An object-oriented cryptosystem based on two-level reconfigurable computing architecture
Introduction
The application of encryption techniques which have provided security for communication systems has been practiced for many years. Recently, these techniques have been relied on a large number of security-sensitive applications, e.g. medical records, digital rights management, E-Commerce, etc. (Chen et al., 1998, Lian et al., 2004, Harn and Yang, 1993, Zheng and Seberry, 1993, Pakstas and Pakstiene, 1996, Ikram, 2001). There are two major classes of algorithms in cryptography: symmetric key algorithms and asymmetric key algorithms (Rhee, 2003). They are approaches representing basic paradigms for cryptosystems. The NESSIE (New European Schemes for Signatures, Integrity, and Encryption) is a project within the IST (Information Society Technologies) Programme of the European Commission which had announced final selection of crypto algorithms in February 27, 2003. The NESSIE had selected 12 algorithms from 42 submissions; in addition, 5 well established standard algorithms had been added to the NESSIE portfolio (NESSIE, 2003a, NESSIE, 2003b). NESSIE announced a complete report that contains block ciphers, public-key encryptions, MAC algorithms, hash functions, digital signature algorithms and identification schemes except stream ciphers and pseudorandom number generators which did not request security enough.
The NESSIE had reported a performance evaluation in IST-1999-12324 (NESSIE, 2003c) that measures the performance of announced algorithms. The MISTY1 and AES (advanced encryption standard) implementations in hardware and software are listed in Table 1 that includes some parts of NESSIE report table reveals the importance messages as follows:
- •
Hardware implementations can cipher a block in one cycle but software implementations must take three hundred cycles, at least. If Intel Pentium II and VIRTEX 1000 have the same estimated frequency then VIRTEX 1000 will be 300 times faster than Intel Pentium II.
- •
One algorithm is implemented at a time. If many algorithms must be run at a time, software throughput then will be decreased, but hardware implementations will still compute results at one block per cycle.
- •
ASICs (application-specific integrated circuits) are traditional hardware implementations which do not run faster than FPGAs (field-programmable gate arrays) obviously.
For these reasons, FPGAs are suitable to implement cryptosystems. Since FPGAs are reconfigurable, they provide higher flexibility than ASICs (Bondalapati and Prasanna, 2002, Compton and Hauck, 2002). But influenced by Gordon Moore’s Law on FPGA structures, gate array sizes have been expanded larger. ULSI (ultra large scale integration) can place more than about one million circuit elements on a single chip. In order to implement these cryptography algorithms in FPGAs based on ULSI structures, it is a good idea to use a two-level reconfigurable computing system (TLRCS) (Deng et al., submitted, Deng et al., 2005a, Deng et al., 2005b) to build cryptosystems. The concept of TLRCS is to split traditional reconfiguration into two levels. One is SLR (system-level reconfiguration) that can dynamically reconfigure a system structure; the other is ALR (algorithm-level reconfiguration) that will implement these algorithms we want to do.
An overview of the TLRCS is given in Section 2. In Section 3, a description of the cryptosystem based on TLRCS is presented. The implementation and results of the cryptosystem are given in Section 4. In Section 5, the advantages and disadvantages of this system are discussed and possible future works are described. Finally, concluding remarks are made in Section 6.
Section snippets
The two-level reconfigurable computing system
The object-oriented concept is popular in software programming but it is difficult to be accomplished in hardware design. The TLRCS is an object-oriented design on hardware. In Fig. 1, the hardware structure of TLRCS is shown. It is only an empty structure that can build a TLRCS. The following is just a brief review of the two level reconfigurable system and for more details, the readers are referred to Deng et al., submitted, Deng et al., 2005a, Deng et al., 2005b.
The methodology of cryptosystem design
Cryptosystems have many kinds and many specifications so it is difficult to implement all of them to a FPGA chip. To make it easy, the mainstream is to combine a RISC processor with some FPGA chips and store reconfigurable data in memory. When a reconfiguring command is received by the RISC processor then the RISC processor will reconfigure some FPGA chips with a configuring data in memory. To implement the cryptosystems, using the hybrid system architecture is feasible. Those FPGA chips do not
The implementation and results
The development kits for the implementation include DS-KIT-2VP7FG456 and DS-KIT-SYSTEMACE, which are designed by Memec Design. The FPGA chip which can be used to implement the TLRCS is XC2VP7. The RISC processor is implemented by the MicroBlaze processor (Xilinx, Inc., 2003) and the Xilkernel (Xilinx, Inc., 2004c) is used to build the operating system.
The XC2VP7 has only about 90 000 gates so the reconfigurable area is not large enough. In the chip, a RISC processor and two RFBs will be built
Discussion and future works
It is a new concept to implement cryptosystems within a TLRCS. The method is more flexible and securable than other methods because the high performance is the main goal in those researches (Standaert et al., 2003, Rouvroy et al., 2003a, Rouvroy et al., 2003b, Standaert et al., 2002). The advantages and disadvantages are revealed below.
- •
Flexible architecture. It is important to rebuild a flexible cryptosystem with high security. Because the architecture of hardware is changeable in TLRCS, a
Conclusions
A highly secure and efficient cryptosystem is urgent needed but it is difficult to integrate the flexibility of software and the performance of hardware. In this paper, a new design method is proposed that splits a cryptosystem into cryptography architecture and algorithms that integrates the advantage of software and hardware successfully. Cryptosystems are implemented within a TLRCS. The TLRCS is a reconfigurable computing system that splits system into two levels which includes the system
References (29)
- Bondalapati, K., Prasanna, V., 2002. Reconfigurable computing systems. In: Proceedings of the IEEE 90(7),...
- et al.
A virtual image cryptosystem based upon vector quantization
IEEE Transactions on Image Processing
(1998) - et al.
Reconfigurable computing: a survey of systems and software
ACM Computing Surveys
(2002) - et al.
A two-stage reconfigurable image processing system
- et al.
Two-stage reconfigurable computing system architecture
- Deng, Y.-X., Hwang, C.-J., Lou, D.-C., submitted. Two-stage reconfigurable computing system—a new object-oriented...
- et al.
Comparison of the hardware architectures and FPGA implementations of stream ciphers
- et al.
Id-based cryptographic schemes for user identification, digital signature, and key distribution
IEEE Journal on Selected Areas in Communication
(1993) - Ikram, N., 2001. Cryptographic identification of users over network. In: Military Communications Conference, 2001...
- et al.
A novel image encryption scheme based-on jpeg encoding
Cited by (3)
Hardware resource manager for reconfiguration system
2012, Proceedings - 2012 International Symposium on Biometrics and Security Technologies, ISBAST 2012A two-stage reconfigurable image processing system
2005, Proceedings - 8th International Symposium on Signal Processing and its Applications, ISSPA 2005Two-stage reconfigurable computing system architecture
2005, Proceedings - 18th International Conference on Systems Engineering, IICSEng 2005