Comparative Analysis of SEA and XTEA for Resource Constrained Embedded Systems Ruchita Jain a, Dr. K. G. Maradia b a

Transcription

1 Available online at International Journal of Innovative and Emerging Research in Engineering e-issn: p-issn: Comparative Analysis of SEA and XTEA for Resource Constrained Embedded Systems Ruchita Jain a, Dr. K. G. Maradia b a ME Scholar, Vishwakarma Government Engineering College, Chandkheda, Ahmedabad,Gujarat,India b Associate Professor, Government Engineering College, Modasa, Gujarat, India ABSTRACT: Embedded systems become integral part of our lives. They are used for various industrial automation purposes, service oriented applications like power, water distribution, healthcare and low cost systems like smart cards and PDA s. Embedded systems exchange data and information both locally and globally using networking and wireless communication, thus making them vulnerable to various kinds of active and passive attacks. In small embedded application like RFID, sensor network, smart card, etc. have very limited resources. It yields design criteria such as: low memory requirements, small code size, limited instruction set, etc. So, it s a challenge to implement cryptographic algorithm for the resource constrained environment. This paper deals with performance research of cryptographic techniques, i.e. Sacalable Encryption Algorithm (SEA) and Extended Tiny Encryption Algorithm (XTEA). The main goal of this paper is to find out an efficient and powerful cryptographic technique for embedded systems. These algorithms are implemented on low cost Spartan-3 FPGA family and investigated in the course of this paper. The main criteria of this investigation are speed, throughput, power, efficiency as well as area requirement. Keywords: Cryptography, SEA (Scalable Encryption Algorithm), XTEA (Extended Tiny Encryption Algorithm), Feistel structure, FPGA(Field Programmable Gate Array) I. INTRODUCTION With the advancements in technology, embedded systems have become an essential part of our everyday lives. These devices range from high-end ones such as servers, computers and laptops to more constrained ones like RFID tags, smart cards and wireless sensor nodes. These devices communicate with each other to exchange information. They are more susceptible to active and passive attacks. Various cryptographic algorithms are used to provide security to such systems. The usual cryptographic algorithm can t use for resource constrained system. Therefore, the objective is to find out the best optimum cryptographic algorithm for resource constrained system. The cryptographic algorithms are mainly divided into symmetric and asymmetric cryptography. Since asymmetric keys are bigger than symmetric keys, data that is encrypted asymmetrically is tougher to crack than data that is symmetrically encrypted. However, this does not mean that asymmetric keys are better. Rather than being compared by their size, these keys should compared by the following properties: computational burden and ease of distribution. Symmetric keys are smaller than asymmetric, so they require less computational burden. Hence, symmetric key algorithms are more preferred than asymmetric key algorithm for small embedded applications. We implement SEA and XTEA on FPGA as it is more efficient for implementation of cryptographic algorithms [1]. The reconfigurability of FPGA provides required flexibility. II. RELATED WORK F. X. Standaert et all. [2] introduce new algorithm SEA for resource constrained system(rfid, sensor network, etc.). It gives theoretical explanations and pseudo code for software implementation. F. Mace et all. [3] implement SEA on FPGA for the first time. For efficient implementation, loop architecture is proposed in this paper. It compares area and throughput for various input parameter. It also gives comparative survey of various cryptographic algorithms. The Tiny Encryption Algorithm (TEA) was introduced by David Wheeler and Roger Needham [4] in 94. Their main design goal was to produce a cipher that is simple, short and does not rely on large tables or pre-computations. After the publication of TEA, some minor weaknesses were found and original author developed new version of TEA called XTEA for extended TEA [5]. J.-P. Kaps [6] presents efficient implementations of XTEA on FPGAs and ASICs for ultra-low power applications such as RFID tags and wireless sensor nodes as well as fully pipelined designs for high speed applications. Krishna Kumari V, Sri Chakrapani Y and Kamaraju M [7] implements various prefix adders and compare it in terms of area and speed. 78

2 III. ALGORITHM OVERVIEW A. SEA Scalable Encryption Algorithm (SEA) is feistel based symmetric key algorithm. SEA n,b operates on various text, key, and has variable number of rounds. It is defined with following parameters: n plain text and key size; b processor(or word) size; n b = n 2b number of words per feistel branch; n r number of block cipher rounds. As an only constraint, it is required that n is a multiple of 6b (Because both the plain text are separated into 2 parts, and all the operation are done in 3 words). The minimum required number of rounds to provide security against known attacks would be n r = [3(n/4) + 2((n/2b )+ b/2)]. The value of nr must be always odd, if not 1 must be added to make it odd. BASIC OPERATIONS Due to its simplicity constraints, SEA n,b is based on a limited number of elementary operations (selected for their availability in any processing device) denoted as follows: 1) Bit wise XOR 2) Mod 2 b addition 3) A 3-bit substitution box S: = [0, 5, 6, 7, 4, 3, 1, 2] that can be applied bit wise to any set of 3-bit words for efficiency purposes. In addition, we use the following rotation operations: 4) Word rotation R, defined on n b-word vectors The word rotation is defined on n b-word vectors: n R:Z 2 2 : x y = R(x) y i+1 = x i, 0 i n b 2, y 0 = x nb 1 5) Bit rotation, b defined on n b-word vectors: The bit rotation is defined on n b-word vectors: n r : Z 2 2 : x y = r(x) y 3i= x 3i 1, y 3i+1 = x 3i+1, y 3i+2 = x 3i+2 1, 0 i n b/3 1, where, and represent the cyclic right and left shifts inside a word. LOOP IMPLEMENTATIONS OF SEA The structure of our loop architecture for SEA is depicted in Fig. 7.3, with the round function on the left part and the key schedule on the right part. Figure 1. Loop structure of SEA [2] 79

3 B. XTEA TEA uses only simple addition, XOR and shifts, and has a very small code size. This makes TEA an ideal candidate to provide data security services for wireless sensor network (WSN) nodes which have limited memory and computational power. The Extended Tiny Encryption Algorithm (XTEA) is a block cipher that uses a cryptographic key of 128 bits to encrypt or decrypt data in blocks of 64 bits. Each input block is split into two halves y and z which are then applied to a routine similar to a Feistel network for N rounds where N is typically 32. Most Feistel networks apply the result of a mixing function to one half of the data using XOR as a reversible function. For the same purpose, XTEA uses integer addition during encryption and subtraction during decryption. For encryption, z is applied to the left side, y to the right side, and all adder/subtracters are in addition mode. For decryption, the opposite is applied. The permutation function is shown as f and the subkey generation as Keygen. Figure 2. Top level block diagram of XTEA [6] One round of xtea computes a new value for y and z. Therefore, we can view the computation of one value as a halfround. A new value for sum is computed between the first and the second halfround. It is incremented by a constant during encryption and decremented during decryption. IV. PROPOSED WORK As the main application is for small embedded application, area is the most important criteria. In SEA, the resource consuming operation is modulo 2b addition and S-box. Other operation can simply obtained by swapping wires. So, to reduce area, ripple carry adder is implemented in loop architecture to perform modulo operation. Instead of doing addition of n bits, only addition of b bit is performed as it is modulo 2b. This reduces area significantly. As adder and subtractor is most important part of XTEA algorithm, ripple carry adder and Kogge-stone adder is implemented on Spartan 3E with speed grade of -5. Table 1. Comparison between various adders no. of slices no. of LUTs Latency(ns) Ripple carry adder Kogge-stone adder From the comparison, we can conclude that kogge-stone adder is more efficient in terms of speed. But for small embedded application, area is first priority. So, ripple carry adder is used as basic building block for adder/subtractor as it has minimum area. V. IMPLEMENTATION RESULTS The above algorithms are implemented on Xilinx Spartan-3 (Family), XCS500 (Device), FG320 (Package), -5(speed Grade) FPGA Device in hardware description language VHDL. A. SEA The implementation results for various plain text sizes and processor size is shown in table 1. From the table 1, it can be seen that throughput and power consumption remains almost constant for various n and b. As b increases, operating frequency remains almost constant. So, b is not limiting factor for operating frequency. These observations lead to the 80

4 empirical conclusion that as long as the b parameter is not a limiting factor for the work frequency, increasing the word size leads to the most efficient implementations for both area and throughput reasons. n b n r No. of slices Table 2. Implementation results for SEA with different n and b parameters No. of Latency Frequency Throughput FF (ns) (MHz) (Mbps) Efficiency (Mbps/area) Power (mw) The implementation results are compared with implementation results of [3]. The result is shown in table 3.From the comparison, it can be said that for small processor size, the proposed implementation is more area efficient. In [3], the algorithm is implemented on xc4vlx25 VIRTEX-4 platform with speed grade -12. Table 3. Comparison with other implementation no. of slices no. of FF SEA 48,4[3] SEA 48, SEA 72,4[3] SEA 72, SEA 72,8[3] SEA 72, SEA 96,4[3] SEA 96, SEA 96,8[3] SEA 96, B. XTEA The implementation result of XTEA is shown in table 4. Table 4. Performance parameter of XTEA Parameters No. of slices 332 No. of FF 450 Results Latency (ns) Frequency (MHz) Throughput (Mbps) 79.7 Efficiency (Mbps/slices) Power (mw) 110 The comparison between SEA and XTEA is shown in table. The area requirement is less for SEA. The throughput and hardware efficiency is also high for SEA compared to XTEA. The power consumption is slightly higher than XTEA due to higher operating frequency of SEA. 81

5 No. slices of Latency (ns) Table 5. Comparison between SEA and TEA Frequency Throughput Efficiency (MHz) (Mbps) (Mbps/slice) Power (mw) SEA 72, XTEA VI. CONCLUSIONS This paper presents the FPGA implementation of SEA and XTEA. It executes one round per one clock cycle. The SEA is implemented for various plain text and processor size n and b, respectively. The proposed structure of SEA is well suited for small processor size b. Form the comparison between SEA and XTEA, it can be concluded that SEA is more efficient algorithm in terms of area requirement, speed, throughput and hardware efficiency compared to XTEA. So, SEA can be considered as efficient alternative for resource constrained system. REFERENCES [1] K. Jarvinen, M. Tommiska, and J. Skytta, Comparative survey of high-performance cryptographic algorithm implementations on FPGAs, IEE Proc. Inf. Security, vol. 152, pp. 3 12, Oct [2] F.-X. Standaert, G. Piret, N. Gershenfeld, and J.-J.Quisquater, Sea: A scalable encryption algorithm for small embedded applications, in Proc. CARDIS, 2006, pp [3] F. Mace, F. -X. Standaert, and J.-J Quisquater FPGA implementation(s) of a Scalable Encryption Algorithm, in IEEE Transaction on very large scale integration (VLSI) systems,vol.16, NO. 2, FEBRUARY [4] Wheeler, D., Needham, R.: TEA, a tiny encryption algorithm, Technical report, Cambridge University, England (Nov 1994). [5] Wheeler, D., Needham, R.: TEA extensions. Technical report,cambridge University, England (Oct 1997). [6] J.-P. Kaps, "Chai-Tea, Cryptographic Hardware Implemenations of xtea", The 9th International Conference on Cryptology in India - INDOCRYPT 2008, LNCS 5356, pp , [7] Krishna Kumari V, Sri Chakrapani Y and Kamaraju M, Design and Characterization of Koggestone, Sparse Koggestone, Spanning Tree and Brentkung Adders, International Journalof Scientific & Engineering Research, Vol. 4, No. 10, pp , ISSN , [8] B. Schneier, Applied Cryptography John Wiley & Sons Inc., New York, New York, USA, 2nd edition, [9] Xilinx Inc., Spartan-3 FPGA Family Data Sheet, DS099, December 4, 2009, available at 82