Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf ·...
Transcript of Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf ·...
![Page 1: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/1.jpg)
Introduction to Lightweight Symmetric Cryptosystem
Rajat Sadhukhan
IoTSec Workshop (24th-26th October’16) ,
SEAL lab, IIT Kharagpur
![Page 2: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/2.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 2
![Page 3: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/3.jpg)
• Upcoming Information Technology and Computing landscape• Number of users to device mapping (past- n:1, present- 1:1, future- 1:n)
• Mass production of pervasive devices with ASIC/FPGA
• Extremely constrained resources• Battery
• Memory
• Computation power
• Standard Algorithms cannot be used• Expensive for very small devices
• Good trade-off among area, throughput and resistance against attacks
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 3
![Page 4: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/4.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 4
![Page 5: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/5.jpg)
• Investigate lightweight design strategies to achieve:• Gate Equivalent/LUT efficiency (mainly considering hardware)
• Simplicity
• Security
• Suitability for both ASIC as well as FPGA
• Less clock cycle requirement for encryption
• Area and area-time metric should be considered for design
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 5
![Page 6: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/6.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 6
![Page 7: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/7.jpg)
• Design strategies followed for designing block ciphers
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 7
![Page 8: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/8.jpg)
• Key scheduling also requires significant amount of LUTs
• n (block) + k (key) bit registers and n + k number of 2 : 1 mux is also required for the feedback of message and keys of the previous round. So n+k Flip-Flops and n+k LUTs are required
• Total number of LUTs required is at least 3 *n + k and register is at least n + k
• So from above observation, number of slices can be reduced if we can decrease the LUT requirements by utilizing some more Flip-Flops
• Follow balancing LUTs and FF strategy where we choose a new design for which number of LUTs reduces, number of Flip-Flops increases and the ratio (RLUT=FF ) is close to 1.
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 8
![Page 9: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/9.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 9
![Page 10: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/10.jpg)
• Architectural features• Data Processing
• 64-bit data block, 80-bit key size, 18 rounds, 32-bit round key size
• Feistel structure in our design to reduce the number of S-boxes but without using any extra diffusion layer
• As the F-function is computed in rounds, the intermediate values are stored in some registers, thereby improving flip flop implementation rather than wastage
• The Fiestel structure consist of two parts: Fiestel permutation and F-function. F-function in turn again consist of 6 rounds of recursive Fiestel function
• Key Scheduling part• shift-register base key-schedule, which require less number of LUTs and more FFs
• In data processing part, Khudra require more LUTs compared to FFs, so the planned key-schedule will improve the overall RLUT=FF ratio
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 10
![Page 11: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/11.jpg)
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 11
![Page 12: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/12.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 12
![Page 13: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/13.jpg)
• FPGA implementation
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 13
![Page 14: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/14.jpg)
• ASIC implementation
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 14
![Page 15: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/15.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 15
![Page 16: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/16.jpg)
• Comparison of Khudra with other block cipher FPGA design
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 16
![Page 17: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/17.jpg)
• Comparison of Khudra with other block cipher ASIC design
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 17
![Page 18: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/18.jpg)
• Motivation
• Objective
• Design Strategy
• Case Study: Khudra
• ASIC and FPGA implementation of Khudra
• Results
• Future Works
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 18
![Page 19: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/19.jpg)
• Extend Khudra to 128 –bit key size and explore performance and security features with extension
• Analyze the resistance of Khudra against side channel attacks and frame strategies to make cipher design resistant against SCA
• Performing various types of cryptoanalysis techniques to raise the security bar of the block cipher with no compromise on its lightweightedness
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 19
![Page 20: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/20.jpg)
References
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 20
![Page 21: Introduction to Lightweight Symmetric Cryptosystemcse.iitkgp.ac.in/conf/IoT/iotsec_rajat.pdf · •Analyze the resistance of Khudra against side channel attacks and frame strategies](https://reader033.fdocuments.in/reader033/viewer/2022061000/60afab5b206ab21b040157f8/html5/thumbnails/21.jpg)
Thankyou !!
IoTSec Workshop (24th-26th October’16), IIT Kharagpur 21