4th International Conference on Electrical Engineering (ICEE 2015)

IGEE, Boumerdes, December 13th -15th, 2015

Finding the Best FPGA Implementation of the DES

Algorithm to Secure Smart Cards.
Karima DICHOU
LIMOSE Laboratory
Mhamed Bougara University,UMBB
Boumerdes, Algeria
Dichou.Karima2014@Gmail.com

Victor TOURTCHINE

Faycal RAHMOUNE

LIMOSE Laboratory
Mhamed Bougara University,UMBB
Boumerdes, Algeria
v.tourtchine@umbb.dz

LIMOSE Laboratory
Mhamed Bougara University,UMBB
Boumerdes, Algeria
F.rahmoune@umbb.dz

AbstractSmart cards are often used in different applications

which require strong security protection and authentication;
such as corporate organization, government, banks etc. its
popularity is increasing due to its price and safety. Several
cryptographic algorithms have been implemented to smart cards
among them we find the DES (Data Encryption Standard). In
this paper we propose to compare and find the best FPGA (Field
Programmable Gate Arrays) implementation of the DES
Algorithm to secure smart cards. Knowing that, smart cards
occupy small chip area; consume low power, so their applications
demand security hardware with more restrictions on area and
power and less on throughput. These results can be helpful for
selecting the right FPGA implementation of DES for a dedicated
application. Results are considered under different FPGA,
languages, and pipelined and non-pipelined implementations.
KeywordsSmart
Symmetric key

card;

DES;

FPGA;

Cryptography;

I.
INTRODUCTION
Smart card is a plastic card with an embedded
microprocessor chip, capable of storing, managing, calculating
and performing cryptography algorithm on a significant
amount of data [1]. At the present time, single or multi
application smart cards are available on the smart card
technologies. The Malaysians MyKad is an example of a
smart card that has many applications which are electronic
cash, health care, passport, driving license and others [2].
Multi-purpose student card system using smart card
technology [3] is another example. Security techniques of
smart card are very important issue so; their technology
institutions have to develop security measures to defend the
smart card and the smart card readers. The most efficient and
important algorithms in smart cards such as: DES, TDES,
AES, ECC and RSA.
The DES (Data Encryption Standard), or DEA (Data
Encryption Algorithm), was developed in the 1970s by IBM
(with help from the National Security Agency) and adopted in
1977 as a Federal Information Processing Standard for the US
(FIPS 46) [4, 5]. DES is a 64-bit block cipher, symmetric

algorithm [5]. DES algorithm is widely used in some areas

such as the magnetic cards and smart cards [6]. DES is an
extremely well-designed cipher. In this paper, we propose to
find the best FPGA implementations of the DES encryption
algorithm to secure a smart card. We want to collect the
maximum informations about them to choose the right one.
This paper is organized as follows: section 2 introduces the
DES algorithm; Section 3 describes the smart cards and their
encryption algorithm, section 4 gives the different FPGA
implementations of the DES encryption algorithm and finally
in section 5, a brief conclusion.
II.

DES ALGORITHM DESCRIPTION

In this section, we provide a high-level overview of the

main components of DES.
The DES block cipher is a 16-round Feistel network with a
block length of 64 bits and a key length of 56 bits [4]. The
same round function (F) is used in each of the 16 rounds. The
key schedule of DES is used to derive a sequence of 48-bit subkeys k1, . . . , k16 from the 56-bit master key [4]. Each sub-key
ki is being a permuted subset of 48 bits of the master key [5].
An outline of DES is shown in figure1.
A. Plaintext encryption process
The original 64-bit plain text is converted with the initial
permutation (IP) [4], encrypts in 16 rounds, followed by the
inverse of the initial permutation (IP-1) [7]. In each round, the
right-side 32 bits of the block are transformed with the function
labeled (f) and a sub-key, then exclusive-OR (XOR) with the
left side 32 bits. After each round, the two sides of the data
block are swapped and the algorithm continues [7].
B. Key generation
For each DES round, a sub-key of 48 bits has to be
generated. The input key is also 64 bit, but 8 bits are used for
parity checking. After an initial key permutation (CP-1) the 16
sub-keys, one for each round, are derived from the 56-bit key

2015 IEEE

selected for encryption. One sub-key is obtained after left

shifting, and after a 56 to 48 bit permutation, (CP-2). [8, 9]

implementation, they have a coprocessor dedicated with the

cryptographic algorithm as shown in figure 3.
The most efficient and important algorithms in smart cards
(see figure 4) are: DES, TDES, AES, ECC and RSA.

Fig.2. Microprocessor smart card architecture.[1]

Fig.3. Smart card with coprocessor architecture.[13]

Fig.1. DES Algorithm. [9]

III. SMART CARDS

Smart card is a portable computational device with data
storage ability. They currently exist for vast array of
applications. A smart card resembles a credit card in size and
shape, but inside it is completely different, it contains an
embedded microcontroller [10]. Figure 2 shows the main
elements of microprocessor used in smart cards: CPU, ROM,
RAM and EEPROM [11].
Software implementation of cryptographic algorithms in
smart card is located inside the ROM of memory as shown in
figure 2. Cryptographic algorithms are called security features
of smart card which is confidentiality, authentication, data
integrity and non-repudiation [1], [12].for a hardware

Fig.4. Encryption in smart cards. [8]

IV.

DES FPGA IMPLEMENTATIONS

Several FPGA implementations of DES have been

reported in the literature, some of them: [14], [15], [16], [17],
[18], [19], [20], [21] and [22].
The paper [14] describes the hardware implementation of
16-stage pipelined DES Based on Variable Time Data
Permutation. It allows 16 data blocks to be processed
simultaneously resulting in an impressive gain in speed. The
design is implemented on Xilinx Spartan-3e (XC3s500e)
FPGA technology. Final 16-stage pipelined design is achieved
with data rate of 7.98 Gbps.

Leonard and Mangione-Smith [16] published the first

paper on FPGA implementations of the DES algorithm in
1997. Their fastest implementation achieves a data-rate of 3.3
Mbyteslsec on a Xilinx XC4013 device.
However, the design does not support decryption and each
key must be precomputed before it can be used in the device
[20].
A single-chip implementation of DES on Xilinx
XC4020E device has been described by Wong et al. [17]. Their
design achieves an encryption speed of 26.7 Mbitshec.
Kaps and Paar [18] carried out extensive research on highspeed FPGA architectures for the DES algorithm. Among other
designs, they consider a pipelined design with a four stage
pipeline. The data-rate achieved is 402.7 Mbits/sec on the
XC4028EX device.
Patterson [19] presented a paper describing a DES
encryption implementation using hits on a Virtex XCV150-6
FPGA. JBits provides a Javabased Application Programming
Interface (API) for the run time reaction and modification of
the configuration bitstream, which allows dynamic circuit
specialization based on a specific key and mode [19,20]. In this
implementation, the key schedule is computed in software and
forms part of the bitstream. Therefore, all key input and subkey
generation circuitry is removed and when pipelined, the result
is a design with a throughput of 10.7 Gbit'sec.
A free-DES core [20] also exists which utilizes a 16-stage
pipelined DES design implemented on a Virtex XCV400
device. It achieves a throughput of 3 .05 Gbit/sec.
In [21], the authors demonstrate an efficient and compact
reconfigurable hardware implementation of the Data
Encryption Standard (DES) algorithm. The design was

implemented on FPGA of device VirtexE XCV400e and coded

using VHDL language. As a strategy to reduce the associated
design critical path, they utilized a parallel structure that
allowed computing all the eight DES S-boxes simultaneously.
In [22], A generic, parameterisable key scheduling core is
presented, which can be utilized in pipeline private-key
encryption algorithms. The data encryption standard (DES)
algorithm, which lends itself readily to pipelining, is used to
exemplify this novel key scheduling method. The DES design
is implemented on Xinlinx Virtex XCV1000 FPGA
technology.

TABLE I.

SPECIFICATIONS FOR SOME DES FPGA IMPLEMENTATIONS.

The internal structure of the FPGA evolves and becomes

increasingly powerful. In order to compare the
implementations on different FPGA found, we decided to
compare them according to their device family. Table 1 shows
the performance for some representative DES FPGA
implementations. As smart cards occupy small chip area, we
will compare the different implementations according to the
number of CLB Slices.
For the 1st and the 2nd works, we can see that the 1st one
occupies less slices then the 2nd one. So the 1st implementation
is better for a smart card application.
In the 3, 4 and 5th works, the 4th one occupies less area
than the others and almost the same throughput with the 3rd
work. So it is the better one.
The 6, 7, 8 and 9th ones we choose the 8th implementation
with 117 CLB Slices in XCV400E FPGA device.
But if we work with a performance smart card with a
sufficient Area and want to have a good throughput, from all
these implementation, we choose the 6th application with a
throughput of 10752 Mbits/s in XCV150 PFGA device from
Xilinx.
V.

CONCLUSION

In
this
research
compared
different
FPGA
implementations of the DES cryptographic algorithm in order
to find the best one for a smart card, their applications demand
security hardware with more restrictions on area and power
and less on throughput.

These results can be helpful for selecting the right FPGA

for our DES implementation according to the application.
REFERENCES
[1]

T.Abdurahmonov, M. H. Helmi and Y. E. Thiam, The Implementation

of Elliptic Curve Binary Finite Field for the Global Smart Card,
Proceeding of 2010 IEEE Student Conference on Research and
Development (SCOReD 2010), 13-14 Dec 2010, Putrajaya, Malaysia.
978-1-4244-8648-9/10/2010 IEEE, pp. 169-173.
[2] Arora. National e-ID card schemes: A European overview (2008).
Pages 46-53.
[3] S. Omar, H. Djuhari, Multi-purpose student card system using smart
card technology. the Fifth International conference on Information
technology based higher education and training (ITHET). , pp. 527532, 2004.
[4] J. Katz and Y. Lindell, Introduction to modern cryptography, 2 nd ed.,
CRC Press, Taylor & Francis Group, 2014.
[5] E. Schaefer, An introduction to cryptography. Santa Clara University,
United States of America, 1998.
[6] F. Li and P. Ming, A simplified FPGA implementation based on an
Improved DES algorithm, IEEE. 3rd International Conference on
Genetic and Evolutionary Computing (WGEC). Guilin, pp. 227-230,
October 2009.
[7] B. Schneider, Applied Cryptography: Protocols, algorithms, and source
code in C, 2nd ed., John Wiley & Sons, 1996.
[8] I. Verbauwhede, F. Hoornaert, J. Vandewalle, and H.J. de Man,
Security and performance optimization of a new DES data encryption
chip, IEEE Journal of Solid-State Circuits, vol. 23, no 3, pp. 647-656,
June 1988.
[9] F. Rodrguez-Henrquez, N.A. Saqib, A.D. Perez, and .K.
Ko, Cryptographic algorithms on reconfigurable hardware. Springer
Science & Business Media, United States of America , 2007.
[10] K. Dichou, V. Tourtchine and F. Rahmoune, Simulation of smart card
interface with electronic voting machine, Computer Science and
Applications (CSA), vol. 2, no 4, pp. 140-146 , July 2015.
[11] N. Sklavos, G. Selimis and O. Koufopavlou, Bulk encryption cryptoprocessor for smart cards: design and implementation, IEEE, The 11th
IEEE International Conference on Electronics, Circuits and Systems
(ICECS), p. 579-582, 2004.
[12] Z. Peng and J.J. Fang, Comparing and Implementation of Public Key
Cryptography Algorithms on smart card, International Conference on
Coputer Application and System Modeling (ICCASM 2010), IEEE
2010, pp. 508-510.

[13] E. Trichina, M. Bucci, D. D. Seta and R. Luzzi, Supplemental

Cryptographic Hardware for Smart Cards, IEEE Micro, vol.21, No.6,
November/ December 2001.
[14] K.M.A. Abd Elatif, H.F.A. Hamed and E.A.M. Hasaneen, FPGA
Implementation of the pipelined data encryption standard (DES) based
on variable time data permutation, the Online Journal on Electronics
and Electrical Engineering (OJEEE), vol. 2, no 3, pp. 298-302, July
2010.
[15] V. Patel, R. C. Joshi, A. K. Saxena, FPGA Implementation of DES
Using Pipelining Concept With Skew Core Key-Scheduling, Journal of
Theoretical and Applied Information Technology, Vol 5, No3, pp. 295300, March 2009.
[16] J. Leonard, W.H. Mangione-Smith, A case study of partally evaluated
hardware circuits: key-specific DES, Field-Programmable Logic and
Applications. Springer Berlin Heidelberg, pp. 151-160, 1997.
[17] K. Wong, M.Wark, E. Dawson, A single-chip FPGA implementation
of the data encryption standard(DES) algorithm,IEEE Globecom
Communication, pp. 827- 832, vol.2, Sydney, Australia, 1998.
[18] J.P. Kaps and C. Paar, Fast DES Implementations for FPGAs and Its
Application to a Universal Key-Search Machine, 5th Annual Workshop
on selected areas in cryptography, pp.234-247 ,Canada 1998.
[19] C. Patterson, High Performance DES Encryption in Virtex FPGAs
Using Jbits, Field-Programmable Custom Computing Machines,
FCCM00, pp. 113-121, USA, 2000.
[20] Free-DES Core (2000), URL: http://www.free-ip.com/DES/, March
2000.
[21] S. Vajpayee and R. Rai, Modeling and simulation of data encryption
standard algorithm on FPGA,International Journal of Computer
Technology & Apllications, Vol. 3, no 3, pp. 1015-1022, June 2012.
[22] M. McLonne and J.V. Mccanny, High-performance FPGA
implementation of DES using a noval method for implementing the key
schedule, IEE Proceedings of Circuits, Devices and Systems (IET), pp.
373-378, 2003.
[23] K. Dichou, V. Tourtchine, and F. Rahmoune, An improved electronic
voting machine using a microcontroller and a smart card, IEEE. 9th
International Design & Test Symposium (IDT). Algeria, pp. 219-224,
December 2014.
[24] K. Dichou, V. Tourtchine, and F. Rahmoune, Conception et realisation
dune carte puce etudiant, 9th International Telecom15 & 9me
JFMMA Symposium. Morocco, pp. 1-4, May 2015.