基于FPGA的混沌加密芯片技术研究
|
摘要
利用混沌的对初值和参数敏感、伪随机以及遍历等特性设计的加密方案,相对传统加密方案而言,表现出许多优越性能,尤其在快速置乱和扩散数据方面。目前,大多数混沌密码倾向于软件实现,这些实现方案中数据串行处理且吞吐量有限,因而不适合硬件实现。
本论文分别介绍了适合FPGA(现场可编程门阵列)并行实现的序列密码和分组密码方案。序列密码方案,对传统LFSR(线性反馈移位寄存器)进行改进,采用非线性的混沌方程代替LFSR中的线性反馈方程,进而构造出基于混沌伪随机数发生器的加密算法。分组密码方案,从图像置乱的快速性考虑,将两维混沌映射扩展到三维空间;同时,引入另一种混沌映射对图像数据进行扩散操作,以有效地抵抗统计和差分攻击。
对于这两种方案,文中给出了VHDL(硬件描述语言)编程、FPGA片内功能模块设计、加密效果以及硬件性能分析等。其中,序列密码硬件实现方案,在不考虑通信延时的情况下,可以达到每秒61.622兆字节的加密速度。
实验结果表明,这两种加密算法的FPGA实现方案是可行的,并且能够得到较高的安全性和较快的加密速度。
Due to the exceptional properties of chaos such as the sensitivity to initial conditions and parameters, the pseudo-randomness and the ergodicity, chaos-based algorithms have shown their superior performance, especially in swiftly shuffling and diffusing data, which quite superior to traditional schemes of cryptology. However, most currently existing chaotic ciphers are intend to be implemented in software, by which the data are processed sequentially and the throughput is limited, thereby are not suited to hardware realization.
In this thesis, two chaos-based parallel cipher schemes that accommodate to FPGA (Field Programmable Gate Array) implementation are presented: one belongs to stream cipher, and the other one belongs to block cipher. The proposed stream cipher scheme is inspired from LFSR (Linear Feedback Shift Register) but differs in the feedback mechanism: the later uses a linear feedback function while the former uses a nonlinear chaotic one. In the block cipher scheme, the two-dimensional chaotic cat map is extended to general 3D for designing a faster image encryption scheme. Besides, the diffuse-mechanism is also used in the scheme, thereby significantly increasing the resistance to statistical and differential attacks.
Issues concerning VHDL (VHSIC Hardware Description Language) programming, internal function modular description, encryption results and performance analysis of the encryption chip are reported. Simulation results show that the throughput of the stream cipher can reach high up to 61.622MB per second under the circumstance of not taking the communication delay into account.
Experimental tests show that the attempt of applying the two chaotic encryption schemes to hardware implementation is feasible, and can acquire high security and fast encryption speed.
本论文分别介绍了适合FPGA(现场可编程门阵列)并行实现的序列密码和分组密码方案。序列密码方案,对传统LFSR(线性反馈移位寄存器)进行改进,采用非线性的混沌方程代替LFSR中的线性反馈方程,进而构造出基于混沌伪随机数发生器的加密算法。分组密码方案,从图像置乱的快速性考虑,将两维混沌映射扩展到三维空间;同时,引入另一种混沌映射对图像数据进行扩散操作,以有效地抵抗统计和差分攻击。
对于这两种方案,文中给出了VHDL(硬件描述语言)编程、FPGA片内功能模块设计、加密效果以及硬件性能分析等。其中,序列密码硬件实现方案,在不考虑通信延时的情况下,可以达到每秒61.622兆字节的加密速度。
实验结果表明,这两种加密算法的FPGA实现方案是可行的,并且能够得到较高的安全性和较快的加密速度。
Due to the exceptional properties of chaos such as the sensitivity to initial conditions and parameters, the pseudo-randomness and the ergodicity, chaos-based algorithms have shown their superior performance, especially in swiftly shuffling and diffusing data, which quite superior to traditional schemes of cryptology. However, most currently existing chaotic ciphers are intend to be implemented in software, by which the data are processed sequentially and the throughput is limited, thereby are not suited to hardware realization.
In this thesis, two chaos-based parallel cipher schemes that accommodate to FPGA (Field Programmable Gate Array) implementation are presented: one belongs to stream cipher, and the other one belongs to block cipher. The proposed stream cipher scheme is inspired from LFSR (Linear Feedback Shift Register) but differs in the feedback mechanism: the later uses a linear feedback function while the former uses a nonlinear chaotic one. In the block cipher scheme, the two-dimensional chaotic cat map is extended to general 3D for designing a faster image encryption scheme. Besides, the diffuse-mechanism is also used in the scheme, thereby significantly increasing the resistance to statistical and differential attacks.
Issues concerning VHDL (VHSIC Hardware Description Language) programming, internal function modular description, encryption results and performance analysis of the encryption chip are reported. Simulation results show that the throughput of the stream cipher can reach high up to 61.622MB per second under the circumstance of not taking the communication delay into account.
Experimental tests show that the attempt of applying the two chaotic encryption schemes to hardware implementation is feasible, and can acquire high security and fast encryption speed.
引文
1 胡予濮,张玉清,肖国镇.对称密码学.北京:机械工业出版社,2002
2 卿斯汉.密码学与计算机网络安全.北京:清华大学出版社,2001
3 冯登国,吴文玲.分组密码的设计与分析.第1版.北京:清华大学出版社,2000
4 冯登国.国内外密码学研究现状及发展趋势.通信学报.2002,23(5):18-26
5 E.N.Lorenz.混沌的本质.北京:气象出版社,1997
6 http://mathworld.wo.ram.com/ArnoldsCatMap.html
7 Jiang Anping, Sheng Shimin.The Design and Implementation of a Block Cipher ASIC.IEEE.2001: 344-347
8 金革,梅文等.可编程逻辑阵列FPGA和EPLD.第1版.合肥:中国科学技术大学出版社,1996
9 Jiri Fridrich. Symmetric Ciphers Based on Two-dimensional Chaotic Maps. International Journal of Bifurcation and Chaos, 1998, 8(6): 1259-1284
10 丘水生,陈艳峰,吴敏等.混沌保密通信的若干新问题及混沌加密新方案.华南理工大学学报(自然科学版).2002,30(11):75-80
11 L. Kocarev, G. Jakimoski, T. Stojanovski, U. Parlitz. From chaotic maps to encryption schemes. IEEE International Symposium on Circuits and Systems. 1998(4): 514—517
12 Jakimoski G, Kocarev L. Chaos and cryptography: block encryption ciphers based on chaotic maps. IEEE Trans on Circuits and Systems-I.2001, 48(2): 163-169
13 余振宏.混沌理论的研究及其在图像加密通信中的应用.硕士学位论文.同济大学.2003,3
14 Dachselt F, Schwarz W.Chaos and cryptography.IEEE Trans on Circuits and Systems-I.2001, 48(12): 1498-1509
15 Fridrich J. Symmetric ciphers based on two-dimensional chaotic maps. Int J Bifurcation and Chaos.1998, 8(6): 1259-1284
16 Matthews R. On the derivation of a "chaotic" encryption algorithm. Cryptologia. 1989, 8(1): 29-41
17 Kotulski Z, Szczepacnski J (1997) Discrete chaotic cryptography (DCC): New method for secure communication. Proc NEEDS'97
18 Shannon CE.Communication theory of secrecy system. Bell System Technical. 1949(28): 656-715
19 Alvarez G., Montoya F., Romera M., Pastor G. Cryptanalysis of a chaotic secure communication system. Physics Letters A. 2003, 306(4): 200-205
20 T.Stojanovski, L.Kocarev. Chaos-based random number generators-Part Ⅰ: Analysis. IEEE Trans Circuits andsystem-Ⅰ.2001, 48(3): 281-288
21 T.Stojanovski, J.Pihl, L.Kocarev. Chaos-based random number generators-Part Ⅱ: Practical realization. IEEE Trans Circuits and Systems-Ⅰ, 2001, 48(3): 382-385
22 M.Andrecut. Logistic map as a random number generator. International Journal of Modem Physics B. 1998, 12(9): 921-930
23 Zhou Hong, Ling Xieting. Generating chaotic secure sequences with desires statistical properties and high security. Int. J. Bifurcation and chaos.1997, 7(1): 205-213
24 Frank Dachselt, Kristina Kelber, Wolfgang Schwarz, Joos Vandewalle. Chaotic versus classical stream ciphers-a comparative study. IEEE International Symposium on Circuits and Systems. 1998(4): 518—521
25 陈立志.CPLD/FPGA技术在分组密码中的应用研究.硕士学位论文.中国科学院计算技术研究所.2002,6
26 茅耀斌.基于混沌的图象加密与数字水印技术研究.[博士学位论文].南京理工大学.2003
27 Brown R, Chua L. Clarifying chaos: examples and counter examples [J]. Int. J. Bifur. Chaos. 1996, 6(2): 219-249
28 Achselt F, Schwarz W. Chaos and cryptography [J]. IEEE Trans. Circuits Syst. 1.2001, 48(12): 1498-1509
29 李昌刚,韩正之,张浩然.图像加密技术综述.计算机研究与发展.2002,39(10):1317-1324
30 孙克辉,刘巍,张泰山.一种混沌加密算法的实现.计算机应用.2003,23(1):15-17
31 Wong Wai-kit, Lee Lap-piu, Wong Kwok-wo. A modified chaotic cryptographic method. Computer Physics Communications. 2001, 138(3): 234-236
32 VHDL Modelling Guidelines, September 1994. ftp://ftp.estec.esa.nl/pub/vhdl/doc/ModelGuide.pdf
33 胡振华.VHDL与FPGA设计.第1版.北京:中国铁道出版社,2003
34 Kocarev, L. Chaos-based cryptography: a brief overview. IEEE Circuits and Systems Magazine.2001 1(3): 6-21
35 Kocarev, L. & Jakimovski, G. Chaos and cryptography: From chaotic maps to eneryption algorithms. IEEE Trans Circuits and Systems-Ⅰ.2001, 48(2): 163-169
36 Li S., Mou X., Cai Y. Chaotic crypography in digital world: state-of-the-art, problems and solutions. Available from: http://www.hooklee.com.2003
37 Guanrong Chen, Yaobin Mao, Charles K. Chui. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos, Solitons and Fractals.2004(21): 749-761
38 Yaobin Mao, Guanrong Chen.Chaos-based image encryption. Handbook of Computational Geometry for Pattern Recognition, Computer Vision, Neurocomputing and Robotics. Springer-Verlag New York.2003
39 Masuda N, Aihara K. Cryptosystems with discretized chaotic maps. IEEE Trans Circuits and
Systems-Ⅰ.2002, 49(1): 28-40
40 http://www.Xilinx.com
41 王诚,薛小刚,钟信潮.FPGA/CPLD设计工具——Xilinx ISE 5.X使用详解.第1版.北京:人民邮电出版社,2003
42 Schneier B著,吴世忠,祝世雄,张文政等译.应用密码学:协议、算法与C源程序.第1版.北京:机械工业出版社,2000
43 Xilinx.Spartan-Ⅱ 2.5V FPGA Family: Introduction and Ordering Information. http://direct.xilinx. Com/bvdocs/publications/ds001_1.pdf.2003
44 孙鑫,易开祥,孙优贤.基于混沌系统的图像加密算法.计算机辅助设计与图形学学报.第14卷第2期,2002年2月:136-139
45 孙克辉,刘巍,张泰山.一种混沌加密算法的实现.计算机应用.第23卷第1期,2003年1月:15-17
46 陆浪如,匡友华,杨强浩,高山.AES算法的FPGA实现.交通与计算机.第19卷第5期,2001年:14-17
47 Ch.mo Enrico Zanoni, Meneghesso Gaudenzio. An FPGA Implementation Of A Chaotic Eneryption Algorithm.2000
48 Beker. H, F. Piper. Cipher Systems: the Protection of Communication. John Wiley and Sons.New York. 1982
49 Security Requirements for Cryptographic Modules.NIST.1994
50 Masuda N, Aihara K. Cryptosystems with discretized chaotic maps. IEEE Trans Circuits and Systems-Ⅰ.2002, 49(1): 28-40
2 卿斯汉.密码学与计算机网络安全.北京:清华大学出版社,2001
3 冯登国,吴文玲.分组密码的设计与分析.第1版.北京:清华大学出版社,2000
4 冯登国.国内外密码学研究现状及发展趋势.通信学报.2002,23(5):18-26
5 E.N.Lorenz.混沌的本质.北京:气象出版社,1997
6 http://mathworld.wo.ram.com/ArnoldsCatMap.html
7 Jiang Anping, Sheng Shimin.The Design and Implementation of a Block Cipher ASIC.IEEE.2001: 344-347
8 金革,梅文等.可编程逻辑阵列FPGA和EPLD.第1版.合肥:中国科学技术大学出版社,1996
9 Jiri Fridrich. Symmetric Ciphers Based on Two-dimensional Chaotic Maps. International Journal of Bifurcation and Chaos, 1998, 8(6): 1259-1284
10 丘水生,陈艳峰,吴敏等.混沌保密通信的若干新问题及混沌加密新方案.华南理工大学学报(自然科学版).2002,30(11):75-80
11 L. Kocarev, G. Jakimoski, T. Stojanovski, U. Parlitz. From chaotic maps to encryption schemes. IEEE International Symposium on Circuits and Systems. 1998(4): 514—517
12 Jakimoski G, Kocarev L. Chaos and cryptography: block encryption ciphers based on chaotic maps. IEEE Trans on Circuits and Systems-I.2001, 48(2): 163-169
13 余振宏.混沌理论的研究及其在图像加密通信中的应用.硕士学位论文.同济大学.2003,3
14 Dachselt F, Schwarz W.Chaos and cryptography.IEEE Trans on Circuits and Systems-I.2001, 48(12): 1498-1509
15 Fridrich J. Symmetric ciphers based on two-dimensional chaotic maps. Int J Bifurcation and Chaos.1998, 8(6): 1259-1284
16 Matthews R. On the derivation of a "chaotic" encryption algorithm. Cryptologia. 1989, 8(1): 29-41
17 Kotulski Z, Szczepacnski J (1997) Discrete chaotic cryptography (DCC): New method for secure communication. Proc NEEDS'97
18 Shannon CE.Communication theory of secrecy system. Bell System Technical. 1949(28): 656-715
19 Alvarez G., Montoya F., Romera M., Pastor G. Cryptanalysis of a chaotic secure communication system. Physics Letters A. 2003, 306(4): 200-205
20 T.Stojanovski, L.Kocarev. Chaos-based random number generators-Part Ⅰ: Analysis. IEEE Trans Circuits andsystem-Ⅰ.2001, 48(3): 281-288
21 T.Stojanovski, J.Pihl, L.Kocarev. Chaos-based random number generators-Part Ⅱ: Practical realization. IEEE Trans Circuits and Systems-Ⅰ, 2001, 48(3): 382-385
22 M.Andrecut. Logistic map as a random number generator. International Journal of Modem Physics B. 1998, 12(9): 921-930
23 Zhou Hong, Ling Xieting. Generating chaotic secure sequences with desires statistical properties and high security. Int. J. Bifurcation and chaos.1997, 7(1): 205-213
24 Frank Dachselt, Kristina Kelber, Wolfgang Schwarz, Joos Vandewalle. Chaotic versus classical stream ciphers-a comparative study. IEEE International Symposium on Circuits and Systems. 1998(4): 518—521
25 陈立志.CPLD/FPGA技术在分组密码中的应用研究.硕士学位论文.中国科学院计算技术研究所.2002,6
26 茅耀斌.基于混沌的图象加密与数字水印技术研究.[博士学位论文].南京理工大学.2003
27 Brown R, Chua L. Clarifying chaos: examples and counter examples [J]. Int. J. Bifur. Chaos. 1996, 6(2): 219-249
28 Achselt F, Schwarz W. Chaos and cryptography [J]. IEEE Trans. Circuits Syst. 1.2001, 48(12): 1498-1509
29 李昌刚,韩正之,张浩然.图像加密技术综述.计算机研究与发展.2002,39(10):1317-1324
30 孙克辉,刘巍,张泰山.一种混沌加密算法的实现.计算机应用.2003,23(1):15-17
31 Wong Wai-kit, Lee Lap-piu, Wong Kwok-wo. A modified chaotic cryptographic method. Computer Physics Communications. 2001, 138(3): 234-236
32 VHDL Modelling Guidelines, September 1994. ftp://ftp.estec.esa.nl/pub/vhdl/doc/ModelGuide.pdf
33 胡振华.VHDL与FPGA设计.第1版.北京:中国铁道出版社,2003
34 Kocarev, L. Chaos-based cryptography: a brief overview. IEEE Circuits and Systems Magazine.2001 1(3): 6-21
35 Kocarev, L. & Jakimovski, G. Chaos and cryptography: From chaotic maps to eneryption algorithms. IEEE Trans Circuits and Systems-Ⅰ.2001, 48(2): 163-169
36 Li S., Mou X., Cai Y. Chaotic crypography in digital world: state-of-the-art, problems and solutions. Available from: http://www.hooklee.com.2003
37 Guanrong Chen, Yaobin Mao, Charles K. Chui. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos, Solitons and Fractals.2004(21): 749-761
38 Yaobin Mao, Guanrong Chen.Chaos-based image encryption. Handbook of Computational Geometry for Pattern Recognition, Computer Vision, Neurocomputing and Robotics. Springer-Verlag New York.2003
39 Masuda N, Aihara K. Cryptosystems with discretized chaotic maps. IEEE Trans Circuits and
Systems-Ⅰ.2002, 49(1): 28-40
40 http://www.Xilinx.com
41 王诚,薛小刚,钟信潮.FPGA/CPLD设计工具——Xilinx ISE 5.X使用详解.第1版.北京:人民邮电出版社,2003
42 Schneier B著,吴世忠,祝世雄,张文政等译.应用密码学:协议、算法与C源程序.第1版.北京:机械工业出版社,2000
43 Xilinx.Spartan-Ⅱ 2.5V FPGA Family: Introduction and Ordering Information. http://direct.xilinx. Com/bvdocs/publications/ds001_1.pdf.2003
44 孙鑫,易开祥,孙优贤.基于混沌系统的图像加密算法.计算机辅助设计与图形学学报.第14卷第2期,2002年2月:136-139
45 孙克辉,刘巍,张泰山.一种混沌加密算法的实现.计算机应用.第23卷第1期,2003年1月:15-17
46 陆浪如,匡友华,杨强浩,高山.AES算法的FPGA实现.交通与计算机.第19卷第5期,2001年:14-17
47 Ch.mo Enrico Zanoni, Meneghesso Gaudenzio. An FPGA Implementation Of A Chaotic Eneryption Algorithm.2000
48 Beker. H, F. Piper. Cipher Systems: the Protection of Communication. John Wiley and Sons.New York. 1982
49 Security Requirements for Cryptographic Modules.NIST.1994
50 Masuda N, Aihara K. Cryptosystems with discretized chaotic maps. IEEE Trans Circuits and Systems-Ⅰ.2002, 49(1): 28-40