Blog Post Actions
Group Actions
Engagement
  • Author Author: misaz
  • Date Created: Date Created
  • Views 479 views
  • Likes 3 likes
  • Comments 0 comments
Related
Recommended

RC6 cipher implemented in Verilog

misaz

Hello everyone. I welcome you to this blog post describing my project as part of 7 Ways to Leave Your Spartan-6 FPGA contest.

In this blog post I will describe my core project as part of this competition. As part of this competition I originally promised different project as part of which I made PCB for connecting camera to the ARTY S7 board, but I did several mistakes including connecting wrong power supply to the camera which was not very easy to patch, so I decided to change my project and implement different (I hope still interesting!) project.

As part of this competition I decided to utilize some skills from university and implement block cipher encryption in the hardware. Common and very popular block cipher is AES, but there are plenty of AES implementations on the internet, so I decided to implement different one. I chosen RC6.

RC6

RC6 was candidate to being selected as worldwide standard nowadays referred as AES but cipher named Rijndael was selected as this standard. AES have some advantages over it.

Similarly, to AES it works over blocks of data. Standard do not specify exact size of data and you can implement whatever site you want, but most implementations use 32-bit data size. Similarly, this cipher is flexible in terms of key length and many keys are possible.

FPGA Implementation

Following image show block diagram of my solution.

image

The most important block rc6_engine is the block which is responsible for encryption. It strongly depends on block responsible for key scheduling operation. Engine can encrypt one block at time. A, B, C and D are 32-bit registers for data. In is used as input for encryption and OUT are used for outputting encrypted data. RC6 encryption do not use key directly, instead it relies on some pre-processed key, which in fact has different length than original key. For this pre-processing of key there are key_scheduler block which is responsible for this operation and acts as a memory for the engine. Engine set index of key bate using S_addr signal and key-scheduler outputs pre-processed key byte.

As you can see on the image interface to the circuit is using UART with baudrate 115200 which is derived from input clock of 12 MHz which is available on Arty S7 board. Controller process data from the UART, passes data between data registers and control triggering of key scheduling and encryption operations.

RC6 encryption is implement using automata iterating over required number of rounds (which is dynamically configurable). Some operations are split for reducing critical path in arithmetic operations which are done as part of RC6 cipher.

UART Interface

Device communicates over standard UART (baudrate=115200, parity=no, stop_bits=1) interface and communication is based on commands and replies. Every command is initiated by transmitting 1-byte opcode and optional data payload. Device reply to every command with status code or output data. After reset device transmits status code STS_INIT_OK (0x45) indicating that the device is ready to process data. Device supports following 4 commands.

Commands

  • CMD_SET_ROUNDS (0b010aaaaa, aaaaa is number of rounds): Command is used for setting number of rounds used when scheduling key and encrypting data. Number of rounds is encoded into opcode and command has no data payload. Device reply status code STS_SET_ROUNDS_OK and no output data.
  • CMD_SET_KEY (0b10aaaaaa, aaaaaa is key length in bytes): Sets n bytes of key. Number of key bytes is encoded as part of opcode. Key bytes are transmitted after transmitting opcode. After receiving last byte of key device start key scheduling process. Device reply with status code STS_SET_KEY_OK after completing key scheduling process. Do not issue any command to the device between transmitting last key byte and receiving STS_SET_KEY_OK status code. Issuing any command to the device when device is scheduling key tend to undefined behaviour and may harm key scheduling process.
  • CMD_SET_ABCD (0b00000000): This command is used to transmit input data for encryption. This command requires 16-byte payload. First four bytes are used as input for A register in RC6 cipher, 5th to 8th bytes are used as input for B register and so on. Transmitted register values are treated as little-endian. Device replies with status code STS_SET_ABCD_OK receiving 16th byte of input data and output has no payload.
  • CMD_ENCRYPT (0b00000001): This command starts encryption of previously transmitted input data. After completing encryption process device will respond no status code, but outputs 16 bytes of encrypted data. Do not issue any command to the device between issuing CMD_ENCRYPT and receiving output data. Issuing any command to the device when device is encrypting tend to undefined behaviour and may result into invalid encryption results.

Status codes

Possible status codes are:

STS_SET_ROUNDS_OK (0x43): Device send this code after successful processing of CMD_SET_ROUNDS command.

STS_SET_KEY_OK (0x42): Device send this code after successful scheduling of previously transmitted key as part of CMD_SET_KEY command.

STS_SET_ABCD_OK (0x44): Device send this code after successful processing of data CMD_SET_ABCD command. Note that CMD_SET_ABCD does not encrypt transmitted data. Issue CMD_ENCRYPT command to encrypt data previously transmitted by CMD_SET_ABCD command.

STS_INIT_OK (0x45): Initialization completed. This code does not result from any command. Device sends it after reset.

Implementation

I wrote whole project in Verilog and did not depend on any other part. In fact, I used Vivado very basically in this project. I did not used any block diagram because this project does not rely on any system part. Instead of I just created Verilog (SystemVerilog) files and one constraint file for mapping pins to the signals. Final utilization is quite a large when you take in account that it is not a very complicated circuit. It is because I implemented all registers including expanded key storage using registers. Consequently, design consumes 12% of available LUTs and 5% of Flip Flops. Vivado synthesis also utilized 6 DSP blocks, most probably for some arithmetic operation as part of cipher.

image

Testing

Because interface is mostly binary, I implemented simple utility in VB.NET which can communicate with device and send encoded commands to the device and read responses from device.

image

Summary

This is all from my blog post describing my project implemented on the Arty S7 platform. In this blog I descfibed my main project as part of 7 Ways to Leave Your Spartan-6 FPGA. Thank you for reading this blog.