1. Encryption / Decryption on FPGA Midterm Presentation Written by: Daniel Farcovich ID. 303710388 Saar Vigodskey ID. 039608153 Advisor: Mony Orbach Summer Semester 2011 (August – October)

2. Project Goal Creation of data cryptography system using hardware components of type FPGA DE2-110 with cyclone II EP2C35 device, designated to external memory devices such as Disk-On-Key The system will encrypt the data efficiently according to standard encryption algorithms, which are being used by the private sector. The encryption will be symmetric or asymmetric and made by keys.

3. AES Advanced Encryption Standard, also known as “Rijndael”, is a block cipher, which has been adopted at November 2001 by NIST (National Institute of Standard and Technology), as standard FIPS PUB 197, after a five year process. The algorithm was developed by two Belgian cryptography experts Joan Daemen and Vincent Rijmen. The cipher is iterative, quick and comfortable to implement both by software and hardware, and it hasn’t high memory requirements. The block size is determined to 128 bit, and 128 bit key length.

4. Algorithm Description Most of the AES calculations are made through 10 rounds. Each round consists 4 steps, state transformation. The state describes the current data block as a 2D, 4X4 array of bytes. In each round a “Round Key” is created by the key-expansion process. AES encryption includes 4 steps: 1)SubBytes 2)ShiftRows 3)MixColumns 4)AddRoundKey

5. AddRoundKeySubBytesShiftRowsMixColumnsAddRoundKey SubBytesShiftRowsAddRoundKey Inv ShiftRows Inv SubBytes AddRoundKey Inv MixColumns Inv ShiftRows Inv SubBytes AddRoundKey Key Expansion data encrypted data encrypted data x9 key Cipher Inverse Cipher

6. Possible Implementations DisadvantagesAdvantagesArchitecture 1. Might be too large (component duplication) 2. Lots of I/O (475 pins in cyclone II) 1. FastParallel 1.Might be too large (component duplication) 1. Fast 2. Pure logical and memory elements, no controller. Full Piped 1. Slowest1. No component duplication.Iterative 1. Slower than Full pipe1.Faster than Iterative 2.Trade off is possible for space and speed Piped + Iterative As far as speed and space are concerned, full piped architecture will provide the best timing parameters, with the space limitations of cyclone II device.

7. Full Piped Architecture Top Level INPUT data [0..127] – raw data ed – ‘0’ for encryption, ‘1’ for decryption clk – system clock rst – high active key[0..127] – 128 bit cryptography key OUTPUT data_out [0..127] – processed data valid_out – ‘1’ when key expansion is ready

8. EncryptionDecryption Module

10. Round Module Cryptography direction determined using ‘e_d’ signal. When encryption (decryption) is needed, the decryption (encryption) components are not active.

11. Subytes Module Sbox is M4k RAM Block 8*256*2= 4608 bytes Each Sbox translates 2 cells, 8 Sboxes. Total RAM for Subytes module is 32,768 bytes.

12. Summery

13. Timing Analysis Despite this result, we will use the DE2 PIN_N2 internal clock (50MHz). Encryption or decryption of 1MByte of data will take about 1.3[msec]

14. Post Synthesis Simulation Expanded key is ready Data input 1.Set key. 2.Reset 3.Key expansion process (40 cycles) 4.System is ready to receive data, set data. 5.Each cycle set 128 input data. 6.First output is given after 10 cycles from step 4.

15. Post Synthesis Simulation

16. Testing and verification Vhdl editor Modelsim simulation Post synthesis simulation ok synthesis ok Testing using Signaltap and memory sampling program ok yes end start no The verification is done using Example Vectors taken from the AES standard. The final test is to encrypt data using the encryption block and to decrypt the output using the decryption block and compare the result with the original data.

17. DE2 AES PC UART Out Memory In Memory Testing Environment

18. Project Timetable