PROJECT

ABSTRACT
Stream ciphers based on Quasi Cyclic Low Density Parity Check (QC-LDPC)
code is a good option to reduce hardware complexity of the cryptosystem. For encryption
of data stream ciphers are preferred to block ciphers because it consumes less power and
hardware. As in classical coding theory quantum analogous of Low Density Parity
Check (LDPC) codes good error correction performance with low decoding complexity.
This project proposes to design and implement a hardware efficient stream cipher using
QC-LDPC codes. The performance of the resulting system will be compared to the
previous stream cipher design using CRC hash.
ACKNOWLEDGEMENT
The completion of this project work is due to the experience, efforts and
inspiration of many people. I would like to express my gratitude to all the people without
whom it would have difficult to carry out this project. I am very much thankful to all of
them for having spent their valuable time in helping and supporting me.
I wish to express my heartfelt and sincere thanks to Dr. M.P. PILLAI, Director,
NIELIT, Calicut for his constant support throughout the course of the project work.
I wish to express my heartfelt and sincere thanks to Mr. LALMOHAN K.S,

Scientist/Engineer E, VLSI Design Group, NIELIT Calicut for instating me into this
study, for guidance and for his encouragement and advice. His timely and instructive
evaluation at every stage of the thesis process, allowed me to complete this work on
schedule.
I am extremely grateful to my Project Guide, Mr. PRADEESH K.P., Assistant

Professor, Department of Electronics & Communication Engineering, for his excellent
guidance and supervision which enabled me to look for different techniques and apply
innovative ideas. I am very much thankful to him for the valuable advice he had given
me. With his guidance I gained the knowledge needed to carry out this project work.
I would like to express my greatest appreciation to Prof. SURESHA V.,

Professor, PG coordinator, Department of Electronics and Communication Engineering,
for guiding and supervising me to complete this project.
I wish to express my heartfelt and sincere thanks to Dr. RAVIKUMAR M.S.,

Professor and Head of the Department of Electronics and Communication Engineering,
who always empowered my confidence and helped me in completing the project with
success.
I am extremely grateful to our beloved principal Dr. N.A. JNANESH, for

providing constant encouragement and support throughout the course of the project.
I am extremely grateful to Dr. RENUKA PRASAD K.V., General Secretary,

Academy of Liberal Education for his constant support throughout the course of the
project work.
I am deeply indebted to the architect of modern Sullia and Founder President of

Academy Of Liberal Education Late Dr. KURUNJI VENKATRAMANA GOWDA,
for providing an environment with all the facilities that helped me in successfully
carrying out the project.
My sincere thanks to all teaching and non teaching staff members of our
institution for their constant support, valuable suggestions and co-operation.
I am very much greatfull to my parents, family members and friends for their
support and well wishes.
AMBILI K.
CONTENTS
CHAPTER No.
TITLE
PAGE No.
LIST OF FIGURES
LIST OF TABLES
ii
INTRODUCTION
1.1
Overview And problem identification
1.2
Motivation
1.3
Project Objective
1.4
Existing System
1.5
Proposed System
1.6
Software And Hardware Tools Used
1.7
Organization of the Project Report
LITERATURE SURVEY
NETWORK SECURITY AND CRYPTOGRAPHY
3.1
Network
3.2
Sensor Network
3.3
Cryptography
10
3.3.1 Security
10
3.3.2 Security Violations
10
3.3.3 Security Attacks
10
3.3.4 Methods to Achieve Security Goals
10
3.3.5 Introduction to Cryptography
11
3.3.6 Basic Terminologies used in Cryptography
11
3.3.7 Cryptographic Algorithms
12
3.3.8 Overview of Public Key Cryptography
15
QC-LDPC CODES
17
4.1
Introduction To QC-LDPC Codes
17
4.2
Generator Matrix In Systematic Circulant Form and
18
Encoder Implementation
5
SOFTWARE DETAILS
23
5.1
Minimum Software Requirement Specification
23
5.2
Xilinx ISE Design Suite 14.4
23
5.2.1 Setting Up a new Project
23
5.2.2 Implement a Function Using Verilog
26
5.2.3 Simulate the Schematic/verilog Circuit Using ISIM and
30
a Verilog Test Fixture

6
6.1
HARDWARE DETAILS
37
FPGA[ Field Programmable Gate Array]
37
6.1.1 FPGA Technology in Detail

6.2
Xilinx Spartan-3E
38
39
6.2.1 Spartan-3E Specific Features
40
6.2.2 Key Components and Features
40
RESULTS AND DISCUSSION
41
CONCLUSION AND FUTURE SCOPE
45
8.1
Conclusion
45
8.2
Future Scope
45
REFERENCES
OUTCOME OF THE PROJECT
LIST OF FIGURES
FIGURE No.
TITLE
PAGE No.
1.1
Existing keystream generator using CRC hash
1.2
Proposed keystream generator using QC-LDPC codes
3.1
Crypto System Model for encryption and decryption
13
3.2
Model for Encryption and decryption with Symmetric
13
Key Algorithm
3.3
Model for Encryption and decryption with Asymmetric
14
Key Algorithm
3.4
Encryption process in the public-key cryptography
16
3.5
Decryption process in the public-key cryptography
16
4.1
SRAA Encoder circuit
21
4.2
SRAA-Based serial QC-LDPC encoder
22
5.1
Project navigator page
23
5.2
Create new project window
24
5.3
Project settings window
25
5.4
Project summary page
25
5.5
Adding a new source window
26
5.6
Defining the module
27
5.7
New source page
28
5.8
Programming the new source
29
5.9
Adding test bench
30
5.10
Assigning design to test bench
31
5.11
Creating test bench
31
5.12
Adding for loop
32
5.13
Simulating the program
33
5.14
Simulation window
34
5.15
Adding #display to the program
35
5.16
Output after adding #display
36
6.1
Xilinx Spartan-3E FPGA Starter kit
39
7.1
Simulation output
41
7.2
RTL Schematic
42
7.3
FPGA implementation result verified using Chip Scope
42
Pro
LIST OF TABLES
TABLE No.
TITLE
PAGE No.
7.1
Gate count for different functions
43
7.2
Gate count for QCLDPC Circuit
43
7.3
Gate count for LFSR and Key
43
7.4
Gate count for stream cipher
43
7.5
Comparison of gate count
44
ii
Design and Development of Low Hardware Complexity Stream Cipher on FPGA
CHAPTER 1
INTRODUCTION
1.1 Overview and Problem Identification
Hardware complexity and power consumption are important design criteria for
hand held devices, sensor network, smart cards, etc. Encryption systems can be built
using either block ciphers or stream ciphers. Stream ciphers include time varying
transformation on individual data bits, whereas block ciphers are obtained by applying
same transformation on a group of data bits. Since the security of the block cipher
algorithm directly depends upon the complexity of the algorithm, a good amount of
security demands a very complex structure for the encryption system. So when circuit
complexity is not a matter of concern, block ciphers can be designed to have better
security per key bit than stream ciphers. Since in stream ciphers security is not directly
depended on the circuit complexity, for ciphers of low hardware complexity stream
ciphers are preferred. Also since the encryption operation in synchronous stream cipher
is just an XOR operation, it allows real-time operation of data, which is essential in
multimedia communication. Furthermore stream ciphers have different implementation
properties that restrict the cryptanalyst from performing side channel analysis.
Linear Feedback Shift Register (LFSR) based stream ciphers are the most
commonly used stream ciphers due to the low hardware complexity and less power
consumption. But the main drawback of that is susceptibility to attack due to linearity in
the structure. So for better security one-way function based stream ciphers are preferred
over LFSR stream ciphers. Hash function can be used as a part of keystream generators
inn synchronous stream ciphers due to the high security provided by the one wayness of
hash functions.
LFSR based Toeplitz hash [3] is seen to be highly suitable for hardware
implementation. The suitability of this hash function for being used as a building block
in the generation of pseudorandom bit sequence was analyzed and low hardware
complexity binary additive stream cipher was presented in the computers and security
journal [3] based on the Toeplitz hash. The hardware efficient stream cipher proposed in
Ambili K., M.Tech (VLSI Design & Embedded Systems), KVGCE, Sullia
[3] is based on the Toeplitz matrix concept and the cryptanalysis of that proposed cipher
was attempted in [2]. Later the Toeplitz hash is replaced with CRC hash and the structure
is redesigned. This design is developed in such a way that retrieval of the initial key
becomes impossible, through the method discussed in [2]. The stream cipher design
using CRC hash is discussed in [1]. In our work we suggest some changes in the design
of recently proposed stream cipher so that we can make the system cryptographically
strong. In this work the CRC hash is completely replaced with QC-LDPC Codes [10],
which ensures low hardware complexity, less power consumption and high security.
1.2 Motivation
Security of the data is the prime aspect in the field of communication. The
existing technologies provide high security, but with high power consumption and high
hardware complexity. These aspects motivated me to design low power, low hardware
complexity stream cipher for high security system.
1.3 Project Objective

The main objectives of this project are,
Study in detail about the keystream design using CRC hash and take the result as
the reference.
Study about the QC-LDPC codes and design the circuit.
Integrate the QC-LDPC code circuit with the blocks of keystream generator.
Simulate it in Xilinx and compare the result with the results of previous works.
Verify the simulated result on FPGA.
1.4 Existing System
Fig. 1.1 : Existing keystream generator using CRC hash

In the existing system to generate the keystream of the stream cipher it used the
CRC Hash as the nonlinear function.
Cryptographic CRC: This construction of hash function is a cryptographic variant

of the well-known cyclic redundancy codes which are commonly used as standard error
detection mechanism in data networks. CRCs are used to detect non-malicious errors
and therefore there is no need for a secret key. CRC can be implemented efficiently in
hardware using LFSR.CRC operation, which is division modulo an irreducible
polynomial over GF (2), is used to generate the cryptographic hash code (CRC code). In
a normal CRC calculation, the CRC code is calculated as:
CRC code = M(x) x^nmod g(x)
1.5 Proposed System

In the proposed system the nonlinear function CRC Hash used for generating the
keystream of the stream cipher is replaced by Quasi- Cyclic Low Density Parity Check
(QC-LDPC) codes as shown in figure1.2.
QC-LDPC CIRCUIT
Fig. 1.2 : Proposed keystream generator using QC-LDPC codes
QC-LDPC codes are one of the most important examples of structured LDPC
codes, and they have also been proved to achieve very good performance. The existence
of efficient iterative decoding algorithms for LDPC codes is the distinguishing feature of
this class of codes. The rationale of these algorithms is an iterated updating and exchange
of messages along a bipartite graph, also known as Tanner graph, which represents the
code parity-check matrix. Very good decoding performance is achieved as long as the
code Tanner graph is free of short cycles, that is, closed loops starting and ending at one
node.
1.6 Software and Hardware Tools Used

Minimum Hardware Requirement specification
Intel i3 Processor,
1 GB RAM
Spartan 3E FPGA Starter kit
Minimum Software Requirement Specification

Operating System : Windows 7
1.7 Organization of the Project Report

Complete report is organized as follows:
Chapter 1 Provides the introduction.
Chapter 2 describes in detail the Literature survey in order to devise means for
basis of comparison.
Chapter 3 gives details of Network security and Cryptography.
Chapter 4 deals with the QC-LDPC Codes and the design of stream cipher using
it.
Chapter 5 provides Software Details of the project. This chapter explains about
the Xilinx ISE design suite 14.4 to understand the basics of the tool.
Chapter 6 deals with the hardware specifications.
Chapter 7 gives Results and discussion of the stream cipher design using QCLDPC codes.
Chapter 8 summarizes the Conclusion and future work of the project, followed
by references.
CHAPTER 2
LITERATURE SURVEY
In the previous chapter were discussed the motivation, objectives, problem
formulation of the work. This chapter explains why the problem was so chosen after the
survey of popular literature from journals and conference proceedings etc. of high repute.
A.L Huang etal proposed the paper [4] In this paper they investigated various
cryptographic hash functions to determine their suitability for low power purpose. This
paper also gave a brief overview of the different techniques for low power digital circuit
designs. Only a few cryptographic hash functions were discussed in this paper. They
showed there is a major advantage to implement cryptographic hash in low-end hardware
by means of LFSRs.
Hugo Krawczyk developed the paper [5] in which he presented the simple and
efficient hash functions applicable to secure authentication of information. The
constructions are mainly intend for message authentication in systems implementing
stream cipher encryption and are suitable for other applications also. The proposed hash
functions are implanted through linear feedback shift registers and are therefore
attractive for hardware applications. As an example, a single bit LFSR will be used to
authenticate 1Gbit of information with a failure probability less than 2-30. One of the
constructions is the cryptographic version of the well known cyclic redundancy codes
(CRC); the other is based on Toeplitz hashing where the matrix entries are generated by
LFSR. The later construction achieves essentially the same hashing and authentication
strength of a completely random matrix but a substantially lower cost in randomness, key
size and implementation complexity. Of independent interest is the characterization of
the properties required from a family of gash functions in order to be secure for
authentication when combined with a secure stream cipher
Yong Zhang etal proposed the paper [6]. The main purpose of this paper was not
only the using of existing one-way hash functions to construct a stream cipher, but also
on the proposing of a frame work to construct the secure stream cipher using the oneway hash functions mode. For regular one-way hash functions, the digest size is limited,
which can lower the hashing stream cipher (HSC) efficiency. If the HSC is constructed
iteratively using the one-way hash functions with a longer hash digest every time, a
higher security level and better efficiency would be achieved.
Angelo. P.E Rosiello proposed the paper [7]. He suggested a simple and secure
way to realize a synchronous stream cipher from iterated hash functions in this paper. It
is similar to output feedback mode where the underlying block cipher algorithm is
replaced with the keyed hash function, adopting secret suffix method. In this paper he
analyzed the key, the keystream and the necessary properties to assume from the
underlying hash function for the stream cipher to be considered secure. From the analysis
he conjecture that the most efficient way to break the proposed stream cipher is to break
the hash function or through exhaustive search for the keyspace K of k bits, that requires
O(2^k) operations. He explores that the pseudo-randomness of the keystream is
unconditionally secure only under the random oracle model but a ROM-based security
proof suggests that for a real world encryption scheme which uses real world hash
functions rather than ROs, the most vulnerable point to mount an attack is the hash
function used in the scheme[16]. Since breaking suitable real world iterated hash
functions such as RIPEMD-160 or SHA-1 is considered a hard problem, breaking the
stream cipher should be, too. The complexity of the algorithm is embedded in the
oneway hash function.
P.P. Deepthi etal developed the paper [3]. Design and implementation of a
hardware efficient stream cipher using hash functions and analysis of their periodicity
and security are discussed in this paper. Tthey explains tha the hash generation circuits
used for the design and development of stream ciphers are low power, low hardware
complexity Linear Feedback Shift Register (LFSR) based circuits. One stream cipher
design uses LFSR based Toeplitz hash generation circuit together with LFSR keystream
generator circuit, while the other design combines LFSR based filter generator circuit
with LFSR based modular division circuit. Both designs possess good security and
periodicity properties for the keystreams generated. The developed circuits can compete
with the most popular classic LFSR based stream ciphers in hardware complexity at the
same time providing additional advantage that the same circuit can be used for hash
generation.
Panagiotic Rizomiliotis presented the paper, [2]. In this paper, he investigated

one such case. Recently, a low hardware complexity binary additive stream cipher was
proposed in the Computers & Security journal. This stream cipher is based on a
simplified version of a family of universal hash functions. The new family is called
Toeplitz hash. The Toeplitz hash functions can be very efficiently implemented on
hardware and for that the proposed stream cipher is suitable for low cost applications.
However, ge demonstrated that the security of the cipher is much weaker than it was
claimed. More precisely, he introduced a known-plaintext attack that can retrieve the
secret key with very low computational complexity that requires only a few known
keystream bits by taking advantage of the low cost. It consists of a very good example of
the pitfalls that the design of lightweight cryptographic components can hide.
Nasarthul Nisha P K etal put forward the paper [1].in this paper they explores that
Stream cipher based on hash function is a good option to reduce hardware complexity of
the cryptosystem. For encryption of data, stream ciphers are preferred to block ciphers
because it consumes less power and hardware. Hash functions are generally employed in
communication devices for integrity verification and authentication of data and control
packets. In this paper by introducing CRC hash in place of Toeplitz hash they reduced
the hardware complexity of the system to a great extent and they showed that by
replacing CRC hash with Toeplitz hash the periodicity and security are increased by a
large margin.
A new stream cipher, Grain, is proposed in paper[8] by Martin Hell etal. The
design targets hardware environments where gate count, power consumption and
memory is very limited. It is based on two shift registers and a nonlinear filter function.
The cipher has the additional feature that the speed can be increased at the expense of
extra hardware. The key size is 80 bits and no attack faster than exhaustive key search
has been identified. The hardware complexity and throughput compares favourably to
other hardware oriented stream ciphers like E0 and A5/1.
In paper[9] Zongwang Li etal explains that Quasi-cyclic (QC) low-density paritycheck (LDPC) codes form an important subclass of LDPC codes. These codes have
encoding advantage over other types of LDPC codes. This paper addressed the issue of
efficient encoding of QC-LDPC codes. Two methods are presented to find the generator
matrices of QC-LDPC codes in systematic circulant (SC) form from their parity-check
matrices, given in circulant form. Based on the SC form of the generator matrix of a QCLDPC code, various types of encoding circuits using simple shift registers are devised. It
is shown that the encoding complexity of a QC-LDPC code is linearly proportional to the
number of parity bits of the code for serial encoding, and to the length of the code for
high-speed parallel encoding.
In the paper discussed [1], by replacing Toeplitz hash function by CRC hash, the
security and periodicity of the system increased. But there was not a great decrease in the
system hardware complexity. So in order to reduce the hardware complexity the CRC
hash function circuit can be replaced with QC-LDPC codes [9].
CHAPTER 3
NETWORK SECURITY AND CRYPTOGRAPHY

3.1 Network
A network is a series of points or nodes interconnected by communication paths.
Networks can interconnect with other networks and contain sub-networks. A computer
connected to a non computing device (e.g., networked to a printer via an Ethernet link)
may also represent a computer network.
In order for a network to function, it must meet three basic requirements, it must
provide connections, communications and services.
Connections refers to the hardware.
Communications is the way in which the devices talk to each other.
Services are the things which are shared with the rest of the network
3.2 Sensor Network

A sensor network comprises of sensor nodes and a base station. Each sensor node
is battery powered and equipped with integrated sensors, data processing capabilities and
short-range radio communications Due to their limited power and shorter communication
range, sensor nodes perform in-network data fusion.
Data fusion process

Data fusion node collects the results from multiple nodes.
It fuses the results with its own based on a decision criterion.
Sends the fused data to another node/base station.
Advantages
Reduces the traffic load.
Conserves energy of the sensors.
3.3 Cryptography
All aspects such as security and integrity of information have been aided by rapid
advances in communication technology and networking. Hackers can utilize both active
and passive methods to overload networks and alter data. To provide Security and
integrity for information/data Cryptography came into existence.
Definition
Writing the messages in secret way is called cryptography [11].
3.3.1 Security
Security is mainly of three types, namely;
1. Computer Security
2. Information Security
3. Network Security
3.3.2 Security Violations

Copy a file without authentication during transmission.
Constructing own messages instead of intercepting.
Modifying messages by intercepting.
Delaying messages.
3.3.3 Security Attacks

1. Passive attacks
2. Active attacks
Passive attack attempt to learn or make use of information from the system but
does not affect system resources. An active attack attempts to alter system resources or
affect their operation.
3.3.4 Methods to Achieve Security Goals

Access control
Authentication
Encryption
Intrusion detection
10
3.3.5 Introduction to Cryptography

In the era of information technology, the possibility that the information stored in
a persons computer or the information that are being transferred through network of
computers or internet being read by other people is very high. This causes a major
concern for privacy, identity theft, electronic payments, corporate security, military
communications and many others. We need an efficient and simple way of securing the
electronic documents from being read or used by people other than who are authorized to
do it. Cryptography is a standard way of securing the electronic documents.
Basic idea of Cryptography

Basic idea of cryptography is to mumble-jumble the original message into
something that is unreadable or to something that is readable but makes no sense of what
the original message is. To retrieve the original message again, we have to transform the
mumble-jumbled message back into the original message again.
3.3.6 Basic Terminologies used in Cryptography

Cryptography is an important tool in securing information transactions for
thousands of years. It was originally intended to disguise messages so that adversaries
could not acquire or alter sensitive information. It is the science of mathematics to
Encrypt and Decrypt data. Cryptography enables us to store sensitive information or
transmit it across insecure networks like Internet so that no one else other than the
intended recipient can read it.
Data that can be read and understood without any special measures is called plain
text or clear text. This is the message or data that has to be secured. The method of
disguising plaintext in such a way as to hide its substance is called encryption.
Encrypting plaintext results in unreadable gibberish called cipher text. We use
encryption to ensure that information is hidden from anyone for whom it is not intended,
even those who can see the encrypted data. The process of reverting cipher text to its
original plaintext is called decryption. Cryptanalysis is the art of breaking Ciphers that
is retrieving the original message without knowing the proper key. Cryptography deals
with all aspects of secure messaging, authentication, digital signatures, electronic money,
and other applications.
11
Cryptography has also been expanded to provide the following information

security requirements [11]:
1. Non-repudiation: Preventing an entity from denying previous commitments or
actions.
2. Integrity: Ensuring no unauthorized alteration of data.
3. Authentication: Verifying an entitys identity.
4. Confidentiality: Protecting the data from all but the intended receiver.
3.3.7 Cryptographic Algorithms

Cryptographic algorithms are mathematical functions that are used in the
encryption and decryption process. A cryptographic algorithms works in combination
with a key(a number, word or phrase)to encrypt the plain text. Same plain text encrypts
to different cipher texts for different keys. Strength of a cryptosystems depends on the
strength of the algorithm and the secrecy of the key.
Cryptography is entrenched in higher mathematics: group theory, computational

complexity and even real analysis. Practical cryptography which is being used in the
field of information security uses either a key or a pair of keys for encryption and
decryption, depending on the algorithm. There are three types of algorithms available for
practical crypto-systems which can be used to accomplish the security.
1. Symmetric-key crypto-systems
2. Asymmetric-key crypto-systems
3. Public-key crypto-systems
Crypto-System Model
The general basic model which is used for encryption and decryption is shown
below in figure 3.1. A message is to be transferred from sender to recipient across the
information channel and that message must not be accessible by intruders who are
having means of accessing the channel. The sender uses his key to scramble the message
data and generate cipher text. Although the algorithm which is used in the process of
scrambling or encrypting the message is known to public, the key which is used for
encryption is a secret component. Therefore, no one can divulge the message out of
cipher text without having the combination of particulars of encryption algorithm and the
12
key. The recipient uses the agreed algorithm and key to decrypt or descramble cipher text
which he received from the sender via an unsecured information channel.
Fig. 3.1 : Crypto System Model for encryption and decryption
Symmetric Key cryptosystem

A symmetric key cryptosystem can be used to implement a secure
communication system. The protocol for the secure communication with the symmetric
key cryptosystem can be explained as follows;
1. Sender and recipient agree on a cryptosystem.
2. Sender and recipient agree on a key.
3. Sender encrypts his plaintext message using the encryption algorithm and key.
This creates a cipher text message. Sender sends this cipher text to recipient.
4. Recipient decrypts cipher text message with the same algorithm and key and
reads it as plaintext.
Fig. 3.2 : Model for Encryption and decryption with Symmetric Key Algorithm
Suppose assume that,

M Message
C (M) Cipher text message
ESymKey - Encryption with the symmetric key
DSymKey Decryption with the symmetric key
13
The above figure illustrates the model of symmetric key crypto-system.

According to that;
At the senders end
C (M) = ESymKey (M)
At the recipients end:
M = DSymKey [C (M)]
Examples of well-known symmetric algorithms include the Data Encryption
Algorithm (DEA) defined by the Data Encryption Standard (DES), and Triple-DES.
Asymmetric Key Cryptosystem

The origin of public key cryptography is based on one-way function. One-way
functions [7] are relatively easy to compute, but significantly harder to reverse. That is,
given x it is easy to compute f(x), but given f(x) it is harder to compute x, i.e. it will take
more time to compute x from f(x). There are two more additional requirements for the
asymmetric key crypto-systems than symmetric crypto-system;
1. It is computationally hard to calculate private key from public key.
2. Cipher text which is generated by a public key can only be decrypted by the
corresponding private key.
The protocol for asymmetric key crypto-system can be outlined as follows;

1. Sender and recipient agree on a public key crypto-system.
2. Recipient sends his public key to sender.
3. Sender encrypts his message using recipients public key and send it out to the
recipient.
4. Recipient decrypts senders message using his private key.
Fig. 3.3 : Model for Encryption and decryption with Asymmetric Key Algorithm
14
According to the above mentioned figure, an asymmetric crypto-system is

following encryption and decryption mechanism;
At the senders end
C (M) = EPublicKey (M)
At the recipients end
M = DPrivateKey [C (M)]
Public Key Crypto-System

The proposal of public key cryptosystems in 1976 by Whitfield Diffie and
Martin Hellman introduced a revolutionary way to address modern security issues such
as key management, authentication, non-repudiation, and signatures in a digital
environment.
All cryptosystems are secure only if the difficulty of the mathematical problem
that they are based on should be determined to be hard. Public-key cryptosystems are
based on the intractability of one of three problems. These problems and the
cryptosystems based on them are:
1. The Integer Factorization Problem; RSA
2. The Discrete Logarithm Problem; DSA, Diffie-Hellman
3. The Elliptic Curve Discrete Logarithm Problem; ECDSA, ECDH
3.3.8 Overview of Public Key Cryptography

Public Key cryptography uses two keys Private key (known only by the recipient)
and a Public key (known to everyone). The public key is used to encrypt the message and
then it is sent to the recipient who can decrypt the message using the private key. The
message encrypted with the public key cannot be decrypted with any other key except
for its corresponding private key.
15
Fig. 3.4 : Encryption process in the public-key cryptography
The following figure illustrates the decryption process in the public-key

cryptography.
Fig. 3.5 : Decryption process in the public-key cryptography
The public-key algorithm uses a one-way function to translate plain text to cipher
text. Then, without the private key, it is very difficult for anyone (including the sender)
to reverse the process (i.e., translate the cipher text back to plain text). A one-way
function is a function that is easy to apply, but extremely difficult to invert. The most
common one-way function used in public-key cryptography involves factoring very large
numbers. The idea is that it is relatively easy to multiply numbers even large ones, with a
computer; however, it is very difficult to factor large numbers. The only known
algorithms basically have to do a sort of exhaustive search (Does 2 go in to? Does 3? 4?
5? 6? and so on). With numbers 128 bits long, such a search requires performing as
many tests as there are particles in the universe.
16
CHAPTER 4
QC-LDPC CODES
4.1 Introduction to QC-LDPC Codes
A circulant is a square matrix in which each row is the cyclic shift (one place to
the right) of the row above it, and the first row is the cyclic shift of the last row. For such
a circulant, each column is the downward cyclic shift of the column on its left, and the
first column is the cyclic shift of the last column. The row and column weights of a
circulant are the same, say . For simplicity, we say that the circulant has weight . A
circulant is completely characterized by its first row (or first column), which is called the
generator of the circulant. For a bb circulant A over GF(2), if its rank is b, then all its
rows are linearly independent.
A QC-LDPC code [10] [14]is given by the null space of an array of sparse
circulants of the same size. For two positive integers c and t with c t, consider the
following ct array of bb circulants over GF(2):
Hqc =
A1,1
A1,2
. . .
A1,t
A2,1
A2,2
. . .
Ac,1
Ac,2
A2,t
.
.
.
. . .
(4.1)
.
Ac,t
which has the following structural properties: 1) the weight of each circulant Aij is small
compared with its size b ; and 2)no two rows (or two columns) of Hqc have more than
one 1-component in common, called the row-column (RC) constraint. Property 1) simply
implies that each circulant in Hqc is a sparse circulant, and hence, Hqc is a sparse
matrix[12]. Property 2), the RC constraint, ensures that there are no four 1-entries at the
four corners of a rectangle in H qc . Then the null space of H qc gives a QC-LDPC code
qc c of length n = tb , whose Tanner graph is free of cycles of length four, and hence, has
a girth of at least six. If all the circulants in H qc have the same weight , then Hqc has
17
constant column weight and constant row weight n = tw. In this case, Cqc is a regular
QC-LDPC code. The RC constraint on Hqc ensures that there are cw check sums
orthogonal on every code bit, and hence, the minimum distance of qc c is at least cw+1.
If the weight distribution of the circulants in Hqc results in multiple column weights or
multiple row weights in Hqc, then Cqc is an irregular QC-LDPC code.
The structure of a QC-LDPC code can be viewed from its parity-check matrix in
circulant form. Based on this form, every codeword v in Cqc can be divided into t
sections,V=(v1,v2,....vt) and each section Vj consists of b consecutive components of V.
For 1 j t , the b components of the jth column of circulants of Hqc . For 0 l n , let
Vj(l) denote the vector obtained by cyclically shifting each of the b components of the j
th section Vj to the right l places. It is clear that Vj(0)=Vj (n)=Vj. We call Vj(l) that the l th
(right) cyclic shift of Vj. Then it follows from the circulant structure of H qc that the
vector V* = (V1(l),V2(l),....Vt(l)) is also a codeword in Cqc . This says that Cqc has
sectionized cyclic structure. If the parity-check matrix Hqc consists of a single circulant
or a single column of circulants, then Cqc is a cyclic code. Therefore, cyclic
LDPC[13][17] codes form a subclass of QC-LDPC codes.
4.2 Generator Matrix in SystematicCirculant form and

Encoder Implementation
In this sections, present the method for constructing the generator matrices of
QC-LDPC codes in SC form from their parity-check matrices for two different cases. In
this case is the rank r of the parity-check matrix Hqc is equal to the number cb of rows of
Hqc, and there exists a cxc subarray in Hqc with rank r.
Consider the QC-LDPC code Cqc given by the null space of the parity-check
matrix Hqc[12]. Suppose the rank r of Hqc is equal to cb. We assume that the columns of
circulants of Hqc are arranged in such a way that the rank of the following subarray of
Hqc:
18
(4.2)
is cb, the same as the rank r of Hqc .We also assume that the first (t-c)b columns of Hqc
correspond to the (t-c)b information bits. Then the desired generator matrix of Cqc has
the following form:
(4.3)
Where I is a bxb identity matrix,O is a zero matrix, and Gi,j with 1 i t-c and
1 j c is a bxb circulant. The generator matrix Gqc is said to be in SC form. It consists
of two parts, the left part I(t-c)b and the right part P . The left part I(t-c)b of Gqc with
identity matrices on its main diagonal is actually a a(t-c)b x (t-c)b identity matrix, and
the right part P of Gqc is a (t-c) x c array of b x b circulants. In coding theory Gqc is
known as being in systematic form, and the right part P of Gqc is called the P matrix that
corresponds to the parity-check section of a codeword in systematic form. We say that
Gqc is in SC form, because its P matrix is an array of circulants. The SC form allows us
to encode a QC-LDPC code with simple shift registers.
The necessary and sufficient condition for Gqc to be a generator matrix of Cqc is
that, HqcGqcT=[O], where [O] is a cb X (t-c)b zero matrix. For 1 i t-c and 1 j t-c,
let gi,js be the generator of the circulant Gi,j . Once we know gi,j s, we can form all the
circulants Gi,js of Gqc .
Therefore Gqc, is completely characterized by a set of c(t-c) circulant generators,
which are called the generators of Cqc .
19
Let u=(1,0,0,...,0) be the unit b -tuple with a 1 at the first position, and
0=(0,0,...,0) be the all-zero b -tuple. For1 i t-c, the first row of the submatrix of Gi,j is
gi= (0...0u0...0 gi,1, gi,2...gi,c)
(4.4)
th
where the unit b-tuple u is at the i position of gi . Then for Gqc to be a generator matrix
of Cqc, we must have HqcgiT=0 for 1 i t-c . Let zi = (gi,1, gi,2,...gi,c)(the last sections of
gi ) and Mi=[A1,iT...Ac,iT] (the th column of circulants of Hqc). Then Hqcgi=0 gives the
following equality:
MiuT+DziT=0
(4.5)
Since D is a square matrix and has full rank, it is non-singular and has an inverse
-1
D . Then it follows from (4.5) that

ZiT=D-1MiuT
(4.6)
Solving (4.6) for 1 i t-c , we obtain z1,z2,...zt-c. From z1,z2,...zt-c , we obtain all
the generators gi,j s of the circulants in Gqc . Then Gqc can be constructed readily.
An encoding circuit for Cqc can be devised based on the generators of the
circulants in the P matrix of Gqc. Let a=(a1,a2,... , a (t-c)b) be the information sequence of
(t-c)b bits to be encoded. Divide this sequence into (t-c) sections of equal length,
a=(a1,a2,... , a
(t-c)),
where for 1 i t-c, the ith section consists of b consecutive
information bits, ai= (a(i-1)b+1,a(i-1)b+2,...aib). Then the codeword for the information
sequence a is v=aGqc, which has the following systematic form: v=(a,p1,p2,...pc) , where
for 1 j c, pj= (pj,1,pj,2...pc) is a section of b parity-check bits. It follows from v=aGqc
that:
Pj=a1G1,j+a2G2,j+...at-cGt-c,j
(4.7)
For 1 j c. For 0 l b, let gi,j(l) be the lth(right) cyclic shift of the generator
gi,j, with gi,j(0)=gi,j(b)=gi,j. Then for 1 i t- c
aiGi,j=a(i-1)b+1gi,j(0)+a(i-1)b+2gi,j(1)+...+aibgi,j(b-1)
(4.8)
It follows from (4.7) and (8) that the jth parity-check section pi can be computed,
step by step, as the information sequence a is shifted into the encoder. For 1 k t- c, at
the kth step, the accumulated sum sk,j=a1Gi,j+a2G2,j +... +akgk,j is formed and stored in a
register. At the (k+1)th step, the partial sum ak+1Gk+1,j is computed from (4.8) and added
to sk,j to form the next accumulated sum sk+1,j. At the end of the (t-c)th step, the
accumulated sum st-c,j gives the jth parity section pj .
20
Based on the above encoding process and the expression given by (4.8), the jth
parity check section pj can be formed with a shift-register-adder-accumulator (SRAA)
circuit, as shown in Figure 4.1.
Fig. 4.1 : SRAA Encoder circuit

At the beginning of the first step, gi,j(0)=gi,j is stored in the feedback shift register
B, and the content of register A is set to zero. When the information bit a1 is shifted into
the encoder and the channel, the product a1g1,j(0) is formed at the outputs of the AND
gates, and is added to the content stored in register A (zero at this time). The sum is then
stored in registerA. The feedback register B is shifted once to the right. The new content
in B is gi,j(1) . When the next information bit a2 is shifted into the encoder, the product
a2g1,j(1) is formed at the outputs of the AND gates. This product is then added to the sum
a1g1,j(0) in the accumulator register A. The sum a1g1,j(0)+a2g1,j(1) is then stored in A. The
above shift-add-store process continues. When the information bit ab has been shifted
into the encoder, register A stores the partial sum a1G1,j, which is the contribution to the
parity section pj from the information section a1. At this time, the generator g2,j of the
circulant G2,j is loaded into B. The shift-add-store process repeats. When the information
section a2 has been completely shifted into the encoder, register A contains the
accumulated sum a1G1,j+a2G2,j , which is the contribution to the parity section pj from the
first two information sections, a1 and a2 . The above process repeats until the entire
information sequence a has been shifted into the encoder. At this time, register A
contains the parity section pj . To form parity sections, we need c SRAA circuits, one for
computing each parity section.
21
A block diagram for the entire encoder is shown in Figure 4.2. The information
sequence is encoded serially.
Fig. 4.2 : SRAA-Based serial QC-LDPC encoder
The information sequence a is encoded serially. All the parity sections are formed
at the same time in parallel, and they are then shifted into the channel serially. The
encoding circuit consists of c SRAA circuits with a total of 2cb flip-flops, cb AND gates,
and cb two-input XOR gates (or modulo-2 adders). The encoding is accomplished in
linear time with complexity linearly proportional to the number of parity-check bits cb of
the code. The encoding is accomplished with (t-c)b clock cycles, where (t-c)b is the
length of the information sequence.
22
CHAPTER 5
SOFTWARE DETAILS
The software tool used for the design of low hardware complexity stream cipher
is Xilinx ISE Design Suite 14.4. So the minimum software requirements are as below.
5.1 Minimum Software Requirement Specification

Operating System: Windows 7
5.2 XILINX ISE Design Suite 14.4

5.2 .1 Setting up a New Project
1.
Open the Xilinx ISE Design Suit 14.4. You can click on the ISE icon on the
desktop, or search Start All Programs Xilinx ISE Design Suite 14.4
ISE Design Tools Project Navigator
The screen should look as shown in figure 5.1, the ISE always defaults to the last
open project unless none where open before just like the following:
Fig. 5.1 : Project navigator page
2.
Now either press the New Project tab or select File New Project and
change the Name and Location to whatever we like.
23
The selected Top Level Source Type is Schematic because thats what were
planning on using first. This is not critical, as we can always add a new source file of any
type later. The dialog box for the project wizard looks like figure 5.2.
Fig. 5.2 : Create new project window
3.
Click NEXT and in the next dialog box we should fill in the fields as shown in
Figure 5.3. We can do this in two ways, one is to select an Evaluation
Development Board from the drop down list, in our case you should select
sparten 3E. This will automatically fill out the board information in the next
five sections. If the board does not exist in the list then you can set correct
choises according to following image.
We are using a General Purpose Product in the Xilinx Spartan6 family. The
specific chip on our board is an XC6SLX16 in a CSG324 package and the 3 speed
grade. Please make sure that the Synthesis Tool is XST, the Simulator is the ISIM, and
the Preferred Language is Verilog. This is very important for proper operation
24
Fig. 5.3 : Project settings window
4.
Click NEXT and review the project summary page and then click FINISH, it is
always good to double-check the summary to prevent headaches due to the
problems we can face while implementing our design if the information is
incorrect. Project summary page will be as show in figure 5.4.
Fig. 5.4 : Project summary page
25
5.2.2 Implement a Function using Verilog

Here it is e xplained about the implementation of a simple function F = (A &
(!B)) | (B & C using a Verilog module instead of a schematic, and both with have the
same functionality.
1. Choose Project New Source or right click on the Hierarchy section of the design
windows to get the dialog box that adds a new source file to our project (or use the
New Source widget on the left vertical tool bar). This time choose Verilog Module
and give it a file name. This is sown in figure .5.5.
Fig. 5.5 : Adding a new source window
2. Click NEXT and we will see the module definition box as in Figure 5.6. Here we can
setup I/O names with correct polarity and a choice for buses and the width which we
will be using in the future labs. Note that we do not have to add anything here right
away and we can always add the I/O definitions to the modules header when it is
created. After were done click NEXT and then observe the summary page for a
quick review of our I/O list.
26
Fig. 5.6 : Defining the module
3. Now we should have a tab for the Verilog file opened in the ISE main pane. There is
a line reading `timescale 1ns / 1ps. Please leave line alone and never delete it. It
just lets the ISE know that each unit of time should be 1ns and have the resolution up
to 1ps for any timing purposes (more on this later).
Next is the module header that contains the module name and the list of I/O as its
parameters. We have declared multiple outputs to implement the same circuit using
different HDL forms when writing in Verilog.
Also we should notice that the Verilog file is added to the Hierarchy next to the
schematic as a part of this project. Now were ready to implement the Verilog
description of the function F in the three intended forms.
27
Fig. 5.7. New source page
4. For the implementation the three forms we have different formats. Sometimes we
want to declare internal wires to connect things easily and in a more organized
fashion, but if we didnt declare these wires, ISE will assume a single bit wire for the
use.
The Structural version: This is done using gate primitives that are automatically
taken from the Xilinx libraries (just as you would with a schematic) by calling their name
and passing parameters, so for a two input gate we have the format gate (output, input1,
input2) and this is just like doing a schematic in words.
The Functional version: Using the assign keyword to assign the results of the
function expression to the output. The expression of the function looks a lot like how we
would write it down on paper.
The Behavioural version: Using a synthesis directive called an Always Block
we can implement the same function. The difference is that it only wakes up and assign
the output.
28
When any of the inputs changes, hence the (*) which means any change. One
thing to notice is that any output being assigned inside of an always block needs to be
declared as a reg for synthesis purposes, and that we cannot use the assign keyword
inside of such block.
Fig. 5.8 : Programming the new source
5. We should always save your work multiple times as there always a slight chance
that the tool may crash and you will lose your work. It is important to understand
that hardware CAD tools are massive and complex so there is always a chance for
unexpected or faulty behaviour.
Now the circuit is ready for simulation or implementation on the board. It is

important to notice that most processes are the same for both the schematic and the
Verilog version of the design.
29
5.2.3 Simulate the Schematic/Verilog Circuit Using Isim and a Verilog

Test Fixture
Now that we have a saved verilog code, we need to simulate its behaviour. The
simulator well use is the ISE built in simulator, which is essentially a Verilog simulator.
Testbench: is a file that becomes a top module to our design and applies inputs to
our circuit, and potentially checks that the outputs are correct. This will be another
Verilog file written slightly differently than circuit implementation. The testbench will
instantiate one copy of our verilog code, and call it UUT for Unit Under Test. we will
then write the Verilog statements that set the inputs to our circuit (the UUT), and looks at
the outputs produced. We need to know only very basic Verilog syntax to do this.
1. First we need to ensure that the ISE more is changed to Simulation from
implementation as shown in figure 5.9. Go to the top left pane and change the
View field to simulation. The design window will then change slightly with
different options. Referring back to the same step in creating a New Source create
a Verilog Test Fixture to create a Verilog file that will contain the test code.
Fig. 5.9 : Adding test bench
2. Click NEXT and choose which design we want to associate the test bench with. This
is very important as we will have multiple modules or schematics in the future and
we need to be sure which design will be going under test using the test bench. In this
30
choose the simple_verilog module to be tested. The procedure for testing the
schematic version is exactly the same; we just have to choose the appropriate source
to be associated with the test bench. This is shown in figure 5.10.
Fig. 5.10 : Assigning design to test bench

3. Click NEXT and after observing the summary click FINISH. Now well get a new
piece of Verilog code generated for us. This Verilog code instantiates the
simple_verilog module as the UUT, and includes some other stuff related to how
the UUT is connected to the testbench. It looks like as in figure.5.11.
Fig. 5.11 : Creating test bench

31
4. We can now write our test bench code as an initial block right before the endmodule.
Basically we set the values of our inputs, and tell the simulator how long to wait
between each change on the inputs. The results will eventually be plotted on a
waveform for us. Verilog syntax for setting a variable is very simple, and the #50
notation just means for the simulation to wait for 50 ticks of the simulation clock
before moving on to the next statement. A very simple test bench for this circuit
looks like as in figure 5.11. I added the lines between initial and end to drive the
inputs with different values so that we can see what the circuit result is. Note that
each statement in Verilog ends with a semicolon, and you can put multiple
statements on a line if we like.
We will see how using a For loop in the test bench will make things a lot and
shorter.
Fig. 5.12 : Adding for loop
5. We usually want to test all possible inputs to be able to draw a better conclusion on
whether the circuit is functioning correctly. After were satisfied with the input
setting of our test bench make sure to save. Always observe the console window to
look out for errors after saving.
32
Now we are ready to simulate our Verilog circuit. Observe that the test bench
Verilog file is now the top module to our simple_verilog module in the simulation
design view. It is very important to have the test bench file selected for simulation or
things will go wrong. After selecting and highlighting the test bench file in the design
windows, we can check our test bench for syntactic errors by clicking the Behavioural
Check Syntax in the processes windows right below. If our code is correct syntactically
then well get a green check mark. This is not crucial as if we run the simulation without
it then the syntax will be automatically checked by the ISIM and will not run if there are
errors in our test bench. Now we can double-click the Simulate Behavioral Model to
see the waveform generated by the ISIM.
Fig. 5.13 : Simulating the program
6. Double-clicking the Simulate Behavioural Model will fire up the simulator on our
testbench file. Because our testbench includes an instance of our schematic (the
UUT) and some commands to drive signals into our schematic, this will result in
simulating our schematic. The output will be displayed as waveforms as shown in
figure 5.14. The values reported for A, B, S, and F are the values seen at the blue bar.
We can pick up (with the mouse) and move the blue bar to see the values at different
points in the simulation.
33
By looking at the waveform we can see that all three different forms of
expressing the function in Verilog (structural, functional, and behavioral) are all holding
the same behaviour throughout the simulation. We can click on the waveform in
different places (the yellow line is where in the range of time in the waveform it was
clicked) and we can see values quickly for all I/O in the Name and Value sections to
the left of the waveform.
The simulation is now done. We can always go back to the test bench and make a
more complicated set of tests and re-simulate the circuit.
Fig. 5.14 : Simulation window

It is good to observe the other capabilities of our simulation windows. The
console is where all of the simulator messages will be printed. Look for errors or
warning about your design.
The left panes will allow us to dig into our design hierarchy to grab signals that
are deep in the design and may not be set in the top module, recall that the test bench is
only created for one module, so if we have a multiple level hierarchy then we need to use
these windows to navigate to the desired signal and drag-and-drop into the simulation
windows.
34
Sometimes we want the values of the test bench results for the Verilog modules
output to be printed into the console of the simulator windows. We can then add the
Verilog print statement called $display in between our test bench code. This will allow
us to monitor signals in large designs and long waveforms with many signals being
looked at. We can also format the printed statement to what we want it to show on the
console for better readability of the results.
Below are some $display statements added to the current test bench to show the
effects it will have. Never the less, we should always put a $display statement at the
beginning and the end of your test code to indicate the starting and actual finishing of the
simulations.
Fig. 5.15 : Adding #display to the program
35
And the resulting console output for the above test bench code is as shown in
figure 5.16.
Fig. 5.16 : Output after adding #display
36
CHAPTER 6
HARDWARE DETAILS
The hardware used for the design of low hardware complexity stream cipher is
Spartan 3E FPGA Starter kit
6.1 FPGA [Field Programmable Gate Array]

A field-programmable gate array is an integrated circuit designed to be
configured by the customer or designer after manufacturinghence "fieldprogrammable". The FPGA configuration is generally specified using a hardware
description language (HDL).
FPGAs contain programmable logic components called "logic blocks", and a

hierarchy of reconfigurable interconnects that allow the blocks to be "wired together"
somewhat like many (changeable) logic gates that can be inter-wired in (many) different
configurations. Logic blocks can be configured to perform complex combinational
functions.
FPGA architecture is an array of logic cells that communicate with i/o via wires
routing channels. In a FPGA, existing wire resources that run in horizontal and vertical
columns (routing channels) are connected via programmable elements. These routing
wires also connect logic to i/0s.
FPGAs can be characterized by the following items

Performance- the ability for real system design to operate at increasingly higher
frequencies.
Density and capacity- the ability to increase integration, to place more and more
in a chip (system in a chip), and use all available gates with in the FPGA, theyre
by providing a cost effective solution.
Ease of use the ability for system designers to bring their products to market
quickly, leveraging the availability of easy-to-use software tools for logic
synthesis as well as lace and route, in addition to architectures that enables late
37
design that effect logic, routing, and i/o resources without a significantly adverse
effect on timing.
In- system programmability and in circuit re-programmability the ability to
program or reprogram a device while it is in-system, mainstreaming, and
inverters as well as allowing for field upgrades and user configurability.
6.1.1 FPGA Technology in Detail

FPGAs are chips, which are programmed by the customer to perform the desired
functionality. The chips may be programmed either
Once: Antifuse technology, e.g. Devices manufactured by Quick logic
Several times: Flash based e.g. Devices manufactures by Actel
Dynamically: SRAM based e.g. Devices manufactured by Actel, Altera, Atmel,
Cypress, Lucent, Xilinx
Each technology has its own advantages, which shall be discussed very briefly:
ANTIFUSE FPGA
o Devices are configured by burning a set of fuses. Once the chip is
configured, it cannot be altered any more.
o Bug fixes and updates possible for new PCBs, but hardly for already
manufactured boards.
o ASIC replacement for small volumes.
FLASH FPGA
o Devices may be re-programmed several thousand times and are nonvolatile, i.e. keep their configuration after power-off
o With marginal additional effort, the chips may be updated in the field
o Expensive
o Re-configuration takes several seconds. The CLBs form the central logic
structure with easy access to all support and routing structures. The IOBs
are located around all the logic and memory elements for easy and quick
routing of signals on and off the chip.
SRAM FPGA
o Currently the dominating technology
o Unlimited re-programming
38
o Additional circuitry is required to load the configuration into the FPGA

after power on.
o Re-configuration is very fast, some devices allow even partial
reconfiguration during operation and allows new approaches and
applications.
6.2 XILINX Spartan-3E

The Spartan-3E start kit board highlights the unique features of the Spartan-3E
FPGA family and provides a convenient development board for embedded processing
applications.
Figure 6.1 shows the Xilinx Spartan-3E FPGA start kit. The Xilinx Spartan-3E
sample pack is a demonstration platform intended for you to become familiar with the
new features and availability of the Spartan-3E FPGA family. For a comprehensive
development platform including a 500k gate FPGA evolution versions of Xilinx ISE and
embedded development kit (EDK) and more purchase a Spartan-3E starter kit.
Fig. 6.1 : Xilinx Spartan-3E FPGA start kit.

39
6.2.1 Spartan-3E Specific Features

The board highlights these features
Parallel NOR Flash configuration.
Multi boot FPGA configuration from parallel NOR Flash PROM.
SPI serial Flash configuration.
6.2.2 Key Components and Features

100,000-gate Xilinx Spartan-3E XC3S100E FPGA in a 144-Thin Quad Flat
Pack package
(XC3S100E-TQ144)
2,160 logic cell equivalents
Four 18K-bit block RAMs (72K bits)
Four 18x18 pipelined hardware multipliers
Two Digital Clock Managers (DCMs)
32Mbit Intel Strata Flash
A 40-pin expansion connection port to gain access to the Spartan-3E FPGA
Four 6-pin expansion connector ports to extend and enhance the Spartan-3E
Sample Pack
Compatible with Digilent, Inc. peripheral boards
http://www.digilentinc.com/products/Peripheral.cfm
7 Light Emitting Diodes (LEDs)
50MHz Crystal Oscillator Clock Source
Power Regulators
16 Mbits of SPI serial Flash (STMicro)
Micro Blaze code shadowing
2-line,16-character LCD screen
VGA display
Eight discrete LEDs
Chip Scope Soft Touch debugging port
Four slide switches
40
CHAPTER 7
RESULTS AND DISCUSSION

The hardware structure of the proposed stream cipher is simulated in Verilog and
the same was synthesized on FPGA architectures. The results of performance in terms of
throughput and area consumed in terms of gate count for the proposed stream cipher is
compared with that of the 80-bit stream cipher using CRC hash and Grain stream cipher.
Figure 7.1 shows the simulation output. In the output out1 and out2 represents the
outputs of two SRAA circuits, keystream represents the total keystream, a shows the
80bit information in which first 16bits represents the constant key and remaining 64bits
are the output of 64bit LFSR and stream out gives the stream cipher using QCLDPC
code output.
Fig. 7.1 : Simulation output
41
Fig. 7.2 : RTL Schematic
The RTL schematic of the design is shown in figure 7.2, which shows the two
SRAA blocks and the 64bit LFSR.
The FPGA implementation verified using Chip scope Pro is shown in figure 7.3.
The figure shows the same result obtained during the simulation.
Fig. 7.3 : FPGA implementation result verified using Chip Scope Pro
42
The hardware complexity is compared based on the number of gates required.

The gate counts of different functions are given in table 7.1.
Table 7.1 : Gate count for different functions

Function
Gate Count
D Flip Flop
2 input NAND
2 input AND
2 input XOR
2.5
4 input NAND
4 input XOR
The number of gates required in the design of proposed stream cipher is

calculated below.
Table 7.2 : Gate count for QCLDPC Circuit
Function
Number
Number of gates required
D Flip flop
40
320
2 input XOR
20
50
2 input AND
20
20
Table 7.3 : Gate count for LFSR and Key

Function
Number
D Flip flop
64+16
640
Table 7.4 : Gate count for stream cipher

Function
Number
2 input XOR
80
200
From the above tables, the gate count of the proposed Stream cipher is 1230
while that of CRC Hash stream cipher is 1314.
43
Table 7.5 : Comparison of gate count

Stream
Grain
Stream Cipher (CRC
Stream cipher using
Cipher
Stream
Hash) with Seed
QCLDPC codes with
Cipher
(40bits) & LFSR (40
key(16bits) and LFSR
80 bit
bits)
(64Bits)
1450
1314
1230
Gate Count
44
CHAPTER 8
CONCLUSION AND FUTURE SCOPE

8.1 Conclusion
The purpose of the study is left unfulfilled if the results are not properly analyzed
ensuing discussion outlines the outcome of the study and scope for future enhancement.
This work proposes design of a secure stream cipher of low hardware complexity. The
proposed method is introduced as a modification in the design of a recently proposed
hardware efficient stream cipher [1]. By introducing QCLDPC Code block in place of
CRC hash, the hardware complexity of the system reduced to a great extent, but
cryptographic security of the cipher was adversely affected. In the final proposed design
the hardware complexity is reduced. Since QCLDPC code block can be implemented in
hardware using only flip-flop, AND and XOR gates, the hardware complexity is reduced
to a great extent.
The security of the cipher is increased by combining the input bits through nonlinear Boolean function. Thus it becomes impossible to retrieve the keys through solution
of linear equations. The suggested minimum hardware for this purpose is seen to provide
large periodicity and throughput with good security.
8.2 Future Scope

The improved performance of the stream cipher using QCLDPC codes will make
this a promising design in cryptography. If the manual calculation of generators from the
parity matrix H is replaced with the software calculations the encoding can extend to
higher bit information sequences.
45
REFERENCES
[1]
Nasarathul Nisha P.K, Deepthi P.P, Lalmohan K.S., Design and Analysis of
Stream Cipher of Low Hardware Complexity, 2012 International Conference on
Communication Systems and Network Technologies.
[2]
Panagiotis Rizomiliotis, Misusing universal hash functions: security analysis of

a hardware efficient stream cipher model using LFSR based hash function,
Information Theory Workshop (ITW), 2010 IEEE.
[3]
Deepthi P.P, Sathidevi P.S., Design, implementation and analysis of hardware

efficient stream ciphers using LFSR based hash functions, Elsevier Computers
and security. 28, 229-241(2009).
[4]
Huang A.L, Penzhorn W.T, Cryptographic Hash Functions and Low-Power

Techniques for Embedded Hardware, Proceedings of the IEEE International
Symposium on Industrial Electronics, June 20-23, 2005, ISIE 2005, Vol.4, pp.
1789 1794, June 2005.
[5]
H. Krawczyk, LFSR-based Hashing and Authentication, In Advances in

Cryptology - Crypto'94, volume 839 of Lecture Notes in Computer Science, pp
129-139. Springer-Verlag, 1994.
[6]
Yong Zhang, Xiamu niu, Juncao Li, Chunming Li, Research on a Novel
Hashing Stream Cipher, International Conference on Computational Intelligence
and Security, 3-6 Nov 2006, Guangzhou, Vol. 2, 3-6, pp. 1339 1344, Nov 2006.
[7]
Angelo P.E. Rosiello, Design of a Synchronous Stream Cipher from Hash

Functions, International Journal of Computer Science and Network Security,
Vol.7 No.8, August 2007.
[8]
Martin Hell, Thomas Johansson, Willi Meier, Grain - A Stream Cipher for
Constrained Environments.
[9]
Zongwang Li, Lei Chen, Lingqi Zeng, Shu Lin, and Wai H. Fong, Efficient
Encoding of Quasi-Cyclic Low-Density Parity-Check Codes, IEEE Transactions
On Communications, VOL. 54, NO. 1, January 2006.
[10]
R. G. Gallager, Low density parity check codes, IRE Trans. Inf. Theory, vol.
IT-8, no. 1, pp. 2128, Jan. 1962.
[11]
Wenbo Mao. Modern Cryptography Theory and Practice. Prentice Hall PTR,
2004.
46
[12]
D. J. C. MacKay, Good error-correcting codes based on very sparse matrices,

IEEE Trans. Inf. Theory, vol. 45, no. 3, pp. 399432, Mar. 1999.
[13]
K. Yu, S. Lin, and M. Fossorier, Low density parity check codes based on finite
geometries: A discovery and new results, IEEE Trans. Inf. Theory, vol. 47, no.
11, pp. 27112736, Nov. 2001.
[14]
L. Chen, J. Xu, I. Djurdjevic, and S. Lin, Near-Shannon-limit quasicyclic lowdensity parity-check codes, IEEE Trans. Commun., vol. 52, no. 7, pp. 1038
1042, Jul. 2004.
[15]
S. Lin and D.J. Costello, Jr., Error Control Coding: Fundamentals and
Applications, 2nd ed. Upper Saddle River, NJ: Prentice-Hall, 2004.
[16]
W.W. Peterson and E.J. Weldon, Jr., Error Correcting Codes, 2nd ed. Cambridge,
MA: MIT Press, 1972.
[17]
D. J.C. MacKay and R.M. Neal, Near-Shannon-limit performance of low

density parity check codes, Electron. Lett., vol. 32, pp. 16451646, Aug. 1996.
47
OUTCOME OF THE PROJECT

National Conference
[1]
Ambili K., Lalmohan KS, Pradeesh K.P., Design And Development of low
hardware Complexity Stream cipher on FPGA National Conference on
Emerging Trends In Engineering And Technology in Canara college Of
Engineering, Bantwal. Date: 24th April 2014.
48
49

PROJECT

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

PROJECT

Încărcat de

Drepturi de autor:

Formate disponibile

ABSTRACT

I wish to express my heartfelt and sincere thanks to Mr. LALMOHAN K.S,

I am extremely grateful to my Project Guide, Mr. PRADEESH K.P., Assistant

I would like to express my greatest appreciation to Prof. SURESHA V.,

I wish to express my heartfelt and sincere thanks to Dr. RAVIKUMAR M.S.,

I am extremely grateful to our beloved principal Dr. N.A. JNANESH, for

I am extremely grateful to Dr. RENUKA PRASAD K.V., General Secretary,

I am deeply indebted to the architect of modern Sullia and Founder President of

Overview And problem identification

Software And Hardware Tools Used

Organization of the Project Report

NETWORK SECURITY AND CRYPTOGRAPHY

3.3.2 Security Violations

3.3.3 Security Attacks

3.3.4 Methods to Achieve Security Goals

3.3.5 Introduction to Cryptography

3.3.6 Basic Terminologies used in Cryptography

3.3.7 Cryptographic Algorithms

3.3.8 Overview of Public Key Cryptography

Introduction To QC-LDPC Codes

Generator Matrix In Systematic Circulant Form and

Minimum Software Requirement Specification

Xilinx ISE Design Suite 14.4

5.2.1 Setting Up a new Project

5.2.2 Implement a Function Using Verilog

5.2.3 Simulate the Schematic/verilog Circuit Using ISIM and

a Verilog Test Fixture

FPGA[ Field Programmable Gate Array]

6.1.1 FPGA Technology in Detail

6.2.1 Spartan-3E Specific Features

6.2.2 Key Components and Features

RESULTS AND DISCUSSION

CONCLUSION AND FUTURE SCOPE

Existing keystream generator using CRC hash

Proposed keystream generator using QC-LDPC codes

Crypto System Model for encryption and decryption

Model for Encryption and decryption with Symmetric

Model for Encryption and decryption with Asymmetric

Encryption process in the public-key cryptography

Decryption process in the public-key cryptography

SRAA Encoder circuit

SRAA-Based serial QC-LDPC encoder

Project navigator page

Create new project window

Project settings window

Project summary page

Adding a new source window

Defining the module

New source page

Programming the new source

Adding test bench

Assigning design to test bench

Creating test bench

Adding for loop

Simulating the program

Adding #display to the program

Output after adding #display

Xilinx Spartan-3E FPGA Starter kit

FPGA implementation result verified using Chip Scope

Gate count for different functions

Gate count for QCLDPC Circuit

Gate count for LFSR and Key

Gate count for stream cipher

Comparison of gate count