Responsive image
博碩士論文 etd-0123103-035712 詳細資訊
Title page for etd-0123103-035712
論文名稱
Title
針對高效能SoC應用之資訊安全及網路協同處理器設計與實作
The design and implementation of security and networking co-processors for high performance SoC applications
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
104
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2001-07-30
繳交日期
Date of Submission
2003-01-23
關鍵字
Keywords
網路安全、協同處理器、前瞻加密標準、對稱式加解密系統、資料加密標準
Symmetric Cryptosystem, Coprocessor, Data Encryption Standard, Advanced Encryption Standard, Network Security
統計
Statistics
本論文已被瀏覽 5703 次,被下載 4214
The thesis/dissertation has been browsed 5703 times, has been downloaded 4214 times.
中文摘要
隨著網路的蓬勃發展,生活上越來越多應用跟網路已是緊密結合在一起,因此,網路的安全性也越來越受到重視。本篇論文將依ISO所制定之OSI七層架構,針對不同層級提出網路安全的硬體改良作法。在資料鏈結層(Data-link layer),我們以平行CRC的運算方式來改進CRC運算的效能,使得一筆32位元的資料以CRC運算能在一個cycle內完成。在網路層(Network layer)及傳輸層(Transport layer),位元導向指令集(Bit-oriented instruction set)對於處理封包標頭(packet header)有良好的效果。在應用層(Application layer),我們將屬於對稱式密碼系統(Symmetric Cryptographic System)的DES(Data Encryption Standard)及AES(Advanced Encryption Standard)兩種演算法以硬體方式實現,可將數萬個cycle才能完成的加解密動作降低至數十個cycle即可完成。我們將各硬體加速模組以ARM7TDMI的協同處理器(Coprocessor)型式實現,並透過ARM7TDMI的協同處理器介面(Coprocessor Interface)與ARM7TDMI整合。最後,我們將整個整合的電路下載至Xilinx XCV2000E,觀察其展示結果以進行驗證。

Abstract
With the development of Internet, there are more and more applications around us are connected tightly with it. Security of network is important. This thesis will follow OSI 7-layers architecture, which defined by ISO, to propose several hardware improvement approaches of network security. In data-link layer, we improve performance of CRC calculation with parallel CRC calculation, such that a 32-bit data can be finished using CRC calculation in one cycle. In network layer and transport layer, bit-oriented instruction set has good performance for processing packet header. In application, we implement DES and AES algorithm in hardware. We integrate all hardware module with ARM7TDMI coprocessor’s interface. Finally, we download integrated circuit into Xilinx XCV2000E chip to observe its demo to verify it.

目次 Table of Contents
1. Motivation 1
2. Back ground and Related work 2
3. Data Encryption Standard 11
3.1. Introduction 11
3.2. Architecture and Implementation 20
3.3. Verification Strategy 24
3.4. Experiments results 25
4. Advanced Encryption Standard 29
4.1. Introduction 29
4.1.1. State 29
4.1.2. Mathematical background 30
4.1.3. AES algorithm 31
4.2. Architecture 33
4.3. Implementation 34
4.3.1. Multiplier in finite field 34
4.3.2. S-box 36
4.3.3. ShiftRows Transformation 39
4.3.4. MixColumns Transformation 40
4.3.5. AddRoundKey transformation 41
4.3.6. Key Expansion 42
4.3.7. Decryption Circuit 47
4.3.8. The Complete AES algorithm Circuit 48
4.4. Experiments results 48
5. Transport layer and Network layer 55
5.1. Introduction 55
5.2. Instruction set extension 56
5.3. Architecture 57
5.4. Implementation 58
5.5. Experiment results 60
6. Link layer 63
6.1. Introduction 63
6.2. Implementation 64
6.3. Experiment Results 67
7. System Integration 69
7.1. Coprocessor Interface 69
7.2. Coprocessor instruction set 70
7.2.1. Coprocessor Data Operations (CDP) 70
7.2.2. Coprocessor Data Transfers (LDC, STC) 71
7.2.3. Coprocessor Register Transfers (MRC, MCR) 71
7.3. Coprocessor Architecture 72
7.4. Instruction Set Extension 74
7.4.1. DES algorithm 74
7.4.2. AES algorithm 76
7.4.3. CRC computation 77
7.5. Performance Measurement 78
7.5.1. Experiment Design 78
7.5.2. Experiment Results 79
7.6. FPGA Prototyping 88
7.6.1. DES coprocessor 92
7.6.2. AES Coprocessor 93
7.6.3. CRC Coprocessor 94
7.6.4. Operation example 94
8. Conclusion 98
9. Future Work 99
9.1. AES Key Expansion 99
9.2. Integration cryptographic system 100
10. Reference 104
參考文獻 References
1. W. Richard Stevens, TCP/IP Illustrated, Volume1
2. NIST, Data Encryption Standard, FIPS PUB 46-3, October 25, 1999.
3. NIST, Advanced Encryption Standard, FIPS PUB 197, November 26, 2001
4. Joan Daemen, Vincent Rijmen, “AES Proposal: Rijndael” document Version 2, May 9, 1999.
5. C.C. Wang, T.K. Truong, H.M. Shao, L.J. Deutsch, J.K. Omura, and I.S. Reed, “VLSI architecture for computing multiplications and inverse in GF(2m)”, IEEE Transactions on Computer, Volume C-34, No. 6, August 1985
6. A.V. Dinh, R.J. Bolton, and R. Mason, “A Low Latency Architecture for Computing Multiplicative Inverses and Divisions in GF(2m)”, IEEE Transactions on Circuits and Systems—II: Analog and Digital Signal Processing, Volume 48, No. 8, August 2001
7. Jing, M.H.; Chen, Y.H.; Chang, Y.T.; Hsu, C.H., “The design of a fast inverse module in AES”, International Conferences on Info-tech and Info-net, 2001, Volume: 3, Page(s) : 298-303
8. Joseph Williams, “Architectures for Network Processing”, International Symposium on VLSI Technology, Systems, and Applications, 2001, Page(s): 61-64.
9. J. Wanger and R. Leupers, “C Compiler Design for a Network Processor”, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Volume: 20 Issue: 11, Nov. 2001, Page(s): 1302 – 1308
10. Xiaoning Nie, Lajos Gazsi, Frank Engel and Gerhard Fettweis, “A New Network Processor Architecture for Hihg-Speed Communications”, IEEE Workshop on Signal Processing Systems, 1999, Page(s): 548 – 557
11. Ramabadran, T. V. and Gaitonde, S. S., “A tutorial on CRC computations”, IEEE Micro, Volume 8 Issue: 4, Aug. 1988, Page(s): 62-75
12. Steve Furber, ARM system-on-chip architecture, Addison-Wesley, 2000.
13. Memik, G., Mangione-Smith, W.H., Hu, W., “NetBench: a benchmark suite for network processors”, IEEE/ACM International Conference on Computer Aided Design, 2001. ICCAD 2001, Page(s): 39-42
14. “Parallel Cyclic Redundancy Check (CRC) for HOTLinkTM”, Cypress Semiconductor Corporation, March 11, 1999
15. ARM7TDMI Data Sheet
16. Joon Hyoung Shim; Dae Won Kim; Young Kyu Kang; Taek Won Kwon; Jun Rim Choi, “A Rijndael cryptoprocessor using shared on-the-fly key scheduler”, Proceedings of IEEE Asia-Pacific Conference on ASIC, 2002, Page(s): 89-92
17. InventraTM, DES-core, DES Encryption core
http://www.mentorg.com/inventra/
18. Ocean LogicTM, OL_AES AES Core family Rev 1.4
http://www.ocean-logic.com/pub/
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:校內校外完全公開 unrestricted
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available


紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code