Section 8.1. The Triple-DES Algorithm


8.1. The Triple-DES Algorithm

In order to evaluate software versus hardware implementations of data encryption, we begin with publicly available source code for the triple-DES encryption algorithm. This source code was originally written by Phil Karn (of Qualcomm) and is based on an algorithm described in Applied Cryptography, written by Bruce Schneier and published in 1995 by John Wiley & Sons. This original source code was written in standard C language and was not optimized for any specific processor target, nor was it written to take advantage of algorithm-level parallelism.

We'll use Impulse C library calls to make the conversion from the original C code to a version suitable for hardware compilation in the selected FPGA target, and to perform the required C-to-hardware compilation. Our goal in this evaluation is to quickly evaluate the relative performance and trade-offs of hardware versus software implementations for one specific algorithm (the triple-DES encryption function, represented by approximately 180 lines of C source code). Therefore, we have decided at the outset to make only the minimum changes necessary to allow efficient hardware compilation and to refrain from making non-obvious changes to the algorithm as a whole. Those changes will come later, in Chapter 10, after we have generated a working prototype.

The DES (Data Encryption Standard) algorithm was designed to encrypt/decrypt 64-bit blocks of data representing eight characters per block. Large amounts of data are processed by simply applying the same algorithm over and over to these 64-bit blocks, each of which represents the eight characters in an incoming ASCII text stream. In addition to the input data to be encrypted, the algorithm uses key schedule and SP Box data to perform the actual encryption/decryption. The key schedule data is generated from the encryption key and is constant for each stream of data. The SP Box data is a fundamental part of the algorithm and is constant for all streams.

The changes made to the encryption function in support of hardware compilation are as follows:

  • The streaming model is a natural fit for this algorithm, so we use Impulse C library functions (including co_stream_open, co_stream_read, co_stream_write, and co_stream_close) to read the input data as a stream of data and output the data as a stream. The original algorithm assumed the data was in a global array, but the streaming implementation better reflects a real-world application where data would be processed as it is received from elsewhere. Streaming is also the preferred programming model for hardware/software interfaces when using Impulse C, because it more closely matches how data is most efficiently moved around in hardware.

  • We create an additional configuration data stream as an input that accepts the encryption key (the key schedule) as well as the "SP box" static data specified by the encryption algorithm. (In the legacy C version these values were also accessed via global arrays.)

  • We create top-level producer and consumer processes (also written in C, and again described using the Impulse C libraries) that serve as a test bench for the algorithm. This lets us stream random text characters into both the original, legacy C algorithm (which is compiled along with the test producer and consumer processes into native executable code on the embedded processor) and the hardware version, which is compiled directly to hardware and operates on the FPGA alongside the embedded processor.

  • For debugging purposes, we will also create a more comprehensive test application (developed using Microsoft Visual Studio) that exercises the encryption algorithm in a desktop simulation environment. This test application combines the two encryption functions (the legacy C version and the Impulse C version) with corresponding decryption algorithms to verify the functional correctness of the application using various text inputs. This test will be set up and run, and the results verified, before going to the next step and compiling to the target FPGA platform.



    Practical FPGA Programming in C
    Practical FPGA Programming in C
    ISBN: 0131543180
    EAN: 2147483647
    Year: 2005
    Pages: 208

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net