Cryptography & Network-Security: Implementations in Hardware

Kris Gaj joined ECE GMU in Fall 1998 Cryptography & Network-Security: Implementations in Hardware http://ece.gmu.edu/crypto-text.htm

6 Ph.D. Students Pawel Chodowiec Charikleia Zouridaki Chang Shu Sashisu Bajracharya Nghi Nguyen Deapesh Misra

Paul Kohlbrenner 22 conference papers 7 defended MS Theses 4 MS Theses in progress Tim Grembowski Roar Lien Ashraf AbuSharekh

Life of encryption standards American standards 1980 1990 2000 2010 2020 2030 1977 1999 2001 DES 56 bit key Triple DES AES-contest 1998 112, 168 bit keys AES 128, 192, and 256 bit keys DES 56 bit key AES min. 128 bit key 2 72 10 22 more keys to try

Deep Crack DES Breaker Electronic Frontier Foundation, 1998 Total cost: $220,000 Average time of search: 4.5 days/key 1800 ASIC chips

First Project at GMU: Advanced Encryption Standard (AES) Contest June 1998 15 Candidates from USA, Canada, Belgium, France, Germany, Norway, UK, Isreal, Korea, Japan, Australia, Costa Rica August 1999 5 final candidates Mars, RC6, Rijndael, Serpent, Twofish Round 1 Security Software efficiency Round 2 Security Hardware efficiency October 2000 1 winner: Rijndael Belgium

Two primary ways of implementing cryptography in hardware ASIC Application Specific Integrated Circuit designed all the way from behavioral description to physical layout designs must be sent for expensive and time consuming fabrication in semiconductor foundry FPGA Field Programmable Gate Array no physical layout design; design ends with a bitstream used to configure a device bought off the shelf and reconfigured by designers themselves

FPGA components Configurable Logic Blocks Block RAMs Block RAMs I/O Blocks Block RAMs Major vendors: Xilinx, Inc. and Altera Corp.

Implementations of AES candidates using Xilinx FPGA, Virtex 1000 Speed [Mbit/s] 500 431 450 400 350 300 250 200 150 100 50 0 Serpent I8 444 414 353 294 177 173 Our results University of Southern California Worcester Polytechnic Institute 104 149 Rijndael Twofish Serpent RC6 Mars I1 62 143 112 88 61 102

Survey filled by 167 participants of the Third AES Conference, AES3, April 2000 # votes 100 90 80 70 60 50 40 30 20 10 0 Rijndael Serpent Twofish RC6 Mars

Speed of the final AES candidates in hardware Speed [Mbit/s] 500 450 400 350 300 250 200 150 100 50 0 K.Gaj, P. Chodowiec, AES3, April, 2000 Serpent Rijndael Twofish RC6 Mars

Outcome of our research Software Efficiency Security Flexibility Hardware Efficiency Demonstrated the importance of hardware efficiency in the evaluation of cryptographic algorithms Influenced the choice of a new standard to be used worldwide for the next 50-60 years

GMU Hardware Cryptographic Cores developed together with the graduate students: Pawel Chodowiec, Roar Lien, and Tim Grembowski, 1999-2003 commercialized by the GMU Office of Intellectual Property and Technology Transfer led by Jennifer Murphy Encryption AES Triple DES Twofish Serpent RC6 Mars Hash Functions SHA-1 SHA-512

1 Gbit/s Reconfigurable Hardware Accelerator for Virtual Private Networks, 2001-2002 Host".!.!.!.! Security gateway Internet" Security gateway Host".!.!.!.! Host" Cryptographic accelerators Host" in collaboration with the University of Southern California - Information Sciences Institute (USC ISI), Arlington, VA sponsored by DARPA

FPGA Accelerator Board - SLAAC-1V developed under DARPA-funded project Systems-Level Applications of Adaptive Computing (SLAAC)

Reconfigurable Computers from SRC Computers, Inc. and Star Bridge Systems, Inc. SRC-6E Star Bridge HC-36

Reconfigurable Computers Basic Architecture µp Board µp Board Xeon µp Xeon µp FPGA Processor Board Xeon µp Xeon µp L2 L2 MAP Board L2 L2 MIOC Control Chip (6x) Control Chip (6x) MIOC PCI Slot Private Memory S N A P On-Board Memory (24 MB) On-Board Memory (24 MB) S N A P Private Memory PCI Slot (6x) (6x) User Chip User Chip User Chip User Chip 4 x Xilinx Virtex II 6000

NSA-sponsored project Libraries for reconfigurable computers, 2002- SRC Computers Star Bridge Systems Tarek El-Ghazawi, GWU, Washington, DC Duncan Buell, USC Columbia, SC Douglas Fouts, NPS Monterey, CA

Benchmarks for the SRC Reconfigurable Computer 1000+ speed-up vs. Pentium 4 for Elliptic Curve Cryptography & Secret-Key Cipher Breaking

Next big project: Factoring of large numbers = evaluating security of the RSA public key cryptosystem Given N = P Q find separately P and Q High Potential GRAs sponsored by the GMU Provost Office Sashisu Bajracharya Deapesh Misra

Public Key Cryptosystems Public key of Bob - K B Private key of Bob - k The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then B insert it again. Network Alice Encryption Decryption Bob

Keys in the RSA public key cryptosystem PUBLIC KEY PRIVATE KEY { e, N } { d, P, Q } N = P Q P, Q - large prime numbers e d 1 mod ((P-1)(Q-1))

FPGA & Crypto: Is Marriage in the Cards?

Cryptographic architectures embedded in reconfigurable devices workshop - CryptArchi 2004 Abbey La Bussiére near Dijon, France June 16 18th 2004 Viktor Fischer Université de Saint-Etienne France Local organization Kris Gaj George Mason University USA Program Chair

Field Trips CHES 2002, San Francisco Macquarie University, Sydney, Australia, 2002 ISC 2002, Rio de Janeiro, Brazil FPT 2003, Tokyo, Japan, 2003

Looking forward to the next 20 years in the ECE Department at GMU!