Study and implementation of DES on FPGA
-
Upload
venkata-kishore -
Category
Documents
-
view
234 -
download
0
Transcript of Study and implementation of DES on FPGA
1
DEPARTMENT OF ELECTRONICS AND COMMUNICATION
ENGINEERING
UNIVERSITY COLLEGE OF ENGINEERING (Autonomous)
OSMAINA UNIVERSITY, HYDERABAD-500007
CERTIFICATE
This is to certify that the project entitled “Study and implementation of DES (Data
Encryption Standard) Algorithm on FPGA Is the work Carried by the following Students:
S. Rajesh 0109448
P. Sri Harsha 0109460
K. Venkata Kishore 0109468
S Sravani 0108441
As Partial fulfilment for the requirement to award the Degree of BACHELOR OF
ENGINEERING with specialization in ELECTRONICS AND COMMUNICATION
ENGINEERING at University College of Engineering, Hyderabad. Under the guidance and
Supervision of Prof. R. Hemalatha, Department of Electronics and Communication
Engineering During the Academic Year 2011-2012
The Contents embodied in this report have not been and will not be submitted to any
other institute for the award of any other Degree/Diploma.
Project Guide: Head Of the Department:
Prof R. Hemalatha Dr. P. Chandra Sekhar
2
STUDY AND IMPLEMENTATION OF DES (Data Encryption
Standard) ALGORITHM ON FPGA
A Dissertation Work
Submitted in the patrial fulfilment of the requirement for the award of
BACHELOR OF ENGINEERING
IN
ELECTRONICS AND COMMUNICATION ENGINEERING
Submitted by:
S. Rajesh 0109448
P. Sri Harsha 0109460
K. Venkata Kishore 0109468
S Sravani 0108441
UNDER THE GUIDENCE OF
R. HEMALATHA
Associate Professor
DEPARTMENT OF ELECTRONICS AND COMMUNICATION
ENGINEERING
UNIVERSITY COLLEGE OF ENGINEERING (Autonomous)
OSMANIA UNVIVERSITY, HYDERABAD-500007
3
ACKNOWLEDGEMENT
We would like to express our sincere thanks and deep sense of gratitude to our Project Guide
R. HEMALATHA. Associate Professor, Department of Electronics and Communication
Engineering for her Excellent Guidance throughout our Project work. Her valuable
Suggestions and Timely Guidance has enabled us to complete this work.
We are grateful to acknowledge our Associate Professor P. CHANDRA SEKHAR, Head of
the Department, Electronics and Communication Engineering for creating Excellent
academic climate which inspired us and made our Project Complete.
At the outset, We thank all our Teachers, Classmates and Friends who have supported us in
many ways.
We are grateful to our Parents for their Unrelenting Efforts in bringing us to acquire Bachelor
of Engineering.
S. Rajesh
P. Sri Harsha
K. Venkata Kishore
S. Sravani
4
UNIVERSITY COLLEGE OF ENGINEERING
DEPARTMENT OF ELECTRONICS AND COMMUNICATION ENGINEERING
TOPIC: Implementation of DES( Data Encryption Standard ) Algorithm on
FPGA.
Abstract: Nowadays Secure data transmission has become a prime importance for various organizations. Pertaining to this many encryption algorithms were introduced and standardized since past few decades. This project includes the study of the DES algorithm and later implementation of the algorithm on FPGA. The Data Encryption Standard (DES), is the name of the Federal Information Processing Standard (FIPS) 46-3, which describes the data encryption algorithm (DEA). The DES has a 64-bit block size and uses a 56-bit key during execution. DES is a symmetric cryptosystem, specifically a 16-round Feistel cipher. When used for communication, both sender and receiver must know the same secret key, which can be used to encrypt and decrypt the message, or to generate and verify a Message Authentication Code (MAC).
.
5
CONTENTS
(i) Introduction to Cryptography
(ii) Cryptography Goals
(iii) Basic Terminology and Concepts
(iv) Data Encryption Standards (DES)
(v) Understanding the Algorithm
(vi) Encoding
(vii) Decoding
(viii) Results
(ix) References
6
Introduction to Cryptography:
Cryptography has a long and fascinating history. Cryptography was used as a
tool to protect national secrets and strategies. The proliferation of computers
and communications systems in the 1960s brought with it a demand from the
private sector for means to protect information in digital form and to provide
security services. Beginning with the work of Feistel at IBM in the early 1970s
and culminating in 1977 with the adoption as a U.S. Federal Information
Processing Standard for encrypting unclassified information, DES, the Data
Encryption Standard, is the most well-known cryptographic mechanism in
history. It remains the standard means for securing electronic commerce for
many financial institutions around the world.
The most striking development in the history of cryptography came in 1976
when Diffie and Hellman published New Directions in Cryptography. This
paper introduced the revolutionary concept of public-key cryptography and also
provided a new and ingenious method for key exchange, the security of which is
based on the intractability of the discrete logarithm problem. Although the
authors had no practical realization of a public-key encryption scheme at the
time, the idea was clear and it generated extensive interest and activity in the
cryptographic community. In 1978 Rivest, Shamir, and Adleman discovered the
first practical public-key encryption and signature scheme, now referred to as
RSA. The RSA scheme is based on another hard mathematical problem, the
intractability of factoring large integers. This application of a hard mathematical
problem to cryptography revitalized efforts to find more efficient methods to
factor. The 1980s saw major advances in this area but none which rendered the
RSA system insecure. Another class of powerful and practical public-key
schemes was found by ElGamal in 1985. These are also based on the discrete
logarithm problem.
One of the most significant contributions provided by public-key cryptography
is the digital signature. In 1991 the first international standard for digital
signatures (ISO/IEC 9796) was adopted. It is based on the RSA public-key
scheme. In 1994 the U.S. Government adopted the Digital Signature Standard, a
mechanism based on the ElGamal publickey scheme. The search for new
public-key schemes, improvements to existing cryptographic mechanisms,
7
and proofs of security continues at a rapid pace. Various standards and
infrastructures involving cryptography are being put in place. Security products
are being developed to address the security needs of an information intensive
society.
CRYPTOGRAPHY:
Definition: Cryptography is the study of mathematical techniques related to
aspects of information security such as confidentiality, data integrity, entity
authentication and data origin authentication. Cryptography is not the only
means of providing information security, but rather one set of techniques.
Cryptographic goals:
Confidentiality, data integrity, authentication, and non-repudiation.
1. Confidentiality is a service used to keep the content of information from all
but those authorized to have it. Secrecy is a term synonymous with
confidentiality and privacy. There are numerous approaches to providing
confidentiality, ranging from physical protection to mathematical algorithms
which render data unintelligible.
2. Data integrity is a service which addresses the unauthorized alteration of
data. To assure data integrity, one must have the ability to detect data
manipulation by unauthorized parties. Data manipulation includes such things
as insertion, deletion, and substitution.
3. Authentication is a service related to identification. This function applies to
both entities and information itself. Two parties entering into a communication
should identify each other. Information delivered over a channel should be
authenticated as to origin, date of origin, data content, time sent, etc. For these
reasons this aspect of cryptography is usually subdivided into two major
classes: entity authentication and data origin authentication. Data origin
authentication implicitly provides data integrity (for if a message is modified,
the source has changed).
4. Non-repudiation is a service which prevents an entity from denying previous
commitments or actions. When disputes arise due to an entity denying that
certain actions were taken, a means to resolve the situation is necessary. For
8
example, one entity may authorize the purchase of property by another entity
and later deny such authorization was granted. A procedure involving a trusted
third party is needed to resolve
the dispute.
….A fundamental goal of cryptography is to adequately address these four areas
in both theory and practice. Cryptography is about the prevention and detection
of cheating and other malicious activities.
Basic terminology and concepts
The scientific study of any discipline must be built upon rigorous definitions
arising from fundamental concepts. What follows is a list of terms and basic
concepts used in cryptographic analysis. Where appropriate, rigor has been
sacrificed for the sake of clarity.
Cryptography Notations
• Cryptanalysis is the study of mathematical techniques for attempting to
defeat cryptographic techniques, and, more generally, information security
services.
• A cryptanalyst is someone who engages in cryptanalysis.
• Cryptology is the study of cryptography and cryptanalysis.
• A cryptosystem is a general term referring to a set of cryptographic primitives
used to provide information security services. Most often the term is used in
conjunction with primitives providing confidentiality, i.e., encryption.
Cryptographic techniques are typically divided into two generic types:
(i) Symmetric-key
(ii) Public-key.
9
Symmetric-key cryptography
Symmetric-key cryptography refers to encryption methods in which both the
sender and receiver share the same key (or, less commonly, in which their keys
are different, but related in an easily computable way). This was the only kind
of encryption publicly known until June 1976.
Symmetric key ciphers are implemented as either block ciphers or stream
ciphers. A block cipher enciphers input in blocks of plaintext as opposed to
individual characters, the input form used by a stream cipher.
The Data Encryption Standard (DES) and the Advanced Encryption
Standard (AES) are block cipher designs which have been
designated cryptography standards by the US government (though DES's
designation was finally withdrawn after the AES was adopted). Despite its
deprecation as an official standard, DES (especially its still-approved and much
more secure triple-DES variant) remains quite popular; it is used across a wide
range of applications, from ATM encryption to e-mail privacy and secure
remote access. Many other block ciphers have been designed and released, with
considerable variation in quality. Many have been thoroughly broken, such
as FEAL.
Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream
of key material, which is combined with the plaintext bit-by-bit or character-by-
character, somewhat like the one-time pad. In a stream cipher, the output stream
is created based on a hidden internal state which changes as the cipher operates.
That internal state is initially set up using the secret key material. RC4 is a
widely used stream cipher. Block ciphers can be used as stream ciphers.
Cryptographic hash functions are a third type of cryptographic algorithm. They
take a message of any length as input, and output a short, fixed
length hash which can be used in (for example) a digital signature. For good
hash functions, an attacker cannot find two messages that produce the same
hash. MD4 is a long-used hash function which is now broken; MD5, a
strengthened variant of MD4, is also widely used but broken in practice. The
U.S. National Security Agency developed the Secure Hash Algorithm series of
MD5-like hash functions: SHA-0 was a flawed algorithm that the agency
withdrew; SHA-1 is widely deployed and more secure than MD5, but
10
cryptanalysts have identified attacks against it; the SHA-2 family improves on
SHA-1, but it isn't yet widely deployed, and the U.S. standards authority
thought it "prudent" from a security perspective to develop a new standard to
"significantly improve the robustness of NIST's overall hash algorithm
toolkit." Thus, a hash function design competition is underway and meant to
select a new U.S. national standard, to be called SHA-3, by 2012.
Message authentication codes (MACs) are much like cryptographic hash
functions, except that a secret key can be used to authenticate the hash
value upon receipt.
Public-key cryptography
Symmetric-key cryptosystems use the same key for encryption and decryption
of a message, though a message or group of messages may have a different key
than others. A significant disadvantage of symmetric ciphers is the key
management necessary to use them securely. Each distinct pair of
communicating parties must, ideally, share a different key, and perhaps each
cipher text exchanged as well. The number of keys required increases as
the square of the number of network members, which very quickly requires
complex key management schemes to keep them all straight and secret. The
difficulty of securely establishing a secret key between two communicating
parties, when a secure channel does not already exist between them, also
presents a chicken-and-egg problem which is a considerable practical obstacle
for cryptography users in the real world.
Public key cryptography in which two different but mathematically related keys
are used a public key and a private key. A public key system is so constructed
that calculation of one key (the 'private key') is computationally infeasible from
the other (the 'public key'), even though they are necessarily related. Instead,
both keys are generated secretly, as an interrelated pair.
In public-key cryptosystems, the public key may be freely distributed, while its
paired private key must remain secret. The public key is typically used for
encryption, while the private or secret key is used for decryption. In addition to
encryption, public-key cryptography can be used to implement digital
signature schemes. A digital signature is reminiscent of an ordinary signature;
they both have the characteristic that they are easy for a user to produce, but
difficult for anyone else to forge. Digital signatures can also be permanently
tied to the content of the message being signed; they cannot then be 'moved'
from one document to another, for any attempt will be detectable. In digital
11
signature schemes, there are two algorithms: one for signing, in which a secret
key is used to process the message (or a hash of the message, or both), and one
for verification, in which the matching public key is used with the message to
check the validity of the signature. RSA and DSA are two of the most popular
digital signature schemes. Digital signatures are central to the operation
of public key infrastructures and many network security schemes
(e.g., SSL/TLS, many VPNs, etc.).
Public-key algorithms are most often based on the computational complexity of
"hard" problems, often from number theory. For example, the hardness of RSA
is related to the integer factorization problem, while Diffie–Hellman and DSA
are related to the discrete logarithm problem. More recently, elliptic curve
cryptography has developed in which security is based on number theoretic
problems involving elliptic curves. Because of the difficulty of the underlying
problems, most public-key algorithms involve operations such as modular
multiplication and exponentiation, which are much more computationally
expensive than the techniques used in most block ciphers, especially with
typical key sizes. As a result, public-key cryptosystems are commonly hybrid
cryptosystems, in which a fast high-quality symmetric-key encryption algorithm
is used for the message itself, while the relevant symmetric key is sent with the
message, but encrypted using a public-key algorithm. Similarly, hybrid
signature schemes are often used, in which a cryptographic hash function is
computed, and only the resulting hash is digitally signed.
Block Cypher:
In cryptography, a block cipher is a symmetric key cipher operating on fixed-
length groups of bits, called blocks, with an unvarying transformation. A block
cipher encryption algorithm might take (for example) a 128-bit block
of plaintext as input, and output a corresponding 128-bit block of ciphertext.
The exact transformation is controlled using a second input — the secret key.
Decryption is similar: the decryption algorithm takes, in this example, a 128-bit
block of ciphertext together with the secret key, and yields the original 128-bit
block of plain text.
A message longer than the block size (128 bits in the above example) can still
be encrypted with a block cipher by breaking the message into blocks and
encrypting each block individually. However, in this method all blocks are
encrypted with the same key, which degrades security (because each repetition
in the plaintext becomes a repetition in the ciphertext).
Stream Cypher:
In cryptography, a stream cipher is a symmetric key cipher where plaintext
digits are combined with a pseudorandom cipher digit stream (key stream). In a
stream cipher the plaintext digits are encrypted one at a time, and the
12
transformation of successive digits varies during the encryption. An alternative
name is a state cipher, as the encryption of each digit is dependent on the
current state. In practice, a digit is typically a bit and the combining operation
an exclusive-or (xor).
Stream ciphers represent a different approach to symmetric encryption
from block ciphers. Block ciphers operate on large blocks of digits with a fixed,
unvarying transformation. This distinction is not always clear-cut: in
some modes of operation, a block cipher primitive is used in such a way that it
acts effectively as a stream cipher. Stream ciphers typically execute at a higher
speed than block ciphers and have lower hardware complexity. However,
stream ciphers can be susceptible to serious security problems if used
incorrectly
13
DATA ENCRYPTION STANDARD
The Data Encryption Standard (DES) is a block cipher that uses shared
secret encryption. It was selected by the National Bureau of Standards as an
official Federal Information Processing Standard (FIPS) for the United States in
1976 and which has subsequently enjoyed widespread use internationally. It is
based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was
initially controversial because of classified design elements, a relatively
short key length, and suspicions about a National Security
Agency (NSA) backdoor. DES consequently came under intense academic
scrutiny which motivated the modern understanding of block ciphers and
their cryptanalysis.
DES is a block cipher, which means that during the encryption process, the
plaintext is broken into fixed length blocks and each block is encrypted at the
same time. One block is 64 bits and the key is 64 bits wide (but only 56 bits are
used).
So we can in a more formally manner describe the algorithm like this:
· P = C = {0, 1, 2… (2^64)-1}
· K = {0, 1, 2… (2^56)-1}
· each xi has 64 bits
· each ki has 56 bits
This description is not complete without the encryption function (ek) and the
decryption function (dk).
The principle of DES encryption is made of an initial permutation, followed by
16 rounds and ended by a final permutation, as we can see in the next figure:
14
Here is a more detailed version of this illustration:
The above figure is called the Feistel network. We can see the key-scheduling
part at the right which is responsible to give a new 48 bits sub key for each
round. Inside each round, the right part of the data is simply swapped while the
left part is xored with the result of the f-function applied to the left part.
15
Now take a closer look at the core of the DES algorithm: the f-function.
f-function
As we can see, the data coming to the f-function goes first through an expansion
block and is then xored with the sub key. After that, the data arrives at the S-
boxes, which are look-up tables. The next step is a simple permutation and
finally, the resulting data is xored with the left part.
16
At this moment, we must find out how the key-scheduling achieves to build the
subkeys.
We saw before that the key is initially 64 bits wide. But in the algorithm, only
56 bits are really used. So we can notice in the above figure that the component
PC-1 removes these 8 bits to have the correct size. PC-1 also permutes the other
bits. Then, at each step the key is shifted on the left one or two times. Before
delivering the sub key, the component PC-2 reduce and permutes the 56 bits
shifted key. Now that we had a good overview of the encryption function (ek),
we can take look at the decryption function (dk).
17
The decryption process is very similar as the encryption one, as we observe in
the next schematic:
Obviously, the decryption is very similar to the encryption. Only the key-
scheduling is reversed. Additionally, we must highlight that there are four
standardized modes of operation of DES: ECB (Electronic Codebook mode),
CBC (Cipher Block Chaining mode), CFB (Cipher Feedback mode) and OFB
(Output Feedback mode). In ECB mode, each plaintext block is encrypted
independently with the block cipher.
18
UNDERSTANDING THE ALGORITHM
(Example)
DES works on bits, or binary numbers the 0s and 1s common to digital
computers. Each group of four bits makes up a hexadecimal, or base 16,
number. Binary "0001" is equal to the hexadecimal number "1", binary "1000"
is equal to the hexadecimal number "8", "1001" is equal to the hexadecimal
number "9", "1010" is equal to the hexadecimal number "A", and "1111" is
equal to the hexadecimal number "F".
DES works by encrypting groups of 64 message bits, which is the same as 16
hexadecimal numbers. To do the encryption, DES uses "keys" where are also
apparently 16 hexadecimal numbers long, or apparently 64 bits long. However,
every 8th key bit is ignored in the DES algorithm, so that the effective key size
is 56 bits. But, in any case, 64 bits (16 hexadecimal digits) is the round number
upon which DES is organized.
For example, if we take the plaintext message
"8787878787878787", and encrypt it with the DES key
"0E329232EA6D0D73", we end up with the cipher text
"0000000000000000". If the cipher text is decrypted with the same
secret DES key "0E329232EA6D0D73", the result is the original
plaintext "8787878787878787".
This example is neat and orderly because our plaintext was exactly 64 bits long.
The same would be true if the plaintext happened to be a multiple of 64 bits.
But most messages will not fall into this category. They will not be an exact
multiple of 64 bits (that is, an exact multiple of 16 hexadecimal numbers).
For example, take the message "University college of Engineering". This
plaintext message is 34 bytes (76 hexadecimal digits) long. So this message
must be padded with some extra byte at the tail end for the encryption. Once the
encrypted message has been decrypted, these extra bytes are thrown away.
There are, of course, different padding schemes--different ways to add extra
bytes. Here we will just add 0s at the end, so that the total message is a multiple
of 8 bytes (or 16 hexadecimal digits, or 64 bits).
19
How DES Works in Detail
DES is a block cipher meaning it operates on plaintext blocks of a given size
(64-bits) and returns ciphertext blocks of the same size. Thus DES results in a
permutation among the 2^64 (read this as: "2 to the 64th power") possible
arrangements of 64 bits, each of which may be either 0 or 1. Each block of 64
bits is divided into two blocks of 32 bits each, a left half block L and a right half
R. (This division is only used in certain operations.)
Example: Let M be the plain text message M = 0123456789ABCDEF, where
M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the
64-bit block of text:
M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010
1011 1100 1101 1110 1111
L = 0000 0001 0010 0011 0100 0101 0110 0111
R = 1000 1001 1010 1011 1100 1101 1110 1111
The first bit of M is "0". The last bit is "1". We read from left to right. DES
operates on the 64-bit blocks using key sizes of 56- bits. The keys are actually
stored as being 64 bits long, but every 8th bit in the key is not used (i.e. bits
numbered 8, 16, 24, 32, 40, 48, 56, and 64). However, we will nevertheless
number the bits from 1 to 64, going left to right, in the following calculations.
But, as you will see, the eight bits just mentioned get eliminated when we create
subkeys.
Example: Let K be the hexadecimal key K = 133457799BBCDFF1. This gives
us as the binary key (setting 1 = 0001, 3 = 0011, etc., and grouping together
every eight bits, of which the last one in each group will be unused):
K = 00010011 00110100 01010111 01111001 10011011 10111100
11011111 11110001
The DES algorithm uses the following steps:
Step 1: Create 16 sub keys, each of which is 48-bits long:
20
The 64-bit key is permuted according to the following table, PC-1. Since the
first entry in the table is "57", this means that the 57th bit of the original key K
becomes the first bit of the permuted key K+. The 49th bit of the original key
becomes the second bit of the permuted key. The 4th bit of the original key is
the last bit of the permuted key. Note only 56 bits of the original key appear in
the permuted key.
PC 1
57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
Example: From the original 64-bit key
K = 00010011 00110100 01010111 01111001 10011011 10111100
11011111 11110001
we get the 56-bit permutation
K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111 0001111
Next, split this key into left and right halves, C0 and D0, where each half has 28
bits.
Example: From the permuted key K+, we get
C0 = 1111000 0110011 0010101 0101111
D0 = 0101010 1011001 1001111 0001111
With C0 and D0 defined, we now create sixteen blocks Cn and Dn, 1<=n<=16.
Each pair of blocks Cn and Dn is formed from the previous pair Cn-1 and Dn-
21
1, respectively, for n = 1, 2...16, using the following schedule of "left shifts" of
the previous block. To do a left shift, move each bit one place to the left, except
for the first bit, which is cycled to the end of the block.
Iteration number Number of left
shifts
1 1
2 1
3 2
4 2
5 2
6 2
7 2
8 2
9 1
10 2
11 2
12 2
13 2
14 2
15 2
16 1
This means, for example, C3 and D3 are obtained from C2 and D2,
respectively, by two left shifts, and C16 and D16 are obtained from C15 and
D15, respectively, by one left shift. In all cases, by a single left shift is meant a
rotation of the bits one place to the left, so that after one left shift the bits in the
28 positions are the bits that were previously in positions 2, 3,..., 28, 1.
22
Example: From original pair pair C0 and D0 we obtain:
C0 = 1111000011001100101010101111
D0 = 0101010101100110011110001111
C1 = 1110000110011001010101011111
D1 = 1010101011001100111100011110
C2 = 1100001100110010101010111111
D2 = 0101010110011001111000111101
C3 = 0000110011001010101011111111
D3 = 0101011001100111100011110101
C4 = 0011001100101010101111111100
D4 = 0101100110011110001111010101
C5 = 1100110010101010111111110000
D5 = 0110011001111000111101010101
C6 = 0011001010101011111111000011
D6 = 1001100111100011110101010101
C7 = 1100101010101111111100001100
D7 = 0110011110001111010101010110
C8 = 0010101010111111110000110011
D8 = 1001111000111101010101011001
C9 = 0101010101111111100001100110
D9 = 0011110001111010101010110011
C10 = 0101010111111110000110011001
D10 = 1111000111101010101011001100
C11 = 0101011111111000011001100101
D11 = 1100011110101010101100110011
C12 = 0101111111100001100110010101
D12 = 0001111010101010110011001111
C13 = 0111111110000110011001010101
D13 = 0111101010101011001100111100
23
C14 = 1111111000011001100101010101
D14 = 1110101010101100110011110001
C15 = 1111100001100110010101010111
D15 = 1010101010110011001111000111
C16 = 1111000011001100101010101111
D16 = 0101010101100110011110001111
We now form the keys Kn, for 1<=n<=16, by applying the following
permutation table to each of the concatenated pairs CnDn. Each pair has 56 bits,
but PC-2 only uses 48 of these.
PC-2
14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32
Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th,
and so on, ending with the 48th bit of Kn being the 32th bit of CnDn.
Example: For the first key we have
C1D1 = 1110000 11001100101010 1011111 1010101 0110011 0011110
0011110
24
which, after we apply the permutation PC-2, becomes
K1 = 000110 110000 001011 101111 111111 000111 000001
110010
For the other keys we have
K2 = 011110 011010 111011 011001 110110 111100 100111 100101
K3 = 010101 011111 110010 001010 010000 101100 111110 011001
K4 = 011100 101010 110111 010110 110110 110011 010100 011101
K5 = 011111 001110 110000 000111 111010 110101 001110 101000
K6 = 011000 111010 010100 111110 010100 000111 101100 101111
K7 = 111011 001000 010010 110111 111101 100001 100010 111100
K8 = 111101 111000 101000 111010 110000 010011 101111 111011
K9 = 111000 001101 101111 101011 111011 011110 011110 000001
K10 = 101100 011111 001101 000111 101110 100100 011001 001111
K11 = 001000 010101 111111 010011 110111 101101 001110 000110
K12 = 011101 010111 000111 110101 100101 000110 011111 101001
K13 = 100101 111100 010111 010001 111110 101011 101001 000001
K14 = 010111 110100 001110 110111 111100 101110 011100 111010
K15 = 101111 111001 000110 001101 001111 010011 111100 001010
K16 = 110010 110011 110110 001011 000011 100001 011111 110101
Step 2: Encode each 64-bit block of data.
There is an initial permutation IP of the 64 bits of the message data M. This
rearranges the bits according to the following table, where the entries in the
table show the new arrangement of the bits from their initial order. The 58th bit
of M becomes the first bit of IP. The 50th bit of M becomes the second bit of
IP. The 7th bit of M is the last bit of IP.
25
IP
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
Example: Applying the initial permutation to the block of text M, given
previously, we get
M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010
1011 1100 1101 1110 1111
IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010
1010 1111 0000 1010 1010
Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit of
M is "1", which becomes the second bit of IP. The 7th bit of M is "0", which
becomes the last bit of IP. Next divide the permuted block IP into a left half L0
of 32 bits, and a right half R0 of 32 bits.
Example: From IP, we get L0 and R0
L0 = 1100 1100 0000 0000 1100 1100 1111 1111
R0 = 1111 0000 1010 1010 1111 0000 1010 1010
We now proceed through 16 iterations, for 1<=n<=16, using a function f which
operates on two blocks--a data block of 32 bits and a key Kn of 48 bits--to
produce a block of 32 bits. Let + denote XOR addition, (bit-by-bit addition
modulo 2). Then for n going from 1 to 16 we calculate
26
Ln = Rn-1
Rn = Ln-1 + f(Rn-1,Kn)
This results in a final block, for n = 16, of L16R16. That is, in each iteration,
we take the right 32 bits of the previous result and make them the left 32 bits of
the current step. For the right 32 bits in the current step, we XOR the left 32 bits
of the previous step with the calculation f .
Example: For n = 1, we have
K1 = 000110 110000 001011 101111 111111 000111 000001 110010
L1 = R0 = 1111 0000 1010 1010 1111 0000 1010 1010
R1 = L0 + f(R0,K1)
It remains to explain how the function f works. To calculate f, we first expand
each block Rn-1 from 32 bits to 48 bits. This is done by using a selection table
that repeats some of the bits in Rn-1 . We'll call the use of this selection table
the function E. Thus E(Rn-1) has a 32 bit input block, and a 48 bit output block.
Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are
obtained by selecting the bits in its inputs in order according to the following
table:
E BIT- Selection Table
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
27
28 29 30 31 32 1
Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-1
while the last 2 bits of E(Rn-1) are the bits in positions 32 and 1.
Example: We calculate E(R0) from R0 as follows:
R0 = 1111 0000 1010 1010 1111 0000 1010 1010
E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101
(Note that each block of 4 original bits has been expanded to a block of 6 output
bits.)
Next in the f calculation, we XOR the output E(Rn-1) with the key Kn:
Kn + E(Rn-1).
Example: For K1 , E(R0), we have
K1 = 000110 110000 001011 101111 111111 000111 000001 110010
E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101
K1+E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.
We have not yet finished calculating the function f . To this point we have
expanded Rn-1 from 32 bits to 48 bits, using the selection table, and XORed the
result with the key Kn . We now have 48 bits, or eight groups of six bits. We
now do something strange with each group of six bits: we use them as addresses
in tables called "S boxes". Each group of six bits will give us an address in a
different S box. Located at that address will be a 4 bit number. This 4 bit
number will replace the original 6 bits. The net result is that the eight groups of
6 bits are transformed into eight groups of 4 bits (the 4-bit outputs from the S
boxes) for 32 bits total.
Write the previous result, which is 48 bits, in the form:
Kn + E(Rn-1) =B1B2B3B4B5B6B7B8,
28
where each Bi is a group of six bits.
We now calculate S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8)
where Si(Bi) referres to the output of the i-th S box.
To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block as
input and yields a 4-bit block as output. The table to determine S1
is shown and explained below:
S1
Column Number
Row
No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
If S1 is the function defined in this table and B is a block of 6 bits, then S1(B) is
determined as follows: The first and last bits of B represent in base 2 a number
in the decimal range 0 to 3 (or binary 00 to 11). Let that number be i. The
middle 4 bits of B represent in base 2 a number in the decimal range 0 to 15
(binary 0000 to 1111). Let that number be j. Look up in the table the number in
the i-th row and j-th column. It is a number in the range 0 to 15 and is uniquely
represented by a 4 bit block. That block is the output S1(B) of S1 for the input
B. For example, for input block B = 011011 the first bit is "0" and the last bit
"1" giving 01 as the row. This is row 1. The middle four bits are "1101". This is
the binary equivalent of decimal 13, so the column is column number 13. In
row 1, column 13 appears 5. This determines the output; 5 is binary
0101, so that the output is 0101. Hence S1(011011) = 0101.
Example: For the first round, we obtain as the output of the eight S boxes:
K1 + E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.
S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000
0010 1011 0101 1001 0111
The final stage in the calculation of f is to do a permutation P of the S-box
output to obtain the final value of f:
29
f = P(S1(B1)S2(B2)...S8(B8))
The permutation P is defined in the following table. P yields a 32-
bit output from a 32-bit input by permuting the bits of the input
block.
P
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
Example: From the output of the eight S boxes:
S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100
1000 0010 1011 0101 1001 0111
we get
f = 0010 0011 0100 1010 1010 1001 1011 1011
R1 = L0 + f(R0 , K1 )= 1100 1100 0000 0000 1100 1100 1111 1111
+ 0010 0011 0100 1010 1010 1001 1011 1011
= 1110 1111 0100 1010 0110 0101 0100 0100
30
In the next round, we will have L2 = R1, which is the block we justcalculated,
and then we must calculate R2 =L1 + f(R1, K2), and so on for 16 rounds. At the
end of the sixteenth round we have the blocks L16 and R16. We then reverse
the order of the two blocks into the 64-bit block R16L16 and apply a final
permutation IP-1 as defined by the following table:
𝑰𝑷−𝟏
40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 15 18 58 26
33 1 41 9 49 17 57 25
That is, the output of the algorithm has bit 40 of the preoutput block as its first
bit, bit 8 as its second bit, and so on, until bit 25 of the preoutput block is the
last bit of the output. Example: If we process all 16 blocks using the method
defined previously, we get, on the 16th round,
L16 = 0100 0011 0100 0010 0011 0010 0011 0100
R16 = 0000 1010 0100 1100 1101 1001 1001 0101
We reverse the order of these two blocks and apply the final permutation to
R16L16 = 00001010 01001100 11011001 10010101 01000011 01000010
00110010 00110100
31
IP-1 = 10000101 11101000 00010011 01010100 00001111 00001010
10110100 00000101
which in hexadecimal format is 85E813540F0AB405.
This is the encrypted form of M = 0123456789ABCDEF: namely,
C = 85E813540F0AB405.
Decryption is simply the inverse of encryption, follwing the same steps as
above, but reversing the order in which the subkeys are applied.
ENCRYPTION
As the Algorithm has been briefly explained above, Now we take a look at the Practical
Implementation on the FPGA an the VHDL code.
32
As you can see from the above RTL schematic, the Encryption module takes the 64 bit
Plaintext and encodes it with the 64 bit Key and Gives the 64 bit encoded Cypher.
CODE: (Top Module)
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity Encryptwithipinv is
Port ( clk : in STD_LOGIC;
key : in BIT_VECTOR (0 to 63) ;
data : in BIT_VECTOR (0 to 63);
cypher : out BIT_VECTOR (0 to 63));
end Encryptwithipinv;
architecture Behavioral of Encryptwithipinv is
COMPONENT dff
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR(0 TO 31);
o : out BIT_VECTOR(0 TO 31));
end COMPONENT;
COMPONENT IP4
Port ( clk : in STD_LOGIC;
A : in BIT_VECTOR (0 TO 63);
L : out BIT_VECTOR (0 TO 31);
R : out BIT_VECTOR (0 TO 31));
end COMPONENT;
COMPONENT IPinvmatrix is
Port ( Rx : in BIT_VECTOR (0 to 31) ;
Lx : in BIT_VECTOR (0 to 31);
33
plain : out BIT_VECTOR (0 to 63);
clk : in STD_LOGIC);
end COMPONENT;
COMPONENT ff
Port ( clk : in STD_LOGIC;
r : in BIT_VECTOR(0 TO 31);
k : in BIT_VECTOR(0 TO 47);
f : out BIT_VECTOR(0 TO 31));
end COMPONENT;
COMPONENT subkey_generation2
Port ( clock : in STD_LOGIC;
K : in BIT_VECTOR(0 TO 63);
Sk1 : out BIT_VECTOR(0 TO 47);
Sk2 : out BIT_VECTOR(0 TO 47);
Sk3 : out BIT_VECTOR(0 TO 47);
Sk4 : out BIT_VECTOR(0 TO 47);
Sk5 : out BIT_VECTOR(0 TO 47);
Sk6 : out BIT_VECTOR(0 TO 47);
Sk7 : out BIT_VECTOR(0 TO 47);
Sk8 : out BIT_VECTOR(0 TO 47);
Sk9 : out BIT_VECTOR(0 TO 47);
Sk10 : out BIT_VECTOR(0 TO 47);
Sk11 : out BIT_VECTOR(0 TO 47);
Sk12 : out BIT_VECTOR(0 TO 47);
Sk13 : out BIT_VECTOR(0 TO 47);
Sk14 : out BIT_VECTOR(0 TO 47);
Sk15 : out BIT_VECTOR(0 TO 47);
34
Sk16 : out BIT_VECTOR(0 TO 47));
end COMPONENT;
COMPONENT xor32
Port ( clk : in STD_LOGIC;
i1 : in BIT_VECTOR (0 TO 31);
i2 : in BIT_VECTOR (0 TO 31);
o : out BIT_VECTOR (0 TO 31));
end COMPONENT;
signal k1,k2,k3,k4,k5,k6,k7,k8,k9,k10,k11,k12,k13,k14,k15,k16 : BIT_VECTOR(0 TO 47);
signal r0,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15 : BIT_VECTOR(0 TO 31);
signal f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15,f16,Rx1,Lx1 : BIT_VECTOR(0 TO
31);
signal l0 : BIT_VECTOR(0 TO 31);
begin
IP: IP4 port map( clk => clk, A => data,L => l0,R => r0);
SbKey: subkey_generation2 port map( clock => clk,K => key,Sk1 => k1,Sk2 => k2,Sk3 =>
k3,Sk4 => k4,Sk5 => k5,Sk6 => k6,Sk7 => k7,Sk8 => k8,Sk9 => k9,Sk10 => k10,Sk11 =>
k11,Sk12 => k12,Sk13 => k13,Sk14 => k14,Sk15 => k15,Sk16 => k16);
xrd1: xor32 port map( clk => clk,i1 => l0,i2 => f1,o => r1);
xrd2: xor32 port map( clk => clk,i1 => r0,i2 => f2,o => r2);
xrd3: xor32 port map( clk => clk,i1 => r1,i2 => f3,o => r3);
xrd4: xor32 port map( clk => clk,i1 => r2,i2 => f4,o => r4);
xrd5: xor32 port map( clk => clk,i1 => r3,i2 => f5,o => r5);
xrd6: xor32 port map( clk => clk,i1 => r4,i2 => f6,o => r6);
xrd7: xor32 port map( clk => clk,i1 => r5,i2 => f7,o => r7);
xrd8: xor32 port map( clk => clk,i1 => r6,i2 => f8,o => r8);
xrd9: xor32 port map( clk => clk,i1 => r7,i2 => f9,o => r9);
xrd10: xor32 port map( clk => clk,i1 => r8,i2 => f10,o => r10);
35
xrd11: xor32 port map( clk => clk,i1 => r9,i2 => f11,o => r11);
xrd12: xor32 port map( clk => clk,i1 => r10,i2 => f12,o => r12);
xrd13: xor32 port map( clk => clk,i1 => r11,i2 => f13,o => r13);
xrd14: xor32 port map( clk => clk,i1 => r12,i2 => f14,o => r14);
xrd15: xor32 port map( clk => clk,i1 => r13,i2 => f15,o => r15);
xrd16: xor32 port map( clk => clk,i1 => r14,i2 => f16,o => Rx1);
ffd1: ff port map ( clk => clk,r => r0,k => k1,f => f1);
ffd2: ff port map ( clk => clk,r => r1,k => k2,f => f2);
ffd3: ff port map ( clk => clk,r => r2,k => k3,f => f3);
ffd4: ff port map ( clk => clk,r => r3,k => k4,f => f4);
ffd5: ff port map ( clk => clk,r => r4,k => k5,f => f5);
ffd6: ff port map ( clk => clk,r => r5,k => k6,f => f6);
ffd7: ff port map ( clk => clk,r => r6,k => k7,f => f7);
ffd8: ff port map ( clk => clk,r => r7,k => k8,f => f8);
ffd9: ff port map ( clk => clk,r => r8,k => k9,f => f9);
ffd10: ff port map ( clk => clk,r => r9,k => k10,f => f10);
ffd11: ff port map ( clk => clk,r => r10,k => k11,f => f11);
ffd12: ff port map ( clk => clk,r => r11,k => k12,f => f12);
ffd13: ff port map ( clk => clk,r => r12,k => k13,f => f13);
ffd14: ff port map ( clk => clk,r => r13,k => k14,f => f14);
ffd15: ff port map ( clk => clk,r => r14,k => k15,f => f15);
ffd16: ff port map ( clk => clk,r => r15,k => k16,f => f16);
dffd: dff port map (clk => clk,i => r15,o => Lx1);
ipinv1: IPinvmatrix port map (clk => clk, Rx => Rx1 , Lx => Lx1, plain => cypher);
end Behavioral;
36
The RTL Schematics and Code for different Components in the Top Module are given below
Component: 32 bit XOR
CODE: (32 bit XOR):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity xor32 is
Port ( clk : in STD_LOGIC;
i1 : in BIT_VECTOR (0 TO 31);
i2 : in BIT_VECTOR (0 TO 31);
o : out BIT_VECTOR (0 TO 31));
end xor32;
architecture Behavioral of xor32 is
begin
process(clk,i1,i2)
variable q: BIT_VECTOR (0 TO 31);
begin
if (clk'event and clk='1') then
37
q := (i1 xor i2);
end if;
o <= q;
end process;
end Behavioral;
Component: D-FlipFlop
CODE: (D-FlipFlop):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity dff is
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR(0 TO 31);
o : out BIT_VECTOR(0 TO 31));
end dff;
architecture Behavioral of dff is
begin
38
process(clk,i)
variable q : BIT_VECTOR(0 TO 31);
begin
if (clk'event and clk='1') then
q := i;
end if;
o <= q;
end process;
end Behavioral;
Component: Initial Permutation
CODE: (Initial Permutation):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity IP4 is
Port ( clk : in STD_LOGIC;
A : in BIT_VECTOR (0 TO 63);
L : out BIT_VECTOR (0 TO 31);
39
R : out BIT_VECTOR (0 TO 31));
end IP4;
architecture Behavioral of IP4 is
begin
PROCESS(clk,A)
variable Q1 : BIT_VECTOR(0 to 31);
variable Q2 : BIT_VECTOR(0 to 31);
variable c,Lt,M,Rt : integer;
begin
if (clk'event and clk='1') then
c := 0;
M := 57;
Lt:= M;
for i in 1 to 10 loop
Q1(c):= A(Lt);
c := c+1;
Lt := Lt-8;
if (Lt< 0) then
exit;
end if;
end loop;
M := M+2;
Lt:= M;
for i in 1 to 10 loop
Q1(c):= A(Lt);
c := c+1;
40
Lt := Lt-8;
if (Lt< 0) then
exit;
end if;
end loop;
M := M+2;
Lt:= M;
for i in 1 to 10 loop
Q1(c):= A(Lt);
c := c+1;
Lt := Lt-8;
if (Lt< 0) then
exit;
end if;
end loop;
M := M+2;
Lt:= M;
for i in 1 to 10 loop
Q1(c):= A(Lt);
c := c+1;
Lt := Lt-8;
if (Lt< 0) then
exit;
end if;
end loop;
L<= Q1;
c := 0;
41
M := 56;
Rt := M;
for i in 1 to 10 loop
Q2(c) := A(Rt);
c := c+1;
Rt := Rt-8;
if (Rt < 0) then
exit;
end if;
end loop;
M := M+2;
Rt := M;
for i in 1 to 10 loop
Q2(c) := A(Rt);
c := c+1;
Rt := Rt-8;
if (Rt < 0) then
exit;
end if;
end loop;
M := M+2;
Rt := M;
for i in 1 to 10 loop
Q2(c) := A(Rt);
c := c+1;
Rt := Rt-8;
if (Rt < 0) then
42
exit;
end if;
end loop;
M := M+2;
Rt := M;
for i in 1 to 10 loop
Q2(c) := A(Rt);
c := c+1;
Rt := Rt-8;
if (Rt < 0) then
exit;
end if;
end loop;
R <= Q2;
end if;
end process;
end Behavioral;
Component: IP-Inverse
43
CODE: (IP inverse):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity IPinvmatrix is
Port ( Rx : in BIT_VECTOR (0 to 31) ;
Lx : in BIT_VECTOR (0 to 31);
plain : out BIT_VECTOR (0 to 63);
clk : in STD_LOGIC);
end IPinvmatrix;
architecture Behavioral of IPinvmatrix is
begin
process (clk,Rx,Lx)
variable Q: bit_vector(0 to 63);
44
begin
if (clk'event and clk='1') then
Q(0) := Lx(7);
Q(1) := Rx(7);
Q(2) := Lx(15);
Q(3) := Rx(15);
Q(4) := Lx(23);
Q(5) := Rx(23);
Q(6) := Lx(31);
Q(7) := Rx(31);
Q(8) := Lx(6);
Q(9) := Rx(6);
Q(10) := Lx(14);
Q(11) := Rx(14);
Q(12) := Lx(22);
Q(13) := Rx(22);
Q(14) := Lx(30);
Q(15) := Rx(30);
Q(16) := Lx(5);
Q(17) := Rx(5);
Q(18) := Lx(13);
Q(19) := Rx(13);
Q(20) := Lx(21);
Q(21) := Rx(21);
Q(22) := Lx(29);
Q(23) := Rx(29);
Q(24) := Lx(4);
45
Q(25) := Rx(4);
Q(26) := Lx(12);
Q(27) := Rx(12);
Q(28) := Lx(20);
Q(29) := Rx(20);
Q(30) := Lx(28);
Q(31) := Rx(28);
Q(32) := Lx(3);
Q(33) := Rx(3);
Q(34) := Lx(11);
Q(35) := Rx(11);
Q(36) := Lx(19);
Q(37) := Rx(19);
Q(38) := Lx(27);
Q(39) := Rx(27);
Q(40) := Lx(2);
Q(41) := Rx(2);
Q(42) := Lx(10);
Q(43) := Rx(10);
Q(44) := Lx(18);
Q(45) := Rx(18);
Q(46) := Lx(26);
Q(47) := Rx(26);
Q(48) := Lx(1);
Q(49) := Rx(1);
Q(50) := Lx(9);
Q(51) := Rx(9);
46
Q(52) := Lx(17);
Q(53) := Rx(17);
Q(54) := Lx(25);
Q(55) := Rx(25);
Q(56) := Lx(0);
Q(57) := Rx(0);
Q(58) := Lx(8);
Q(59) := Rx(8);
Q(60) := Lx(16);
Q(61) := Rx(16);
Q(62) := Lx(24);
Q(63) := Rx(24);
end if;
plain <= Q;
end process; end Behavioral;
Component: Sub-Key Genaration
47
CODE: (Sub-Key Generation):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity subkey_generation2 is
Port ( clock : in STD_LOGIC;
K : in BIT_VECTOR(0 TO 63);
Sk1 : out BIT_VECTOR(0 TO 47);
Sk2 : out BIT_VECTOR(0 TO 47);
Sk3 : out BIT_VECTOR(0 TO 47);
Sk4 : out BIT_VECTOR(0 TO 47);
Sk5 : out BIT_VECTOR(0 TO 47);
Sk6 : out BIT_VECTOR(0 TO 47);
Sk7 : out BIT_VECTOR(0 TO 47);
Sk8 : out BIT_VECTOR(0 TO 47);
Sk9 : out BIT_VECTOR(0 TO 47);
Sk10 : out BIT_VECTOR(0 TO 47);
Sk11 : out BIT_VECTOR(0 TO 47);
Sk12 : out BIT_VECTOR(0 TO 47);
Sk13 : out BIT_VECTOR(0 TO 47);
Sk14 : out BIT_VECTOR(0 TO 47);
Sk15 : out BIT_VECTOR(0 TO 47);
Sk16 : out BIT_VECTOR(0 TO 47));
end subkey_generation2;
architecture Behavioral of subkey_generation2 is
component k64256
Port ( clk : in STD_LOGIC;
Kn : in bit_vector (0 to 63);
48
Ko : out bit_vector (0 to 55));
end component;
component k56228
Port ( clk : in STD_LOGIC;
I : in BIT_VECTOR (0 TO 55);
O1 : out BIT_VECTOR (0 TO 27);
O2 : out BIT_VECTOR (0 TO 27));
end component;
component ks1
Port ( clk : in STD_LOGIC;
I1 : in BIT_VECTOR(0 TO 27);
I2 : in BIT_VECTOR(0 TO 27);
O1 : out BIT_VECTOR(0 TO 27);
O2 : out BIT_VECTOR(0 TO 27));
end component;
component ks2
Port ( clk : in STD_LOGIC;
I1 : in BIT_VECTOR(0 TO 27);
I2 : in BIT_VECTOR(0 TO 27);
O1 : out BIT_VECTOR(0 TO 27);
O2 : out BIT_VECTOR(0 TO 27));
end component;
component k56248
Port ( clk : in STD_LOGIC;
I1 : in BIT_VECTOR(0 TO 27);
I2 : in BIT_VECTOR(0 TO 27);
O : out BIT_VECTOR(0 TO 47));
49
end component;
signal r1 : bit_vector(0 to 55);
signal
r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15,r16,r17,r18,r19,r20,r21,r22,r23,r24,r25,r26,r27,r
28,r29,r30,r31,r32,r33,r34,r35 : bit_vector(0 to 27);
begin
dci1 : k64256 port map( clk => clock, Kn => K , Ko => r1);
dci2 : k56228 port map( clk => clock, I => r1, O1 => r2 ,O2 => r3);
it1 : ks1 port map(clk => clock, I1 => r2, I2 => r3 , O1 => r4, O2 => r5);
dc1 : k56248 port map( clk => clock, I1 => r4, I2 => r5, O => Sk1);
it2 : ks1 port map(clk => clock, I1 => r4, I2 => r5 , O1 => r6, O2 => r7);
dc2 : k56248 port map( clk => clock, I1 => r6, I2 => r7, O => Sk2);
it3 : ks2 port map(clk => clock, I1 => r6, I2 => r7 , O1 => r8, O2 => r9);
dc3 : k56248 port map( clk => clock, I1 => r8, I2 => r9, O => Sk3);
it4 : ks2 port map(clk => clock, I1 => r8, I2 => r9 , O1 => r10, O2 => r11);
dc4 : k56248 port map( clk => clock, I1 => r10, I2 => r11, O => Sk4);
it5 : ks2 port map(clk => clock, I1 => r10, I2 => r11 , O1 => r12, O2 => r13);
dc5 : k56248 port map( clk => clock, I1 => r12, I2 => r13, O => Sk5);
it6 : ks2 port map(clk => clock, I1 => r12, I2 => r13 , O1 => r14, O2 => r15);
dc6 : k56248 port map( clk => clock, I1 => r14, I2 => r15, O => Sk6);
it7 : ks2 port map(clk => clock, I1 => r14, I2 => r15 , O1 => r16, O2 => r17);
dc7 : k56248 port map( clk => clock, I1 => r16, I2 => r17, O => Sk7);
it8 : ks2 port map(clk => clock, I1 => r16, I2 => r17 , O1 => r18, O2 => r19);
dc8 : k56248 port map( clk => clock, I1 => r18, I2 => r19, O => Sk8);
it9 : ks1 port map(clk => clock, I1 => r18, I2 => r19 , O1 => r20, O2 => r21);
dc9 : k56248 port map( clk => clock, I1 => r20, I2 => r21, O => Sk9);
it10: ks2 port map(clk => clock, I1 => r20, I2 => r21 , O1 => r22, O2 => r23);
50
dc10 : k56248 port map( clk => clock, I1 => r22, I2 => r23, O => Sk10);
it11: ks2 port map(clk => clock, I1 => r22, I2 => r23 , O1 => r24, O2 => r25);
dc11 : k56248 port map( clk => clock, I1 => r24, I2 => r25, O => Sk11);
it12: ks2 port map(clk => clock, I1 => r24, I2 => r25 , O1 => r26, O2 => r27);
dc12 : k56248 port map( clk => clock, I1 => r26, I2 => r27, O => Sk12);
it13: ks2 port map(clk => clock, I1 => r26, I2 => r27 , O1 => r28, O2 => r29);
dc13 : k56248 port map( clk => clock, I1 => r28, I2 => r29, O => Sk13);
it14: ks2 port map(clk => clock, I1 => r28, I2 => r29 , O1 => r30, O2 => r31);
dc14 : k56248 port map( clk => clock, I1 => r30, I2 => r31, O => Sk14);
it15: ks2 port map(clk => clock, I1 => r30, I2 => r31, O1 => r32, O2 => r33);
dc15 : k56248 port map( clk => clock, I1 => r32, I2 => r33, O => Sk15);
it16: ks1 port map(clk => clock, I1 => r32, I2 => r33 , O1 => r34, O2 => r35);
dc16 : k56248 port map( clk => clock, I1 => r34, I2 => r35, O => Sk16);
end Behavioral;
Component: Fiestel Function
51
CODE: (Fiestel Function):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity ff is
Port ( clk : in STD_LOGIC;
r : in BIT_VECTOR(0 TO 31);
k : in BIT_VECTOR(0 TO 47);
f : out BIT_VECTOR(0 TO 31));
end ff;
architecture Behavioral of ff is
COMPONENT ebit
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 31);
o : out BIT_VECTOR (0 TO 47));
end COMPONENT;
COMPONENT xor48
52
Port ( clk : in STD_LOGIC;
i1 : in BIT_VECTOR (0 TO 47);
i2 : in BIT_VECTOR (0 TO 47);
o : out BIT_VECTOR (0 TO 47));
end COMPONENT;
COMPONENT xr4836
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 47);
b1 : out BIT_VECTOR (0 TO 5);
b2 : out BIT_VECTOR (0 TO 5);
b3 : out BIT_VECTOR (0 TO 5);
b4 : out BIT_VECTOR (0 TO 5);
b5 : out BIT_VECTOR (0 TO 5);
b6 : out BIT_VECTOR (0 TO 5);
b7 : out BIT_VECTOR (0 TO 5);
b8 : out BIT_VECTOR (0 TO 5));
end COMPONENT;
COMPONENT s1
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR(0 TO 5);
o : out BIT_VECTOR(0 TO 3));
end COMPONENT;
COMPONENT s2
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
53
COMPONENT s3
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s4
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s5
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s6
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s7
Port ( clk : in STD_LOGIC;
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s8
Port ( clk : in STD_LOGIC;
54
b : in BIT_VECTOR (0 TO 5);
o : out BIT_VECTOR (0 TO 3));
end COMPONENT;
COMPONENT s4232
Port ( clk : in STD_LOGIC;
s1 : in BIT_VECTOR(0 TO 3);
s2 : in BIT_VECTOR(0 TO 3);
s3 : in BIT_VECTOR(0 TO 3);
s4 : in BIT_VECTOR(0 TO 3);
s5 : in BIT_VECTOR(0 TO 3);
s6 : in BIT_VECTOR(0 TO 3);
s7 : in BIT_VECTOR(0 TO 3);
s8 : in BIT_VECTOR(0 TO 3);
s : out BIT_VECTOR(0 TO 31));
end COMPONENT;
COMPONENT pmat
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 31);
f : out BIT_VECTOR (0 TO 31));
end COMPONENT;
signal t1,t2 : BIT_VECTOR (0 TO 47);
signal t3,t4,t5,t6,t7,t8,t9,t10 : BIT_VECTOR (0 TO 5);
signal t11,t12,t13,t14,t15,t16,t17,t18 : BIT_VECTOR (0 TO 3);
signal t19 : BIT_VECTOR (0 TO 31);
begin
ebitd: ebit port map(clk => clk, i => r, o => t1);
xor48d: xor48 port map(clk => clk, i1 => t1, i2 => k, o => t2);
55
xr4836d: xr4836 port map(clk => clk, i => t2, b1 => t3,b2 => t4,b3 => t5,b4 => t6,b5 =>
t7,b6 => t8,b7 => t9,b8 => t10);
s1d: s1 port map(clk => clk, b => t3, o => t11);
s2d: s2 port map(clk => clk, b => t4, o => t12);
s3d: s3 port map(clk => clk, b => t5, o => t13);
s4d: s4 port map(clk => clk, b => t6, o => t14);
s5d: s5 port map(clk => clk, b => t7, o => t15);
s6d: s6 port map(clk => clk, b => t8, o => t16);
s7d: s7 port map(clk => clk, b => t9, o => t17);
s8d: s8 port map(clk => clk, b => t10, o => t18);
s4232d: s4232 port map(clk => clk,s1 => t11,s2 => t12,s3 => t13,s4 => t14,s5 => t15,s6 =>
t16,s7 => t17,s8 => t18,s => t19);
pmatd: pmat port map(clk => clk,i => t19,f => f);
end Behavioral;
Component: XOR 48 bit
CODE: (XOR 48 bit):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
56
entity xor48 is
Port ( clk : in STD_LOGIC;
i1 : in BIT_VECTOR (0 TO 47);
i2 : in BIT_VECTOR (0 TO 47);
o : out BIT_VECTOR (0 TO 47));
end xor48;
architecture Behavioral of xor48 is
begin
process(clk,i1,i2)
variable q: BIT_VECTOR (0 TO 47);
begin
if (clk'event and clk='1') then
q := (i1 xor i2);
end if;
o <= q;
end process;
end Behavioral;
Component: XOR 48 bit to 32 bit
57
CODE: (XOR 48 to 32 bit):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity xr4836 is
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 47);
b1 : out BIT_VECTOR (0 TO 5);
b2 : out BIT_VECTOR (0 TO 5);
b3 : out BIT_VECTOR (0 TO 5);
b4 : out BIT_VECTOR (0 TO 5);
b5 : out BIT_VECTOR (0 TO 5);
b6 : out BIT_VECTOR (0 TO 5);
b7 : out BIT_VECTOR (0 TO 5);
b8 : out BIT_VECTOR (0 TO 5));
end xr4836;
58
architecture Behavioral of xr4836 is
begin
PROCESS(clk,i)
variable q1,q2,q3,q4,q5,q6,q7,q8 : BIT_VECTOR (0 TO 5);
begin
if (clk'event and clk='1') then
q1 := i(0 to 5);
q2 := i(6 to 11);
q3 := i(12 to 17);
q4 := i(18 to 23);
q5 := i(24 to 29);
q6 := i(30 to 35);
q7 := i(36 to 41);
q8 := i(42 to 47);
end if;
b1 <= q1;
b2 <= q2;
b3 <= q3;
b4 <= q4;
b5 <= q5;
b6 <= q6;
b7 <= q7;
b8 <= q8;
end process;
end Behavioral;
Component: S 8 4bits to 32 bit
59
CODE: (S 8 4bits to 32 bit ):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity s4232 is
Port ( clk : in STD_LOGIC;
s1 : in BIT_VECTOR(0 TO 3);
s2 : in BIT_VECTOR(0 TO 3);
s3 : in BIT_VECTOR(0 TO 3);
s4 : in BIT_VECTOR(0 TO 3);
s5 : in BIT_VECTOR(0 TO 3);
s6 : in BIT_VECTOR(0 TO 3);
s7 : in BIT_VECTOR(0 TO 3);
s8 : in BIT_VECTOR(0 TO 3);
s : out BIT_VECTOR(0 TO 31));
end s4232;
architecture Behavioral of s4232 is
60
begin
process(clk,s1,s2,s3,s4,s5,s6,s7,s8)
variable q : BIT_VECTOR(0 TO 31);
begin
if (clk'event and clk='1') then
q := ( s1 & s2 & s3 & s4 & s5 & s6 & s7 & s8);
end if;
s <= q;
end process;
end Behavioral;
Component: P Matrix
CODE: (XOR 48 to 32 bit):
library IEEE;
61
use IEEE.STD_LOGIC_1164.ALL;
entity pmat is
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 31);
f : out BIT_VECTOR (0 TO 31));
end pmat;
architecture Behavioral of pmat is
begin
process(clk,i)
variable q : BIT_VECTOR (0 TO 31);
begin
if (clk'event and clk='1') then
q(0) := i(15);
q(1) := i(6);
q(2) := i(19);
q(3) := i(20);
q(4) := i(28);
q(5) := i(11);
q(6) := i(27);
q(7) := i(16);
q(8) := i(0);
q(9) := i(14);
q(10) := i(22);
q(11) := i(25);
q(12) := i(4);
q(13) := i(17);
62
q(14) := i(30);
q(15) := i(9);
q(16) := i(1);
q(17) := i(7);
q(18) := i(23);
q(19) := i(13);
q(20) := i(31);
q(21) := i(26);
q(22) := i(2);
q(23) := i(8);
q(24) := i(18);
q(25) := i(12);
q(26) := i(29);
q(27) := i(5);
q(28) := i(21);
q(29) := i(10);
q(30) := i(3);
q(31) := i(24);
end if;
f <= q;
end process;
end Behavioral;
Component: E bit Selection Table
63
CODE: (E bit Selection Table):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity ebit is
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR (0 TO 31);
o : out BIT_VECTOR (0 TO 47));
end ebit;
architecture Behavioral of ebit is
begin
process(clk,i)
variable q : bit_vector(0 to 47);
begin
if (clk'event and clk='1') then
q(0) := i(31);
64
q(1) := i(0);
q(2) := i(1);
q(3) := i(2);
q(4) := i(3);
q(5) := i(4);
q(6) := i(3);
q(7) := i(4);
q(8) := i(5);
q(9) := i(6);
q(10) := i(7);
q(11) := i(8);
q(12) := i(7);
q(13) := i(8);
q(14) := i(9);
q(15) := i(10);
q(16) := i(11);
q(17) := i(12);
q(18) := i(11);
q(19) := i(12);
q(20) := i(13);
q(21) := i(14);
q(22) := i(15);
q(23) := i(16);
q(24) := i(15);
q(25) := i(16);
q(26) := i(17);
q(27) := i(18);
65
q(28) := i(19);
q(29) := i(20);
q(30) := i(19);
q(31) := i(20);
q(32) := i(21);
q(33) := i(22);
q(34) := i(23);
q(35) := i(24);
q(36) := i(23);
q(37) := i(24);
q(38) := i(25);
q(39) := i(26);
q(40) := i(27);
q(41) := i(28);
q(42) := i(27);
q(43) := i(28);
q(44) := i(29);
q(45) := i(30);
q(46) := i(31);
q(47) := i(0);
end if;
o <= q;
end process;
end Behavioral;
Component: K 64 to 56
66
CODE: (XOR 48 to 32 bit):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity k64256 is
Port ( clk : in STD_LOGIC;
Kn : in bit_vector (0 to 63);
Ko : out bit_vector (0 to 55));
end k64256;
architecture Behavioral of k64256 is
begin
process(Kn,clk)
variable Qo : bit_vector ( 0 to 55);
variable c,M,L : integer ;
begin
if (clk'event and clk='1') then
c := 0;
67
M := 56;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
end if;
end loop;
M := M+1;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
end if;
end loop;
M := M+1;L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
68
end if;
end loop;
M := M+1;L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 35) then
exit;
end if;
end loop;
M := 62;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
end if;
end loop;
M := M-1;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
69
if ( L< 0) then
exit;
end if;
end loop;
M := M-1;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
end if;
end loop;
M := 27;
L := M;
for i in 1 to 10 loop
Qo(c) := Kn(L);
c := c+1 ;
L := L-8;
if ( L< 0) then
exit;
end if;
end loop;
Ko <= Qo;
end if;
end process;
70
end Behavioral;
Component: 56 bit to two 28 bits
CODE: (56 bit to Two 28 bits):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity k56228 is
Port ( clk : in STD_LOGIC;
I : in BIT_VECTOR (0 TO 55);
O1 : out BIT_VECTOR (0 TO 27);
O2 : out BIT_VECTOR (0 TO 27));
end k56228;
architecture Behavioral of k56228 is
begin
PROCESS(I,clk)
variable Q1,Q2 : BIT_VECTOR (0 TO 27);
begin
71
if (clk'event and clk='1') then
Q1 := I(0 to 27);
Q2 := I(28 to 55);
O1 <= Q1;
O2 <= Q2;
end if;
end process;
end Behavioral;
Component: 56 bit to 48 bit
CODE: (56 bit to 48 bit):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity k56248 is
Port ( clk : in STD_LOGIC;
I1 : in BIT_VECTOR(0 TO 27);
I2 : in BIT_VECTOR(0 TO 27);
O : out BIT_VECTOR(0 TO 47));
72
end k56248;
architecture Behavioral of k56248 is
begin
process(clk,I1,I2)
variable Q : BIT_VECTOR(0 TO 47);
begin
if (clk'event and clk='1') then
Q(0) := I1(13);
Q(1) := I1(16);
Q(2) := I1(10);
Q(3) := I1(23);
Q(4) := I1(0);
Q(5) := I1(4);
Q(6) := I1(2);
Q(7) := I1(27);
Q(8) := I1(14);
Q(9) := I1(5);
Q(10) := I1(20);
Q(11) := I1(9);
Q(12) := I1(22);
Q(13) := I1(18);
Q(14) := I1(11);
Q(15) := I1(3);
Q(16) := I1(25);
Q(17) := I1(7);
Q(18) := I1(15);
73
Q(19) := I1(6);
Q(20) := I1(26);
Q(21) := I1(19);
Q(22) := I1(12);
Q(23) := I1(1);
Q(24) := I2(12);
Q(25) := I2(23);
Q(26) := I2(2);
Q(27) := I2(8);
Q(28) := I2(18);
Q(29) := I2(26);
Q(30) := I2(1);
Q(31) := I2(11);
Q(32) := I2(22);
Q(33) := I2(16);
Q(34) := I2(4);
Q(35) := I2(19);
Q(36) := I2(15);
Q(37) := I2(20);
Q(38) := I2(10);
Q(39) := I2(27);
Q(40) := I2(5);
Q(41) := I2(24);
Q(42) := I2(17);
Q(43) := I2(13);
Q(44) := I2(21);
Q(45) := I2(7);
74
Q(46) := I2(0);
Q(47) := I2(3);
end if;
O <= Q;
end process;
end Behavioral;
Component: Iterations
CODE: (Iterations):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity ks1 is
Port ( clk : in STD_LOGIC;
I1 : in BIT_VECTOR(0 TO 27);
I2 : in BIT_VECTOR(0 TO 27);
O1 : out BIT_VECTOR(0 TO 27);
75
O2 : out BIT_VECTOR(0 TO 27));
end ks1;
architecture Behavioral of ks1 is
begin
process(I1,I2,clk)
variable Q1,Q2 : bit_vector(0 to 27);
begin
if (clk'event and clk='1' ) then
Q1 := I1(1 to 27) & I1(0);
Q2 := I2(1 to 27) & I2(0);
O1 <= Q1;
O2 <= Q2;
end if;
end process;
end Behavioral;
76
The Schematic of the Encryption Block after connecting all the
Modules:
77
DECRYPTION
As you can see from the above RTL schematic, the Encryption module takes the 64 bit
Cypher and decodes it with the 64 bit Key and Gives the 64 bit Decoded Plaintext.
CODE: (Top Module):
library IEEE;
use IEEE.STD_LOGIC_1164.ALL;
entity decryptwithipinv is
Port ( cypher : in bit_vector (0 to 63);
key : in bit_vector (0 to 63);
clk : in STD_LOGIC;
plaintext : out bit_vector (0 to 63));
end decryptwithipinv;
architecture Behavioral of decryptwithipinv is
COMPONENT dff
78
Port ( clk : in STD_LOGIC;
i : in BIT_VECTOR(0 TO 31);
o : out BIT_VECTOR(0 TO 31));
end COMPONENT;
COMPONENT IP4
Port ( clk : in STD_LOGIC;
A : in BIT_VECTOR (0 TO 63);
L : out BIT_VECTOR (0 TO 31);
R : out BIT_VECTOR (0 TO 31));
end COMPONENT;
COMPONENT ff
Port ( clk : in STD_LOGIC;
r : in BIT_VECTOR(0 TO 31);
k : in BIT_VECTOR(0 TO 47);
f : out BIT_VECTOR(0 TO 31));
end COMPONENT;
COMPONENT subkey_generation2
Port ( clock : in STD_LOGIC;
K : in BIT_VECTOR(0 TO 63);
Sk1 : out BIT_VECTOR(0 TO 47);
Sk2 : out BIT_VECTOR(0 TO 47);
Sk3 : out BIT_VECTOR(0 TO 47);
Sk4 : out BIT_VECTOR(0 TO 47);
Sk5 : out BIT_VECTOR(0 TO 47);
Sk6 : out BIT_VECTOR(0 TO 47);
Sk7 : out BIT_VECTOR(0 TO 47);
Sk8 : out BIT_VECTOR(0 TO 47);
79
Sk9 : out BIT_VECTOR(0 TO 47);
Sk10 : out BIT_VECTOR(0 TO 47);
Sk11 : out BIT_VECTOR(0 TO 47);
Sk12 : out BIT_VECTOR(0 TO 47);
Sk13 : out BIT_VECTOR(0 TO 47);
Sk14 : out BIT_VECTOR(0 TO 47);
Sk15 : out BIT_VECTOR(0 TO 47);
Sk16 : out BIT_VECTOR(0 TO 47));
end COMPONENT;
COMPONENT IPinvmatrix is
Port ( Rx : in BIT_VECTOR (0 to 31) ;
Lx : in BIT_VECTOR (0 to 31);
plain : out BIT_VECTOR (0 to 63);
clk : in STD_LOGIC);
end component;
COMPONENT xor32
Port ( clk : in STD_LOGIC;
i1 : in BIT_VECTOR (0 TO 31);
i2 : in BIT_VECTOR (0 TO 31);
o : out BIT_VECTOR (0 TO 31));
end COMPONENT;
signal k1,k2,k3,k4,k5,k6,k7,k8,k9,k10,k11,k12,k13,k14,k15,k16 : BIT_VECTOR(0 TO 47);
signal r0,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15 : BIT_VECTOR(0 TO 31);
signal f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15,f16,Rx1,Lx1 : BIT_VECTOR(0 TO
31);
signal l0 : BIT_VECTOR(0 TO 31);
begin
80
IP: IP4 port map( clk => Clk, A => Cypher,L => l0,R => r0);
SbKey: subkey_generation2 port map( clock => Clk,K => key,Sk1 => k1,Sk2 => k2,Sk3 =>
k3,Sk4 => k4,Sk5 => k5,Sk6 => k6,Sk7 => k7,Sk8 => k8,Sk9 => k9,Sk10 => k10,Sk11 =>
k11,Sk12 => k12,Sk13 => k13,Sk14 => k14,Sk15 => k15,Sk16 => k16);
xrd1: xor32 port map( clk => Clk,i1 => l0,i2 => f1,o => r1);
xrd2: xor32 port map( clk => Clk,i1 => r0,i2 => f2,o => r2);
xrd3: xor32 port map( clk => Clk,i1 => r1,i2 => f3,o => r3);
xrd4: xor32 port map( clk => Clk,i1 => r2,i2 => f4,o => r4);
xrd5: xor32 port map( clk => Clk,i1 => r3,i2 => f5,o => r5);
xrd6: xor32 port map( clk => Clk,i1 => r4,i2 => f6,o => r6);
xrd7: xor32 port map( clk => Clk,i1 => r5,i2 => f7,o => r7);
xrd8: xor32 port map( clk => Clk,i1 => r6,i2 => f8,o => r8);
xrd9: xor32 port map( clk => Clk,i1 => r7,i2 => f9,o => r9);
xrd10: xor32 port map( clk => Clk,i1 => r8,i2 => f10,o => r10);
xrd11: xor32 port map( clk => Clk,i1 => r9,i2 => f11,o => r11);
xrd12: xor32 port map( clk => Clk,i1 => r10,i2 => f12,o => r12);
xrd13: xor32 port map( clk => Clk,i1 => r11,i2 => f13,o => r13);
xrd14: xor32 port map( clk => Clk,i1 => r12,i2 => f14,o => r14);
xrd15: xor32 port map( clk => Clk,i1 => r13,i2 => f15,o => r15);
xrd16: xor32 port map( clk => Clk,i1 => r14,i2 => f16,o => Rx1);
ffd1: ff port map ( clk => Clk,r => r0,k => k16,f => f1);
ffd2: ff port map ( clk => Clk,r => r1,k => k15,f => f2);
ffd3: ff port map ( clk => Clk,r => r2,k => k14,f => f3);
ffd4: ff port map ( clk => Clk,r => r3,k => k13,f => f4);
ffd5: ff port map ( clk => Clk,r => r4,k => k12,f => f5);
ffd6: ff port map ( clk => Clk,r => r5,k => k11,f => f6);
ffd7: ff port map ( clk => Clk,r => r6,k => k10,f => f7);
ffd8: ff port map ( clk => Clk,r => r7,k => k9,f => f8);
81
ffd9: ff port map ( clk => Clk,r => r8,k => k8,f => f9);
ffd10: ff port map ( clk => Clk,r => r9,k => k7,f => f10);
ffd11: ff port map ( clk => Clk,r => r10,k => k6,f => f11);
ffd12: ff port map ( clk => Clk,r => r11,k => k5,f => f12);
ffd13: ff port map ( clk => Clk,r => r12,k => k4,f => f13);
ffd14: ff port map ( clk => Clk,r => r13,k => k3,f => f14);
ffd15: ff port map ( clk => Clk,r => r14,k => k2,f => f15);
ffd16: ff port map ( clk => Clk,r => r15,k => k1,f => f16);
dffd: dff port map (clk => Clk,i => r15,o => Lx1);
inv1: IPinvmatrix port map (clk => Clk, Rx => Rx1, Lx=> Lx1, plain => plaintext);
end Behavioral;
82
RESULTS:
ENCRYPTION:
Given Input:
Plaintext: 0123456789ABCDEF
Key: 133457799BBCDFF1
Corresponding Output:
Cypher: 85E813540F0AB405
83
DECRYPTION:
Given Input:
Key: 133457799BBCDFF1
Cypher: 85E813540F0AB405
Corresponding Output:
Plaintext: 0123456789ABCDEF
84
REFERENCES:
Books:
[1] Christof Paar, “Applied Cryptography and Data Security” (Lecture Notes),
May 2000.
[2] S.A. Vanstone, A.J. Menezes, P.C. Oorschot, “Handbook of Applied
Cryptography”, CRC Press, 1997.
Web-References:
[1] www.wikipedia.org.