – CBC (simplified block diagram) E K IN OUT cici mimi D K IN OUT cici mimi IV IS 1 = IV c i = E K (IS i  m i ) IS i+1 = c i IS 1 = IV m i = D K (c i )  IS i IS i+1 = c i IV IS i register

Cipher Block Chaining Mode – CBC (combined block diagram) E K IN OUT D K IN OUT IV IS i register cici bdi bdo bdi

ECE 448 – FPGA and ASIC Design with VHDL Advanced Encryption Standard (AES) Pseudocode

AES Encryption

AES Decryption

ECE 448 – FPGA and ASIC Design with VHDL AES: Symbols, Block Diagrams, Interfaces

AES_Enc Encryption Only Key scheduling done as a part of initialization

Symbol

Block Diagram – AES_Enc

Block Diagram – Round

Block Diagram – KeyUpdate

AES_Enc: Interface with the Division into the Datapath and Controller

AES_Enc_KOF Encryption Only Key scheduling done On the Fly

Symbol

Block Diagram – AES_Enc_KOF

Block Diagram – Round

Block Diagram – KeyUpdate

AES_Enc_KOF: Interface with the Division into the Datapath and Controller

AES_EncDec Encryption and Decryption Key scheduling done as a part of initialization

Symbol

Block Diagram – AES_EncDec

Block Diagram – Round

Block Diagram – InvRound

Block Diagram – KeyUpdate

AES_EncDec: Interface with the Division into the Datapath and Controller

ECE 448 – FPGA and ASIC Design with VHDL Example of a Hierarchical Block Diagram JH hash function

Top Level

R8/R6

L

ECE 448 – FPGA and ASIC Design with VHDL Example of a Hierarchical Block Diagram BLAKE hash function

Top Level

Permute8

Core8

G_mod

ECE 448 – FPGA and ASIC Design with VHDL Interface of CipherCore Datapath

59 Block Diagram of AEAD

Input Ports (nonce, IV) (only few candidates) (AD, M, C) (we will not use it)

ECE 448 – FPGA and ASIC Design with VHDL Timeline

Thursday 10/15, 12 noon: First draft of block diagrams (Blackboard) Thursday 10/15, 1:00-4:30pm Friday 10/16, 1:00-8:00pm Discussion of draft block diagrams (30 minutes per person, 60 minutes per group, electronic sign-up using Doodle) Project Timeline: Draft Block Diagrams

Thursday 10/22, 12 noon Revised block diagrams due (Blackboard) Thursday 10/22, 1:00-4:30pm Friday 10/23, 1:00-8:00pm Discussion of revised block diagrams (30 minutes per person, 60 minutes per group, electronic sign-up using Doodle) Project Timeline: Revised Block Diagrams