一种数据传输的动态加密算法与FPGA的设计
摘要
随着Internet的飞速发展,在网络中传输信息的安全问题一直是人们研究的热点,其中加密算法一直在信息安全领域起着非常重要的作用,它直接影响到国家的未来和发展。随着密码分析水平、芯片处理能力和计算技术的不断进步,特别是嵌入式设备的广泛使用,原有的数据加密算法在实现速度、安全性能、资源使用量和跨平台性等方面均难以继续满足新的应用需求。完全用软件实现加密算法已不能适合嵌入式系统,而利用硬件实现嵌入式中的加密算法是必然趋势。因此,研究一种基于嵌入式系统的加解密算法具有重要的理论意义和实用价值。
FPGA(Field Programmable Gate Array)和它的开发工具EDA(Electronic DesignAutomation)的发展为我们研究新的算法提供了机会,它一方面具有基于软件方式的灵活性和可扩展性,另一方面,又可以取得接近ASIC(Application Specific IntergratedCircuits)方式实现的性能。利用可重构的PFGA实现加密算法不仅能动态协商采用何种加密参数,而且可以兼具软件与ASIC二者的优点。
本文紧跟加密算法的发展趋势,对嵌入式设备的特点和信息安全中加密理念进行了深入剖析,基于对FPGA的体系结构的深入研究,本人提出了一种基于线性反馈移位寄存器的快速加密算法以及在FPGA上的实现。该算法中的软件和硬件对计算环境适应性强、性能稳定、存储需求量低、计算简单并且在FPGA上有良好的并行性。它适合于实时监控、无线网络中的语音通讯等嵌入式设备中。通过密码分析、理论分析和实验结果,进一步证明了此算法具有很好的实用性。
With the fast development of the internet, it is hot issue studied by people that the security problem existed in transferring information in internet, especially the encryption algorithm plays a vital role in the field of information security which have a direct effect on the future and development of our country. With the continual improvement of analysis of crypt、power of chip and computer technology, especially the wide use of embedded devices, it is hard to meet the new applied demand on the aspects of real-time、security、resource etc. Encryption algorithm based fully software isn't used in embedded system, and Encrypt algorithm by hardware compiling is the trend nowadays. Therefore, the study of encryption algorithm based on embedded system is of great theoretical and practical value.
Besides, FPGA(Field Programmable Gate Array) and the development of the tool—EDA(Electronic Design Automation) offers us the opportunity to study new calculation methods. On the one hand, it is flexible and enlarging which is based on software. On the other hand, it is approach to the feature of ASIC(Application Specific Intergrated Circuits). Encrypt algorithm based on FPGA can change parameters, It has all features both software and hardware.
This article gets close to the trend of encryption algorithm, which analyses deeply feature of embedded devices. With the deep study of FPGA, I put forward encryption algorithm based o LFSR and design on FPGA. The Encryption algorithm has strong compatibility of environment、few ROMs、single calculation. It is suitable for embedded devices such as monitor and audio communications in wireless network. It is proved to be practical that the calculation is of great practice by the analysis of password and theory and the outcomes of experiments.
FPGA(Field Programmable Gate Array)和它的开发工具EDA(Electronic DesignAutomation)的发展为我们研究新的算法提供了机会,它一方面具有基于软件方式的灵活性和可扩展性,另一方面,又可以取得接近ASIC(Application Specific IntergratedCircuits)方式实现的性能。利用可重构的PFGA实现加密算法不仅能动态协商采用何种加密参数,而且可以兼具软件与ASIC二者的优点。
本文紧跟加密算法的发展趋势,对嵌入式设备的特点和信息安全中加密理念进行了深入剖析,基于对FPGA的体系结构的深入研究,本人提出了一种基于线性反馈移位寄存器的快速加密算法以及在FPGA上的实现。该算法中的软件和硬件对计算环境适应性强、性能稳定、存储需求量低、计算简单并且在FPGA上有良好的并行性。它适合于实时监控、无线网络中的语音通讯等嵌入式设备中。通过密码分析、理论分析和实验结果,进一步证明了此算法具有很好的实用性。
With the fast development of the internet, it is hot issue studied by people that the security problem existed in transferring information in internet, especially the encryption algorithm plays a vital role in the field of information security which have a direct effect on the future and development of our country. With the continual improvement of analysis of crypt、power of chip and computer technology, especially the wide use of embedded devices, it is hard to meet the new applied demand on the aspects of real-time、security、resource etc. Encryption algorithm based fully software isn't used in embedded system, and Encrypt algorithm by hardware compiling is the trend nowadays. Therefore, the study of encryption algorithm based on embedded system is of great theoretical and practical value.
Besides, FPGA(Field Programmable Gate Array) and the development of the tool—EDA(Electronic Design Automation) offers us the opportunity to study new calculation methods. On the one hand, it is flexible and enlarging which is based on software. On the other hand, it is approach to the feature of ASIC(Application Specific Intergrated Circuits). Encrypt algorithm based on FPGA can change parameters, It has all features both software and hardware.
This article gets close to the trend of encryption algorithm, which analyses deeply feature of embedded devices. With the deep study of FPGA, I put forward encryption algorithm based o LFSR and design on FPGA. The Encryption algorithm has strong compatibility of environment、few ROMs、single calculation. It is suitable for embedded devices such as monitor and audio communications in wireless network. It is proved to be practical that the calculation is of great practice by the analysis of password and theory and the outcomes of experiments.
引文
[1]张国强,张国清,Internet网络的关联性研究[J].软件学报,2006,17(3):490-497
[2]Jerome A,Paulson and Stacey J.Arnesen.The Use of the Internet for Children's Health and the Environment[J]Pediatric Clinics of North America,Volume 54,Issue 1,February 2007:135.e1-135.e39
[3]Paula Iragiien and Juan de Dios Ortúzar.Willingness-to-pay for reducing fatal accident risk in urban areas:an Internet-based Web page stated preference survey[J]Accident Analysis &Prevention,Volume 36,Issue 4,July 2004,:513-524
[4]Juan Carlos Lopez Pimentel,Raul Monroy and Dieter Hurter.A Method for Patching Interleaving-Replay Attacks in Faulty Security Protocols[J].Electronic Notes in Theoretical Computer Science,Volume 174,Issue 4,30 May 2007,:117-130
[5]Vicente Rico-Ramirez,Sergio Frausto-Hernandez,Urmila M.Diwekar and Salvador Hemandez-Castro.Water networks security:A two-stage mixed-integer stochastic program for sensor placement under uncertainty[J].Computers & Chemical Engineering,Volume 31,Issues 5-6,May 2007,:565-573
[6]Kuo-Hsien Huang,Shou-Wei Chien,Yuan-Nian Hsu;Chu-Ying Kou;Yung-Fu Chert.A Total Laboratory Automation System Consolidated by Virtual Private Network for Improving Laboratory Efficiency[J].WSEAS Transactions on Systems,Volume 6;Issue 2,2007:310-315
[7]Florin Baboescu,Priyank Warkhede,Subhash Suri and George Varghese.Fast packet classification for two-dimensional conflict-free filters[J]Computer Networks,Volume 50,Issue 11,10 August 2006:1831-1842
[8]V.Sempere,T.Albero and J.Silvestre Analysis of communication alternatives in a heterogeneous network for a supervision and control system.Computer Communications,Volume 29,Issue 8,15 May 2006:1133-1145
[9]陈刚,赵晓宇,李均利.一种自适应的图像加密算法[J]软件学报2005,16(11):1203-1208
[10]武玉华,黄允,李艳俊,欧海文.基于FPGA的ECC算法高速实现[J]微计算机信息,2007年11期:236-237
[11]Tai-Wen Yue,Suchen Chiang.The semipublic encryption for visual cryptography using Q'tron neural networks[J]Journal of Network and Computer Applications Volume 30,Issue 1,January 2007:24-41
[12]王洪,郭娟,赖宗声,李小进,赵建龙,李光显.基于FPGA的指纹识别算法硬件实现微电子学与计算机,2007年04期:63-65,68
[13]Hamid R,Zarandi and Seyed Ghassem Miremadi.Dependability evaluation of Altera FPGA-based embedded systems subjected to SEUs[J]Microelectronics Reliability,Volume 47,Issues 2-3,February-March 2007:461-470
[14]All El Kateeb.High-speed touters design using data stream distributor unit[J]Journal of Network and Computer Applications Vol.30,No.1 2007:133-144
[15]Yong Lee,Jeail Lee and JooSeok Song.Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce[J]Computer Communications,Volume 30,Issue 4,26February 2007:893-903
[16]Konrad J.Kulikowski,Mark G.Karpovsky and Alexander Tanbin.Robust codes and robust,fault-tolerant architectures of the Advanced Encryption Standard[J]Journal of Systems Architecture,Volume 53,Issues 2-3,February-March 2007:139-149
[17]Nadia Nedjah and Luiza de Macedo Mourelle.Efficient and secure cryptographic systems based on addition chains:Hardware design vs.software/hardware co-design[3]Integration,the VLSI Journal,Volume 40,Issue 1,January 2007:36-44
[18]林德敬,林柏钢,林德清.国内外分组密码理论与技术的研究现状及发展趋势.天津通信技术,2002,(04):1-7
[19]Nicolas T.Courtois.Higher Order Correlation Attacks,XL algorithm and C.ryptanalysis of Toyocrypt.2002,(189):123-135
[20]Slobodan Bojanic,Gabriel Caffarena,Slobodan Petrovic and Octavio Nieto-Taladriz.FPGA for pseudorandom generator cryptanalysis[J]Microprocessors and Microsystems,Volume 30,Issue 2,1March 2006:63-71
[21]Zhengtao Jiang,Yang Zhan,Dan Chen and Yumin Wang.Two methods of directly constructing probabilistic public-key encryption primitives based on third-order LFSR sequences[J]Applied Mathematics and Computation,Volume 171,Issue 2,15 December 2005:900-911
[22]Amparo Fúster-Sabater and Dolores de la Guía-Martínez.Modelling nonlinear sequence generators in terms of linear cellular automata[J]Applied Mathematical Modelling,Volume 31,Issue 2,February 2007:226-235
[23]Boaz Tsaban and Uzi Vishne.Efficient Linear Feedback Shift Registers with Maximal Period[J]Finite Fields and Their Applications,Volume 8,Issue 2,April 2002:256-267
[24]Chang C.A New Encryption Algorithm for Image Cryptosystems[J].The Journal of Systems and Software,2001,58(7):83-91.
[25]王道顺,杨地莲,齐东旭.数字图像的两类非线性变换及其周期性[J].计算机辅助设计与图形学学报,2001,13(9):828-833.
[26]Jiqiang Lv.On two DES implementations secure against differential power analysis in smart-cards.Information and Computation,Volume 204,Issue 7,July 2006:1179-1193
[27]Chan CK,Cheng LM.Correlation properties of an improved summation generator with 2-bit memory.Signal Processing,2002,82:907-909
[28]汤学明,洪帆,崔国华,辫子群上的公钥加密算法.软件学报,2007,18(3):722-729
[29]Mex-Perera JC,Shepherd SJ.Cryptanalysis of an summation generator with 2-bit memory.Signal Processing,2002,82:2025-2028
[30]Chepyzhov V,Johansson T,Smeets B.A simple algorithm for fast correlation attacks on stream ciphers.In:Fast Software Encryption,FSE,2000.Springer-Verlag,2001:181-195
[31]Courtois NT.Higher order correlation attacks,XL algorithm and cryptanalysis of toyocrypt.In:ICISC'2002.Springer-Vedag,2003:182-199
[32]Armknecht F,Krause M.Algebraic attack on combiner with memory.In:Cryptology-Crypto'2003.Springer-Verlag,2003:162-176
[33]Min Lei,Guang Meng and Zhengjin Feng.Secudty analysis of chaotic communication systems based on Volterra-Wiener-Korenberg model[J]Chaos,Solitons & Fractals,Volume 28,Issue 1,April 2006:264-270
[34]Chengqing Li,Shujun Li,Der-Chyuan Lou and Dan Zhang.On the security of the Yen-Guo's domino signal encryption algorithm(DSEA)[J]Journal of Systems and Software,Volume 79,Issue 2,February 2006:253-258
[35]Min-Kyu Joo and Yoon-Hwa Choi.A fault-tolerant pipelined architecture for symmetric block ciphers[J]Computers & Electrical Engineering,Volume 31,Issue 6,September 2005:380-390
[36]Gonzalo Alvarez.Security problems with a chaos-based deniable authentication scheme[J]Chaos,Solitons & Fractals,Volume 26,Issue 1,October 2005:7-11
[37]Azzedine Boukerche,Khalil EI-Khatib,Li Xu and Larry Korba.An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Computer Communications,Volume 28,Issue 10,16 June 2005:1193-1203
[2]Jerome A,Paulson and Stacey J.Arnesen.The Use of the Internet for Children's Health and the Environment[J]Pediatric Clinics of North America,Volume 54,Issue 1,February 2007:135.e1-135.e39
[3]Paula Iragiien and Juan de Dios Ortúzar.Willingness-to-pay for reducing fatal accident risk in urban areas:an Internet-based Web page stated preference survey[J]Accident Analysis &Prevention,Volume 36,Issue 4,July 2004,:513-524
[4]Juan Carlos Lopez Pimentel,Raul Monroy and Dieter Hurter.A Method for Patching Interleaving-Replay Attacks in Faulty Security Protocols[J].Electronic Notes in Theoretical Computer Science,Volume 174,Issue 4,30 May 2007,:117-130
[5]Vicente Rico-Ramirez,Sergio Frausto-Hernandez,Urmila M.Diwekar and Salvador Hemandez-Castro.Water networks security:A two-stage mixed-integer stochastic program for sensor placement under uncertainty[J].Computers & Chemical Engineering,Volume 31,Issues 5-6,May 2007,:565-573
[6]Kuo-Hsien Huang,Shou-Wei Chien,Yuan-Nian Hsu;Chu-Ying Kou;Yung-Fu Chert.A Total Laboratory Automation System Consolidated by Virtual Private Network for Improving Laboratory Efficiency[J].WSEAS Transactions on Systems,Volume 6;Issue 2,2007:310-315
[7]Florin Baboescu,Priyank Warkhede,Subhash Suri and George Varghese.Fast packet classification for two-dimensional conflict-free filters[J]Computer Networks,Volume 50,Issue 11,10 August 2006:1831-1842
[8]V.Sempere,T.Albero and J.Silvestre Analysis of communication alternatives in a heterogeneous network for a supervision and control system.Computer Communications,Volume 29,Issue 8,15 May 2006:1133-1145
[9]陈刚,赵晓宇,李均利.一种自适应的图像加密算法[J]软件学报2005,16(11):1203-1208
[10]武玉华,黄允,李艳俊,欧海文.基于FPGA的ECC算法高速实现[J]微计算机信息,2007年11期:236-237
[11]Tai-Wen Yue,Suchen Chiang.The semipublic encryption for visual cryptography using Q'tron neural networks[J]Journal of Network and Computer Applications Volume 30,Issue 1,January 2007:24-41
[12]王洪,郭娟,赖宗声,李小进,赵建龙,李光显.基于FPGA的指纹识别算法硬件实现微电子学与计算机,2007年04期:63-65,68
[13]Hamid R,Zarandi and Seyed Ghassem Miremadi.Dependability evaluation of Altera FPGA-based embedded systems subjected to SEUs[J]Microelectronics Reliability,Volume 47,Issues 2-3,February-March 2007:461-470
[14]All El Kateeb.High-speed touters design using data stream distributor unit[J]Journal of Network and Computer Applications Vol.30,No.1 2007:133-144
[15]Yong Lee,Jeail Lee and JooSeok Song.Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce[J]Computer Communications,Volume 30,Issue 4,26February 2007:893-903
[16]Konrad J.Kulikowski,Mark G.Karpovsky and Alexander Tanbin.Robust codes and robust,fault-tolerant architectures of the Advanced Encryption Standard[J]Journal of Systems Architecture,Volume 53,Issues 2-3,February-March 2007:139-149
[17]Nadia Nedjah and Luiza de Macedo Mourelle.Efficient and secure cryptographic systems based on addition chains:Hardware design vs.software/hardware co-design[3]Integration,the VLSI Journal,Volume 40,Issue 1,January 2007:36-44
[18]林德敬,林柏钢,林德清.国内外分组密码理论与技术的研究现状及发展趋势.天津通信技术,2002,(04):1-7
[19]Nicolas T.Courtois.Higher Order Correlation Attacks,XL algorithm and C.ryptanalysis of Toyocrypt.2002,(189):123-135
[20]Slobodan Bojanic,Gabriel Caffarena,Slobodan Petrovic and Octavio Nieto-Taladriz.FPGA for pseudorandom generator cryptanalysis[J]Microprocessors and Microsystems,Volume 30,Issue 2,1March 2006:63-71
[21]Zhengtao Jiang,Yang Zhan,Dan Chen and Yumin Wang.Two methods of directly constructing probabilistic public-key encryption primitives based on third-order LFSR sequences[J]Applied Mathematics and Computation,Volume 171,Issue 2,15 December 2005:900-911
[22]Amparo Fúster-Sabater and Dolores de la Guía-Martínez.Modelling nonlinear sequence generators in terms of linear cellular automata[J]Applied Mathematical Modelling,Volume 31,Issue 2,February 2007:226-235
[23]Boaz Tsaban and Uzi Vishne.Efficient Linear Feedback Shift Registers with Maximal Period[J]Finite Fields and Their Applications,Volume 8,Issue 2,April 2002:256-267
[24]Chang C.A New Encryption Algorithm for Image Cryptosystems[J].The Journal of Systems and Software,2001,58(7):83-91.
[25]王道顺,杨地莲,齐东旭.数字图像的两类非线性变换及其周期性[J].计算机辅助设计与图形学学报,2001,13(9):828-833.
[26]Jiqiang Lv.On two DES implementations secure against differential power analysis in smart-cards.Information and Computation,Volume 204,Issue 7,July 2006:1179-1193
[27]Chan CK,Cheng LM.Correlation properties of an improved summation generator with 2-bit memory.Signal Processing,2002,82:907-909
[28]汤学明,洪帆,崔国华,辫子群上的公钥加密算法.软件学报,2007,18(3):722-729
[29]Mex-Perera JC,Shepherd SJ.Cryptanalysis of an summation generator with 2-bit memory.Signal Processing,2002,82:2025-2028
[30]Chepyzhov V,Johansson T,Smeets B.A simple algorithm for fast correlation attacks on stream ciphers.In:Fast Software Encryption,FSE,2000.Springer-Verlag,2001:181-195
[31]Courtois NT.Higher order correlation attacks,XL algorithm and cryptanalysis of toyocrypt.In:ICISC'2002.Springer-Vedag,2003:182-199
[32]Armknecht F,Krause M.Algebraic attack on combiner with memory.In:Cryptology-Crypto'2003.Springer-Verlag,2003:162-176
[33]Min Lei,Guang Meng and Zhengjin Feng.Secudty analysis of chaotic communication systems based on Volterra-Wiener-Korenberg model[J]Chaos,Solitons & Fractals,Volume 28,Issue 1,April 2006:264-270
[34]Chengqing Li,Shujun Li,Der-Chyuan Lou and Dan Zhang.On the security of the Yen-Guo's domino signal encryption algorithm(DSEA)[J]Journal of Systems and Software,Volume 79,Issue 2,February 2006:253-258
[35]Min-Kyu Joo and Yoon-Hwa Choi.A fault-tolerant pipelined architecture for symmetric block ciphers[J]Computers & Electrical Engineering,Volume 31,Issue 6,September 2005:380-390
[36]Gonzalo Alvarez.Security problems with a chaos-based deniable authentication scheme[J]Chaos,Solitons & Fractals,Volume 26,Issue 1,October 2005:7-11
[37]Azzedine Boukerche,Khalil EI-Khatib,Li Xu and Larry Korba.An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Computer Communications,Volume 28,Issue 10,16 June 2005:1193-1203