Upload
atalo
View
125
Download
0
Tags:
Embed Size (px)
DESCRIPTION
FPGA Encryption/Decryption System based on the Enigma Final Presentation. Written by: Yaakov Levenzon Ido Kahan Advisor: Mr. Mony Orbach. Spring Semester 2013. The Problem. We carry sensitive information with us, to practically everywhere…. Where is it?!. Project Goals. - PowerPoint PPT Presentation
Citation preview
FPGA Encryption/Decryption System based on the Enigma Final Presentation
Written by: Yaakov Levenzon Ido Kahan
Advisor: Mr. Mony Orbach
Spring Semester 2013
The Problem
We carry sensitive information with us, to practically everywhere…
Where is it!?
Project GoalsPrimary Goal:
• Creating a complete system which encrypts and deciphers files by using
the method of the famous “Enigma” machine, while following the
instructions of our part A system.
Didactic Goals:
• Dealing with a design and implementation of a complete
encryption/decryption system, thus strengthening our VHDL skills.
• Implementing the Enigma system into our architecture (while using its
generic ability to modify it for working with streams of data), in pipeline
configuration.
PC
USBDLP
CTRL
Host
USB protocol(1 MB/s) DE2 protocol
One source file divided into small files
88
FIFO8>-128
8 bitMin 16 words => 1 block cipher
128AES
EncryptsDecoder
128 128 bit
8FIFO
128>-8
8
Valid_data_out
Nios II/e
CLK freq: 200 MHz1738 LES (5%)Total mem bits 43264 (9%) 16 bits data bus1 MB/s data transfer rate to DLP 245MUses the Avalon Bus
Key string- 128Key- 128
CTRL DLP
CTRL Nios
Data ControllerClk (input) AES enable
FIFO read enable
en from counter
Read enable from counter (gets AES enable)
Register128 bits
Instruction Memory4k bits
CTRL
CTRL PC-USBFULL
FULL
EnigmaEncryptionDecryptionEncryption
system
Part A - Development and Verification System
Instructions page for using our system (taken from our project A book)
• Maximum possible Encryption/Decryption memory size: 221696 bits (46%) (Recommended size – for 85% capacity: 149120 bits)
• Maximum possible Encryption/Decryption number of LE: 32645
• Key Size: 128 bits
• Data width: 128 bits
• System speed: 1 MBPS (dictated by the DLP module)
• DLP FIFO size: 1024 bits
• DLP FIFO Speed: 384 byte Transmit buffer / 128 byte receive buffer
The Enigma System
• The original Enigma machine:
In our system:
• More characters
• More combinations
• Start position to the ASCII table.
• hopping method - Fibonacci function
• Every day -> different key.
• Plugboard.
• Reflector.
0x010x020x030x04
0xFF
First rotor
0xA20x4B0x670x89
0xAC
Key AASCIItable
0x02, 0x02 Ox4B, OxA20x010x020x030x04
0xFF
Second rotor
0x140x980x760x94
0xE1
ASCIItable
Key B
Encrypteddata
PCPC
Encryption Data Flow – step 1
. . .
5 rotors
PC0x85........0x23 0x68 0x54 0x43 0xA2 0x28
94*5=470
RAM
ASCII KEY
A
ASCIIKEY B
ASCII KEY C
First rotor Second rotor Third rotor
• Every rotor receives different key
• The keys will be changed every day
• The keys file will be saved in a safe file
Keys – step 2
0x010x020x030x04
0xFF
a rotor
ASCIItable
0xFE0xFF0x010x02
0xFD
a rotor
ASCIItable
Promote 2 steps
First Positions For The Rotors – step 3• Another level of security
• Every rotor have a different first-position
• The first-positions will be changed every day
PC
5
RAM
ASCII KEY A
ASCIIKEY B
ASCII KEY C
First rotor Second rotor Third rotor
First Positions– continue
• Another level of security
• Every rotor have a different first-position
• The first-positions will be changed every day
• Two separated files: keys and positions
16 2 34 8 5
Hopping Method - Fibonacci Function - step 4
0x010x020x030x04
0xFF
First rotor
0xA20x4B0x670x89
0xAC
First keyASCIItable
0x02, 0x02 0x4B, 0xA2
f(x)
• f(x)=f(x-1)+f(x-2)
• f(0) and f(1) is changing every day
• The keys file contains two Initial conditions for every rotor
The Reflector - step 5• Plugboard – changed every day
• The problem is…
0x010x020x030x04
0xFF
fifth rotor
0xA20x4B0x670x89
0xAC
KeyASCIItable
0x010x020x030x04
0xFF
Reflector
0xA20x4B0x670x89
0xAC
Plugboard ASCIItable
Pipeline!!!
The Reflector – second mind• Plugboard – changed every day
0x010x020x030x04
0xFF
Fifth rotor A
0xA0x4B0x670x89
0xAC
KeyASCIItable
0x010x020x030x04
0xFF
Reflector
0xA20x4B0x670x89
0xAC
Plugboard ASCIItable
. . . 0x010x020x030x04
0xFF
Fifth rotor B
0xA0x4B0x670x89
0xAC
KeyASCIItable
. . .
Decryption Algorithm• The encryption-system is symmetrical as the Enigma machine.
• Should use the same keys (permutation), same positions for the keys and the same rotor-positions.
0x010x020x030x04
0xFF
First rotor
0xA20x4B0x670x89
0xAC
First keyASCIItable
0x010x020x030x04
0xFF
First rotor0xA20x4B0x670x89
0xAC
First key ASCIItable
PC0x02, 0x020x4B, 0xA2
Encrypteddata
. . .
Block Diagram – Encryption
FIFO-IN
FIFO-OUT
Rotor 1-A
Rotor 2-A
Rotor 3-A
Rotor 4-A
Rotor 5-A
Rotor 5-B
Rotor 4-B
Rotor 3-B
Rotor 2-B
Rotor 1-BReflector
From project A
From project A
Different key
unencrypted
encrypted
Algorithm Golden Model• As instructed, we aimed to create a Golden Model to our algorithm in
order to: strengthen our understanding of the algorithm, spot bugs early on, thus making the process of hardware design and implementation easier for us.
• Each rotor can be individually debugged if necessary. Each key can be easily altered.Aimed to cover as much cases as possible (such as, repeated keys, uncommon ASCII chars, Fibonacci function as our implemented hopping function.
• Modular and generic as possible: adding chars, keys, rotors, other hopping functions is possible with minimum effort.
• Creating the keys for each day.
• As documented and explained as we can, for further maintenance.
Generic and modular - verification
Encrypting a string - verification
Repeated input – unrepeated output
DE2
PC
USB
Architecture – High Level
FPGA
Nios II
AVALONDLP
Enigma
Host controller
In_DataFIFO
Out_DataFIFO
Block Diagram – Writing to FPGA
Sending words
Words on AVALON bus
Words by USB protocol
PC DLP FPGA
Encryptedwords
ENIGMA
Encryptingwords
FIFO
Unencryptedwords
FIFO
PC Nios
Nios
Nios
PC
Words by USB
protocol
DLP
Words on AVALON
bus
FPGA
Savingwords
PCNios PC
PC
• Reading from FPGA to the PC is the same data-flow
• This data-flow is for Encrypting as well as for decrypting
Top Level – project A+B
The Enigma
Top Level – The EnigmaControl Reflector
first rotor
Last rotor
The rotorbefore the
reflector
The rotorafter the
reflectorMux 2->1
Top Level- Compilation
Timing Analysis
• Latency – 13 clock cycles
• Throuput – 1 clock cycle
• Max frequency – 120 Mhz
=> The bottleneck is the DLP!
11clocks
Reg_in Reg_out
1-A 2-A 3-A 4-A 5-A reflector 1-B 2-B 3-B 4-B 5-Bhe dl el a do m vw yo dr al jd z
g q
r y
v x
z b
hk
GUI for the user
Bugs and new features learned
• Enigma Golden Model – the windows.h library (in order to handle date functions)
Bugs - Continue
• The reflector problem
What is the trade-off?
Pros
Throuput – 1 clock cycle instead of 11.
The frequency has not Influenced.
Cons
Five more little memories (8*128=1k)
Improving our system:• Upgrading interfaces protocol to USB 2.0 (or even 3.0).• Upgrading the DLP (bigger FIFO, or a faster connector than our DLP).• Better hopping function – harder to decipher while easier to compute.
Trying to crack our Enigma machine: Designing and implementing a system that will attempt to decipher text encrypted by our system with as little knowledge as possible (constraints and pre-intelligence might be necessary – e.g. Second World War cracking process).
Encrypting the keys with a private key, while using other encryption algorithm – i.e. two step encryption process will make the system much stronger.
Encrypting videos, network transmissions, audio etc.
Planning ahead
Summary and conclusions• The project goals were fully accomplished.
• We now comprehend that a target-oriented and generic development system can advance the design and implementation process, simplifying it while lowering costs and time-to-market.
• The concept behind Enigma impressed us. It was one of the most sophisticated encryption/decryption systems of its time (recall, only human errors made it possible to decrypt in reasonable time).
• CAD and the FPGA platform enabled us to strengthen the algorithm (unlimited wiring board, more chars, bigger key, and generic, rotating and variable rotors).Furthermore, it kept the system and its' sub-systems manageable and reusable. It also enabled us to add some exciting features, including picture encryption.
• We enjoyed working on the project very much, and would like to thank our advisor, Mr. Mony Orbach.
Thank you for listening