1 / 18

PBKDF2 Accelerator Design Review

Akshay Sahni, William Ehlhardt, Yicheng Guo. PBKDF2 Accelerator Design Review. Overview. It implements a particular PBKDF in hardware via ASIC to significantly erode the computational cost We would implement PBKDF2 using the HMAC-SHA1 pseudorandom function

hateya
Télécharger la présentation

PBKDF2 Accelerator Design Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Akshay Sahni, William Ehlhardt, Yicheng Guo PBKDF2 AcceleratorDesign Review

  2. Overview • It implements a particular PBKDF in hardware via ASIC to significantly erode the computational cost • We would implement PBKDF2 using the HMAC-SHA1 pseudorandom function • PBKDF2 is a key derivation function that is a part of RSA labs Public-Key Cryptography Standards series. • PBKDF2 applies a pseudorandom function, such as SHA-1 to the input password along with a salt value and repeats the process many times to produce a Derived Key. • Derived Key can then be used as a cryptographic key in subsequent operations. • The added computational work makes password cracking much more difficult, and is known as key stretching.

  3. PBKDF2-HMAC-SHA1 on an ASIC PBKDF2(P, S, c, dkLen) Ko U1 c Host ASIC F(Ko, U1, c) PRF(Ko, data) = HMAC(Ko, data) SHA-1

  4. System Interface I

  5. System Interface II

  6. Flow Chart I

  7. Flow Chart II

  8. Architecture Diagram

  9. Falling Edge Detect Block • The Falling Edge Detect Block will detect any falling edge on the input IE signal • Once a falling edge on IE signal is detected, it will assert GO signal high for one clock cycle. clk PrevBit clk RN_Prevbit GO Output Logic RST_N Register RST_N IE Register RN_PrevBit

  10. Input Shift Register Block • This Block will function as a buffer to receive all 88 bytes of input signals from the 32-bit bidirectional data bus. • As long as the IE signal is high, it will shift 4 bytes of signal on the data bus to other functional blocks in the chip. IE 88 Byte Shit Register BUS_IN K0 32 512 CLK U1 160 RST_N C 32

  11. Output Shift Register Block • This block functions as an output buffer • When it is enabled by the Output Enable(OE)signal, will shift the data onto the 32-bit data bus. SR_LOAD 20 Byte Shit Register ACC 160 BUS_OUT CLK 32 RST_N OE

  12. HashPrep Block • Generates the next 672 bit vector to be hashed HPSTEP XOR OPAD 512 672 K0 HRES 1 HDATA 512 672 512 0 IPAD XOR 672 UI

  13. Hash Block HDATA<671:160> HDATA<159:0> Padding ChunkID 0 1 Round CTR HRES F / K Computation WordExt Stir

  14. Accumulator Block • It keeps track of the following: • Each UI vector • Accumulated xor result of precious ACC signal • New HRES signal GO STATE register Next count logic ACC ACC_STROBE 2 NEXT_STATE 160 160 UI ACC_NXT 160 UI next logic 160 HRES UI_NXT ACC_nxt_logic HRES 160 160 U1 160

  15. Counter Block • Counts the number of inner PRF iterations performed • When iterations equal the required by the input, it asserts CNTDONE • CNTDONE stops the PBKDF2 algorithm GO COUNT COUNT Next count logic register register INCR 32 32 CNTDONE CNTDONE_NXT COUNT Comparator Comparator 32 32 C C 32 32

  16. Control Unit Block • This block functions as a state machine to control the operation by the other blocks on the chip GO Next state logic HRDY OE CNTDONE INCR Output Logic SR_LOAD CLK register HPSTEP ACC_STROBE STATE RESULT_READY NEXTSTATE 4 IDLE 4 HRUN RST_N

  17. Area Budgeting Table Timing Budgeting Table

  18. Questions (and Answers!)

More Related