Lightweight cryptography is a vital and fast growing field in today’s world where billions of con... more Lightweight cryptography is a vital and fast growing field in today’s world where billions of constrained devices interact with each other. In this paper, two novel compact architectures of the Enocoro-128v2 stream cipher are presented. The Enocoro-128v2 is part of the ISO/IEC 29192-3 standard. The first architecture has an 8-bit datapath while the second one has a 4-bit datapath. The proposed architectures were implemented on the BASYS3 board (Artix 7 XC7A35T) using the VERILOG hardware description language. The hardware implementation of the proposed 8-bit architecture runs at a 189 MHz clock and reaches a throughput equal to 302 Mbps, while at the same time, it utilizes only 254 Look-up Tables (LUTs) and 330 Flip-flops (FFs). Each round of computations requires 5 clock cycles. The 4-bit implementation has an operating frequency of 204 MHz and reaches a throughput equal to 181 Mbps, with each round requiring 9 clock cycles. The 4-bit implementation utilizes 249 LUTs and 343 FFs. T...
2016 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT), 2016
The discrete Hartley transform finds numerous applications in signal and image processing. An eff... more The discrete Hartley transform finds numerous applications in signal and image processing. An efficient Field Programmable Gate Array implementation for the 64-point Two-Band Fast Discrete Hartley Transform is proposed in this communication. The architecture requires 57 clock cycles to compute the 64-point Two-Band Fast Discrete Hartley Transform and reaches a rate of up to 103.82 million samples per second at a 92 MHz clock frequency. The architecture has been implemented using VHDL and realized on a Cyclone IV FPGA of Altera.
2016 Euromicro Conference on Digital System Design (DSD), 2016
A Transient Effect Ring Oscillator (TERO) is a special case of a Ring Oscillator (RO) design that... more A Transient Effect Ring Oscillator (TERO) is a special case of a Ring Oscillator (RO) design that exhibits increased sensitivity to intrinsic noise. It can serve as a basis for implementing a True Random Number Generator (TRNG) or a Physically Uncloneable Function (PUF). Also, as a digital sensor for detecting insertion of malicious hardware logic (Trojans) in digital circuits. Here, we explore the application of TERO for detecting hardware Trojans injected in FPGA implementations of the AES cryptographic algorithm. Experiments and comparisons are reported in terms of the frequency as a function of the TERO length. Our findings indicate that TERO-based digital sensors can be used to efficiently detect the presence of the Trojan.
Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (IEEE Cat. No.04CH37521)
An end-to-end security architecture and its VLSI implementation for the GPRS is proposed in this ... more An end-to-end security architecture and its VLSI implementation for the GPRS is proposed in this paper. The security offered by GPRS is similar to that offered by the Global Mobile System (GSM). Three algorithms are needed. The A3 and A8, for authentication and ciphering key generation, and the GEA3 algorithm for data confidentiality. The A3 and A8 are based on the RIJNDAEL block cipher, while the GEA3 is based on the KASUMI block cipher. For both ciphers efficient implementations are proposed. The whole design was coded using VHDL language and for the hardware implementations of the designs FPGA devices were used. Detailed analysis is shown, in terms of frequency, throughput, and covered area.
In this paper, VLSI implementations for the Triple-DES Block Cipher are presented. Triple-DES (TD... more In this paper, VLSI implementations for the Triple-DES Block Cipher are presented. Triple-DES (TDES) is basically used in various cryptographic applications and wireless protocol security layers. Three different hardware implementations are proposed. The first two are based on the pipeline technique, while the third uses consecutive iterations for the data transformations. In addition, the used TDES S-BOXes has been implemented by both Look Up Tables (LUT) and ROM Blocks providing useful information regarding the covered area and the design throughput. The ROM approach has better performance than the LUT one but the latter is preferred in the cases that ROM blocks are not available. The proposed TDES implementations achieve high-speed performance. Especially, the throughput value for the pipeline one is equal to 7.36 Gbps.
Proceedings of the 2004 11th IEEE International Conference on Electronics, Circuits and Systems, 2004. ICECS 2004.
In this paper a hardware implementation of a dual operation cryptographic engine PANAMA is presen... more In this paper a hardware implementation of a dual operation cryptographic engine PANAMA is presented. The implementation of PANAMA algorithm can be used both as a hash function and a stream cipher. A basic characteristic of PANAMA is a high degree of parallelism which has as result high rates for the overall system throughput. An other profit of the PANAMA is that one only architecture supports two cryptographic operations-encryption/ decryption and data hashing. The proposed system operates in 96.5 MHz frequency with maximum data rate 24.7 Gbps. The proposed system outperforms previous any hash functions and stream ciphers implementations in terms of performance. Additional techniques can increase the achieved throughput about 90%.
2008 11th EUROMICRO Conference on Digital System Design Architectures, Methods and Tools, 2008
An architecture and VLSI implementation of a new block cipher called Curupira is presented in thi... more An architecture and VLSI implementation of a new block cipher called Curupira is presented in this paper. This cipher is suitable for wireless sensors and RFID applications. Our 0.13 μm implementation requires resources of 9450 gate equivalences and is capable to encrypt a plaintext in 10 clock cycles. The cipher achieves a maximum throughput up to 2361 Mbps at 246 MHz for encrypting/decrypting. When clocked at 100 KHz a throughput of up to 960 Kbps is achieved and an average power of 0.04 mW is drawn.
2007 18th European Conference on Circuit Theory and Design, 2007
An efficient high-speed hardware implementation of the Hermes8-128 stream cipher is presented in ... more An efficient high-speed hardware implementation of the Hermes8-128 stream cipher is presented in this paper. Hermes8-128 is proposed for hardware based implementations in the eSTREAM project [1]. Two FPGA devices are used for the hardware implementations. Especially, the XILINX (Spartan-2) 2S100-6 and (VIRTEX-4) 4VFX12-11 are used. A maximum throughput of 56.5 Mbps can be achieved with a clock frequency of 49 MHz with a XC2S100-6 device, while a throughput of 361 Mbps at 313 MHz is achieved with the 4VFX12-11 device. Since now only one previous reported Hermes8-128 hardware implementation exists, a comparison with the proposed one is given. I.
2014 17th Euromicro Conference on Digital System Design, 2014
Hardware Trojan horses are a realistic threat for both ASIC and FPGA systems. Ring Oscillators (R... more Hardware Trojan horses are a realistic threat for both ASIC and FPGA systems. Ring Oscillators (ROs) can be used to detect the presence of malicious hardware functionality. The length of an RO is a significant parameter for detecting efficiently malicious logic (sensitivity) while maintaining a low space and power profile. We explore through simulation the effect of the RO length on detecting different classes of Trojan horses on an FPGA.
2003 46th Midwest Symposium on Circuits and Systems
A time and area efficient hardware implementation of the 64-bit NESSIE proposal, MISTY1 block cip... more A time and area efficient hardware implementation of the 64-bit NESSIE proposal, MISTY1 block cipher, is presented in this paper. The new proposed architecture achieves high-speed and small silicon area. The VLSI implementation uses feedback logic and inner pipeline with negative edge-triggered register. So, the critical path is shorter, without increasing the latency of cipher execution. Comparing with an implementation without negative edgetriggered register, about 97 % performance improvement is achieved. The proposed implementation reaches a data throughput value equal to 561 Mbps at 79 MHz clock frequency. In addition, is area efficient because only one round of the cipher is used. The design was coded using VHDL language and for the hardware implementation FPGA device was used. A detailed analysis, in terms of performance, and covered area is shown.
2004 IEEE International Symposium on Circuits and Systems (IEEE Cat. No.04CH37512)
KASUMI block cipher is used for the security part of many synchronous wireless standards. In this... more KASUMI block cipher is used for the security part of many synchronous wireless standards. In this paper two architectures and efficient implementations of the 64-bit KASUMI block cipher are presented. In the first one, the pipeline technique (inner-round and outer-round pipeline) is used and throughput value equal to 3584 Mbps at 56 MHz is achieved. The second one uses feedback logic and reaches a throughput value equal to 432 Mbps at 54 MHz. The designs were coded using VHDL language and for the hardware implementations, a FPGA device was used. A detailed analysis, in terms of performance, and covered area is shown. The proposed implementations outperform any previous published KASUMI implementations in terms of performance.
2005 IEEE International Symposium on Circuits and Systems
A high-throughput hardware architecture and FPGA implementation of the 64-bit NESSIE proposal, MI... more A high-throughput hardware architecture and FPGA implementation of the 64-bit NESSIE proposal, MISTY1 block cipher, is presented in this paper. This architecture, in contrast to previous ones, supports both encryption and decryption processes. It is based on the unrolling of the MISTY1 rounds in a 75-stage pipeline. Furthermore, the implementation of the proposed architecture in specific FPGA devices utilizes the embedded RAM blocks of those devices. A throughput of up to 12.6 Gbps can be achieved at a clock frequency of 168 MHz. So, the proposed architecture is suitable for applications with high throughput requirements, like in contemporary and future wireless communication standards. I.
Proceedings of the 3rd International ICST Conference on Mobile Multimedia Communications, 2007
As the versatility of small, low power devices increases and their use becomes commonplace, a nee... more As the versatility of small, low power devices increases and their use becomes commonplace, a need for secure communications among these devices has arisen. Pomaranch is a recently developed stream cipher with two major advantages: (i) the low hardware complexity, which results in small area and (ii) the good statistical properties. This architecture supports an 80-bit key and 32-to 108-bit IV. FPGA devices were used for the performance demonstration. A maximum throughput equal to 279 Mbps can be achieved, with a clock frequency of 279 MHz.
9th International Conference on Electronics, Circuits and Systems
Digital Signature schemes are commonly used as primitives in cryptographic protocols that provide... more Digital Signature schemes are commonly used as primitives in cryptographic protocols that provide other services including entity authentication, authenticated key transport, and authenticated key agreement. A VLSI implementation of the digital signature scheme is proposed in this paper, for efficient usage in any cryptographic protocol. This architecture is based on Secure Hash Function and the 512-bit RSA cryptographic algorithm. The whole design was captured by using VHDL language and a FPGA device was used for the hardware implementation of the architecture. A method to reduce the switching activity of the overall design is introduced. The proposed VLSI implementation of the Digital Signature scheme achieves a data throughput up to 32 Kbit/sec.
2002 IEEE International Symposium on Circuits and Systems. Proceedings (Cat. No.02CH37353)
Security protocols and encryption algorithms are basically based on random number generators. In ... more Security protocols and encryption algorithms are basically based on random number generators. In this paper, a new random number generator architecture is introduced. The produced number word length is equal to 160 bits. The philosophy architecture relies on the usage of the SHA hash function. The offered security strength of this certain hash function ensures the unpredictability of the produced number. Additionally, an efficient VLSI implementation for FPGA device of the proposed system is described. The proposed architecture is a flexible solution in application cases where the original physical sources of random number generators, such as electrical noise, are not available or at least not convenient. This architecture can also be used in any cryptographic algorithm and encryption/decryption system with highspeed performance.
2010 13th Euromicro Conference on Digital System Design: Architectures, Methods and Tools, 2010
Low power techniques in a FPGA implementation of the hash function called Luffa are presented in ... more Low power techniques in a FPGA implementation of the hash function called Luffa are presented in this paper. This hash function is under consideration for adoption as standard. Two major gate level techniques are introduced in order to reduce the power consumption, namely the pipeline technique (with some variants) and the use of embedded RAM blocks instead of general purpose logic elements. Power consumption reduction from 1.2 to 8.7 times is achieved by means of the proposed techniques compared with the implementation without any low power issue.
2010 IEEE Computer Society Annual Symposium on VLSI, 2010
Hash functions form an important category of cryptography, which is widely used in a great number... more Hash functions form an important category of cryptography, which is widely used in a great number of protocols and security mechanisms. SHA-2 is the up to date NIST standard, but is going to be substituted in the near future with a new, modern one. NIST has selected the Second Round Candidates of the SHA-3 Competition. A year is allocated for the public review of these algorithms, and the Second SHA-3 Candidate Conference is being planned for August 23-24, 2010, after Crypto 2010. This paper deals with FPGA implementations of BLAKE hash functions family, which is one of the finalists. In this work, a VLSI architecture for the BLAKE family is proposed. For every hash function of BLAKE (-28,-32,-48, &-64), a hardware implementation is presented. The introduced integrations are examined and compared with hardware implementation terms. Computational efficiency of SHA-3 finalists in silicon, is one of the evaluation criteria of SHA-3.
2011 14th Euromicro Conference on Digital System Design, 2011
In this paper a hardware implementation of ZUC stream cipher is presented. ZUC is a stream cipher... more In this paper a hardware implementation of ZUC stream cipher is presented. ZUC is a stream cipher that forms the heart of the 3GPP confidentiality algorithm 128-EEA3 and the 3GPP integrity algorithm 128-EIA3, offering reliable security services in Long Term Evolution networks (LTE). A detailed hardware implementation is presented in order to reach satisfactory performance results in LTE systems. The design was coded using VHDL language and for the hardware implementation, a XILINX Virtex-5 FPGA was used. Experimental results in terms of performance and hardware resources are presented.
Wireless Communications and Mobile Computing, 2007
Universal mobile telecommunication system (UMTS) has specified security mechanisms with extra fea... more Universal mobile telecommunication system (UMTS) has specified security mechanisms with extra features compared to the security mechanisms of previous mobile communication systems (GSM, DECT). A hardware implementation of the UMTS security mechanism is presented in this paper. The proposed VLSI system supports the Authentication and Key Agreement procedure (AKA), the data confidentiality procedure, and the integrity protection procedure. The AKA procedure is based on RIJNDAEL Block Cipher. An efficient RIJNDAEL architecture is proposed in order to minimize the usage of hardware resources. The proposed implementation performs the AKA procedure within 76 ms comparing with the 500 ms that UMTS specifies. The data confidentiality and the integrity protection is based on KASUMI Block Cipher. The proposed KASUMI architecture reduces the hardware resources and power consumption. It uses feedback logic and positive-negative edge-triggered pipeline in order to make the critical path shorter, without increasing the execution latency. The S-BOXes that are used from RIJNDAEL and KASUMI block ciphers have been implemented with combinational logic as well as with ROM blocks.
Communication protocols for wireless networks have specified security layers, with high-level enc... more Communication protocols for wireless networks have specified security layers, with high-level encryption strength. The dedicated to security layer of Wireless Application Protocol (WAP), is the Wireless Transport Layer Security (WTLS). In this paper, an efficient architecture for the hardware implementation of WTLS is proposed. The introduced system supports bulk encryption, authentication and data integrity. The proposed architecture operates alternatively for a set of ciphers, IDEA, DES, RSA, D.H., SHA-1 and MD5. It is based on two reconfigurable design units: the Reconfigurable Authentication Unit and the Reconfigurable Integrity Unit. These units operate alternatively for different ciphers and achieve to allocate minimized resources, at the same time. The introduced security system has been implemented in an FPGA device. The supported ciphers performance is compared with previously published works, and it has been proven superior to them, in most of the cases. The system's synthesis results prove that the proposed architecture is a flexible and powerful solution for WTLS integration of today's and future wireless networks. The system can be applied to wireless communications servers and mobile devices also. Finally, the proposed architecture can be used as a powerful security engine, in WAP communication networks, with special security demands.
Uploads
Papers by Paris Kitsos