-
[show abstract]
[hide abstract]
ABSTRACT: A key-store is a facility for storing sensitive information, most typically the keys of a cryptographic application which provides a security service. In this paper, we present a hardware implemented key-store, which allows secure storage and high performance retrieval of RSA keys. Since RSA is the most widely adopted standard for cryptographic keys, our key-store can be effectively used to improve the dependability of a wide class of security services. Tfie device is implemented on top of a commercial off the shelf (COTS) programmable hardware board, namely a Celoxica RCWOO mounting a Xilinx Virtex-E 2000 FPGA part. We describe the architecture of the hardware device, illustrate the organization of the associated device driver, and evaluate the security and performance gain which can be achieved by integrating our device in real-world applications.
Object-Oriented Real-Time Dependable Systems, 2005. WORDS 2005. 10th IEEE International Workshop on; 03/2005
-
[show abstract]
[hide abstract]
ABSTRACT: In this paper we present a hardware implementation of the RSA algorithm for public-key cryptography. Basically, the RSA algorithm entails a modular exponentiation operation on large integers, which is considerably time-consuming to implement. To this end, we adopted a novel algorithm combining the Montgomery's technique and the carry-save representation of numbers. A highly modular, bit-slice based architecture has been designed for executing the algorithm in hardware. We also propose an FPGA-based implementation of the architecture developed. The characteristics of the algorithm, the regularity of the architecture, and the data-flow aware placement of the FPGA resources resulted in a considerable performance improvement, as compared to other implementations presented in the literature.
Design, Automation and Test in Europe Conference and Exhibition, 2004. Proceedings; 03/2004
-
[show abstract]
[hide abstract]
ABSTRACT: Syntax Notation One (ASN.1) data structure (and viceversa). ASN.1 data structures are compliant with indications contained in [1].
02/2004;
-
[show abstract]
[hide abstract]
ABSTRACT: This paper describes the results of a research activity conducted cooperatively by an academic and an industrial party. It presents a practical solution for and an experience in the implementation of time stamping services and their exposition to the Internet for inter-enterprise integration. State-of-the-art time stamping algorithms and crucial issues related to their practical implementation are discussed. Focus is on integration problems which arise when a potentially large community of enterprises -- which rely on a handful of heterogeneous technologies -- is willing to access remote third-party time stamping services. We propose a practical architecture which provides time stamping services, both in terms of relative temporal authentication, based on a linear linking scheme, and of absolute temporal authentication, based on publishing mechanisms as well as on a trusted time source. The architecture has been implemented using the emerging Web Services technology. An integration experiment has been conducted to evaluate the e#ectiveness of the proposed solution.
02/2004;
-
[show abstract]
[hide abstract]
ABSTRACT: Technology evolution in wireless communication is enabling pervasive connectivity to Internet scale systems. In this scenario, security critical applications are being deployed over platforms which include mobile devices. It is thus key that security services be provided to mobile devices as well. Since security functions are typically based on computationally intensive cryptographic algorithms, achieving this goal is none of a simple task, for the following characteristics of mobile devices: 1) limited computing power, and 2) constraints imposed by peculiarities of the software platforms. This work presents an architecture which allows the provision of digital Time-Stamping services to mobile devices with limited resources. The architecture is described with respect to a case study system.
Object-Oriented Real-Time Dependable Systems, 2003. WORDS 2003 Fall. The Ninth IEEE International Workshop on; 11/2003
-
[show abstract]
[hide abstract]
ABSTRACT: This paper describes the results of a research activity conducted cooperatively by an academic and an industrial party. It
presents a practical solution for and an experience in the implementation of time stamping services and their exposition to
the Internet for inter-enterprise integration. State-of-the-art time stamping algorithms and crucial issues related to their
practical implementation are discussed. Focus is on integration problems which arise when a potentially large community of
enterprises – which rely on a handful of heterogeneous technologies – is willing to access remote third-party time stamping
services. We propose a practical architecture which provides time stamping services, both in terms of relative temporal authentication,
based on a linear linking scheme, and of absolute temporal authentication, based on publishing mechanisms as well as on a
trusted time source. The architecture has been implemented using the emerging Web Services technology. An integration experiment
has been conducted to evaluate the effectiveness of the proposed solution.
10/2003: pages 960-974;
-
[show abstract]
[hide abstract]
ABSTRACT: In October 2000 the National Institute of Standards and Technology chose Rijndael algorithm as the new Advanced Encryption
Standard (AES). AES finds wide deployment in a huge variety of products making efficient implementations a significant priority.
In this paper we address the design and the FPGA implementation of a fully key agile AES encryption core with 128-bit keys.
We discuss the effectiveness of several design techniques, such as accurate floorplanning, the unrolling, tiling and pipelining
transformations (also in the case of feedback modes of operation) to explore the design space. Using these techniques, four
architectures with different level of parallelism, trading off area for performance, are described and their implementations
on a Virtex-E FPGA part are presented. The proposed implementations of AES achieve better performance as compared to other
blocks in the literature and commercial IP core on the same device.
09/2003: pages 292-302;
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents a web-based architecture for providing digital time stamping services. Time stamping services are typically divided into schemes which rely on unconditionally trusted Time Stamping Authorities (TSAs) and schemes which do not, namely the so called linking schemes. The proposed architecture relies on a multi-tier structure. The middle-tier exposes digital time stamping functions behind a unified interface. The specific scheme implemented in the back-end (i.e. trusted TSA or linking scheme) is hidden to the clients. Services are made available via Web services technology. We discuss the main issues we had to address, and motivate our implementation choices. A prototype of the proposed architecture has been developed and used for conducting interoperability tests.
08/2003;
-
[show abstract]
[hide abstract]
ABSTRACT: In this paper we present an hardware implementation of the RSA algorithm for public-key cryptography. The RSA algorithm consists in the computation of modular exponentials on large integers, that can be reduced to repeated modular multiplications. We present a serial implementation of RSA, which is based upon an optimized version of the RSA algorithm originally proposed by P.L. Montgomery (1985). The proposed architecture is innovative, and it widely exploits specific capabilities of Xilinx programmable devices. As compared to other solutions in the literature, the proposed implementation of the RSA processor has smaller area occupation and comparable performance. The final performance level is a function of the serialization factor We provide a thorough discussion of design tradeoffs, in terms of area requirements vs performance, for different values of the key length and of the serialization factor.
Design, Automation and Test in Europe Conference and Exhibition, 2003; 02/2003
-
[show abstract]
[hide abstract]
ABSTRACT: The shuffled adder, a novel serial adder with a latency proportional to log<sub>2</sub>N, where N is the operand width, is presented. It is derived from the Kogge-Stone adder, reordering the cells to obtain a slice-based structure that allows an area-time effective serial implementation. It can be fed with parallel inputs and produce parallel outputs, differently from the digit-serial approach that results in the need for a data-formatter to convert a parallel input into digits, and to collect the digits of the output word. A standard-cell VLSI implementation for different values of N is presented: area-time performances are evaluated through circuit simulations, and compared with digit-serial adders with various digit-size, proving the attractiveness of the proposed structure.
Electronics, Circuits and Systems, 2002. 9th International Conference on; 02/2002
-
[show abstract]
[hide abstract]
ABSTRACT: A novel architecture for real-time synthetic aperture radar signal
processing that achieves real-time processing by using a recently
proposed signum coded algorithm and time domain processing, is
presented. New architecture is completely parallel and can be
dynamically reconfigured in order to use different dimensions of data
and filter matrices. A standard-cell VLSI implementation is presented
and its performances are evaluated through circuit simulations
Electronics, Circuits and Systems, 2001. ICECS 2001. The 8th IEEE International Conference on; 02/2001
-
[show abstract]
[hide abstract]
ABSTRACT: A novel test pattern generator for the built-in self-test technique in testable combinational circuits is proposed. The presented solution is based on a hybrid testing reconfigurable test pattern generator, that uses a shift register reacted through two different networks: it firstly reproduces a pseudo-random sequence of test patterns using a linear feedback combinational network and then reproduces deterministic precalculated test patterns, useful to detect hard faults, using a nonlinear feedback combinational network. For the proposed approach, a synthesis tool (based on state space heuristic search and the "selfish gene" genetic algorithm) able to determine test pattern generator for a given test set, is also proposed. Experiments to evaluate synthesis time and the test sequence length are conducted on well-known ISCAS'85 circuits. Comparison with previous techniques shows the effectiveness of proposed solution
Electronics, Circuits and Systems, 2001. ICECS 2001. The 8th IEEE International Conference on; 02/2001
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents an hardware accelerator which can effectively improve the security and the performance of virtually any RSA cryptographic application. The accelerator integrates two crucial security- and performance-enhancing facilities: an RSA processor and an RSA key-store. An RSA processor is a dedicated hardware block which executes the RSA algorithm. An RSA key-store is a dedicated device for securely storing RSA key-pairs. We chose RSA since it is by far the most widely adopted standard in public key cryptography. We describe the main functional blocks of the hardware accelerator and their interactions, and comment architectural solutions we adopted for maximizing security and performance while minimizing the cost in terms of hardware resources. We then present an FPGA-based implementation of the proposed architecture, which relies on a Commercial Off The Shelf (COTS) programmable hardware board. Finally, we evaluate the system in terms of performance and chip area occupation, and comment the design trade-offs resulting from different levels of parallelism.
Journal of Systems Architecture.
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents a web-based architecture for providing digital time stamping services. Time stamping services are typically divided into schemes which rely on unconditionally trusted Time Stamping Authorities (TSAs) and schemes which do not, namely the so called linking schemes. The proposed architecture relies on a multi-tier structure. The middle-tier exposes digital time stamping functions behind a unified interface. The specific scheme implemented in the back-end (i.e. trusted TSA or linking scheme) is hidden to the clients. Services are made available via Web services technology. We discuss the main issues we had to address, and motivate our implementation choices. A prototype of the proposed architecture has been developed and used for conducting interoperability tests.
-
[show abstract]
[hide abstract]
ABSTRACT: In this paper, we present two alternative architectures for implementing the Rivest–Shamir–Adleman (RSA) algorithm on reconfigurable hardware. Both architectures are innovative, especially with respect to the implementation of modular multiplication. As to the area vs time trade-off, the two solutions are at the extremes of the design-space, since one adopts a word serial approach, while the other has a fully parallel organization. Based on the analysis of these architectures for different values of the serialization factor, we explore the design-space for the field-programmable gate array (FPGA)-based implementation of the RSA algorithm. We systematically analyze and compare the results of the two design processes with respect to two fundamental metrics, namely execution time and FPGA resource usage. We emphasize pros and cons and comment trade-offs of the two design alternatives.
Microprocessors and Microsystems.
