## Embedded Cryptographic Hardware: Design & SecurityData security is an important requirement for almost all, if not all, information-oriented applications such as e-commerce, digital signature, secure Internet, etc. All these services use encrypted data. Cryptography is a milliner science that was the key to the secret of ancient Rome and a fundamental piece in the Second World War. Today, it is a star in the computation world. Several operating systems, data base systems or simple filling systems provide the user with cryptographic functions that allow controlled data scrambling. Modern cryptology, which is the basis of information security techniques, started in the late 1970's and developed in the 1980's. As communication networks were spreading deep into society, the need for secure communication greatly promoted cryptographic research. The need for fast but secure cryptographic systems is growing bigger. Therefore, dedicated hardware for cryptography is becoming a key issue for designers. With the spread of reconfigurable hardware such as FPGAs, hardware implementations of cryptographic algorithms became cost-effective. The focus of this book is on all aspects of cryptographic hardware and embedded systems. This includes design, implementation and security of such systems. The content of this book is divided into four main parts, each of which is organised in three chapters, with the exception of the last one. |

### What people are saying - Write a review

We haven't found any reviews in the usual places.

### Contents

3 | |

4 | |

5 | |

6 | |

14 Our Sequential AES Implementation | 8 |

141 Implementation of ShiftRowInvShiftRow | 9 |

143 EncryptionDecryption Design Choices | 10 |

144 Implementation of the Key Schedule | 11 |

Bibliography | 129 |

A Design of BasisIndependent BitParallel Multipliers | 133 |

82 Preliminaries | 134 |

83 The Algorithm | 135 |

831 Computation of T | 136 |

832 Reduction | 137 |

833 Identification of the Multiplier Structure | 140 |

85 Implementation | 142 |

145 Implementation and Results of our Complete AES | 12 |

15 Summary | 14 |

Bibliography | 15 |

PAX A DatapathScalable Minimalist Cryptographic Processor For Mobile Devices | 19 |

21 Introduction | 20 |

23 Cipher Suite | 21 |

231 Authentication and Digital Signatures | 22 |

24 PAX Instruction Set | 23 |

242 Permute Instructions | 25 |

244 hibit Instruction | 26 |

246 Datapath Scalability | 27 |

25 Performance | 28 |

252 AES SHA1 and SHA256 | 29 |

26 Summary | 30 |

Bibliography | 32 |

Architectural Design Features of a Programmable High Throughput AES Coprocessor | 35 |

32 Crypto Coprocessor Design Features | 36 |

321 The AES Core | 37 |

323 Separate Data and Control Stream | 38 |

325 Block Pipelining | 40 |

33 Programmability | 41 |

332 Instruction Set Architecture | 43 |

35 Summary | 44 |

36 Acknowledgment | 45 |

Bibliography | 46 |

Cryptographic Hardware Security | 49 |

PowerAnalysis Attack on an ASIC AES Implementation | 51 |

41 Introduction | 52 |

421 Theoretical Background | 53 |

422 Practical Challenges | 54 |

432 Measurements | 55 |

44 A DPA Attack Using Simulated Data | 57 |

45 A DPA Attack Using Measured Data | 59 |

46 Summary | 63 |

47 Acknowledgments | 64 |

Bibliography | 65 |

On the Importance of Protecting A in SFLASH against Side Channel Attacks | 67 |

51 Introduction | 68 |

52 Hidden Monomial Cryptosystems | 69 |

53 SFLASH | 70 |

532 Known Attacks on SFLASH | 72 |

533 Reducing C to C using A | 73 |

542 Side Channel Attacks Against SHA1 | 74 |

55 Proposed Attacks | 76 |

553 Implementation of Patarins Attack | 77 |

554 Dependence on the Signing Oracle | 79 |

56 Summary | 81 |

Bibliography | 82 |

Resistance Against Power and Timing Attacks An Evaluation of Two Clockless Implementations of the AES | 83 |

62 The ClockLess Circuit | 84 |

63 The ClockLess SingleRail AES | 86 |

64 The ClockLess DualRail Design | 89 |

65 Preventing Power Attacks | 90 |

66 Preventing Timing Attacks | 91 |

67 Results | 93 |

68 Summary | 95 |

Bibliography | 96 |

Hardware for Modular Multiplication | 99 |

Modular Multiplication Methods and Hardware | 101 |

72 Efficient Multiplication Methods | 103 |

722 Booths Multiplication Method | 108 |

723 Multipliers AreaTime Requirements | 112 |

73 Barretts Reduction Method | 115 |

74 Modular Multiplication Methods | 116 |

741 BoothBarrett Modular Multiplication | 117 |

751 Hardware Architecture for Montgomerys Algorithm | 118 |

752 Montgomery Modular Multiplier Architecture | 120 |

753 Simulation Results | 122 |

76 Summary | 123 |

86 Summary | 144 |

Bibliography | 145 |

Program Output | 147 |

Reducing the Complexity of Modular Multiplication by Modification of One Operand | 149 |

92 Basic Idea of the New Modular Multiplication Algorithm | 151 |

93 Optimisation of the New Algorithm | 152 |

94 Incomplete Modular Multiplication | 155 |

95 Complete Modular Multiplication | 156 |

96 Optimal Modular Multiplication | 158 |

97 Complexity Evaluation | 160 |

98 Summary | 161 |

Bibliography | 162 |

Elliptic Curve Cryptographic Hardware | 165 |

Special Hyperelliptic Curve Cryptosystems of Genus Two Efficient Arithmetic and Fast Implementation | 167 |

101 Introduction | 168 |

102 History of Efficient HEC Group Operations | 169 |

1032 Group Operations | 170 |

105 Accelerating the Arithmetic | 171 |

106 Results and Discussion | 173 |

1062 Timings on the ARM Microprocessor | 174 |

107 Summary | 175 |

Bibliography | 178 |

A Generic Coprocessor For Elliptic Curve Scalar Multiplication on Hardware | 181 |

112 Arithmetic Considerations | 183 |

1122 Reduction | 185 |

1125 Parallel Strategies for Scalar Point Multiplication | 189 |

114 Implementing Scalar Multiplication on Reconfigurable | 190 |

1141 Scalar Multiplication in Hessian form | 191 |

1142 Montgomery Point Multiplication | 192 |

1143 Implementation Issues | 193 |

115 Performance Comparison | 194 |

Bibliography | 196 |

Hyperelliptic Curve Cryptosystem What is the Best Parallel Hardware Architecture? | 199 |

121 Introduction | 200 |

122 Relevant Previous Work | 201 |

123 Mathematical Background of HECC | 202 |

1232 Newest Developments Concerning the Group Operations | 203 |

125 Methodology of our Work | 204 |

126 Results | 206 |

1262 Parallelism of the Group Operations | 207 |

1263 Usage of Registers | 208 |

127 Summary | 211 |

Bibliography | 212 |

New Encryption Methods | 217 |

Permutation Operations in Block Ciphers | 219 |

132 Motivation for New Permutation Operations | 220 |

133 Design Goals for New Permutation Operations | 222 |

1341 Definition of GRP | 223 |

1342 Definition of OMFLIP | 224 |

1343 Basic Properties of GRP and OMFLIP | 225 |

1344 Implementation of GRP and OMFLIP | 226 |

1351 GRP and OMFLIP as cryptographic primitives | 227 |

1352 Comparison Between DDR GRP and OMFLIP | 229 |

1353 Additional Considerations | 230 |

136 An Illustrative Example for Cipher Design | 231 |

1362 A Role for GRP in an RC5Variant | 232 |

137 Summary | 233 |

235 | |

Streaming Encryption for a Secure Wavelength and Time Domain Hopped Optical Network | 237 |

142 Optical CDMA Concept | 238 |

143 Implementation | 239 |

1432 FPGA Implementation | 241 |

144 Complete System Integration | 245 |

146 Summary | 246 |

Bibliography | 247 |

249 | |

253 | |

Reviewer List | 255 |

### Common terms and phrases

adders architecture arithmetic asynchronous circuit binary bit-level bits block cipher byte CBC-MAC CCM modes chapter circuit clock cycles clock-less column complexity Computer Science coprocessor cryptanalysis cryptographic Cryptographic Hardware Cryptosystems datapath decryption devices divisor dual-rail efficient elliptic curve cryptography Embedded equations explicit formulae Fastcore Figure finite field FPGA function Gbps genus genus-2 group operations hamming weight hardware implementation HECC Hessian form Hyperelliptic Curve Hyperelliptic Curve Cryptosystems IEEE input instruction set Karatsuba Lecture Notes LNCS lookup matrix Mbps modes of operation modular multiplication module Montgomery Mourelle Nedjah Notes in Computer operands optimized output parallel partial products performed permutation operations pipeline plaintexts point addition point doubling Point Multiplication polynomial power analysis power attacks power consumption processor proposed public-key reduced Rijndael scalar multiplication secret key Section SFLASH side channel attack signature simulation Springer-Verlag step synchronous Table throughput Xilinx

### Popular passages

Page 5 - Figure 3.7, each 4-input function generator is programmable as a 4-input LUT, 16 bits of distributed SelectRAM memory, or a 16-bit variable-tap shift register element. The...