Encryption Transaction with Encryption Transaction with 3DES 3DES Team W2 Team W2 Yervant Dermenjian Yervant Dermenjian (W21) (W21) Taewan Kim Taewan Kim (W22) (W22) Evan Mengstab Evan Mengstab (W23) (W23) Xiaochun Zhu Xiaochun Zhu (W24) (W24) Objective: Objective: To implement To implement a secure credit card a secure credit card transaction using 3DES transaction using 3DES encryption using encryption using Kerberos-style Kerberos-style authentication. authentication. Current Stage: Short Final Presentation Current Stage: Short Final Presentation 04/12/2004 04/12/2004 Design Manager: Rebecca Miller Design Manager: Rebecca Miller
Encryption Transaction with 3DES. Team W2 Yervant Dermenjian (W21) Taewan Kim (W22) Evan Mengstab(W23) Xiaochun Zhu (W24). Objective: To implement a secure credit card transaction using 3DES encryption using Kerberos-style authentication. Design Manager: Rebecca Miller. - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Encryption Transaction with Encryption Transaction with 3DES3DES
Team W2Team W2Yervant DermenjianYervant Dermenjian (W21)(W21)Taewan Kim Taewan Kim (W22)(W22)Evan MengstabEvan Mengstab (W23)(W23)Xiaochun ZhuXiaochun Zhu (W24)(W24)
Objective:Objective: To implement a To implement a secure credit card transaction secure credit card transaction using 3DES encryption using using 3DES encryption using Kerberos-style authentication.Kerberos-style authentication.
Current Stage: Short Final PresentationCurrent Stage: Short Final Presentation 04/12/200404/12/2004
Design Manager: Rebecca MillerDesign Manager: Rebecca Miller
Status UpdateStatus Update
Have not found source of voltage drop on Vdd problemHave not found source of voltage drop on Vdd problem
Debugging AttemptsDebugging Attempts 1) Simulate PC alone with long Vdd & Gnd rails: Works1) Simulate PC alone with long Vdd & Gnd rails: Works 2) Simulate (1) with min sized buffers on input AND output: Works2) Simulate (1) with min sized buffers on input AND output: Works 3) Simulate PCROM alone with long Vdd & Gnd rails: Works3) Simulate PCROM alone with long Vdd & Gnd rails: Works 4) Simulate (3) with min sized buffers on input AND output: Works4) Simulate (3) with min sized buffers on input AND output: Works 5) Simulate PC & PCROM together without resistances: Works5) Simulate PC & PCROM together without resistances: Works 6) Simulate PC & PCROM together with resistances: Doesn't Work6) Simulate PC & PCROM together with resistances: Doesn't Work 7) Remove excess M1 to Gnd contacts in ROM and decoder in (6): 7) Remove excess M1 to Gnd contacts in ROM and decoder in (6):
Doesn't WorkDoesn't Work 8) Do (7) with NWell and contacts along long Vdd rail: Works8) Do (7) with NWell and contacts along long Vdd rail: Works They’re connected by a few microns of wire: Shouldn’t be a problemThey’re connected by a few microns of wire: Shouldn’t be a problem
Workaround: Layed Vdd and Gnd rails everywhere possibleWorkaround: Layed Vdd and Gnd rails everywhere possible
Runs at 150MHzRuns at 150MHz
Project DescriptionProject Description Implement Triple DES Encryption using 0.18μImplement Triple DES Encryption using 0.18μ CMOS technologyCMOS technology
Attain speeds appropriate for application in Automated Teller Machines (200MHz)Attain speeds appropriate for application in Automated Teller Machines (200MHz)
Integrate Encryption into ATM transationIntegrate Encryption into ATM transation
Use Kerberos-style authenticationUse Kerberos-style authentication Encrypt User Information as data using CC# and Pin as KeysEncrypt User Information as data using CC# and Pin as Keys Transaction Authorizer decrypts using CC# and Pin (which they know)Transaction Authorizer decrypts using CC# and Pin (which they know)
Credit Card Number and PIN are never transmitted, but are essential to Credit Card Number and PIN are never transmitted, but are essential to authenticateauthenticate
MarketabilityMarketability
Point-of-sale terminals transmit your name, credit card Point-of-sale terminals transmit your name, credit card number, and expiration dates ‘in the clear.’number, and expiration dates ‘in the clear.’
Credit and charge card fraud costs cardholders and Credit and charge card fraud costs cardholders and issuers hundreds of millions of dollars each yearissuers hundreds of millions of dollars each year
Using Kerberos-style authentication, we transmit Using Kerberos-style authentication, we transmit encrypted information that can be verified by the card encrypted information that can be verified by the card authorizer without actually containing sensitive authorizer without actually containing sensitive information.information.
Uses existing cards and phone networkUses existing cards and phone network
Finalist for the 2001 Advanced Encryption StandardFinalist for the 2001 Advanced Encryption Standard
April 1, 2005 – MasterCard requires all ATMs April 1, 2005 – MasterCard requires all ATMs be 3DES compliantbe 3DES compliant
System IntegrationSystem Integration
Triple DES Compliant
Encrypted Card# + PINEncrypted Card# + PIN
Verified Verified
Unencrypted Card# + PIN
Triple DES Encryption
The 3DES AlgorithmThe 3DES Algorithm OverviewOverview
Block Cipher - acts on a 64-bit block of plaintextBlock Cipher - acts on a 64-bit block of plaintext Converts it into a 64-bit block of cipher text using a 56-bit keyConverts it into a 64-bit block of cipher text using a 56-bit key Specified in FIPS Pub 46-3Specified in FIPS Pub 46-3 Symmetric Key Cipher – encryption & decryption use same keySymmetric Key Cipher – encryption & decryption use same key
DES vs. 3DESDES vs. 3DES 3DES applies 3 stages of DES with a separate key for each stage3DES applies 3 stages of DES with a separate key for each stage Total key length in 3DES is 56 bits x 3 key = 168 bitsTotal key length in 3DES is 56 bits x 3 key = 168 bits
StagesStages Stage 1: Encrypt plaintext with Key 1Stage 1: Encrypt plaintext with Key 1 Stage 2: Decrypt cipher text from Stage 1 with Key 2 (produces Stage 2: Decrypt cipher text from Stage 1 with Key 2 (produces
new cipher text)new cipher text) Stage 2: Encrypt cipher text from Stage 2 with Key 3Stage 2: Encrypt cipher text from Stage 2 with Key 3
All large functional blocks use Metal 1 and Metal 2.
M1
M2
M3
M4
Inpu
t
Mux
Out
put
Program Controlclock 379μm
367μm
Left
Bar
rel S
hift
er 5
6’b
VerifyVerify C SimulationC Simulation BehavioralBehavioral SchematicSchematic LayoutLayout
VerificationVerificationExpected Output :
2f 81 a8 bf 3c 6b df b4
C code Verification
Behavioral VerificationStructural Verification
Spice VerificationSpice Verification
Problems EncounteredProblems Encountered
Spice SimulationSpice Simulation
Vdd Strength drops along conductor wiresVdd Strength drops along conductor wires
No DC path to ground from nodeNo DC path to ground from node
LayoutLayout
Interconnections between components back and forth due Interconnections between components back and forth due to complicated algorithmto complicated algorithm
Permutations take too much spacePermutations take too much space
Input PinsInput Pins 32 Data Pins (used for input text and keys)32 Data Pins (used for input text and keys) 1 Clock Pin1 Clock Pin 1 Reset Pin (asserted high)1 Reset Pin (asserted high) 1 Vdd Pin1 Vdd Pin 1 Ground Pin1 Ground Pin
Output PinsOutput Pins 32 Cipher Text Pins (64’b cipher text delivered over 2 clocks)32 Cipher Text Pins (64’b cipher text delivered over 2 clocks) 1 Valid Output Pin1 Valid Output Pin 1 Get Next Key Pin1 Get Next Key Pin
Total Pin Count: Total Pin Count: 7070 Chip Aspect Ratio:Chip Aspect Ratio: 1.03 1.03 Chip Area: Chip Area: 139093 μm139093 μm22 = 0.139093 mm = 0.139093 mm22
Total Transistor Count: Total Transistor Count: 13,697 (PMOS: 4,324 NMOS: 9,373)13,697 (PMOS: 4,324 NMOS: 9,373) Transistor Density: Transistor Density: 0.09847 transistors/μm0.09847 transistors/μm22 = 10.155 μm = 10.155 μm22/transistor/transistor Operation: Operation: 256’b Input 64’b Output over 54 clock cycles256’b Input 64’b Output over 54 clock cycles Faster Clock Speed: Faster Clock Speed: 150MHz150MHz Total Throughput: Total Throughput: 169.54 Mbits / second169.54 Mbits / second