560 likes | 939 Views
By: Shay Amosi & Jasmin Amitai Advisor: Mony Orbach Spring 2013. Encryption/Decryption system Final Presentation Project A. Contents. Project Description Implementation Problems and Solutions Verification Simulation Synthesis Results Performance Conclusion Project B.
E N D
By: Shay Amosi & JasminAmitai Advisor: MonyOrbach Spring 2013 Encryption/Decryption systemFinal PresentationProject A
Contents • Project Description • Implementation • Problems and Solutions • Verification • Simulation • Synthesis Results • Performance • Conclusion • Project B
Our project • Our project goal is to create a hardware system that encrypts the data quickly and efficiently using the Twofish algorithm. • In this project we are creating a core that will serve us in project B.
Twofish • The Twofish is a symmetric key 128-bit Block Feistel network. • Twofish can work with variable key length from 128 to 256 bits. • Twofishexhibits fast and versatile performance across most platforms. • The Twofish structure offers a great deal of flexibility in terms of space versus speed tradeoffs.
TOP LEVEL encrypted / decrypted data ‘0’-encrypt ‘1’-decrypt Indication that the data is ready ‘1’-start generating the sub keys
Key schedule rs S0,S1 K0-40
F Function MDS
Pipeline implementation We chose pipeline implementation in order to get high performance. The problem The twofish algorithm contains dependency between the stages Which prevents us from implementing the algorithm As a Standard pipeline.
1st round C D A F B E F
2nd round C D A F B E F
Solution Our solution In Order to solve this problem we Changed the Implementation, by adding a shift register that will save and carry on the Essential data in every stage.
The solution C Shift register D A F B shift register F
Verification Plan To verify and ensure that TWOFISH meets its design specifications and work under real conditions, the following test phases are applied: • Pre syntheses simulation • Gate level simulation • Verification ENV using checkers
Verification Plan – Test vectors Before we run our scenarios we must have a good and reliable database of test vectors. From Bruce’s website- (https://www.schneier.com/twofish.html)
Pre syntheses simulation TESTING ENCRYPTION TWOFISH KEY : 019F9809DE1711858FAAC3A3BA20FBC3 DECIPHERED BLOCK IN : 6363977DE839486297E661C6C9D668EB CIPHERED BLOCK OUT : 816D5BD0FAE35342BF2A7412C246F752 Performed in ModelSim SE-64 10.2a
Pre syntheses simulation TESTING DECRYPTION TWOFISH KEY : 019F9809DE1711858FAAC3A3BA20FBC3 CIPHERED BLOCK IN : 816D5BD0FAE35342BF2A7412C246F752 DECIPHERED BLOCK OUT : 6363977DE839486297E661C6C9D668EB Performed in ModelSim SE-64 10.2a
Pre syntheses simulation TESTING ENCRYPTION & DECRYPTION WITH MULTIPLE KEYS ENV: DUT + ALTERNATING KEYS CHECKER Verification env DUT dbg_error Key-Swap Checker
Pre syntheses simulation TESTING ENCRYPTION & DECRYPTION WITH MULTIPLE KEYS ENV: DUT + ALTERNATING KEYS CHECKER (48 keys)
Pre syntheses simulation - results TESTING ENCRYPTION & DECRYPTION WITH MULTIPLE KEYS ENV: DUT + ALTERNATING KEYS CHECKER (48 keys)
Pre syntheses simulation TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries) Verification env DUT dbg_error Stress Checker
Pre syntheses simulation TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries)
Pre syntheses simulation - restuls TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries)
Gate level simulation - results TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries) ENV CONDITION: CLK = 150Mhz
Gate level simulation - results TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries) ENV CONDITION: CLK = 150Mhz
Gate level simulation - results TESTING FULL PIPE ENCRYPTION WITH A SINGLE KEY ENV: DUT + FULL PIPE CHECKER (105 entries) ENV CONDITION: CLK = 150Mhz
Performance Our design consist of a 16 Twofish-round elements, each round is a pipe at a constant depth. We managed to get the optimal pipeline depth of 6-steps, beyond that we could not lower the critical pathways and only increased the use of resources.
PerformanceThroughput & Latency The maximum frequency achieved: 151.86Mhz Startup Clocks = 33 Latency Clocks = 98 Throughput = 19328 [Mbits/s] (on Core 2 duo 2.0 GHz only 1528Mbits/s )
PerformanceA little bit of statistics During Twofish ’s latency the pipe contains: 98 cycles * 128bits = 1568Bytes=1.7KBytes So in most cases, a typical request of encryption or decryption will have a larger size than Twofish ’s max volume,therefore, the latency is almost insignificantcompared to the throughput.
PerformanceHardware Tradoffs • In order to meet cyclone II FPGA size constraints we chose to implement our Key Scheduling engine iteratively, since this process takes place only on the beginning this will not harm Twofish ’s real-time performance. • At first we started from a Twofish-round pipeline with a depth of 2. Following attempts to raise the max frequency we used Quartus to search for “worst-case timing paths” than redesigned these critical paths and gradually managed to increase the pipe’s depth to 6 at the expense of more resource usage. • Attempt to separate clocks (CLK& SCHED_CLK) to increase Fmax(CLK) for better real-time performance.
PerformanceDealing with bugs Gate Level Simulation: We experienced many problems with gate level simulation. After reading on the subject and several attempts to run gate level simulation with different FPGA devices we were able to solve the problem by adding a syncing ALTERA FIFO on Twofish ’s entrance, and only then created the necessary EDA netlist for timing simulation in Modelsim.
Conclusions The top goal of our project was high performance, we were able to achieve this by a delicate balance between the constraints we faced. We purposely chose a device with a relatively low performance so we can expect better results as we move to more advanced FPGA devices (Project B). Tradeoffs managing is dynamic and not always can be deduced at the design stage but only after synthesis.
Summary • In this project we expanded our knowledge and improved our skills in Vhdl, Modelsim and Quartus. • We learned the importance of planning ahead before starting to write the code, and the benefit of thinking about the problems that might appear. • we are excited to start working on project B • Acknowledgments: the Authors would like to thank Mr.MonyOrbachfor his assistance in the project.
Project B On our second project we will plan a system which interfaces with Ethernet Networks using a UDP protocol. This system will combine TWOFISH as a core to encrypt and decrypt data from and to the network.