Study and implementation of DES on FPGA

1

DEPARTMENT OF ELECTRONICS AND COMMUNICATION

ENGINEERING

UNIVERSITY COLLEGE OF ENGINEERING (Autonomous)

OSMAINA UNIVERSITY, HYDERABAD-500007

CERTIFICATE

This is to certify that the project entitled “Study and implementation of DES (Data

Encryption Standard) Algorithm on FPGA Is the work Carried by the following Students:

S. Rajesh 0109448

P. Sri Harsha 0109460

K. Venkata Kishore 0109468

S Sravani 0108441

As Partial fulfilment for the requirement to award the Degree of BACHELOR OF

ENGINEERING with specialization in ELECTRONICS AND COMMUNICATION

ENGINEERING at University College of Engineering, Hyderabad. Under the guidance and

Supervision of Prof. R. Hemalatha, Department of Electronics and Communication

Engineering During the Academic Year 2011-2012

The Contents embodied in this report have not been and will not be submitted to any

other institute for the award of any other Degree/Diploma.

Project Guide: Head Of the Department:

Prof R. Hemalatha Dr. P. Chandra Sekhar

2

STUDY AND IMPLEMENTATION OF DES (Data Encryption

Standard) ALGORITHM ON FPGA

A Dissertation Work

Submitted in the patrial fulfilment of the requirement for the award of

BACHELOR OF ENGINEERING

IN

ELECTRONICS AND COMMUNICATION ENGINEERING

Submitted by:

S. Rajesh 0109448

P. Sri Harsha 0109460

K. Venkata Kishore 0109468

S Sravani 0108441

UNDER THE GUIDENCE OF

R. HEMALATHA

Associate Professor

DEPARTMENT OF ELECTRONICS AND COMMUNICATION

ENGINEERING

UNIVERSITY COLLEGE OF ENGINEERING (Autonomous)

OSMANIA UNVIVERSITY, HYDERABAD-500007

3

ACKNOWLEDGEMENT

We would like to express our sincere thanks and deep sense of gratitude to our Project Guide

R. HEMALATHA. Associate Professor, Department of Electronics and Communication

Engineering for her Excellent Guidance throughout our Project work. Her valuable

Suggestions and Timely Guidance has enabled us to complete this work.

We are grateful to acknowledge our Associate Professor P. CHANDRA SEKHAR, Head of

the Department, Electronics and Communication Engineering for creating Excellent

academic climate which inspired us and made our Project Complete.

At the outset, We thank all our Teachers, Classmates and Friends who have supported us in

many ways.

We are grateful to our Parents for their Unrelenting Efforts in bringing us to acquire Bachelor

of Engineering.

S. Rajesh

P. Sri Harsha

K. Venkata Kishore

S. Sravani

4

UNIVERSITY COLLEGE OF ENGINEERING

DEPARTMENT OF ELECTRONICS AND COMMUNICATION ENGINEERING

TOPIC: Implementation of DES( Data Encryption Standard ) Algorithm on

FPGA.

Abstract: Nowadays Secure data transmission has become a prime importance for various organizations. Pertaining to this many encryption algorithms were introduced and standardized since past few decades. This project includes the study of the DES algorithm and later implementation of the algorithm on FPGA. The Data Encryption Standard (DES), is the name of the Federal Information Processing Standard (FIPS) 46-3, which describes the data encryption algorithm (DEA). The DES has a 64-bit block size and uses a 56-bit key during execution. DES is a symmetric cryptosystem, specifically a 16-round Feistel cipher. When used for communication, both sender and receiver must know the same secret key, which can be used to encrypt and decrypt the message, or to generate and verify a Message Authentication Code (MAC).

.

5

CONTENTS

(i) Introduction to Cryptography

(ii) Cryptography Goals

(iii) Basic Terminology and Concepts

(iv) Data Encryption Standards (DES)

(v) Understanding the Algorithm

(vi) Encoding

(vii) Decoding

(viii) Results

(ix) References

6

Introduction to Cryptography:

Cryptography has a long and fascinating history. Cryptography was used as a

tool to protect national secrets and strategies. The proliferation of computers

and communications systems in the 1960s brought with it a demand from the

private sector for means to protect information in digital form and to provide

security services. Beginning with the work of Feistel at IBM in the early 1970s

and culminating in 1977 with the adoption as a U.S. Federal Information

Processing Standard for encrypting unclassified information, DES, the Data

Encryption Standard, is the most well-known cryptographic mechanism in

history. It remains the standard means for securing electronic commerce for

many financial institutions around the world.

The most striking development in the history of cryptography came in 1976

when Diffie and Hellman published New Directions in Cryptography. This

paper introduced the revolutionary concept of public-key cryptography and also

provided a new and ingenious method for key exchange, the security of which is

based on the intractability of the discrete logarithm problem. Although the

authors had no practical realization of a public-key encryption scheme at the

time, the idea was clear and it generated extensive interest and activity in the

cryptographic community. In 1978 Rivest, Shamir, and Adleman discovered the

first practical public-key encryption and signature scheme, now referred to as

RSA. The RSA scheme is based on another hard mathematical problem, the

intractability of factoring large integers. This application of a hard mathematical

problem to cryptography revitalized efforts to find more efficient methods to

factor. The 1980s saw major advances in this area but none which rendered the

RSA system insecure. Another class of powerful and practical public-key

schemes was found by ElGamal in 1985. These are also based on the discrete

logarithm problem.

One of the most significant contributions provided by public-key cryptography

is the digital signature. In 1991 the first international standard for digital

signatures (ISO/IEC 9796) was adopted. It is based on the RSA public-key

scheme. In 1994 the U.S. Government adopted the Digital Signature Standard, a

mechanism based on the ElGamal publickey scheme. The search for new

public-key schemes, improvements to existing cryptographic mechanisms,

7

and proofs of security continues at a rapid pace. Various standards and

infrastructures involving cryptography are being put in place. Security products

are being developed to address the security needs of an information intensive

society.

CRYPTOGRAPHY:

Definition: Cryptography is the study of mathematical techniques related to

aspects of information security such as confidentiality, data integrity, entity

authentication and data origin authentication. Cryptography is not the only

means of providing information security, but rather one set of techniques.

Cryptographic goals:

Confidentiality, data integrity, authentication, and non-repudiation.

1. Confidentiality is a service used to keep the content of information from all

but those authorized to have it. Secrecy is a term synonymous with

confidentiality and privacy. There are numerous approaches to providing

confidentiality, ranging from physical protection to mathematical algorithms

which render data unintelligible.

2. Data integrity is a service which addresses the unauthorized alteration of

data. To assure data integrity, one must have the ability to detect data

manipulation by unauthorized parties. Data manipulation includes such things

as insertion, deletion, and substitution.

3. Authentication is a service related to identification. This function applies to

both entities and information itself. Two parties entering into a communication

should identify each other. Information delivered over a channel should be

authenticated as to origin, date of origin, data content, time sent, etc. For these

reasons this aspect of cryptography is usually subdivided into two major

classes: entity authentication and data origin authentication. Data origin

authentication implicitly provides data integrity (for if a message is modified,

the source has changed).

4. Non-repudiation is a service which prevents an entity from denying previous

commitments or actions. When disputes arise due to an entity denying that

certain actions were taken, a means to resolve the situation is necessary. For

8

example, one entity may authorize the purchase of property by another entity

and later deny such authorization was granted. A procedure involving a trusted

third party is needed to resolve

the dispute.

….A fundamental goal of cryptography is to adequately address these four areas

in both theory and practice. Cryptography is about the prevention and detection

of cheating and other malicious activities.

Basic terminology and concepts

The scientific study of any discipline must be built upon rigorous definitions

arising from fundamental concepts. What follows is a list of terms and basic

concepts used in cryptographic analysis. Where appropriate, rigor has been

sacrificed for the sake of clarity.

Cryptography Notations

• Cryptanalysis is the study of mathematical techniques for attempting to

defeat cryptographic techniques, and, more generally, information security

services.

• A cryptanalyst is someone who engages in cryptanalysis.

• Cryptology is the study of cryptography and cryptanalysis.

• A cryptosystem is a general term referring to a set of cryptographic primitives

used to provide information security services. Most often the term is used in

conjunction with primitives providing confidentiality, i.e., encryption.

Cryptographic techniques are typically divided into two generic types:

(i) Symmetric-key

(ii) Public-key.

9

Symmetric-key cryptography

Symmetric-key cryptography refers to encryption methods in which both the

sender and receiver share the same key (or, less commonly, in which their keys

are different, but related in an easily computable way). This was the only kind

of encryption publicly known until June 1976.

Symmetric key ciphers are implemented as either block ciphers or stream

ciphers. A block cipher enciphers input in blocks of plaintext as opposed to

individual characters, the input form used by a stream cipher.

The Data Encryption Standard (DES) and the Advanced Encryption

Standard (AES) are block cipher designs which have been

designated cryptography standards by the US government (though DES's

designation was finally withdrawn after the AES was adopted). Despite its

deprecation as an official standard, DES (especially its still-approved and much

more secure triple-DES variant) remains quite popular; it is used across a wide

range of applications, from ATM encryption to e-mail privacy and secure

remote access. Many other block ciphers have been designed and released, with

considerable variation in quality. Many have been thoroughly broken, such

as FEAL.

Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream

of key material, which is combined with the plaintext bit-by-bit or character-by-

character, somewhat like the one-time pad. In a stream cipher, the output stream

is created based on a hidden internal state which changes as the cipher operates.

That internal state is initially set up using the secret key material. RC4 is a

widely used stream cipher. Block ciphers can be used as stream ciphers.

Cryptographic hash functions are a third type of cryptographic algorithm. They

take a message of any length as input, and output a short, fixed

length hash which can be used in (for example) a digital signature. For good

hash functions, an attacker cannot find two messages that produce the same

hash. MD4 is a long-used hash function which is now broken; MD5, a

strengthened variant of MD4, is also widely used but broken in practice. The

U.S. National Security Agency developed the Secure Hash Algorithm series of

MD5-like hash functions: SHA-0 was a flawed algorithm that the agency

withdrew; SHA-1 is widely deployed and more secure than MD5, but

http://en.wikipedia.org/wiki/Block_ciphers

http://en.wikipedia.org/wiki/Stream_ciphers

http://en.wikipedia.org/wiki/Stream_ciphers

http://en.wikipedia.org/wiki/Data_Encryption_Standard

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

http://en.wikipedia.org/wiki/Cryptography_standards

http://en.wikipedia.org/wiki/Triple-DES

http://en.wikipedia.org/wiki/E-mail_privacy

http://en.wikipedia.org/wiki/Secure_Shell

http://en.wikipedia.org/wiki/Secure_Shell

http://en.wikipedia.org/wiki/FEAL

http://en.wikipedia.org/wiki/One-time_pad

http://en.wikipedia.org/wiki/RC4

http://en.wikipedia.org/wiki/Cryptographic_hash_functions

http://en.wikipedia.org/wiki/Hash_function

http://en.wikipedia.org/wiki/MD4

http://en.wikipedia.org/wiki/MD5

http://en.wikipedia.org/wiki/National_Security_Agency

http://en.wikipedia.org/wiki/SHA-1

10

cryptanalysts have identified attacks against it; the SHA-2 family improves on

SHA-1, but it isn't yet widely deployed, and the U.S. standards authority

thought it "prudent" from a security perspective to develop a new standard to

"significantly improve the robustness of NIST's overall hash algorithm

toolkit." Thus, a hash function design competition is underway and meant to

select a new U.S. national standard, to be called SHA-3, by 2012.

Message authentication codes (MACs) are much like cryptographic hash

functions, except that a secret key can be used to authenticate the hash

value upon receipt.

Public-key cryptography

Symmetric-key cryptosystems use the same key for encryption and decryption

of a message, though a message or group of messages may have a different key

than others. A significant disadvantage of symmetric ciphers is the key

management necessary to use them securely. Each distinct pair of

communicating parties must, ideally, share a different key, and perhaps each

cipher text exchanged as well. The number of keys required increases as

the square of the number of network members, which very quickly requires

complex key management schemes to keep them all straight and secret. The

difficulty of securely establishing a secret key between two communicating

parties, when a secure channel does not already exist between them, also

presents a chicken-and-egg problem which is a considerable practical obstacle

for cryptography users in the real world.

Public key cryptography in which two different but mathematically related keys

are used a public key and a private key. A public key system is so constructed

that calculation of one key (the 'private key') is computationally infeasible from

the other (the 'public key'), even though they are necessarily related. Instead,

both keys are generated secretly, as an interrelated pair.

In public-key cryptosystems, the public key may be freely distributed, while its

paired private key must remain secret. The public key is typically used for

encryption, while the private or secret key is used for decryption. In addition to

encryption, public-key cryptography can be used to implement digital

signature schemes. A digital signature is reminiscent of an ordinary signature;

they both have the characteristic that they are easy for a user to produce, but

difficult for anyone else to forge. Digital signatures can also be permanently

tied to the content of the message being signed; they cannot then be 'moved'

from one document to another, for any attempt will be detectable. In digital


http://en.wikipedia.org/wiki/NIST_hash_function_competition


http://en.wikipedia.org/wiki/Message_authentication_code

http://en.wikipedia.org/wiki/Key_management

http://en.wikipedia.org/wiki/Key_management

http://en.wikipedia.org/wiki/Square_(algebra)

http://en.wikipedia.org/wiki/Secure_channel

http://en.wikipedia.org/wiki/Chicken-and-egg_problem

http://en.wikipedia.org/wiki/Digital_signature

http://en.wikipedia.org/wiki/Digital_signature

http://en.wikipedia.org/wiki/Signature

http://en.wikipedia.org/wiki/Forgery

11

signature schemes, there are two algorithms: one for signing, in which a secret

key is used to process the message (or a hash of the message, or both), and one

for verification, in which the matching public key is used with the message to

check the validity of the signature. RSA and DSA are two of the most popular

digital signature schemes. Digital signatures are central to the operation

of public key infrastructures and many network security schemes

(e.g., SSL/TLS, many VPNs, etc.).

Public-key algorithms are most often based on the computational complexity of

"hard" problems, often from number theory. For example, the hardness of RSA

is related to the integer factorization problem, while Diffie–Hellman and DSA

are related to the discrete logarithm problem. More recently, elliptic curve

cryptography has developed in which security is based on number theoretic

problems involving elliptic curves. Because of the difficulty of the underlying

problems, most public-key algorithms involve operations such as modular

multiplication and exponentiation, which are much more computationally

expensive than the techniques used in most block ciphers, especially with

typical key sizes. As a result, public-key cryptosystems are commonly hybrid

cryptosystems, in which a fast high-quality symmetric-key encryption algorithm

is used for the message itself, while the relevant symmetric key is sent with the

message, but encrypted using a public-key algorithm. Similarly, hybrid

signature schemes are often used, in which a cryptographic hash function is

computed, and only the resulting hash is digitally signed.

Block Cypher:

In cryptography, a block cipher is a symmetric key cipher operating on fixed-

length groups of bits, called blocks, with an unvarying transformation. A block

cipher encryption algorithm might take (for example) a 128-bit block

of plaintext as input, and output a corresponding 128-bit block of ciphertext.

The exact transformation is controlled using a second input — the secret key.

Decryption is similar: the decryption algorithm takes, in this example, a 128-bit

block of ciphertext together with the secret key, and yields the original 128-bit

block of plain text.

A message longer than the block size (128 bits in the above example) can still

be encrypted with a block cipher by breaking the message into blocks and

encrypting each block individually. However, in this method all blocks are

encrypted with the same key, which degrades security (because each repetition

in the plaintext becomes a repetition in the ciphertext).

Stream Cypher:

In cryptography, a stream cipher is a symmetric key cipher where plaintext

digits are combined with a pseudorandom cipher digit stream (key stream). In a

stream cipher the plaintext digits are encrypted one at a time, and the

http://en.wikipedia.org/wiki/Digital_Signature_Algorithm

http://en.wikipedia.org/wiki/Public_key_infrastructure

http://en.wikipedia.org/wiki/Transport_Layer_Security

http://en.wikipedia.org/wiki/VPN

http://en.wikipedia.org/wiki/Computational_complexity_theory

http://en.wikipedia.org/wiki/Number_theory

http://en.wikipedia.org/wiki/Integer_factorization

http://en.wikipedia.org/wiki/Discrete_logarithm

http://en.wikipedia.org/wiki/Elliptic_curve_cryptography

http://en.wikipedia.org/wiki/Elliptic_curve_cryptography

http://en.wikipedia.org/wiki/Elliptic_curve

http://en.wikipedia.org/wiki/Modular_arithmetic

http://en.wikipedia.org/wiki/Hybrid_cryptosystem

http://en.wikipedia.org/wiki/Hybrid_cryptosystem

http://en.wikipedia.org/wiki/Cryptography

http://en.wikipedia.org/wiki/Symmetric_key_algorithm

http://en.wikipedia.org/wiki/Cipher

http://en.wikipedia.org/wiki/Bit

http://en.wikipedia.org/wiki/Plaintext

http://en.wikipedia.org/wiki/Key_(cryptography)

http://en.wikipedia.org/wiki/Block_size_(cryptography)

http://en.wikipedia.org/wiki/Cryptography

http://en.wikipedia.org/wiki/Symmetric_key_algorithm

http://en.wikipedia.org/wiki/Cipher

http://en.wikipedia.org/wiki/Pseudorandom

http://en.wikipedia.org/wiki/Keystream

http://en.wikipedia.org/wiki/Plaintext

http://en.wikipedia.org/wiki/Numerical_digit

12

transformation of successive digits varies during the encryption. An alternative

name is a state cipher, as the encryption of each digit is dependent on the

current state. In practice, a digit is typically a bit and the combining operation

an exclusive-or (xor).

Stream ciphers represent a different approach to symmetric encryption

from block ciphers. Block ciphers operate on large blocks of digits with a fixed,

unvarying transformation. This distinction is not always clear-cut: in

some modes of operation, a block cipher primitive is used in such a way that it

acts effectively as a stream cipher. Stream ciphers typically execute at a higher

speed than block ciphers and have lower hardware complexity. However,

stream ciphers can be susceptible to serious security problems if used

incorrectly

http://en.wikipedia.org/wiki/Bit

http://en.wikipedia.org/wiki/Exclusive-or

http://en.wikipedia.org/wiki/Block_cipher

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

13

DATA ENCRYPTION STANDARD

The Data Encryption Standard (DES) is a block cipher that uses shared

secret encryption. It was selected by the National Bureau of Standards as an

official Federal Information Processing Standard (FIPS) for the United States in

1976 and which has subsequently enjoyed widespread use internationally. It is

based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was

initially controversial because of classified design elements, a relatively

short key length, and suspicions about a National Security

Agency (NSA) backdoor. DES consequently came under intense academic

scrutiny which motivated the modern understanding of block ciphers and

their cryptanalysis.

DES is a block cipher, which means that during the encryption process, the

plaintext is broken into fixed length blocks and each block is encrypted at the

same time. One block is 64 bits and the key is 64 bits wide (but only 56 bits are

used).

So we can in a more formally manner describe the algorithm like this:

· P = C = {0, 1, 2… (2^64)-1}

· K = {0, 1, 2… (2^56)-1}

· each xi has 64 bits

· each ki has 56 bits

This description is not complete without the encryption function (ek) and the

decryption function (dk).

The principle of DES encryption is made of an initial permutation, followed by

16 rounds and ended by a final permutation, as we can see in the next figure:


http://en.wikipedia.org/wiki/Shared_secret

http://en.wikipedia.org/wiki/Shared_secret

http://en.wikipedia.org/wiki/Encrypt

http://en.wikipedia.org/wiki/National_Bureau_of_Standards

http://en.wikipedia.org/wiki/Federal_Information_Processing_Standard

http://en.wikipedia.org/wiki/United_States

http://en.wikipedia.org/wiki/Symmetric-key_algorithm

http://en.wikipedia.org/wiki/56-bit_encryption

http://en.wikipedia.org/wiki/Algorithm

http://en.wikipedia.org/wiki/Classified_information

http://en.wikipedia.org/wiki/Key_length



http://en.wikipedia.org/wiki/Backdoor_(computing)


http://en.wikipedia.org/wiki/Cryptanalysis

14

Here is a more detailed version of this illustration:

The above figure is called the Feistel network. We can see the key-scheduling

part at the right which is responsible to give a new 48 bits sub key for each

round. Inside each round, the right part of the data is simply swapped while the

left part is xored with the result of the f-function applied to the left part.

15

Now take a closer look at the core of the DES algorithm: the f-function.

f-function

As we can see, the data coming to the f-function goes first through an expansion

block and is then xored with the sub key. After that, the data arrives at the S-

boxes, which are look-up tables. The next step is a simple permutation and

finally, the resulting data is xored with the left part.

16

At this moment, we must find out how the key-scheduling achieves to build the

subkeys.

We saw before that the key is initially 64 bits wide. But in the algorithm, only

56 bits are really used. So we can notice in the above figure that the component

PC-1 removes these 8 bits to have the correct size. PC-1 also permutes the other

bits. Then, at each step the key is shifted on the left one or two times. Before

delivering the sub key, the component PC-2 reduce and permutes the 56 bits

shifted key. Now that we had a good overview of the encryption function (ek),

we can take look at the decryption function (dk).

17

The decryption process is very similar as the encryption one, as we observe in

the next schematic:

Obviously, the decryption is very similar to the encryption. Only the key-

scheduling is reversed. Additionally, we must highlight that there are four

standardized modes of operation of DES: ECB (Electronic Codebook mode),

CBC (Cipher Block Chaining mode), CFB (Cipher Feedback mode) and OFB

(Output Feedback mode). In ECB mode, each plaintext block is encrypted

independently with the block cipher.

18

UNDERSTANDING THE ALGORITHM

(Example)

DES works on bits, or binary numbers the 0s and 1s common to digital

computers. Each group of four bits makes up a hexadecimal, or base 16,

number. Binary "0001" is equal to the hexadecimal number "1", binary "1000"

is equal to the hexadecimal number "8", "1001" is equal to the hexadecimal

number "9", "1010" is equal to the hexadecimal number "A", and "1111" is

equal to the hexadecimal number "F".

DES works by encrypting groups of 64 message bits, which is the same as 16

hexadecimal numbers. To do the encryption, DES uses "keys" where are also

apparently 16 hexadecimal numbers long, or apparently 64 bits long. However,

every 8th key bit is ignored in the DES algorithm, so that the effective key size

is 56 bits. But, in any case, 64 bits (16 hexadecimal digits) is the round number

upon which DES is organized.

For example, if we take the plaintext message

"8787878787878787", and encrypt it with the DES key

"0E329232EA6D0D73", we end up with the cipher text

"0000000000000000". If the cipher text is decrypted with the same

secret DES key "0E329232EA6D0D73", the result is the original

plaintext "8787878787878787".

This example is neat and orderly because our plaintext was exactly 64 bits long.

The same would be true if the plaintext happened to be a multiple of 64 bits.

But most messages will not fall into this category. They will not be an exact

multiple of 64 bits (that is, an exact multiple of 16 hexadecimal numbers).

For example, take the message "University college of Engineering". This

plaintext message is 34 bytes (76 hexadecimal digits) long. So this message

must be padded with some extra byte at the tail end for the encryption. Once the

encrypted message has been decrypted, these extra bytes are thrown away.

There are, of course, different padding schemes--different ways to add extra

bytes. Here we will just add 0s at the end, so that the total message is a multiple

of 8 bytes (or 16 hexadecimal digits, or 64 bits).

19

How DES Works in Detail

DES is a block cipher meaning it operates on plaintext blocks of a given size

(64-bits) and returns ciphertext blocks of the same size. Thus DES results in a

permutation among the 2^64 (read this as: "2 to the 64th power") possible

arrangements of 64 bits, each of which may be either 0 or 1. Each block of 64

bits is divided into two blocks of 32 bits each, a left half block L and a right half

R. (This division is only used in certain operations.)

Example: Let M be the plain text message M = 0123456789ABCDEF, where

M is in hexadecimal (base 16) format. Rewriting M in binary format, we get the

64-bit block of text:

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010

1011 1100 1101 1110 1111

L = 0000 0001 0010 0011 0100 0101 0110 0111

R = 1000 1001 1010 1011 1100 1101 1110 1111

The first bit of M is "0". The last bit is "1". We read from left to right. DES

operates on the 64-bit blocks using key sizes of 56- bits. The keys are actually

stored as being 64 bits long, but every 8th bit in the key is not used (i.e. bits

numbered 8, 16, 24, 32, 40, 48, 56, and 64). However, we will nevertheless

number the bits from 1 to 64, going left to right, in the following calculations.

But, as you will see, the eight bits just mentioned get eliminated when we create

subkeys.

Example: Let K be the hexadecimal key K = 133457799BBCDFF1. This gives

us as the binary key (setting 1 = 0001, 3 = 0011, etc., and grouping together

every eight bits, of which the last one in each group will be unused):

K = 00010011 00110100 01010111 01111001 10011011 10111100

11011111 11110001

The DES algorithm uses the following steps:

Step 1: Create 16 sub keys, each of which is 48-bits long:

20

The 64-bit key is permuted according to the following table, PC-1. Since the

first entry in the table is "57", this means that the 57th bit of the original key K

becomes the first bit of the permuted key K+. The 49th bit of the original key

becomes the second bit of the permuted key. The 4th bit of the original key is

the last bit of the permuted key. Note only 56 bits of the original key appear in

the permuted key.

PC 1

57 49 41 33 25 17 9

1 58 50 42 34 26 18

10 2 59 51 43 35 27

19 11 3 60 52 44 36

63 55 47 39 31 23 15

7 62 54 46 38 30 22

14 6 61 53 45 37 29

21 13 5 28 20 12 4

Example: From the original 64-bit key

K = 00010011 00110100 01010111 01111001 10011011 10111100

11011111 11110001

we get the 56-bit permutation

K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111 0001111

Next, split this key into left and right halves, C0 and D0, where each half has 28

bits.

Example: From the permuted key K+, we get

C0 = 1111000 0110011 0010101 0101111

D0 = 0101010 1011001 1001111 0001111

With C0 and D0 defined, we now create sixteen blocks Cn and Dn, 1<=n<=16.

Each pair of blocks Cn and Dn is formed from the previous pair Cn-1 and Dn-

21

1, respectively, for n = 1, 2...16, using the following schedule of "left shifts" of

the previous block. To do a left shift, move each bit one place to the left, except

for the first bit, which is cycled to the end of the block.

Iteration number Number of left

shifts

1 1

2 1

3 2

4 2

5 2

6 2

7 2

8 2

9 1

10 2

11 2

12 2

13 2

14 2

15 2

16 1

This means, for example, C3 and D3 are obtained from C2 and D2,

respectively, by two left shifts, and C16 and D16 are obtained from C15 and

D15, respectively, by one left shift. In all cases, by a single left shift is meant a

rotation of the bits one place to the left, so that after one left shift the bits in the

28 positions are the bits that were previously in positions 2, 3,..., 28, 1.

22

Example: From original pair pair C0 and D0 we obtain:

C0 = 1111000011001100101010101111

D0 = 0101010101100110011110001111

C1 = 1110000110011001010101011111

D1 = 1010101011001100111100011110

C2 = 1100001100110010101010111111

D2 = 0101010110011001111000111101

C3 = 0000110011001010101011111111

D3 = 0101011001100111100011110101

C4 = 0011001100101010101111111100

D4 = 0101100110011110001111010101

C5 = 1100110010101010111111110000

D5 = 0110011001111000111101010101

C6 = 0011001010101011111111000011

D6 = 1001100111100011110101010101

C7 = 1100101010101111111100001100

D7 = 0110011110001111010101010110

C8 = 0010101010111111110000110011

D8 = 1001111000111101010101011001

C9 = 0101010101111111100001100110

D9 = 0011110001111010101010110011

C10 = 0101010111111110000110011001

D10 = 1111000111101010101011001100

C11 = 0101011111111000011001100101

D11 = 1100011110101010101100110011

C12 = 0101111111100001100110010101

D12 = 0001111010101010110011001111

C13 = 0111111110000110011001010101

D13 = 0111101010101011001100111100

23

C14 = 1111111000011001100101010101

D14 = 1110101010101100110011110001

C15 = 1111100001100110010101010111

D15 = 1010101010110011001111000111

C16 = 1111000011001100101010101111

D16 = 0101010101100110011110001111

We now form the keys Kn, for 1<=n<=16, by applying the following

permutation table to each of the concatenated pairs CnDn. Each pair has 56 bits,

but PC-2 only uses 48 of these.

PC-2

14 17 11 24 1 5

3 28 15 6 21 10

23 19 12 4 26 8

16 7 27 20 13 2

41 52 31 37 47 55

30 40 51 45 33 48

44 49 39 56 34 53

46 42 50 36 29 32

Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th,

and so on, ending with the 48th bit of Kn being the 32th bit of CnDn.

Example: For the first key we have

C1D1 = 1110000 11001100101010 1011111 1010101 0110011 0011110

0011110

24

which, after we apply the permutation PC-2, becomes

K1 = 000110 110000 001011 101111 111111 000111 000001

110010

For the other keys we have

K2 = 011110 011010 111011 011001 110110 111100 100111 100101

K3 = 010101 011111 110010 001010 010000 101100 111110 011001

K4 = 011100 101010 110111 010110 110110 110011 010100 011101

K5 = 011111 001110 110000 000111 111010 110101 001110 101000

K6 = 011000 111010 010100 111110 010100 000111 101100 101111

K7 = 111011 001000 010010 110111 111101 100001 100010 111100

K8 = 111101 111000 101000 111010 110000 010011 101111 111011

K9 = 111000 001101 101111 101011 111011 011110 011110 000001

K10 = 101100 011111 001101 000111 101110 100100 011001 001111

K11 = 001000 010101 111111 010011 110111 101101 001110 000110

K12 = 011101 010111 000111 110101 100101 000110 011111 101001

K13 = 100101 111100 010111 010001 111110 101011 101001 000001

K14 = 010111 110100 001110 110111 111100 101110 011100 111010

K15 = 101111 111001 000110 001101 001111 010011 111100 001010

K16 = 110010 110011 110110 001011 000011 100001 011111 110101

Step 2: Encode each 64-bit block of data.

There is an initial permutation IP of the 64 bits of the message data M. This

rearranges the bits according to the following table, where the entries in the

table show the new arrangement of the bits from their initial order. The 58th bit

of M becomes the first bit of IP. The 50th bit of M becomes the second bit of

IP. The 7th bit of M is the last bit of IP.

25

IP

58 50 42 34 26 18 10 2

60 52 44 36 28 20 12 4

62 54 46 38 30 22 14 6

64 56 48 40 32 24 16 8

57 49 41 33 25 17 9 1

59 51 43 35 27 19 11 3

61 53 45 37 29 21 13 5

63 55 47 39 31 23 15 7

Example: Applying the initial permutation to the block of text M, given

previously, we get

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010

1011 1100 1101 1110 1111

IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010

1010 1111 0000 1010 1010

Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit of

M is "1", which becomes the second bit of IP. The 7th bit of M is "0", which

becomes the last bit of IP. Next divide the permuted block IP into a left half L0

of 32 bits, and a right half R0 of 32 bits.

Example: From IP, we get L0 and R0

L0 = 1100 1100 0000 0000 1100 1100 1111 1111

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

We now proceed through 16 iterations, for 1<=n<=16, using a function f which

operates on two blocks--a data block of 32 bits and a key Kn of 48 bits--to

produce a block of 32 bits. Let + denote XOR addition, (bit-by-bit addition

modulo 2). Then for n going from 1 to 16 we calculate

26

Ln = Rn-1

Rn = Ln-1 + f(Rn-1,Kn)

This results in a final block, for n = 16, of L16R16. That is, in each iteration,

we take the right 32 bits of the previous result and make them the left 32 bits of

the current step. For the right 32 bits in the current step, we XOR the left 32 bits

of the previous step with the calculation f .

Example: For n = 1, we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

L1 = R0 = 1111 0000 1010 1010 1111 0000 1010 1010

R1 = L0 + f(R0,K1)

It remains to explain how the function f works. To calculate f, we first expand

each block Rn-1 from 32 bits to 48 bits. This is done by using a selection table

that repeats some of the bits in Rn-1 . We'll call the use of this selection table

the function E. Thus E(Rn-1) has a 32 bit input block, and a 48 bit output block.

Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are

obtained by selecting the bits in its inputs in order according to the following

table:

E BIT- Selection Table

32 1 2 3 4 5

4 5 6 7 8 9

8 9 10 11 12 13

12 13 14 15 16 17

16 17 18 19 20 21

20 21 22 23 24 25

24 25 26 27 28 29

27

28 29 30 31 32 1

Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-1

while the last 2 bits of E(Rn-1) are the bits in positions 32 and 1.

Example: We calculate E(R0) from R0 as follows:

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101

(Note that each block of 4 original bits has been expanded to a block of 6 output

bits.)

Next in the f calculation, we XOR the output E(Rn-1) with the key Kn:

Kn + E(Rn-1).

Example: For K1 , E(R0), we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101

K1+E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.

We have not yet finished calculating the function f . To this point we have

expanded Rn-1 from 32 bits to 48 bits, using the selection table, and XORed the

result with the key Kn . We now have 48 bits, or eight groups of six bits. We

now do something strange with each group of six bits: we use them as addresses

in tables called "S boxes". Each group of six bits will give us an address in a

different S box. Located at that address will be a 4 bit number. This 4 bit

number will replace the original 6 bits. The net result is that the eight groups of

6 bits are transformed into eight groups of 4 bits (the 4-bit outputs from the S

boxes) for 32 bits total.

Write the previous result, which is 48 bits, in the form:

Kn + E(Rn-1) =B1B2B3B4B5B6B7B8,

28

where each Bi is a group of six bits.

We now calculate S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8)

where Si(Bi) referres to the output of the i-th S box.

To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block as

input and yields a 4-bit block as output. The table to determine S1

is shown and explained below:

S1

Column Number

Row

No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7

1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8

2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

If S1 is the function defined in this table and B is a block of 6 bits, then S1(B) is

determined as follows: The first and last bits of B represent in base 2 a number

in the decimal range 0 to 3 (or binary 00 to 11). Let that number be i. The

middle 4 bits of B represent in base 2 a number in the decimal range 0 to 15

(binary 0000 to 1111). Let that number be j. Look up in the table the number in

the i-th row and j-th column. It is a number in the range 0 to 15 and is uniquely

represented by a 4 bit block. That block is the output S1(B) of S1 for the input

B. For example, for input block B = 011011 the first bit is "0" and the last bit

"1" giving 01 as the row. This is row 1. The middle four bits are "1101". This is

the binary equivalent of decimal 13, so the column is column number 13. In

row 1, column 13 appears 5. This determines the output; 5 is binary

0101, so that the output is 0101. Hence S1(011011) = 0101.

Example: For the first round, we obtain as the output of the eight S boxes:

K1 + E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111.

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000

0010 1011 0101 1001 0111

The final stage in the calculation of f is to do a permutation P of the S-box

output to obtain the final value of f:

29

f = P(S1(B1)S2(B2)...S8(B8))

The permutation P is defined in the following table. P yields a 32-

bit output from a 32-bit input by permuting the bits of the input

block.

P

16 7 20 21

29 12 28 17

1 15 23 26

5 18 31 10

2 8 24 14

32 27 3 9

19 13 30 6

22 11 4 25

Example: From the output of the eight S boxes:

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100

1000 0010 1011 0101 1001 0111

we get

f = 0010 0011 0100 1010 1010 1001 1011 1011

R1 = L0 + f(R0 , K1 )= 1100 1100 0000 0000 1100 1100 1111 1111

+ 0010 0011 0100 1010 1010 1001 1011 1011

= 1110 1111 0100 1010 0110 0101 0100 0100

30

In the next round, we will have L2 = R1, which is the block we justcalculated,

and then we must calculate R2 =L1 + f(R1, K2), and so on for 16 rounds. At the

end of the sixteenth round we have the blocks L16 and R16. We then reverse

the order of the two blocks into the 64-bit block R16L16 and apply a final

permutation IP-1 as defined by the following table:

𝑰𝑷−𝟏

40 8 48 16 56 24 64 32

39 7 47 15 55 23 63 31

38 6 46 14 54 22 62 30

37 5 45 13 53 21 61 29

36 4 44 12 52 20 60 28

35 3 43 11 51 19 59 27

34 2 42 10 15 18 58 26

33 1 41 9 49 17 57 25

That is, the output of the algorithm has bit 40 of the preoutput block as its first

bit, bit 8 as its second bit, and so on, until bit 25 of the preoutput block is the

last bit of the output. Example: If we process all 16 blocks using the method

defined previously, we get, on the 16th round,

L16 = 0100 0011 0100 0010 0011 0010 0011 0100

R16 = 0000 1010 0100 1100 1101 1001 1001 0101

We reverse the order of these two blocks and apply the final permutation to

R16L16 = 00001010 01001100 11011001 10010101 01000011 01000010

00110010 00110100

31

IP-1 = 10000101 11101000 00010011 01010100 00001111 00001010

10110100 00000101

which in hexadecimal format is 85E813540F0AB405.

This is the encrypted form of M = 0123456789ABCDEF: namely,

C = 85E813540F0AB405.

Decryption is simply the inverse of encryption, follwing the same steps as

above, but reversing the order in which the subkeys are applied.

ENCRYPTION

As the Algorithm has been briefly explained above, Now we take a look at the Practical

Implementation on the FPGA an the VHDL code.

32

As you can see from the above RTL schematic, the Encryption module takes the 64 bit

Plaintext and encodes it with the 64 bit Key and Gives the 64 bit encoded Cypher.

CODE: (Top Module)

library IEEE;

use IEEE.STD_LOGIC_1164.ALL;

entity Encryptwithipinv is

Port ( clk : in STD_LOGIC;

key : in BIT_VECTOR (0 to 63) ;

data : in BIT_VECTOR (0 to 63);

cypher : out BIT_VECTOR (0 to 63));

end Encryptwithipinv;

architecture Behavioral of Encryptwithipinv is

COMPONENT dff


i : in BIT_VECTOR(0 TO 31);

o : out BIT_VECTOR(0 TO 31));

end COMPONENT;

COMPONENT IP4


A : in BIT_VECTOR (0 TO 63);

L : out BIT_VECTOR (0 TO 31);

R : out BIT_VECTOR (0 TO 31));

end COMPONENT;

COMPONENT IPinvmatrix is

Port ( Rx : in BIT_VECTOR (0 to 31) ;

Lx : in BIT_VECTOR (0 to 31);

33

plain : out BIT_VECTOR (0 to 63);

clk : in STD_LOGIC);

end COMPONENT;

COMPONENT ff


r : in BIT_VECTOR(0 TO 31);

k : in BIT_VECTOR(0 TO 47);

f : out BIT_VECTOR(0 TO 31));

end COMPONENT;

COMPONENT subkey_generation2

Port ( clock : in STD_LOGIC;

K : in BIT_VECTOR(0 TO 63);

Sk1 : out BIT_VECTOR(0 TO 47);















34

Sk16 : out BIT_VECTOR(0 TO 47));

end COMPONENT;

COMPONENT xor32


i1 : in BIT_VECTOR (0 TO 31);


o : out BIT_VECTOR (0 TO 31));

end COMPONENT;

signal k1,k2,k3,k4,k5,k6,k7,k8,k9,k10,k11,k12,k13,k14,k15,k16 : BIT_VECTOR(0 TO 47);

signal r0,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15 : BIT_VECTOR(0 TO 31);

signal f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15,f16,Rx1,Lx1 : BIT_VECTOR(0 TO

31);

signal l0 : BIT_VECTOR(0 TO 31);

begin

IP: IP4 port map( clk => clk, A => data,L => l0,R => r0);

SbKey: subkey_generation2 port map( clock => clk,K => key,Sk1 => k1,Sk2 => k2,Sk3 =>

k3,Sk4 => k4,Sk5 => k5,Sk6 => k6,Sk7 => k7,Sk8 => k8,Sk9 => k9,Sk10 => k10,Sk11 =>

k11,Sk12 => k12,Sk13 => k13,Sk14 => k14,Sk15 => k15,Sk16 => k16);

xrd1: xor32 port map( clk => clk,i1 => l0,i2 => f1,o => r1);

xrd2: xor32 port map( clk => clk,i1 => r0,i2 => f2,o => r2);









35






xrd16: xor32 port map( clk => clk,i1 => r14,i2 => f16,o => Rx1);

ffd1: ff port map ( clk => clk,r => r0,k => k1,f => f1);
















dffd: dff port map (clk => clk,i => r15,o => Lx1);

ipinv1: IPinvmatrix port map (clk => clk, Rx => Rx1 , Lx => Lx1, plain => cypher);

end Behavioral;

36

The RTL Schematics and Code for different Components in the Top Module are given below

Component: 32 bit XOR

CODE: (32 bit XOR):

library IEEE;


entity xor32 is





end xor32;

architecture Behavioral of xor32 is

begin

process(clk,i1,i2)

variable q: BIT_VECTOR (0 TO 31);

begin

if (clk'event and clk='1') then

37

q := (i1 xor i2);

end if;

o <= q;

end process;

end Behavioral;

Component: D-FlipFlop

CODE: (D-FlipFlop):

library IEEE;


entity dff is




end dff;

architecture Behavioral of dff is

begin

38

process(clk,i)

variable q : BIT_VECTOR(0 TO 31);

begin


q := i;

end if;

o <= q;

end process;

end Behavioral;

Component: Initial Permutation

CODE: (Initial Permutation):

library IEEE;


entity IP4 is




39


end IP4;

architecture Behavioral of IP4 is

begin

PROCESS(clk,A)

variable Q1 : BIT_VECTOR(0 to 31);

variable Q2 : BIT_VECTOR(0 to 31);

variable c,Lt,M,Rt : integer;

begin


c := 0;

M := 57;

Lt:= M;

for i in 1 to 10 loop

Q1(c):= A(Lt);

c := c+1;

Lt := Lt-8;

if (Lt< 0) then

exit;

end if;

end loop;

M := M+2;

Lt:= M;


Q1(c):= A(Lt);

c := c+1;

40

Lt := Lt-8;

if (Lt< 0) then

exit;

end if;

end loop;

M := M+2;

Lt:= M;


Q1(c):= A(Lt);

c := c+1;

Lt := Lt-8;

if (Lt< 0) then

exit;

end if;

end loop;

M := M+2;

Lt:= M;


Q1(c):= A(Lt);

c := c+1;

Lt := Lt-8;

if (Lt< 0) then

exit;

end if;

end loop;

L<= Q1;

c := 0;

41

M := 56;

Rt := M;


Q2(c) := A(Rt);

c := c+1;

Rt := Rt-8;

if (Rt < 0) then

exit;

end if;

end loop;

M := M+2;

Rt := M;


Q2(c) := A(Rt);

c := c+1;

Rt := Rt-8;

if (Rt < 0) then

exit;

end if;

end loop;

M := M+2;

Rt := M;


Q2(c) := A(Rt);

c := c+1;

Rt := Rt-8;

if (Rt < 0) then

42

exit;

end if;

end loop;

M := M+2;

Rt := M;


Q2(c) := A(Rt);

c := c+1;

Rt := Rt-8;

if (Rt < 0) then

exit;

end if;

end loop;

R <= Q2;

end if;

end process;

end Behavioral;

Component: IP-Inverse

43

CODE: (IP inverse):

library IEEE;


entity IPinvmatrix is





end IPinvmatrix;

architecture Behavioral of IPinvmatrix is

begin

process (clk,Rx,Lx)

variable Q: bit_vector(0 to 63);

44

begin


Q(0) := Lx(7);

Q(1) := Rx(7);

Q(2) := Lx(15);

Q(3) := Rx(15);

Q(4) := Lx(23);

Q(5) := Rx(23);

Q(6) := Lx(31);

Q(7) := Rx(31);

Q(8) := Lx(6);

Q(9) := Rx(6);

Q(10) := Lx(14);

Q(11) := Rx(14);

Q(12) := Lx(22);

Q(13) := Rx(22);

Q(14) := Lx(30);

Q(15) := Rx(30);

Q(16) := Lx(5);

Q(17) := Rx(5);

Q(18) := Lx(13);

Q(19) := Rx(13);

Q(20) := Lx(21);

Q(21) := Rx(21);

Q(22) := Lx(29);

Q(23) := Rx(29);

Q(24) := Lx(4);

45

Q(25) := Rx(4);

Q(26) := Lx(12);

Q(27) := Rx(12);

Q(28) := Lx(20);

Q(29) := Rx(20);

Q(30) := Lx(28);

Q(31) := Rx(28);

Q(32) := Lx(3);

Q(33) := Rx(3);

Q(34) := Lx(11);

Q(35) := Rx(11);

Q(36) := Lx(19);

Q(37) := Rx(19);

Q(38) := Lx(27);

Q(39) := Rx(27);

Q(40) := Lx(2);

Q(41) := Rx(2);

Q(42) := Lx(10);

Q(43) := Rx(10);

Q(44) := Lx(18);

Q(45) := Rx(18);

Q(46) := Lx(26);

Q(47) := Rx(26);

Q(48) := Lx(1);

Q(49) := Rx(1);

Q(50) := Lx(9);

Q(51) := Rx(9);

46

Q(52) := Lx(17);

Q(53) := Rx(17);

Q(54) := Lx(25);

Q(55) := Rx(25);

Q(56) := Lx(0);

Q(57) := Rx(0);

Q(58) := Lx(8);

Q(59) := Rx(8);

Q(60) := Lx(16);

Q(61) := Rx(16);

Q(62) := Lx(24);

Q(63) := Rx(24);

end if;

plain <= Q;

end process; end Behavioral;

Component: Sub-Key Genaration

47

CODE: (Sub-Key Generation):

library IEEE;


entity subkey_generation2 is



















end subkey_generation2;

architecture Behavioral of subkey_generation2 is

component k64256


Kn : in bit_vector (0 to 63);

48

Ko : out bit_vector (0 to 55));

end component;

component k56228


I : in BIT_VECTOR (0 TO 55);

O1 : out BIT_VECTOR (0 TO 27);

O2 : out BIT_VECTOR (0 TO 27));

end component;

component ks1


I1 : in BIT_VECTOR(0 TO 27);


O1 : out BIT_VECTOR(0 TO 27);

O2 : out BIT_VECTOR(0 TO 27));

end component;

component ks2






end component;

component k56248




O : out BIT_VECTOR(0 TO 47));

49

end component;

signal r1 : bit_vector(0 to 55);

signal

r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15,r16,r17,r18,r19,r20,r21,r22,r23,r24,r25,r26,r27,r

28,r29,r30,r31,r32,r33,r34,r35 : bit_vector(0 to 27);

begin

dci1 : k64256 port map( clk => clock, Kn => K , Ko => r1);

dci2 : k56228 port map( clk => clock, I => r1, O1 => r2 ,O2 => r3);

it1 : ks1 port map(clk => clock, I1 => r2, I2 => r3 , O1 => r4, O2 => r5);

dc1 : k56248 port map( clk => clock, I1 => r4, I2 => r5, O => Sk1);

















it10: ks2 port map(clk => clock, I1 => r20, I2 => r21 , O1 => r22, O2 => r23);

50










it15: ks2 port map(clk => clock, I1 => r30, I2 => r31, O1 => r32, O2 => r33);




end Behavioral;

Component: Fiestel Function

51

CODE: (Fiestel Function):

library IEEE;


entity ff is





end ff;

architecture Behavioral of ff is

COMPONENT ebit


i : in BIT_VECTOR (0 TO 31);


end COMPONENT;

COMPONENT xor48

52





end COMPONENT;

COMPONENT xr4836



b1 : out BIT_VECTOR (0 TO 5);







b8 : out BIT_VECTOR (0 TO 5));

end COMPONENT;

COMPONENT s1


b : in BIT_VECTOR(0 TO 5);


end COMPONENT;

COMPONENT s2


b : in BIT_VECTOR (0 TO 5);


end COMPONENT;

53

COMPONENT s3




end COMPONENT;

COMPONENT s4




end COMPONENT;

COMPONENT s5




end COMPONENT;

COMPONENT s6




end COMPONENT;

COMPONENT s7




end COMPONENT;

COMPONENT s8


54



end COMPONENT;

COMPONENT s4232


s1 : in BIT_VECTOR(0 TO 3);








s : out BIT_VECTOR(0 TO 31));

end COMPONENT;

COMPONENT pmat



f : out BIT_VECTOR (0 TO 31));

end COMPONENT;

signal t1,t2 : BIT_VECTOR (0 TO 47);

signal t3,t4,t5,t6,t7,t8,t9,t10 : BIT_VECTOR (0 TO 5);

signal t11,t12,t13,t14,t15,t16,t17,t18 : BIT_VECTOR (0 TO 3);

signal t19 : BIT_VECTOR (0 TO 31);

begin

ebitd: ebit port map(clk => clk, i => r, o => t1);

xor48d: xor48 port map(clk => clk, i1 => t1, i2 => k, o => t2);

55

xr4836d: xr4836 port map(clk => clk, i => t2, b1 => t3,b2 => t4,b3 => t5,b4 => t6,b5 =>

t7,b6 => t8,b7 => t9,b8 => t10);

s1d: s1 port map(clk => clk, b => t3, o => t11);








s4232d: s4232 port map(clk => clk,s1 => t11,s2 => t12,s3 => t13,s4 => t14,s5 => t15,s6 =>

t16,s7 => t17,s8 => t18,s => t19);

pmatd: pmat port map(clk => clk,i => t19,f => f);

end Behavioral;

Component: XOR 48 bit

CODE: (XOR 48 bit):

library IEEE;


56

entity xor48 is





end xor48;

architecture Behavioral of xor48 is

begin

process(clk,i1,i2)

variable q: BIT_VECTOR (0 TO 47);

begin


q := (i1 xor i2);

end if;

o <= q;

end process;

end Behavioral;

Component: XOR 48 bit to 32 bit

57

CODE: (XOR 48 to 32 bit):

library IEEE;


entity xr4836 is










b8 : out BIT_VECTOR (0 TO 5));

end xr4836;

58

architecture Behavioral of xr4836 is

begin

PROCESS(clk,i)

variable q1,q2,q3,q4,q5,q6,q7,q8 : BIT_VECTOR (0 TO 5);

begin


q1 := i(0 to 5);

q2 := i(6 to 11);

q3 := i(12 to 17);

q4 := i(18 to 23);

q5 := i(24 to 29);

q6 := i(30 to 35);

q7 := i(36 to 41);

q8 := i(42 to 47);

end if;

b1 <= q1;

b2 <= q2;

b3 <= q3;

b4 <= q4;

b5 <= q5;

b6 <= q6;

b7 <= q7;

b8 <= q8;

end process;

end Behavioral;

Component: S 8 4bits to 32 bit

59

CODE: (S 8 4bits to 32 bit ):

library IEEE;


entity s4232 is










s : out BIT_VECTOR(0 TO 31));

end s4232;

architecture Behavioral of s4232 is

60

begin

process(clk,s1,s2,s3,s4,s5,s6,s7,s8)

variable q : BIT_VECTOR(0 TO 31);

begin


q := ( s1 & s2 & s3 & s4 & s5 & s6 & s7 & s8);

end if;

s <= q;

end process;

end Behavioral;

Component: P Matrix


library IEEE;

61


entity pmat is



f : out BIT_VECTOR (0 TO 31));

end pmat;

architecture Behavioral of pmat is

begin

process(clk,i)

variable q : BIT_VECTOR (0 TO 31);

begin


q(0) := i(15);

q(1) := i(6);

q(2) := i(19);

q(3) := i(20);

q(4) := i(28);

q(5) := i(11);

q(6) := i(27);

q(7) := i(16);

q(8) := i(0);

q(9) := i(14);

q(10) := i(22);

q(11) := i(25);

q(12) := i(4);

q(13) := i(17);

62

q(14) := i(30);

q(15) := i(9);

q(16) := i(1);

q(17) := i(7);

q(18) := i(23);

q(19) := i(13);

q(20) := i(31);

q(21) := i(26);

q(22) := i(2);

q(23) := i(8);

q(24) := i(18);

q(25) := i(12);

q(26) := i(29);

q(27) := i(5);

q(28) := i(21);

q(29) := i(10);

q(30) := i(3);

q(31) := i(24);

end if;

f <= q;

end process;

end Behavioral;

Component: E bit Selection Table

63

CODE: (E bit Selection Table):

library IEEE;


entity ebit is




end ebit;

architecture Behavioral of ebit is

begin

process(clk,i)

variable q : bit_vector(0 to 47);

begin


q(0) := i(31);

64

q(1) := i(0);

q(2) := i(1);

q(3) := i(2);

q(4) := i(3);

q(5) := i(4);

q(6) := i(3);

q(7) := i(4);

q(8) := i(5);

q(9) := i(6);

q(10) := i(7);

q(11) := i(8);

q(12) := i(7);

q(13) := i(8);

q(14) := i(9);

q(15) := i(10);

q(16) := i(11);

q(17) := i(12);

q(18) := i(11);

q(19) := i(12);

q(20) := i(13);

q(21) := i(14);

q(22) := i(15);

q(23) := i(16);

q(24) := i(15);

q(25) := i(16);

q(26) := i(17);

q(27) := i(18);

65

q(28) := i(19);

q(29) := i(20);

q(30) := i(19);

q(31) := i(20);

q(32) := i(21);

q(33) := i(22);

q(34) := i(23);

q(35) := i(24);

q(36) := i(23);

q(37) := i(24);

q(38) := i(25);

q(39) := i(26);

q(40) := i(27);

q(41) := i(28);

q(42) := i(27);

q(43) := i(28);

q(44) := i(29);

q(45) := i(30);

q(46) := i(31);

q(47) := i(0);

end if;

o <= q;

end process;

end Behavioral;

Component: K 64 to 56

66


library IEEE;


entity k64256 is


Kn : in bit_vector (0 to 63);

Ko : out bit_vector (0 to 55));

end k64256;

architecture Behavioral of k64256 is

begin

process(Kn,clk)

variable Qo : bit_vector ( 0 to 55);

variable c,M,L : integer ;

begin


c := 0;

67

M := 56;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

end if;

end loop;

M := M+1;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

end if;

end loop;

M := M+1;L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

68

end if;

end loop;

M := M+1;L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 35) then

exit;

end if;

end loop;

M := 62;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

end if;

end loop;

M := M-1;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

69

if ( L< 0) then

exit;

end if;

end loop;

M := M-1;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

end if;

end loop;

M := 27;

L := M;


Qo(c) := Kn(L);

c := c+1 ;

L := L-8;

if ( L< 0) then

exit;

end if;

end loop;

Ko <= Qo;

end if;

end process;

70

end Behavioral;

Component: 56 bit to two 28 bits

CODE: (56 bit to Two 28 bits):

library IEEE;


entity k56228 is


I : in BIT_VECTOR (0 TO 55);

O1 : out BIT_VECTOR (0 TO 27);

O2 : out BIT_VECTOR (0 TO 27));

end k56228;


begin

PROCESS(I,clk)

variable Q1,Q2 : BIT_VECTOR (0 TO 27);

begin

71


Q1 := I(0 to 27);

Q2 := I(28 to 55);

O1 <= Q1;

O2 <= Q2;

end if;

end process;

end Behavioral;

Component: 56 bit to 48 bit

CODE: (56 bit to 48 bit):

library IEEE;


entity k56248 is




O : out BIT_VECTOR(0 TO 47));

72

end k56248;


begin

process(clk,I1,I2)

variable Q : BIT_VECTOR(0 TO 47);

begin


Q(0) := I1(13);

Q(1) := I1(16);

Q(2) := I1(10);

Q(3) := I1(23);

Q(4) := I1(0);

Q(5) := I1(4);

Q(6) := I1(2);

Q(7) := I1(27);

Q(8) := I1(14);

Q(9) := I1(5);

Q(10) := I1(20);

Q(11) := I1(9);

Q(12) := I1(22);

Q(13) := I1(18);

Q(14) := I1(11);

Q(15) := I1(3);

Q(16) := I1(25);

Q(17) := I1(7);

Q(18) := I1(15);

73

Q(19) := I1(6);

Q(20) := I1(26);

Q(21) := I1(19);

Q(22) := I1(12);

Q(23) := I1(1);

Q(24) := I2(12);

Q(25) := I2(23);

Q(26) := I2(2);

Q(27) := I2(8);

Q(28) := I2(18);

Q(29) := I2(26);

Q(30) := I2(1);

Q(31) := I2(11);

Q(32) := I2(22);

Q(33) := I2(16);

Q(34) := I2(4);

Q(35) := I2(19);

Q(36) := I2(15);

Q(37) := I2(20);

Q(38) := I2(10);

Q(39) := I2(27);

Q(40) := I2(5);

Q(41) := I2(24);

Q(42) := I2(17);

Q(43) := I2(13);

Q(44) := I2(21);

Q(45) := I2(7);

74

Q(46) := I2(0);

Q(47) := I2(3);

end if;

O <= Q;

end process;

end Behavioral;

Component: Iterations

CODE: (Iterations):

library IEEE;


entity ks1 is





75


end ks1;

architecture Behavioral of ks1 is

begin

process(I1,I2,clk)

variable Q1,Q2 : bit_vector(0 to 27);

begin

if (clk'event and clk='1' ) then

Q1 := I1(1 to 27) & I1(0);

Q2 := I2(1 to 27) & I2(0);

O1 <= Q1;

O2 <= Q2;

end if;

end process;

end Behavioral;

76

The Schematic of the Encryption Block after connecting all the

Modules:

77

DECRYPTION

As you can see from the above RTL schematic, the Encryption module takes the 64 bit

Cypher and decodes it with the 64 bit Key and Gives the 64 bit Decoded Plaintext.

CODE: (Top Module):

library IEEE;


entity decryptwithipinv is

Port ( cypher : in bit_vector (0 to 63);

key : in bit_vector (0 to 63);

clk : in STD_LOGIC;

plaintext : out bit_vector (0 to 63));

end decryptwithipinv;

architecture Behavioral of decryptwithipinv is

COMPONENT dff

78




end COMPONENT;

COMPONENT IP4





end COMPONENT;

COMPONENT ff





end COMPONENT;

COMPONENT subkey_generation2











79









end COMPONENT;

COMPONENT IPinvmatrix is





end component;

COMPONENT xor32





end COMPONENT;

signal k1,k2,k3,k4,k5,k6,k7,k8,k9,k10,k11,k12,k13,k14,k15,k16 : BIT_VECTOR(0 TO 47);

signal r0,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11,r12,r13,r14,r15 : BIT_VECTOR(0 TO 31);

signal f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15,f16,Rx1,Lx1 : BIT_VECTOR(0 TO

31);

signal l0 : BIT_VECTOR(0 TO 31);

begin

80

IP: IP4 port map( clk => Clk, A => Cypher,L => l0,R => r0);

SbKey: subkey_generation2 port map( clock => Clk,K => key,Sk1 => k1,Sk2 => k2,Sk3 =>

k3,Sk4 => k4,Sk5 => k5,Sk6 => k6,Sk7 => k7,Sk8 => k8,Sk9 => k9,Sk10 => k10,Sk11 =>

k11,Sk12 => k12,Sk13 => k13,Sk14 => k14,Sk15 => k15,Sk16 => k16);

xrd1: xor32 port map( clk => Clk,i1 => l0,i2 => f1,o => r1);

xrd2: xor32 port map( clk => Clk,i1 => r0,i2 => f2,o => r2);














xrd16: xor32 port map( clk => Clk,i1 => r14,i2 => f16,o => Rx1);

ffd1: ff port map ( clk => Clk,r => r0,k => k16,f => f1);








81









dffd: dff port map (clk => Clk,i => r15,o => Lx1);

inv1: IPinvmatrix port map (clk => Clk, Rx => Rx1, Lx=> Lx1, plain => plaintext);

end Behavioral;

82

RESULTS:

ENCRYPTION:

Given Input:

Plaintext: 0123456789ABCDEF

Key: 133457799BBCDFF1

Corresponding Output:

Cypher: 85E813540F0AB405

83

DECRYPTION:

Given Input:

Key: 133457799BBCDFF1

Cypher: 85E813540F0AB405

Corresponding Output:

Plaintext: 0123456789ABCDEF

84

REFERENCES:

Books:

[1] Christof Paar, “Applied Cryptography and Data Security” (Lecture Notes),

May 2000.

[2] S.A. Vanstone, A.J. Menezes, P.C. Oorschot, “Handbook of Applied

Cryptography”, CRC Press, 1997.

Web-References:

[1] www.wikipedia.org.

Study and implementation of DES on FPGA

Documents

Transcript of Study and implementation of DES on FPGA