Lecture 5

Block Diagrams

Modes of Operation of

Block Ciphers

ECE 448 – FPGA and ASIC Design with VHDL

Modes of Operationof Block Ciphers

Block vs. stream ciphers

Stream cipher

Internal state - ISBlock cipher

KK

M1, M2, …, Mn m1, m2, …, mn

C1, C2, …, Cn c1, c2, …, cn

Ci=fK(Mi) ci = fK(mi, ISi) ISi+1=gK(mi, ISi)

Every block of ciphertext is a function of only one

corresponding block of plaintext

Every block of ciphertext is a function of the current block

of plaintext and the current internal state of the cipher

Typical stream cipher

Sender Receiver

PseudorandomKeyGenerator

mi

plaintext

ci

ciphertext

kikeystream

keyinitialization vector (seed)

PseudorandomKeyGenerator

mi

plaintext

ci

ciphertext

ki keystream

key initializationvector (seed)

Standard modes of operation of block ciphers

Block cipher Block cipherturned into

a stream ciphers

ECB mode Counter modeCFB modeCBC mode

ECB (Electronic CodeBook) mode

Electronic CodeBook Mode – ECBEncryption

M1 M2 M3

E

Ci = EK(Mi) for i=1..N

MN-1 MN

E E E E. . .

C1 C2 C3 CN-1 CN

K K K K K

Electronic CodeBook Mode – ECBDecryption

C1 C2 C3

D

Mi = DK(Ci) for i=1..N

CN-1 CN

D D D D. . .

M1 M2 M3 MN-1 MN

K K K K K

Electronic CodeBook Mode – ECB(simplified block diagram)

EK

IN

OUT

Ci

Mi

DK

IN

OUT

Ci

Mi

Ci = EK(Mi)

Mi = DK(Ci)

Electronic CodeBook Mode – ECB(combined block diagram)

EK

IN

OUT

DK

IN

OUT

bdo

bdi

bdi = Mi for Encryption Ci for Decryption

bdo = Ci for Encryption Mi for Decryption

Counter Mode

Counter Mode - CTREncryption

m1m2 m3

E

ci = mi ki

ki = EK(IV+i-1) for i=1..N

mN-1 mN

. . .

E E E E. . .

c1 c2 c3 cN-1 cN

IV IV+1 IV+2 IV+N-2 IV+N-1

k1k2 k3

kN-1 kN

K K K K K

Counter Mode - CTRDecryption

c1c2 c3

E

mi = ci ki

ki = EK(IV+i-1) for i=1..N

cN-1 cN

. . .

E E E E. . .

m1 m2 m3 mN-1 mN

IV IV+1 IV+2 IV+N-2 IV+N-1

k1k2 k3

kN-1 kN

K K K K K

Counter Mode – CTR(simplified block diagram)

EK

IN

OUT

counter

IV

ci

mi

EK

IN

OUT

counter

IV

ci

mi

IS1 = IVci = EK(ISi) mi

ISi+1 = ISi+1

IS1 = IVmi = EK(ISi) ci

ISi+1 = ISi+1

ISi ISi

Counter Mode – CTR(combined block diagram)

EK

IN

OUT

counter

IV

bdo

bdi

ISi

bdi = mi for Encryption ci for Decryption

bdo = ci for Encryption mi for Decryption

CFB (Cipher FeedBack) Mode

Cipher Feedback Mode - CFBEncryption

m1 m2 m3

E

mN-1 mN

. . .

E E E E. . .

c1 c2 c3 cN-1 cN

IV

ci = mi ki

ki =EK(ci-1) for i=1..N, and c0 = IV

k1 k2 k3 kN-1kN

Cipher Feedback Mode - CFBDecryption

m1 m2 m3

E

mN-1 mN

. . .

E E E E. . .

c1 c2 c3 cN-1 cN

IV

mi = ci ki

ki =EK(ci-1) for i=1..N, and c0 = IV

k1 k2 k3 kN-1kN

Cipher Feedback Mode – CFB(simplified block diagram)

EK

IN

OUT

ci

mi

EK

IN

OUT

ci

mi

IV

IS1 = IVci = EK(ISi) mi

ISi+1 = ci

IV

ISi ISi

register register

IS1 = IVmi = EK(ISi) ci

ISi+1 = ci

Cipher Feedback Mode – CFB(combined block diagram)

EK

IN

OUT

bdo

bdi

IV

ISi

register

bdi = mi for Encryption ci for Decryption

bdo = ci for Encryption mi for Decryption

bdi

CBC (Cipher Block Chaining) Mode

Cipher Block Chaining Mode - CBCEncryption

m1 m2 m3

E

IV

ci = EK(mi ci-1) for i=1..N c0=IV

mN-1 mN

. . .

E E E E. . .

c1 c2 c3cN-1

cN

Cipher Block Chaining Mode - CBCDecryption

mi = DK(ci) ci-1 for i=1..N c0=IV

m1 m2 m3 mN-1 mN

IV . . .

D D D D D. . .

c1 c2 c3cN-1

cN

Cipher Block Chaining Mode – CBC(simplified block diagram)

EK

IN

OUT

ci

mi

DK

IN

OUT

ci

mi

IV

IS1 = IVci = EK(ISi mi)

ISi+1 = ci

IS1 = IVmi = DK(ci) ISi

ISi+1 = ci

IV

ISi

ISi

register

register

Cipher Block Chaining Mode – CBC(combined block diagram)

EK

IN

OUT

DK

IN

OUT

IV

ISi

register

ci

bdi

bdo

bdi

bdi

ECE 448 – FPGA and ASIC Design with VHDL

Advanced Encryption Standard (AES)

Pseudocode

AES Encryption

AES Decryption

ECE 448 – FPGA and ASIC Design with VHDL

AES: Symbols, Block Diagrams,

Interfaces

AES_Enc

•Encryption Only•Key scheduling done as a part of initialization

Symbol

Block Diagram – AES_Enc

Block Diagram – Round

Block Diagram – KeyUpdate

AES_Enc: Interface with the Division into the Datapath and Controller

AES_Enc_KOF

•Encryption Only•Key scheduling done On the Fly

Symbol

Block Diagram – AES_Enc_KOF

Block Diagram – Round

Block Diagram – KeyUpdate

AES_Enc_KOF: Interface with the Division into the Datapath and Controller

AES_EncDec

•Encryption and Decryption•Key scheduling done as a part of initialization

Symbol

Block Diagram – AES_EncDec

Block Diagram – Round

Block Diagram – InvRound

Block Diagram – KeyUpdate

AES_EncDec: Interface with the Division into the Datapath and Controller

ECE 448 – FPGA and ASIC Design with VHDL

Example of a HierarchicalBlock Diagram

JH hash function

Top Level

R8/R6

L

ECE 448 – FPGA and ASIC Design with VHDL

Example of a HierarchicalBlock Diagram

BLAKE hash function

Top Level

Permute8

Core8

G_mod

ECE 448 – FPGA and ASIC Design with VHDL

Interface ofCipherCore

Datapath

59

Block Diagram of AEAD

Input Ports

(nonce, IV)

(only few candidates)

(AD, M, C)(we will not use it)

ECE 448 – FPGA and ASIC Design with VHDL

Timeline

Thursday 10/15, 12 noon:

First draft of block diagrams (Blackboard)

Thursday 10/15, 1:00-4:30pm

Friday 10/16, 1:00-8:00pm

Discussion of draft block diagrams

(30 minutes per person,

60 minutes per group,

electronic sign-up using Doodle)

Project Timeline: Draft Block Diagrams

Thursday 10/22, 12 noon

Revised block diagrams due (Blackboard)

Thursday 10/22, 1:00-4:30pm

Friday 10/23, 1:00-8:00pm

Discussion of revised block diagrams

(30 minutes per person,

60 minutes per group,

electronic sign-up using Doodle)

Project Timeline: Revised Block Diagrams