FPGA Implemention of Crypto System
This project presents the hardware implementation of one of the cryptographic technique named as Advanced Encryption Standard (AES) on FPGA. The reason of hardware implementation is that It can achieve relatively better throughput and is more secure in comparison to software implementation. O
2025-06-28 16:27:25 - Adil Khan
FPGA Implemention of Crypto System
Project Area of Specialization Cyber SecurityProject SummaryThis project presents the hardware implementation of one of the cryptographic technique named as Advanced Encryption Standard (AES) on FPGA. The reason of hardware implementation is that It can achieve relatively better throughput and is more secure in comparison to software implementation.
Our main goal is to achieve best throughput for our Encryption system utilizing minimal hardware resources.
We have successfully implemented the most possible advanced and compact design for AES Cryptographic system. The goals addressed in our objectives are achieved. The throughput achieved is approximately 700MHz and the speed area ratio is 12.4 which proves it to be a fastest and a compact design which can be applicable for ATM machines, online communications etc.
The most crucial steps in AES encryption algorithm with respect to high throughput and lower area are byte substitution (Creation of S-Box), Key expansion, and Mix column. Three to four most compatible architectures for each of these operations were implemented. Then after the comparison, finally it was decided to adopt the best one among all those architectures.
As AES belongs to the class of symmetric cryptography in which there is a shared secret key between sender and receiver. The source for sending key to the receiver is a risky job and difficult to avoid its access by intruder. Hence because of this issue, Asymmetric Cryptography is much better option to adopt but still there is a problem. And the problem is its much slower implementation due to longer key length. Further plans are to combine symmetric and Asymmetric cryptographic algorithm resulting in calculating common key using Asymmetric cryptographic algorithm and data to be encrypted and decrypted using symmetric cryptographic algorithm.
This finalized most secure, fast and compact design can be replaced in ATM machines, hospitals, online communication and other scopes where still AES system is implemented compromising on security of the data.
Project ObjectivesThe primary objective of this project is to implement AES Cryptographic algorithm by achieving higher throughput which will make the cryptographic system to be comparatively faster than ever. Moreover, it is also intended to achieve lower area so that we can have a compact design of AES Cryptography. In order to achieve the said objectives, multiple architecture for different operations of AES algorithm have been retrieved from the literature and are thoroughly analyzed and compared to get the best possible results. It is the known fact that hardware implementation of a system provides better results than the software implementation. That’s the reason that this project is implemented on FPGA (Field programmable gate arrays).
As AES being the symmetric cryptographic algorithm has issue of key sharing for data communication, making it insecure and Asymmetric cryptographic algorithm provides the best security but also compromising on speed so it is also the goal to merge these two algorithms so that a novel system for cryptography can be implemented.
Project Implementation MethodAES is topic of research from many years and efforts have been made to come up with faster and compact architectures of AES. Our FYP also focus on exploring the design space associated with AES and its hardware implementation in terms of Throughput and Area. The reason of hardware implementation is that It can achieve relatively better throughput and is more secure in comparison to software implementation.
AES is one of the symmetric cryptographic algorithm which involve the sharing of secret/private key for successful Encryption and Decryption. The varying key length and changing number of rounds with respect to key lengths make it more secure and more efficient than DES. For Encryption, In each round there are 4 basic operations; Byte Substitution, Shift Rows, Mix Column and Add Round Key. Most of Throughput of Encryption part of AES algorithm depends on Byte Substitution and Mix Column. So different architectures of S-box and Mix Column have been retrieved from literature and are compared to get the most faster and compact design of AES.
There are many different approaches for implementing Substitution Box (S-Box), one is using look Up Table approach which is very simpler to implement but in this case we have to bear with unavoidable delay of LUTs. Second approach is to implement it with the help of 2*4 Decoders and 4*1 Multiplexers. In this approach the whole S-Box is divided into 4 groups and on the basis of most significant two bits of input byte(Byte to be substituted from S-box), which acts as input to 2*4 decoder only 1 out of 4 groups will be enabled. This group consist of 4 rows and 4 columns total consisting of sixteen 2*2 LUTs containing 64 bytes. Using next 4 bits of input byte, one of LUT will be selected and then finally on the basis of two least significant bits which acts as select lines to 4*1 MUX, only one byte out of 4 will appear at output which will be the desired byte. The other approach avoids use of LUTs and proposes use of composite field data path for creation of S-Box. All of these approaches have been implemented and compared.
Other most crucial operations of AES are Mix Column (for Encryption) and Inverse Mix Column (For Decryption) and in these operations, there are predetermined constant Matrix. Multiplication in Galois Filed is very tricky and time consuming. So instead of direct multiplication, making separate 16*16 LUTs containing all possible results after multiplication with constants can be one approach. Other approach that we can adopt is normal multiplication but the problem is that the result of multiplication will not belong to GF (2^8). This result can be reduced to 8 bits very efficiently by xor-ing it with predetermined constant.
Our project presents the faster and compact design of AES by comparing these different architectures and finding the best in term of Throughput/Area ratio.
Benefits of the ProjectWith the rapid development in field of information technology, the need to have secured communication has increased vastly. Plus, the demand for faster system with minimum possible size is significant in the market. It is the need of the time not only at military, political and diplomatic level but is also required for common man as well.
As we bank, shop, and communicate online, digital security is becoming increasingly critical to protect our data. Encryption is the foundation of that security. Cyber hackers are continuously attempting to steal our personal information. If we only look at the things/apps we use on a daily basis, we might be surprised to discover how 'AES cryptography' is employed to encrypt and decrypt data.
Following are the real life applications of this project
- Authentication/Digital Signatures
- Online money transactions
- Secure Network Communications
- Healthcare (Research Data of Hospitals)
- ATM Machine
- Secured confidential communication
After achieving all the milestones and objectives of this project, following are the final deliverables
- Verilog Code
- RTL Schematic
- Post Route Simulation
- MATLAB Implementation for verification of results
- Hardware (Code Programmed FPGA Kit)
- FYP Final Report
By the time it was decided to work on this project, a detailed study of all the previous works in relevant field was done to get at least the basic knowledge if it. Whole mathematics behind AES cryptography was studied thoroughly. By understanding the mathematics of AES Cryptographic algorithm, it was implemented on MATLAB because it is a relatively easy coding software to analyze this AES system and it would also be helpful for the verification of the results achieved in Xilinx.
After that some of the architecture were proposed by us while some were retrieved from the literature. Then all these architectures were implemented and compared in terms of Throughput and Area. All the modules of the different AES steps were instantiated to get a complete AES System. Following that, results were analyzed through post route simulations and were verified through MATLAB results.
In order to make this project helpful for different sectors of society (Government, public and private), we are required to move this project on to the hardware by implementing on FPGA Kits. As FPGA kit are very expensive. So we are hoping to be funded by IGNITE, Pakistan.
Final Deliverable of the Project HW/SW integrated systemCore Industry SecurityOther IndustriesCore Technology BlockchainOther TechnologiesSustainable Development Goals Industry, Innovation and InfrastructureRequired Resources| Item Name | Type | No. of Units | Per Unit Cost (in Rs) | Total (in Rs) |
|---|---|---|---|---|
| Total in (Rs) | 68800 | |||
| Artix-7 FPGA Development Board Arty A7-100T | Equipment | 1 | 68800 | 68800 |