標題: IC 卡加解密晶片之設計與製作
A Design and Implementation of DES/Triple DES Encryption and Decryption for IC Card
作者: 莊旻澔
Min-Hao Chuang
黃宇中
Yu-Chung Huang
電子研究所
關鍵字: IC 卡;DES;Triple-DES;加解密;超大型積體電路;IC Card;DES;Triple-DES;Encryption/Decryption;VLSI
公開日期: 1999
摘要: 摘 要 伴隨著網際網路與電子商務的快速發展,卡片消費已逐漸取代傳統貨幣交易,卡片的時代已經到來。傳統的磁卡已無法滿足一卡多功能的需求,IC Card已成為必然的趨勢。 隨著行動銀行與政府國民IC Card的推行,由於其所儲存資料的重要性,為有效的保護這些資料,我們需要對敏感資料進行加解密。現今常用的編碼系統可分為兩大類,一是對稱金鑰(Symmetric-Key)系統,如DES (Data Encryption Standard),另外是公開金鑰(Public-Key)系統,如RSA (Rivest-Shamir-Adelman),其中DES常用於資料本文的加解密,而RSA則多用於使用者的認證,這兩種演算法都需要相當大的運算量,超出傳統晶片卡的中央處理單元所能負荷,所以要利用一特殊的運算處理單元來加以輔助。 本論文提出一個適用於IC Card的DES/Triple-DES加解密處理單元,為了降低其面積以符合其需求,我們以遞迴的方式設計DES/Triple-DES模組,並利用其加解密演算法對稱的特性,結合加解密電路,以有效減小面積。因應低功率的需求,在此加入了動態時序控制,使閒置的模組不致消耗不必要的功率。 在晶片設計上使用TSMC 0.35 μm CMOS製程及Avanti元件庫。佈局後晶片面積為1712 x 1712 μm2。根據TimeMill及PowerMill模擬結果此晶片最高工作時脈為133 MHz,晶片平均消耗功率為115mW。此結果將可貢獻於日漸蓬勃的 IC Card應用。 關鍵字:IC 卡、DES、Triple-DES、加解密、超大型積體電路
Abstract As Internet and E-commerce becomes popular today, traditional currency trade has been replaced by electronic currency. We are going to the Card-Age. Traditional magnetic stripe card can not meet the issue of multi-functional in one card. IC Card has been becomes a tendency. As mobile bank becomes popular and the government to try to carry out personal ID IC Card, due to the data stored are very important, we should encrypt and decrypt the sensitive data to protect these data effective. Today, two cryptosystems are used; one is the symmetric-key cryptosystem, for example, DES (Data Encryption Standard), and another is the public-key cryptosystem, for example RSA (Rivest-Shamir-Adleman). DES cryptosystem are usually used in encrypts and decrypt of the main body, and RSA cryptosystem are used in data authentication. Both cost lots of computing power, and it is too high to the processor of traditional IC Card. Thus, a hardware coprocessor is required to assist CPU. In this Thesis, an encryption/decryption coprocessor is designed to assist a core microprocessor to compute the cryptographic operations. To meet the area issue of IC Card, we use iteration architecture to design single/triple-DES modules. Moreover, consider with the feature of the algorithm of encrypt and decrypt are symmetric, we combine these two circuit and using latches instead of registers to reduce the total area. Consider with the low power issue, dynamic timing controller and some low power techniques are used to reduce unnecessary power consumption. We use TSMC 0.35 um process with Avanti high performance cell library to implement our chip. The layout area is 1712 x 1712 um2. The maximum clock rate can reach 133 MHz, and average power consumption is 115 mW. The result can be contribution to vigorous IC Card application. Keyword : IC Card、DES、Triple-DES、Encryption/Decryption、VLSI 摘要 i Abstract ii 致謝 iii Contents iv List of Tables vi List of Figures vi Chapter 1 Introduction 1 1.1 The evolution of IC Card and security issue 1 1.2 Problems and some related research 3 1.3 Our Goal 5 1.4 Organization 5 Chapter 2 Algorithm 7 2.1 The Overview of DES Algorithm 7 2.1.1 Initial Permutation and Inverse Initial Permutation 10 2.1.2 The Extension Permutation 11 2.1.3 The S-Box Substitution 12 2.1.4 SubKey Generation 14 2.2 Triple DES Algorithm 14 2.3 Four Application Mode of DES Cryptosystem 15 2.3.1 Electronic Codebook Mode 16 2.3.2 Cipher Block Chaining Mode 17 2.3.3 Cipher Feedback Mode 19 2.3.4 Output Feedback Mode 20 2.4 The algorithm of hardware 22 2.4.1 Pipeline V.S. Recursive 23 2.4.2 Number of iterations 23 2.5 Summary 25 Chapter 3 Hardware Implementation 26 3.1 Design Issue and Feature 26 3.2 I/O interface module 29 3.2.1 Input Circuit 29 3.2.2 Output Circuit 31 3.2.3 More consideration 34 3.3 Key Generator 34 3.3.1 Key Value Holder 36 3.3.2 Permutation-Circuit 36 3.3.3 Shifter 36 3.3.4 Temperate Register 38 3.4 DES Algorithm Core 39 3.4.1 The Feistel Cipher 40 3.4.2 S-Boxes 40 3.5 CBC Mode Module 41 3.6 Timing Controller 42 3.7 Low Power Consideration 44 3.7.1 Technology Decomposition 44 3.7.2 Input Arrangement 45 3.8 Summary 46 Chapter 4 Design Flow & Verification 47 4.1 Design Flow and Prototype system 47 4.1.1 Behavioral and functional entry 48 4.1.2 Gate level entry 50 4.1.3 Switch Level Entry 51 4.1.4 Transistor level entry 51 4.2 Test Flow 52 4.2.1 Pre-manufacture test flow 52 4.2.2 Post-manufacture test flow 53 4.3 How to generate test patterns for each level? 53 4.3.1 Permutation Array Verification 54 4.3.2 S-Box and Feistel Function Block Verification 54 4.3.3 The DES Core, CBC Module, I/O Module, and Timing Controller 55 Chapter 5 Layout and Simulation Result 58 5.1 The physical Design Flow 58 5.2 Bi-directional input/output 60 5.3 Clock distribution and Layout Result 60 5.4 Layout and power consideration 61 Chapter 6 Conclusion and Future Work 71 6.1 Conclusion 71 6.2 Future Work 72 Reference R-1 Appendix A A-1 作者學經歷
URI: http://140.113.39.130/cdrfb3/record/nctu/#NT880428046
http://hdl.handle.net/11536/65683
Appears in Collections:Thesis