Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf ·...

Introduction to Lightweight Symmetric Cryptosystem

Rajat Sadhukhan

IoTSec Workshop (24th-26th October’16) ,

SEAL lab, IIT Kharagpur

• Motivation

• Objective

• Design Strategy

• Case Study: Khudra

• ASIC and FPGA implementation of Khudra

• Results

• Future Works

IoTSec Workshop (24th-26th October’16), IIT Kharagpur 2

• Upcoming Information Technology and Computing landscape• Number of users to device mapping (past- n:1, present- 1:1, future- 1:n)

• Mass production of pervasive devices with ASIC/FPGA

• Extremely constrained resources• Battery

• Memory

• Computation power

• Standard Algorithms cannot be used• Expensive for very small devices

• Good trade-off among area, throughput and resistance against attacks


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• Investigate lightweight design strategies to achieve:• Gate Equivalent/LUT efficiency (mainly considering hardware)

• Simplicity

• Security

• Suitability for both ASIC as well as FPGA

• Less clock cycle requirement for encryption

• Area and area-time metric should be considered for design


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• Design strategies followed for designing block ciphers


• Key scheduling also requires significant amount of LUTs

• n (block) + k (key) bit registers and n + k number of 2 : 1 mux is also required for the feedback of message and keys of the previous round. So n+k Flip-Flops and n+k LUTs are required

• Total number of LUTs required is at least 3 *n + k and register is at least n + k

• So from above observation, number of slices can be reduced if we can decrease the LUT requirements by utilizing some more Flip-Flops

• Follow balancing LUTs and FF strategy where we choose a new design for which number of LUTs reduces, number of Flip-Flops increases and the ratio (RLUT=FF ) is close to 1.


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• Architectural features• Data Processing

• 64-bit data block, 80-bit key size, 18 rounds, 32-bit round key size

• Feistel structure in our design to reduce the number of S-boxes but without using any extra diffusion layer

• As the F-function is computed in rounds, the intermediate values are stored in some registers, thereby improving flip flop implementation rather than wastage

• The Fiestel structure consist of two parts: Fiestel permutation and F-function. F-function in turn again consist of 6 rounds of recursive Fiestel function

• Key Scheduling part• shift-register base key-schedule, which require less number of LUTs and more FFs

• In data processing part, Khudra require more LUTs compared to FFs, so the planned key-schedule will improve the overall RLUT=FF ratio


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• FPGA implementation


• ASIC implementation


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• Comparison of Khudra with other block cipher FPGA design


• Comparison of Khudra with other block cipher ASIC design


• Motivation

• Objective

• Design Strategy



• Results

• Future Works


• Extend Khudra to 128 –bit key size and explore performance and security features with extension

• Analyze the resistance of Khudra against side channel attacks and frame strategies to make cipher design resistant against SCA

• Performing various types of cryptoanalysis techniques to raise the security bar of the block cipher with no compromise on its lightweightedness


References


Thankyou !!


Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf ·...

Documents

Transcript of Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf ·...