A field programmable gate array-based crytographic system-on-chip

Abstract

Information security is concerned with confidentiality, data integrity, nonrepudiation and authentication. It is the process of protecting data from unauthorized access, modification, or disruption in computer security and information assurance especially in security system. This thesis proposes a security scheme on a crypto System-on-Chip (SoC), which is composed of hybrid encryption scheme and Rivest- Shamir-Adleman (RSA) based digital signature scheme to provide all the security services. Thus, to perform the proposed security scheme, this work focuses on the development of 128-bit Advanced Encryption Standard (AES) subsystem, 2048-bit RSA crypto subsystem and Secure Hash Algorithm (SHA-1) crypto subsystem. In AES encryption subsystem and RSA crypto subsystem, the strength of these cryptosystems rely on keys. Therefore, a hybrid Random Number Generator (RNG) is designed to equip the proposed crypto SoC with on-chip key generation operation. The crypto subsystems in this work are designed using hardware-software codesign technique. The hardware design focuses on the upgrading of existing 128-bit AES coprocessor, modification of 2048-bit RSA coprocessor and development of RNG circuit on Altera Stratix 1S40F780C5 Field Programmable Gate Array (FPGA) development board. These hardware subsystems are integrated with Nios II processor and standard peripherals to form a complete cryptosystem in System of Programmable Chip (SoPC) environment. The software design consists of the development of device drivers for hardware subsystem communication, and implementation of Cryptographic Service Provider (CSP), serves as the Application Programming Interface (API) in host PC. A prototype has been developed to test the functionality of the crypto hardware subsystem as well as the usability of the CSP. The hybrid encryption scheme offers a performance of 0.038 ms for AES encryption and 0.042 ms of AES decryption. The RSA-based digital signature scheme can compute the RSA signature and verified in 318.1 ms and 4.5 ms, respectively. As a result, this crypto SoC is validated for use in Telemedicine application