Final RSA Documentation

-1-
VHDL Implementation of RSA
CHAPTER 1
INTRODUCTION
Data security is an important aspect of data on computer

communication and networks. Now a day, data has no boundary. Due to
networking, data can move from any place to any place at any time. The data
is often corrupted, modified and/or lost. Computer and Network security
research and development have mainly focused on five to six general security
services that encompass the various functions required of an information
security facility.
The following are some security services that are focused in development of
security system.
Confidentiality: Ensure that the information in a computer system and
transmitted information are accessible only for reading by authorized parties.
Authentication: Ensures that the origin of a message or electronic
document is correctly identified, with an assurance that the identity is not
false.
Integrity: Ensures that only authorized parties are able to modify computer
system assets and transmitted information. Modification includes writing ,
changing status, deleting ,etc of transmitted messages.
Non-repudiation: Requires that the access to information resources may be
controlled by or for the target system.
Access control: Requires that the access to information resources may be
controlled by or for the target system.
Our objectives of data security are two folds:
ECE, S.K.T.R.M.C.E
-2-
• To prevent eavesdropping to get access of data.

• In case, data is stolen to make it difficult to understand the stolen data.
These objectives are met through different approaches of data security.
The physical technique of data security is the oldest form of security,
and is used in telephone lines. Data shall be safe, if computing equipment and
lines are all physical protected.
In data communication among computers, however, this technique is
hardly used. Instead, logical techniques are employed. These techniques
include coding methods, spread spectrum, encryption or cryptography and
digital signature.
1.1 CRYPTOGRAPHY
Cryptography, defined as "the science and study of secret writing"

concerns the ways in which communications and data can be encoded to
prevent disclosure of their contents through eavesdropping or message
interception, using codes, ciphers and other methods, so that only certain
people can see the real message. Cryptanalysis is the study of how to
compromise (defeat) cryptographic mechanisms, and cryptology is discipline
of cryptography and cryptanalysis combined. To most people, cryptography is
concerned with keeping communication private. Indeed, the protection of
sensitive communications has been the emphasis of cryptography throughout
much of its only one part of today’s cryptography.
Cryptographic systems are characterised along three independent dimensions:
ECE, S.K.T.R.M.C.E
-3-
1) The type of operations used for transforming plaintext to ciphertext: All

encryption algorithms are based on two general principles: substitution, in
which each element in the plaintext (bit, letter, group of bits or letters) is
mapped in to another element, and transposition, in which elements in the
plaintext are rearranged. The fundamental requirement is that no information
be lost (that is, that all operations are reversible). Most systems, referred to as
product systems, involve multiple stages of substitutions and transpositions.
2) The number of keys used: If both sender and receiver use the same key, the
system is referred to as symmetric, single-key, secret-key, or conventional
encryption. If the sender and receiver each uses a different key, the system is
referred to as asymmetric, two-key, or public-key encryption.
3) The way in which the plaintext is processed: A block cipher processes

the input one block of elements at a time, producing an output block for each
input block. A stream cipher processes the input elementscontinuously,
producing output one element at a time, as it goes along.
Encryption is the transformation of data into a form that is impossible

to read without the appropriate knowledge. Its purpose is to ensure privacy by
keeping
Information hidden from anyone for whom it is not intended, even

those who have access to the encrypted data.
Decryption is the reverse of encryption; it is the transformation of

encrypted data back into an intelligible form.
ECE, S.K.T.R.M.C.E
-4-
Encryption and Decryption generally requires the use of some

secret information, referred to as a key. For some encryption mechanism, the
same key is used for both encryption and decryption; for other mechanism,
the keys used for encryption and decryptions are different. Today’s
cryptography is more than encryption and decryption.
While modern cryptography is growing increasingly diverse,

cryptography is fundamentally based on problems that are difficult to solve. A
problem may be difficult because its solution requires some secret knowledge,
such as decrypting and encrypted message or signing some digital document.
1.2 IMPORTANCE OF CRYPTOGRAPHY
Cryptography allows people to carry over the confidence found in the

physical world to the electronic world, thus allowing people to do business
electronically without worries of deceit and deception. Everyday hundreds of
thousands of people interact electronically, whether it is though e-mail, e-
commerce (business conducted over the Internet), ATM machines, or cellular
phones. The perpetual increase of information transmitted electronically has
lead to an increased reliance on cryptography. As seen, cryptography is
widely used.
Not only is it used over the Internet, but also it is used in phones,
televisions, and a variety of other common household items. Without
cryptography, hackers could get into out e-mail, listen in on our phone
conversations, tap into our cable companies and acquire free cable service, or
break into our bank/brokerage accounts.
ECE, S.K.T.R.M.C.E
-5-
1.3 CRYPTOGRAPHY APPLICATIONS
Cryptography is extremely useful; there is a multitude of applications,

many of which are currently in use. A typical application of cryptography is a
system built out of the more simple applications are secure communication,
identification authentication, and secret sharing. More complicated
application includes systems for electronic commerce, certification, secure
electronic mail, key recovery and secure computer access.
In general, the less complex the application, the more quickly it

becomes a reality. Identification and authentication schemes exist widely,
while electronic commerce systems are just beginning to be established.
However, there are exceptions to this rule.
Namely, the adoption rate may depend on the level of demand. For
example, SSL-encapsulated HTTP gained a lot more usage much more
quickly than simpler link-layer encryption has ever achieved. The adoption
rate may depend on the level of demand.
• Secure communication:
Secure communication is the most straight forward use of

cryptography. Two people may communicate securely by encrypting the
message sent between them. This can be done in such a way that a third
party eavesdropping may never be able to decipher the messages. While
secure communication has existed for centuries, the key management
problem has prevented it from becoming commonplace.
ECE, S.K.T.R.M.C.E
-6-
• Identification and Authentication:
Identification and authentication are two widely used

applications of cryptography. Identification is the process of verifying
someone’s or something‘s identify. For example, when withdrawing
money from a bank, teller asks to see identification to verity the identity of
the owner of the account. This process can be done electronically using
cryptography.
Every automatic teller machine (ATM) card is associated with a

secret personal identification number (PIN), which binds the owner to the
card and thus to the account. When the card is inserted into the ATM, the
machine prompts the cardholder for the PIN. If the correct PIN is entered,
the machine identifies the person as the rightful owner and grants access.
Authentication is similar to identification, in that both allow an

entity access to resources such as Internet account, but authentication is
broader because it does not necessarily involve identifying a person or
entity. Authentication merely determines whether that person or entity is
authorized for whatever is in question.
• Electronic commerce :
Over the past few years there has been a growing amount of business
conducted over the Internet. This form of business is called electronic
commerce or E-Commerce. E-Commerce is comprised of online banking,
online brokerage accounts, and Internet shopping, to name a few of the many
applications. One can book plane tickets, make hotel reservations, rent a car,
ECE, S.K.T.R.M.C.E
-7-
transfer money from one account to another, buy cloths, books and so on all
while sitting in front of a computer. However, simply entering a credit card
number on the Internet leaves one open to fraud. One cryptographic solution
to this problem is to encrypt the credit card number or other private
information when it is entered online; another is to secure the entire session.
When a computer encrypts this information and sends it out on the Internet, it
is incomprehensible to a third party viewer. The web server or Internet
shopping center receives the encrypted information, decrypts is, and proceeds
with the sale without fear that the credit card number or other personal
information slipped into the wrong hands. As more and more business is
conducted over the Internet, the need for protection against, fraud, theft and
corruption of vital information increases.
• Key Recovery:
Key recovery is a technology that allows a key to reveal under

certain circumstances without the owner of a key revealing it. This is
useful to two main reasons:
First of all, if a user loses or accidentally deletes his or her key, key
recovery could prevent a disaster.
Secondly, if a law enforcement agency wishers to eavesdrop on a

suspected criminal, without the suspect‘s knowledge, the agency must be
able to recover the key.
ECE, S.K.T.R.M.C.E
-8-
Key recovery techniques are in use in some instances; however the use of
key recovery as a law enforcement technique is somewhat controversial.
• Other Applications:
Cryptography is not confined to the world of computers.

Cryptography is also used in cellular/mobile phones as a means of
authentication; that is , it can be used to verity that a particular phone has
the right to bill to a particular phone number. This prevents people from
sealing or cloning cellular phone numbers and access codes. Another
application is to protect phone calls from eavesdropping using voice
encryption.
1.4 KEY BASED CRYTOGRAPHY
Currently, most cryptography used in practice is key based, that is a

string of bits, that is used to encode the plain text into cipher text and back
again to plain text when required. Two types of key based cryptography exist,
based on the availability of the key publicly:
• In Private key Cryptography, both the sender and the recipient share
a key that must be kept private. In order to communicate with each other, the
key must be passed between the two; this process is known as the key
distribution and is quite complicated and difficult to do properly. The most
famous example of this type of cryptography is the Data Encryption Standard
ECE, S.K.T.R.M.C.E
-9-
(DES), other examples include Triple DES, RC2, RC4 IDEA and Skipjack.
This is also known as symmetric cryptography.
• While in Public Key Cryptography, each party has two sets of keys,
one key is published to the public, called the Public Key, while the other is
kept secret and only known by the owner, the Private Key. Anyone wishing
to communicate with a certain party securely will encrypt the communicated
data with the recipient's public key which is available and on the other side
only the party that holds the matching private key can decrypt the cipher
text. Example Public key algorithms: Diffie-Hellman, RSA and Merkle-
Hellman.
The public key system eliminates the key distribution process that
hampers all private key systems since there is no need to communicate
secret keys among communicating parties.
CHAPTER 2
ENCRYPTION AND DECRYTION SYSTEM
The most important automated tool for network and communications

security is encryption.
ECE, S.K.T.R.M.C.E
- 10 -
SENDER RECIPIENT
M S M S M M
E E E E E E
S C S C S S
S T U S INFORMATION CHANNEL U S S
A R A R A A
G E G E G G
E E E E
SECRET SECRET
INFORMATION INFORMATION
(KEY) (KEY)
-- ALGORITHM
SECURITY RELATED TRANSFORMATION
Fig. 2.1: MODEL FOR NETWORK SECURITY
There are two forms of encryption in common use.

1) Conventional or symmetric encryption.
2) public-key or asymmetric encryption.
The detailed description of both forms of encryption is given below.
2.1 CONVENTIONAL / SYMMETRIC ENCRYTION
ECE, S.K.T.R.M.C.E
- 11 -
Symmetric encryption also referred to as conventional encryption or

single-key encryption was the only type of encryption in use prior to the
development of public-key encryption. It remains by far the most widely used
of the two types of encryption.
Symmetric cipher model
A symmetric encryption scheme has five ingredients. They are
Plain text: This is the original intelligible message or data that is fed into the
algorithm as input.
Encryption algorithm: The encryption algorithm performs various substitutions
and transformations on the plaintext.
Secret key: The secret key is also input to the encryption algorithm. The key is
a value independent of the plaintext . The algorithm will produce a different
output depending on the specific key being used at the time. The exact
substitutions and transformations performed by the algorithm depend on the
key.
ECE, S.K.T.R.M.C.E
- 12 -
TRUSTED THIRD PARTY

(e.g. DISTRIBUTER OF SECRET KEY)
SENDER C C RECIPIENT
I I P
P P P L
L
A
H H A
E E I
I
INFORMATION CHANNEL N
N R R
T
T T T E
E
X
E E X
X X T
T
T T
SECRET KEY SECRET KEY

SHARED BY SHARED BY
SENDER AND SENDER AND
RECIPIENT RECPIENT
--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. DES)
Fig. 2.2: MODEL OF SYMMETRIC ENCRYPTION SCHEME
The above figure enables us to take a closer look at the essential elements
of a symmetric encryption scheme.
Cipher text: This is the scrambled message produced as output. It depends on
the plaintext and the secret key. For a given message, two different keys will
ECE, S.K.T.R.M.C.E
- 13 -
produce two different cipher texts. The cipher text is an apparently random
stream of data and, as it stands, is unintelligible.
Decryption algorithm: This is essentially the encryption algorithm run in
reverse. It takes the cipher text and the secret key and produces the original
plaintext.
There are two requirements for secure use of conventional encryption:

1) We need a strong encryption algorithm. At a minimum, we would like the
algorithm to be such that an opponent who knows the algorithm and has access
to one or more cipher texts would be unable to decipher the cipher text or
figure out the key. This requirement is usually stated in a stronger form: The
opponent should be unable to decrypt cipher text or discover the key even if he
or she is in possession of a number of cipher texts together with the plain text
that produced each cipher text.
2) Sender and receiver must have obtained copies of the secret key in a secure
fashion and must keep the key secure. If someone can discover the key and
knows the algorithm, all communication using this key is readable.
2.2 CRYPTANALYSIS
ECE, S.K.T.R.M.C.E
- 14 -
There are two general approaches to attacking an encryption scheme:

Cryptanalysis: cryptanalytic attacks rely on the nature of the algorithm plus
perhaps some knowledge of the general characteristics of the plaintext or even
some sample plaintext-cipher text pairs. This type of attack exploits the
characteristics of the algorithm to attempt to deduce a specific plaintext or to
deduce the key being used. If the attack succeeds in deducing the key, the
effect is catastrophic: All future and past messages encrypted with that key are
compromised.
Brute-force attack: The attacker tries every possible key on a piece of cipher
text until an intelligible translation into plaintext is obtained. On an average,
half of all possible keys must be tried to achieve success.
We first consider cryptanalysis and then discuss brute-force attacks.
ECE, S.K.T.R.M.C.E
- 15 -
Table 2.1 Types of Attacks on Encrypted Messages

Type of attack Known to cryptanalyst
Cipher text only • Encryption algorithm

• Cipher text to be decoded
• Encryption algorithm
Known plain text • Cipher text to be decoded
• One or more pairs of plain text cipher text
formed with the secret key
Chosen plain text • Cipher text to be decoded
• Purported cipher text chosen by cryptanalyst,
together with its corresponding decrypted
plaintext generated with the secret key.
• Cipher text to be decoded
Chosen cipher
text • Plain text message chosen by the cryptanalyst
together with its corresponding cipher text
generated with the secret key.
• Purported cipher text chosen by cryptanalyst,
ECE, S.K.T.R.M.C.E
- 16 -
together with its corresponding decrypted

plaintext generated with the secret key.
The above table summarizes the various types of cryptanalytic

attacks, based on the amount of information known to the cryptanalyst. The
most difficult problem is presented when all that is available is the cipher text
only. In some cases, not even the encryption algorithm is known, but in general
we can assume that the opponent does know the algorithm used for encryption.
One possible attack under these circumstances is the brute-force approach of
trying all possible keys. If the key space is very large, this becomes
impractical. Thus, the opponent must rely on an analysis of the cipher text
itself, generally applying various statistical tests to it. To use this approach, the
opponent must have some general idea of the type of plaintext that is
concealed, such as English or French text, a windows EXE file, a java source
listing, an accounting file, and so on.
The cipher text-only attack is the easiest to defend against because the
opponent has the least amount of information to work with. In many cases,
however, the analyst has more information. The analyst may be able to capture
one or more plaintext messages as well as their encryptions. Or the analyst may
know that certain plaintext patterns will appear in a message. For example, a
file that is encoded in the postscript format always begins with the same
pattern, or there may be a standardized header or banner to an electronic funds
transfer message, and so on. All these are examples of known plaintext. With
ECE, S.K.T.R.M.C.E
- 17 -
this knowledge, the analyst may be able to deduce the key on the basis of the
way in which the known plaintext is transformed.
Closely related to the known-plaintext attack is what might be referred to
as a probable-word attack. If the opponent is working with the encryption of
some general prose message, he or she may have little knowledge of what is in
the message. However if the opponent is after some very specific information,
then parts of the message may be known. For example, if an entire accounting
file is being transmitted, the opponent may know the placement of certain
keywords in the header of the file. As another example, the source code for a
program developed by corporation X might be including a copyright statement
in some standardized position.
If the analyst is able somehow to get the source system to insert in to the
system a message chosen by the analyst, then a chosen-plaintext attack is
possible. An example of this strategy is differential cryptanalysis, which is
studied later. In general, if the analyst is able to choose the messages to
encrypt, the analyst may deliberately pick patterns that can be expected to
reveal the structure of the key.
The earlier table lists two other types of attack: chosen cipher text and chosen
text. These are less commonly employed as cryptanalytic techniques but are
nevertheless possible avenues of attack.
Only relatively weak algorithms fail to withstand a cipher text-only
attack. Generally, an encryption algorithm is designed to withstand a known-
plaintext attack.
Two more definitions are worthy of note. An encryption scheme is
unconditionally secure if the cipher text generated by the scheme does not
contain enough information to determine uniquely the corresponding plaintext,
ECE, S.K.T.R.M.C.E
- 18 -
no matter how much cipher text is available. That is, no matter how much time
an opponent has, it is impossible for him or her to decrypt the cipher text,
simply because the required information is not there. With the exception of a
scheme known as the one-time pad (described later), there is no encryption
algorithm that is unconditionally secure. Therefore, all that the users of an
encryption algorithm can strive for is an algorithm that meets one or both of the
following criteria:
The cost of breaking the cipher exceeds the value of the encrypted information.
The time required to break the cipher exceeds the useful life time of the
information.
An encryption scheme is said to be computationally secure if the
foregoing two criteria are met. The rub is that it is very difficult to estimate the
amount of effort required to crypt analyze cipher text successfully.
As a first cut, we can consider the time required to use a brute-force
approach, which simply involves trying every possible key until an intelligible
translation of the cipher text into plaintext is obtained. On average half of all
possible keys must be tried to achieve success.
2.3 PUBLIC-KEY/ ASYMMETRIC ENCRYPTION

For practical reasons, it is desirable to use different encryption and
decryption keys in a crypto-system. Such asymmetric systems allow the
encryption key to be made available to anyone while preserving confidence
that only people who hold the decryption key can decipher the information.
After symmetric encryption, the other major form of encryption is
public-key encryption or asymmetric encryption, which has revolutionized
ECE, S.K.T.R.M.C.E
- 19 -
communications security. A related cryptographic area is that of cryptographic

hash functions. Hash functions are used in conjunction with asymmetric
ciphers for digital signatures. In addition, hash functions are used for message
authentication. Asymmetric ciphers are also used for key management.
The development of public-key cryptography is the greatest and perhaps
the only true revolution in the entire history of cryptography. From its earliest
beginnings to modern times, virtually all cryptographic systems have been
based on the elementary tools of substitution and permutation. After millennia
of working with algorithms that could essentially be calculated by hand, a
major advance in symmetric cryptography occurred with the development of
the rotor encryption/decryption machine. The electromechanical rotor enabled
the development of fiendishly complex cipher systems. With the availability of
computers, even more complex systems were devised, the most prominent of
which was the Lucifer effort at IBM that culminated in the Data Encryption
Standard (DES). But both rotor machines and DES, although representing
significant advances, still relied on the bread-and-butter tools of substitution
and permutation.
Public-key cryptography provides a radical departure from all that has

gone before. For one thing, public-key algorithms are based on mathematical
functions rather than on substitution and permutation. More important, public-
key cryptography is asymmetric, involving the use of two separate keys, in
contrast to symmetric encryption, which uses only one key. The use of two
keys has profound consequences in the areas of confidentiality, key distribution
and authentication.
ECE, S.K.T.R.M.C.E
- 20 -
2.3.1 PRINCIPLES OF PUBLIC-KEY CRYPTOSYSTEMS

The concept of public-key cryptography evolved from an attempt to
attack two of the most difficult problems associated with symmetric
encryption. The two problems are:
1) Problem of key distribution.
2) Problem of digital signatures.
A brief description of both the problems is given below:

Problem of key distribution: key distribution under symmetric encryption
requires either
1) that two communicants already share a key, which somehow has been
distributed to them; or
2) the use of a key distribution center. Whitfield Diffie, one of the discoverers
of public-key encryption (along with Martin Hellman, both at Stanford
University), reasoned that this second requirement negated the very essence of
cryptography: the ability to maintain total secrecy over your own
communication. As Diffie said, "what good would it do after all to develop
impenetrable cryptosystems, if their users were forced to share their keys with
a KDC that could be compromised by either burglary or subpoena?"
Problem of digital signatures: The problem that Diffie pondered, and that
was apparently unrelated to the first was that of "digital signatures." If the use
of cryptography was to become widespread, not just in military situations but
for commercial and private purposes, then electronic messages and documents
would need the equivalent of signatures used in paper documents. That is,
could a method be devised that would stipulate, to the satisfaction of all parties,
ECE, S.K.T.R.M.C.E
- 21 -
that a digital message had been sent by a particular person? This is a somewhat
broader requirement than that of authentication, and its characteristics and
ramifications are explored in the next sections.
In order to solve the key management problem, Whitfield Diffie

and Martin Hellman introduced the concept of public-key cryptography in
1976.
ECE, S.K.T.R.M.C.E
- 22 -
2.3.2 PUBLIC KEY CRYPTOSYSTEM
Public-key algorithms rely on one key for encryption and a different but
related key for decryption. These algorithms have the following important
characteristics:
(1) It is computationally infeasible to determine the decryption key given only
the knowledge of the encryption key.
(2) Either of the two related keys can be used for encryption, with the other
used for decryption.
Asymmetric cipher model

A Public-key encryption scheme has six ingredients
Plaintext: This is the readable message or data that is fed into the algorithm as
input.
Encryption algorithm: The encryption algorithm performs various
transformations on plain text.
Public and private key: This is a pair of keys that have been selected so that if
one is used for encryption, the other is used for decryption. The exact
transformations performed by the encryption algorithm depend on the public or
private key that is provided as input.
Cipher text: This is the scrambled message produced as output. It depends on
the plaintext. For a given message, two different keys will produce two
different messages.
ECE, S.K.T.R.M.C.E
- 23 -
Decryption algorithm: This algorithm accepts the cipher text and the matching
key and produces the original plaintext.
SENDER C C RECIPIENT
I I P
P P P L
L
A
H H A
E E I
I
N R R
T
T T T E
E
X
E E X
X X T
T
T T
PUBLIC KEY PRIVATE KEY
--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. RSA)
Fig. 2.3: MODEL OF PUBLIC –KEY ENCRYPTION SCHEME
ECE, S.K.T.R.M.C.E
- 24 -
2.3.2.1 ENCRYPTION:
ESSENTIAL STEPS:
 Each user generates a pair of keys to be used for the encryption and
decryption of the message
 Each user places one of the two keys in a public register or other
accessible files. This is a public key. The companion key is kept private.
 If a person ‘A’ wishes to send a confidential matter to the second person
‘B’ the first person will encrypt the data by the B's public key.
 When ‘B’ receives the message, he decrypts it using his private key. No
other person could be able to decrypt the message until and unless the
any other person knows the B's private key.
There is some source A that produces a message in plaintext,

X=[X1, X2, X3.......XM].
The M elements of X are letters in some finite alphabet.
The message is intended for destination B.
• B generates a related pair of keys; a public key, Kub and a private key,
Krb.
• Only B knows Krb, whereas Kub is publicly available and therefore
accessible by A.
• With the message X and the encryption key Kub as input , A forms the
cipher text
Y = E Kub(X). (ENCRYPTION)
ECE, S.K.T.R.M.C.E
- 25 -
• The intended receiver ,in possession of the matching private key ,is able to
invert the transformation:
X = D Krb(Y). (DECRYPTION)
Fig. 2.4: ENCRYPTION USING PUBLIC KEY CRYPTOGRAPHY
SENDER RECIPIENT
(A) (B)
C C
I I P
P P P L
L
A
H H A
E E I
I
N R R
T
T T T E
E
X
E E X
X X T
T
T T
B’S
B’S
PUBLIC KEY
PRIVATE KEY
--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. RSA)
ECE, S.K.T.R.M.C.E
- 26 -
2.3.2.2. AUTHENTICATION:
ESSENTIAL STEPS:
 In this case, A prepares a message to B and encrypts it using A’s private

key before transmitting it. B can decrypt the message using A’s public key.
Fig. 2.5 AUTHENTICATION USING PUBLIC KEY CRYPTOGRAPHY
SENDER RECIPIENT
(A) (B)
C C
I I P
P P P L
L
A
H H A
E E I
I
N R R
T
T T T E
E
X
E E X
X X T
T
T T
A’S
A’S
PRIVATE KEY
PUBLIC KEY
---ENCRYPTION / DECRYPTION ALGORITHM (e.g. RSA)

--- ENCRPYPTION/ DECRYPTION e.g. RSA
 Because the message was encrypted using A’s private key , only A could
have prepared the message. Therefore, the entire encrypted message serves
as a digital signature.
ECE, S.K.T.R.M.C.E
- 27 -
 Moreover, it is impossible to alter the message without access to A’s private
key, so the message is authenticated both in terms of source and data

integrity
2.3.5 AUTHENTICATION AND SECRECY:
In order to provide the authentication, confidentiality and signature there is an

enhanced cipher system which is shown in the following diagram
The emergence of public key systems has introduced the concept of digital
signature. A sample digital signature scenario goes as follows:
ESSTENTAL STEPS:
 (A) Encrypts the data to be signed with his/her private key.

 then encrypts the result from (1) with (B)'s public key and sends it
to (B).
 (B) decrypts the incoming data with his/her private key and then decrypts
the result with (A)'s public key.
 If the initial data is obtained then this will authenticate the data and the
sender.
ECE, S.K.T.R.M.C.E
- 28 -
Fig. 2.6 DIGITAL SIGNATURE USING PUBLIC KEY CRYPTOSYSTEM

source A Source B
D D
I I
G C G
C
I I I
T I T
P P
A P A
L H P
A L H L
L E L L
I E A
Y R Y
N R I
S S N
T T
I T I
E E T
X G E G
N X N E
T X X
E T E
T T
D D
D D
A A
T T
A A
Information
A’s Private B’s Public
Channel
Key (kra) Key (kub) B’s Private A’s Public
Key (krb) Key (kua)
KEY
KEY PAIR
PAIR SOURCE
SOURCE
Encryption/Decryption Algorithm
ECE, S.K.T.R.M.C.E
- 29 -
So by above three models, we can say that public-key algorithm can

overcome two problems of the data security faced by conventional systems
which are confidentiality and authentication.
2.3.6 APPLICATIONS FOR PUBLIC KEY CRYPTTOSYSTEMS
Public key systems are characterized by the use of a cryptographic

type of algorithm with two keys, one held private and one available publicly.
Depending on the application , the sender uses either the sender’s private key
or the receiver’s public key .or both . To perform some type of cryptographic
function. In broad terms, we can classify the use of public-key cryptosystems
into three categories:
• ENCRYPTION / DECRYPTION : The sender encrypts a message with

the recipient’s public key.
• DIGITAL SIGNATURE : The sender “signs” a message with its private

key .Signing is achieved by a cryptographic algorithm applied to to the
message or to a small block of data that is a function of the message .
• Key exchange: Two sides cooperate to exchange a session key .Several

different approaches are possible ,involving the private key(s) of one or
both parties.
Some public- key algorithms are suitable for all three applications , whereas
others can be used only for one or two of these applications
ECE, S.K.T.R.M.C.E
- 30 -
Algorithm Encryption/Decryption Digital Signature Key exchange

RSA Yes Yes Yes
Elliptic Yes Yes Yes
curve
Diffie- No No Yes
Hellman
DSS No Yes No
Table 2.2 Applications for public-key cryptosystems
ECE, S.K.T.R.M.C.E
- 31 -
2.4 RSA ALGORITHM:
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len
Adleman, who invented it in 1977. The basic technique was first discovered in
1973 by Clifford Cocks but this was a secret until 1997.
The RSA algorithm can be used for both public key encryption and
digital signatures. Its security is based on the difficulty of factoring large
integers.
The RSA Algorithm makes use of an expression with exponentials.
Plain text is encrypted in blocks with each block having a binary value less
than some numbers n. that is, the block size must be less than or equal to
k k k +1
log 2 (n) , in practice, the block size is 2 bits, where 2 <n≤2
e
C =M mod n
d
= C mod n = (M e) mod n = M
e ed
M mod n
Both sender and receiver must know the value of n. the sender knows the value
of e, and only the receiver knows the value of d.
Thus, this is a public-key encryption algorithm with a public key of
Ku = {e, n} and a private key of Kr = {d, n}. For the algorithm to be
satisfactory for public key encryption the following requirements must be met.
ed
1. It is possible to find values of e, d, n such that M =M mod n for all
M< n.
e d
2. It is relatively easy to calculate M and C for all values of M<n.
3. It is infeasible to determine d given e and n.
ECE, S.K.T.R.M.C.E
- 32 -
Given two prime numbers, p and q, and two integers, n and m. such that n=p*q
and 0<m<n and arbitrary integer k, the following relationship holds
kφ ( n ) +1 k ( p −1)( q −1) +1
m =m ≡ m mod n
Where φ (n) is the Euler Totient function, which is the number of

positive integers less than n and relatively prime to n. For p, q prime
φ ( p, q ) = ( p − 1)(q − 1) . We achieve the desired relationship if ed = kφ (n) + 1 then
ed = 1 mod φ (n)
d = e −1 mod φ (n)
i.e., e and d are multiplicative inverses of mod φ (n) .

As per the modular arithmetic this true if d (and therefore e) is relatively prime
to φ (n) . Equivalently gcd(φ (n),d ) = 1.
Thus for RSA scheme

p, q two prime numbers (Private, chosen)
n=p*q (Public, calculated)
e with gcd(φ (n), e) = 1;1 < e < φ (n) (Public, chosen)
d = e −1 modφ (n) (Private, calculated);
The private key consists of {d, n} and public key consists of {e, n}. Suppose
that user A has published its public key and the user B wishes to send the
message M to A., then B calculates C = M e mod n and transmits C. On receipt of
this cipher text, user A decrypts by calculates M = C d mod n . The algorithm for
computing ab mod n , b is represented in binary.
ECE, S.K.T.R.M.C.E
- 33 -
Key Generation :
1. Generate two large random primes, p and q, of approximately equal size
such that their product n = p*q is of the required bit length, e.g. 1024
bits. [See note 1].
2. Compute n = p*q and (φ) phi = (p-1)*(q-1).
3. Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1. [See note 2].
4. Compute the secret exponent d, 1 < d < phi, such that
ed ≡ 1 (mod phi). [See note 3].
5. The public key is (n, e) and the private key is (n, d). The values of p, q,
and phi should also be kept secret.
• n is known as the modulus.

• e is known as the public exponent or encryption exponent.
• d is known as the secret exponent or decryption exponent.
a)Encryption:
The encryption is carried out as;
Sender does the following:-
1. Obtains the recipient's public key (n, e).

2. Represents the plaintext message as a positive integer m < n.
3. Computes the cipher text c = mê mod n.
4. Sends the cipher text c to recipient.
ECE, S.K.T.R.M.C.E
- 34 -
b)Decryption
Recipient does the following:-
1. Uses his private key (n, d) to compute m = c^d mod n.
2. Extracts the plaintext from the integer representative m.
Summary of RSA:
• n = p*q where p and q are distinct primes.

• phi, φ = (p-1)*(q-1)
• e < n such that gcd(e, phi)=1
• d = e^-1 mod phi.
• c = mê mod n.
• m = c^d mod n.
2.4.1 Implementation of RSA algorithm:

This is an example that explains the RSA algorithm.
1. Select primes p=11, q=3.

2. n = p*q = 11*3 = 33
phi = (p-1)*(q-1) = 10*2 = 20
3. Choose e=3
Check gcd(e, p-1) = gcd(3, 10) = 1 (i.e. 3 and 10 have no common
factors except 1),
and check gcd(e, q-1) = gcd(3, 2) = 1
therefore gcd(e, phi) = gcd(e, (p-1)(q-1)) = gcd(3, 20) = 1
4. Compute d such that ed ≡ 1 (mod phi)
ECE, S.K.T.R.M.C.E
- 35 -
i.e. compute d = e^-1 mod phi = ^-1 mod 20
i.e. find a value for d such that phi divides (ed-1) i.e. find d such that 20
divides 3d-1. Simple testing (d = 1, 2, ...) gives d = 7 Check: ed-1 = 3.7 - 1
= 20, which is divisible by phi.
5. Public key = (n, e) = (33, 3)

Private key = (n, d) = (33, 7).
This is least possible value for the modulus n for which the RSA algorithm
works.
Now say we want to encrypt the message m=7 c=mê mod n = 7^3 mod 33 = 343
mod 33=13. Hence the cipher text c = 13.
To check decryption we compute m' = c^d mod n = 13^7 mod 33 = 7.
Note that we don't have to calculate the full value of 13 to the power 7 here.
We can make use of the fact that
a = (b*c) mod n = (b mod n)*(c mod n) mod n
so we can break down a potentially large number into its components and
combine the results of easier, smaller calculations to calculate the final value.
One way of calculating m' is as follows: -
m' = 13^7 mod 33
= 13^(3+3+1) mod 33
ECE, S.K.T.R.M.C.E
- 36 -
= (13^3*13^3*13) mod 33
= (13^3 mod 33)* (13^3 mod 33)* (13 mod33) mod 33
= (2197mod33)* (2197mod33)* (13mod33) mod 33
= (19*19*13) mod33
= 4693 mod 33
=7.
2.4.2 The security of RSA

Three possible approaches to attacking the RSA algorithm are as follows:
• Brute force: This involves trying all possible private keys.
• Mathematical attacks: There are several approaches, all equivalent in effect
to factoring the product of two primes.
• Timing attack: These depend on the running time of the decryption
algorithm .
The defense against the brute-force approach is the same for RSA as for other
cryptosystems, namely, use a large key space. Thus, the larger the number of
bits in e and d, the better. However, because the calculations involved, both in
key generation and in encryption /decryption, are complex, the larger the size
of the key, the slower the system will run.
The Factoring Problem
We can identify three approaches to attacking RSA mathematically:
• Factor n into its two prime factors. This enables calculation of
ECE, S.K.T.R.M.C.E
- 37 -
f(n) = (p - 1) * (q - 1), which, in turn, enables determination of

d = e^-1 (mod f(n)).
• Determine f(n) directly, without first determining p and q. Again, this
enables determination of d = e^-1 (mod f(n)).
• Determine d directly, without first determining f(n).
In addition to specifying the size of n, a number of other constraints have

been suggested by researchers. To avoid values of n that may be factored more
easily, the algorithm’s inventors suggest the following constraints on p and q:
1. P and q should differ in length by only a few digits. Thus, for a 1024-bit key
(309 decimal digits), both p and q should be on the order of magnitude of
10^75 t0 10^100.
2. Both (p - 1) and (q - 1) should contain a large prime factor.
3. gcd (p - 1, q - 1) should be small.
In addition, it has been demonstrated that if e < n and d < n^¼, then d can be
easily determined.
Timing Attacks
If one needed yet another lesson about how difficult it is to assess the security
of a cryptographic algorithm, the appearance of timing attacks provides a
stunning one. Paul Kocher, a cryptographic consultant, demonstrated that a
snooper can determine a private key by keeping track of how long a computer
takes to decipher messages. Timing attacks are applicable not just to RSA, but
to other public-key cryptography systems. The attack is alarming for two
reasons: It comes from a completely unexpected direction and it is a cipher
text-only attack.
A timing attack is somewhat analogous to a burglar guessing the
ECE, S.K.T.R.M.C.E
- 38 -
combination of a safe by observing how long it takes for some one to turn the
dial from number to number. The attack can be explained using the modular
exponentiation algorithm, but the attack can be adapted to work with any
implementation that does not run in fixed time. In this algorithm, modular
exponentiation is accomplished bit by bit, with one modular multiplication
performed at each iteration and an additional modular multiplication performed
for each 1 bit.
As Kocher points out in his paper, the attack is simplest to
understand in an extreme case. Suppose the target system uses a modular
multiplication function that is very fast in almost all cases but in a few cases
takes much more time than an entire average modular exponentiation. The
attack proceeds bit by bit starting with the leftmost bit, bk. Suppose that the
first j bits are known ( to obtain the entire exponent, start with j = 0 and repeat
the attack until the entire exponent is known ). For a given cipher text, the
attacker can complete the first j iterations of the for loop. The operation of the
subsequent step depends on the unknown exponent bit. If the bit is set, d ¬(d *
a ) mod n will be executed. For a few values of a and d, the modular
multiplication will be extremely slow, and the attacker knows which these are.
Therefore, if the observed time to execute the decryption algorithms is always
slow when this particular iteration is slow with a 1 bit, then this bit is assumed
to be 1. If a number of observed execution times for the entire algorithm are
fast, then this bit is assumed to be 0.
In practice, modular exponentiation implementations do not involve
such extreme time variations, in which the execution time of a single iteration
can exceed the mean execution time of the entire algorithm. Nevertheless, there
is enough variation to make this attack practical.
ECE, S.K.T.R.M.C.E
- 39 -
Although the timing attack is a serious threat, there are simple

counter measures that can be used, including the following:
• Constant exponentiation time: Ensure that all exponentiations take the same
amount of time before returning a result. This is a simple fix but does
degrade performance.
• Random delay: Better performance could be achieved by adding a random
delay to the exponentiation algorithm to confuse the timing attack. Kocher
points out that if defenders do not add enough noise, attackers could still
succeed by collecting additional measurements to compensate for the
random delays.
• Blinding: Multiply the cipher text by a random number before performing
exponentiation. This process prevents the attacker from knowing what
cipher text bits are being processed inside the computer and therefore
prevents the bit-by-bit analysis essential to the timing attack.
2.4.3 Applications of RSA:
RSA encryption / decryption algorithm finds application in areas as
• Electronic mail
• Electronic funds transfer
• Electronic data interchange
• Software distribution
• Data storage
ECE, S.K.T.R.M.C.E
- 40 -
• Applications that require data integrity, assurance and data origin

authentication.
ECE, S.K.T.R.M.C.E
- 41 -
CHAPTER 3
LANGUAGE OVERVIEW
3.1 DIGITAL SYSTEM DESIGN PROCESS
Figure 3.1 shows a typical process for the design of a digital system.
Specification
Analysis
s
HDL(VHDL)
RTL Coding
Simulation Wave forms
Synthesis
Gate Level Net list
Timing Analysis
Implementation FPGA
Fig.3.1 A Digital System Design Process
Analysis:
The first step in a high level design is the analysis of the system to be
designed. The process involved the specifying the behavior expected of the
design. The designer puts enough detail into the specification so that the design
can be built.
ECE, S.K.T.R.M.C.E
- 42 -
RTL coding:
After the specification has been completed, the design or the designer can
begin the process of implementation. The designer created the RTL description
that describes the clock behavior of the design.
Simulation:
The synthesis tool converts the RTL description into a net list in the target
FPGA or ASIC technology. The designer reads the RTL description, if there
are no errors the designer can synthesize the design and map the design to the
target technology.
Timing Analysis:
Typical timing analysis uses a timing analyzer that gives a number of report
types that can be generated so that the designer can make sure the critical paths
of the design and can verify whether they are within the specified or required
timings.
Implementation:
Implementation describes the process of downloading the synthesized RTL
description on to the target technology like FPGA or ASIC’s .
3.2 LANGUAGE DESCRIPTION:

VHDL is an acronym for Very High Speed Integrated Circuit
Hardware Description Language. It is a hardware description language that
can be used to model a digital system at many levels of abstraction,
ECE, S.K.T.R.M.C.E
- 43 -
ranging from the Arithmetic level to the gate level. The complexity of
digital system being modeled could vary from that of a simple gate to a
complete digital electronic system or any thing in between. The digital
system can also be described hierarchically.
Timing can also be explicitly modeled in the description.

The VHDL language can be regarded as an integrated amalgamation of
the following languages:
1. Sequential language
2. Concurrent language
3. Net-list language
4. Timing specifications
5. Waveform generation.
Therefore, the language has constructs that enable you to
express the concurrent or sequential behavior of a digital system with or
without timing. It also allows you to model the system as an
interconnection of components. Test waveforms can also be generated to
provide a comprehensive description of the system in a single model.
VHDL language not only defines the syntax but also defines
very clear simulation semantics for each language construct. Therefore
models written in this language can be verified using a VHDL
simulator.
The following are the major capabilities that the language provides
along with the features that differentiate if from other hardware description
languages:
ECE, S.K.T.R.M.C.E
- 44 -
• The language can be used as an exchange medium between chip-vendors

and CAD users. Different chip-vendor can provide VHDL descriptions
of their components to the system designers. CAD tool users can capture
the behavior of the design at high level of abstraction.
• The language supports hierarchy; that is ,a digital system can be
modeled as a set of interconnected components; each component, in
turn, can be modeled as asset of interconnected sub-components.
• The language supports flexible design methodologies; top-down
,bottom-up, or mixed .
• The language is not technology specific, but is capable of supporting
technology-specific features. It can also support various hardware
technologies. For example, new logic types and new components may be
defined; technology-specific attributes may also be specified.
• It supports both synchronous and asynchronous timing models.
• Various digital system modeling techniques, such as FSM descriptions,
algorithmic descriptions, and Boolean equations can be modeled using
the language.
• The language is publicly available, human readable, machine readable
and above all it is not proprietary.
• It is an IEEE and ANSI standard; therefore models described using this
language is portable.
• The language supports three different basic description styles: structural
dataflow and behavioral. A design may also be expressed in an combination of
these three descriptive styles.
ECE, S.K.T.R.M.C.E
- 45 -
• It supports a wide range of abstraction levels ranging from abstract

behavioral descriptions to very precise gate-level descriptions. It does not,
however, support modeling at or below the transistor level. It allows a design
to be captured at a level using a single coherent language.
• Arbitrarily large designs can be modeled using the language and there
are no limitations imposed by the language on the size of the design.
• The language has elements that make large-scale design modeling easier,
for example, components, functions, procedures and packages.
• Test bench can be written using the same language to test other VHDL
models.
• Nominal propagation delays, min-max delays, setup and hold timing
constraints and spike detection and be described very naturally using this
language.
• A model can not only describe the functionality of a design but can also
contain information about the design itself in terms of user-defined attributes ,
such as total area and speed.
• A common language can be used to describe the library components
from different vendors. Tools that understand VHDL models will have no
difficulty in reading models from a variety of vendors since the language we
use is a standard one.
• Models written in this language can be verified by simulation since
precise simulation semantics are defined for each language construct.
• Behavioral model that confirm to; a certain synthesis description style
are capable of being synthesized to gate-level descriptions.
ECE, S.K.T.R.M.C.E
- 46 -
• The capability of defining new data types provides the power to describe
and simulate design techniques at a very high level of abstraction
without any concern about the implementation details.
3.3 Basic VHDL Terms:

Before we go any further, lets define some of the terms that
we will be using thoughtful our discussion. These are the VHDL
building blocks that are used in almost every description.
ENTITY:
All designs are expressed in terms of entities. An entity is the
most basic building block in a design. The uppermost level of the design is
the top level entity. If the design is hierarchical, then the top-level
description will have lower level descriptions contained in it . These
lower level descriptions will be lower entities contained in the top-level
entity description.
ENTITY DECLARATION:
ENTITY entity_make IS
PORT (port1: port1_type;
Port2: port2_type);
END entity;
ARCHITECTURE:
All entities that can be simulated have an architecture
description.
ECE, S.K.T.R.M.C.E
- 47 -
The architecture describes the behavior of the entity. A single entity can have
multiple architectures. One architecture might be behavioral while another
might be structural description of the design.
• As a system of inter-connected components (to represent the structure)
• As a set of concurrent assignment statements (to represent dataflow)
• As a set of assignments (to represent behavior)
• As any combination of the above three.
SYNTAX:
ARCHITECTURE architecture_name OF entity IS
-- declare some signals here
BEGIN
-- put some concurrent signals here
END architecture_name;
PACKAGES:
Package is a collection of commonly used data
types and subprograms used in a design. It can be treated as a toolbox that
contains tools used to build designs
PACKAGE DECLARATION: A package declaration encapsulates a set of

related declarations and subprogram declarations, which can be shared by
two or more
design units.
PACKAGE package_name IS
ECE, S.K.T.R.M.C.E
- 48 -
-- do some stuff;
END package_name;
PACKAGE BODY: Package body contains the definitions of subprograms

declared in the declaration of a package.
PACKAGE BODY:
PACKAGEBODY package_name IS
-- put subprograms bodies here
END package_name;
BUS: The term bus usually brings to mind a group of signals or a particular
method of communication used in the design of hardware. In VHDL, a bus is a
special kind of signal that may have its drivers turned off.
DRIVER: This is a source of a signal. If two tri-state inverters drive a

signal, when both inverters are active, the signal will have two drivers.
ATTRIBUTES: An attribute is some data that is attached to VHDL, objects or

predefined data about VHDL objects. Examples are the current drive capability
of a buffer or the maximum operating temperatures of the device.
GENERIC: Generic in a VHDL term for a parameter that passes information

to an entity. For instance, if an entity is gate level model with a rise and fall
delay, values for the rise and fall delays could be passed into the entity with
generics.
______________________________________________________________________________
ECE, S.K.T.R.M.C.E
- 49 -
PROCESS:A process is the basic unit to execution in VHDL.All operations

that are performed in simulation of a VHDL description are broken into single
or multiple processes.
PROCESS STATEMENTS: The process statements consists of number of

parts. The first part is the Sensitivity list and the second part is called process
declarative part. The list of signals is parenthesis after the key word process is
called sensitivity list. This enumerates exactly process statement to executed.
The process declarative part consists of area between the end of sensitivity list
and the key word BEGIN. The statement part of the process starts at the key
word BEGIN and at the END PROCESS.
SEQUENTIAL STATEMENTS: The Sequential Statements that are in

VHDL are the following:
1). If
2). Case
3). Loop
4). Assert and
5). Wait.
SYNTAX OF THE SOME COMMONLY USED STATEMENTS:

If Statement:
IF condition1 THEN
do some stuff;
ELSE IF condition2 THEN
do some stuff;
ECE, S.K.T.R.M.C.E
- 50 -
END IF;
END IF;
Case Statement:
CASE expression IS
WHEN some_value=>
Perform some operation;
WHEN some other value =>
Perform some other operation;
WHEN others =>
Perform some other operation;
END CASE;
For Loop:
FOR loop_variable IN start_value TO end_value LOOP
do some stuff;
END LOOP;
While Loop:
WHILE condition LOOP
do some stuff;
END LOOP;
Component Declaration:
COMPONENT component_name
PORT (port1_name : port_type;
port2_ name : port_type;
port3_name : port_type);
END COMPONENT;
ECE, S.K.T.R.M.C.E
- 51 -
Component Instantiation:
Instance name: component_name PORT MAP (first port, second_port,
third_port);
Instancename: component_name PORT MAP
(formal1=>actual1,formal2=>actual2);
Signal Declaration:
SIGNAL signal1_name: signal1_type;
SIGNAL signal2_name: signal2_type;
Variable Declaration:
VARIABLE variable1_name: variable1_type;
VARIABLE variable2_name: variable2_type;
Function Declaration:
FUNCTION function_name (parameter1:parameter1_type,
parameter2:parameter2_type);
RETURN return_type;
Library Declaration:
LIBRARY library_name;
3.3 PROGRAMMING IN VHDL

VHDL is a programming language that has been designed and
optimized for describing the behavior for digital systems. VHDL has many
features appropriate for describing the behavior of electronics components
ranging from logic gates to microprocessors and custom chips. Features of
VHDL allow electrical aspects of circuit behavior.
ECE, S.K.T.R.M.C.E
- 52 -
VHDL supports many possible styles of design description .

These styles differ primarily in how closely they relate to the underlying
hardware.When we speak of the different styles of WHDL, we are really
talking about the different levels of abstraction possible using the language-
behavior, data flow and structure.
Suppose the performance specifications for a given project are:”The
compressed data coming out of the DSP chip needs to be analyzed and stored
within 70ns of the strobe signal being asserted”. This human language
specification must be refine into a description that can actually be simulated. A
test bench written in combination with a sequential description is one such
expression of the design. These are all points in the behavior level of
abstraction.
After this initial simulation, the design must be further refined until the
description is something a VHDL synthesis tool can digest. Synthesis is a
process of translating an abstract concept into a less-abstract form. The highest
level of abstraction accepted by today’s synthesis tools is the dataflow level.
The structure level of abstraction comes into play when little chunks of
circuitry are to be connected together to form bigger circuits. (If the little
chunks being connected are actually quite large chunks, then the result is what
we commonly call a block diagram.) Physical information is the most basic
level of all and is outside the scope of VHDL. This level involves actually
specifying the interconnects of transistors on a chip, placing and routing macro
cells within a gate array or FPGA , etc.
As an example of these three levels of abstraction, it is possible to
describe a complex controller circuit in a number of ways. At the lowest level
of abstraction (the structural level), we could use VHDL’s hierarchy features
ECE, S.K.T.R.M.C.E
- 53 -
to connect a sequience of predefined logic gates and flip-flops to form the

complete circuit. To describe this same circuit at a dataflow level of
abstraction, we might describe the combinational logic portion of the
controller(its input decoding and transition logic) using higher-level Boolean
logic functions and then feed the output of that logic into a set of registers that
match the registers available in some target technology. At the behavioral level
of abstraction, we might ignore the target technology ( and the requirements of
synthesis tools) entirely and instead describe how the controller operates over
time in response to various types of stimulus.
BEHAVIORAL:
The highest level of abstraction supported in VHDL is called the
behavioral level of abstraction. When creating a behavioral description of a
circuit, you will describe your circuit in terms of its operation over time. The
concept of time is the critical distinction between behavioral description of
circuits and lower-level descriptions(specifically descriptions created at the
dataflow level of abstraction).
Examples of behavioral forms of representation might include state
diagrams, timing diagrams and algorithmic descriptions.
In a behavioral description, the concept of time may be expressed
precisely, with actual delays between related events(such as the propagation
delays within gates and on wires),or it may simply be an ordering of operations
that are expressed sequentially (such as in a functional description of flip-flop).
When you are writing WHDL for input registers in your circuit. It is unlikely,
however, that your synthesis tool will be capable of creating precisely the same
behavior in actual circuitry as you have defined in the language.(Synthesis
ECE, S.K.T.R.M.C.E
- 54 -
tools today ignore detailed timing specifications, leaving the actual timing
results at the mercy of the target device technology.) I t is also unlikely that
your synthesis tool will be capable of accepting and processing a very wide
range of behavioral styles.
If you are familiar with software programming, writing behavior_level

VHDL will not seem like anything new. Just like a programming language,
you will be writing one or more small programs that operate sequentially and
communicate with one another through their interfaces. The only difference
between behavior-level VHDL and a software programming language is the
underlying execution platform: in the case ;of software, it is some operating
system running on a CPU ; in the case of VHDL , it is the simulator and /or the
synthesized hardware.
DATAFLOW:
In the dataflow level of abstraction, you describe your circuit
in terms how data moves through the system. At the heart of most digital
systems today are registers, so in the dataflow level of how information is
passed between registers in the circuit. You will probably describe the
combinational logic portion of your circuit at a relatively high level(and let a
synthesis toll figure out the detailed implementation in logic gates), but you
will likely be, quite specific aabout the placement and operation of registers in
the complete circuit.
The dataflow level of abstraction is often called register
transfer logic, or RTL. This level of abstraction is an intermediate level that
allows the drudgery of combinational logic to be simplified (and , presumably,
ECE, S.K.T.R.M.C.E
- 55 -
taken care of by logic synthesis tools) while the more important parts of the
circuit, the registers, are more completely specified.
There are some drawbacks to using a dataflow method of design in VHDL.
First, there are no built-in registers in VHDL; the language was designed to be
general-purpose, and VHDL’s designers on its behavioral aspects placed the
emphasis. If you are going to write VHDL at the dataflow level of abstraction,
you will be using in your design. These elements must be provided in the form
of components (using VHDL’s hierarchy features) or in the form of
subprograms(functions or procedures).But for hardware designers, it can be
difficult to relate the sequential descriptions and operation of behavioral VHDL
with the hardware being described (or modeled). For this reason, many VHDL
users, particularly those who are using VHDL as an input to synthesis, prefer to
stick with levels of abstraction that are easier to relate to actual hardware
devices(such as logic gates and flip-flops). These users are often more
comfortable using the dataflow level of abstraction.
STRUCTURAL
The third level of abstraction, structure, is used to describe a
circuit in terms of its components. Structure can be used to create a very –
high-level-description(such as a block diagram).
In a gate-level description of a circuit, for example,
components such as basic logic gates and flip-flops might be connected in
some logical structure to create the circuit. This is what is often called a net
list. For a higher-level circuit-one in which the components being connected
are larger functional blocks-structures might simply be used to segment the
design description into manageable parts.
ECE, S.K.T.R.M.C.E
- 56 -
Structure-level VHDL features, such as components and configurations, are

very useful for managing complexity. The use of components can dramatically
improve your ability to re-use elements of your designs, and they can make it
possible to work using a top-down design approach.
To give an example of how a structural description of a
circuit relates to higher levels of abstraction, consider the design of a simple 5-
bit counter. To describe such a counter using traditional design methods, we
might connect five T flip-flops with some simple decode logic.
The important application of VHDL is to capture the
performance specifications for a circuit , in the form of what is commonly
known as test bench. Basically there are two different approaches for designing
of a device. They are
1. Top Down approach

2. Bottom Up approach .
In Top Down approach each module is designed by obtaining the
interconnections between the modules through structural modeling.
Whereas in Bottom Up approach all modules are designed individually
through Behavioral modeling and at the final stage all components are
connected together in top-module using structural modeling.
ECE, S.K.T.R.M.C.E
- 57 -
CHAPTER 4
DESIGN APPROACH
ECE, S.K.T.R.M.C.E
- 58 -
4.1 BLOCK DIAGRAM OF ECNRYPTION SYSTEM:
MESSAGE
READ
INPUT BUFFER N
O/P
R1, R2, R3
MULTIPLIER MODULUS UNIT
e(0),e(1),e(2) C1 ,C2
DO NE1 DO NE2
0
R
CONTROL UNIT
RST
WRITE
OUT PUT BUFFER
CYPHERTEXT
FIG. 4.1 BLOCK DIAGRAM OF ENCRYPTION SYSTEM
4.2 BLOCK DIAGRAM OF DECRYPTION SYSTEM:
CIPHERTEXT
ECE, S.K.T.R.M.C.E
- 59 -
READ
INPUT BUFFER N
O/P
R1, R2, R3
MULTIPLIER MODULUS UNIT
d(0),d(1),d(2) C1 ,C2
DO NE1 DO NE2
0
R
CONTROL UNIT
RST
WRITE
OUT PUT BUFFER
MESSAGE
FIG. 4.2 BLOCK DIAGRAM OF DECRYPTION SYSTEM.

:
4.3 INDIVIDUAL BLOCK FUNCTIONALITY:
ECE, S.K.T.R.M.C.E
- 60 -
4.3.1 INPUT BUFFER:

MESSAGE / CIPHERTEXT
RST
INPUT BUFFER
READ
MESSAGE / CIPHERTEXT
Fig. 4.3: INPUT BUFFER
Input buffer is the module which performs the function of storing and
reading the data which is given as the input to it when the READ control signal
is set to ‘1’.
The input data is plain text block which is passed to the multiplier on
receiving the control signal from the control unit.
OPERATION:
• When the RST is set to ‘1’ then the output will be “----------------”.
• When RST is set to ‘0’ then the input buffer gets enabled.
• When READ is ‘1’ then the data (MESSAGE / CIPHER TEXT) is
taken as input to the system.
• On receiving the appropriate signal from the control unit it transfer the
data to the multiplier unit.
ECE, S.K.T.R.M.C.E
- 61 -
4.3.2 OUTPUT BUFFER:
Output buffer is the module which performs the function of storing

and reading the data which is given as the input to it when the WRITE control
signal is set to ‘1’.
CIPHER TEXT / MESSAGE
RST
OUTPUT BUFFER
WRITE
CIPHER TEXT / MESSAGE
Fig. 4.4: OUTPUT BUFFER
The input data is plain text/cipher text block which is passed as out
put of the system on receiving the control signal from the control unit.
OPERATION:
When RST is set to ‘1’ then output is cleared.
When RST is set to ‘0’ then the input buffer gets enabled .
When WRITE is ‘1’ then the data (MESSAGE / CIPHER TEXT) is taken as
output to the system .
ECE, S.K.T.R.M.C.E
- 62 -
On receiving the appropriate signal from the control unit it transfer the data as
the output of the system (ENCRYPTION SYSTEM / DECRYPTION
SYSTEM).
4.3.3 MULTIPLIER:
The multiplier unit performs the multiplication operation and
passes the result to the modulus unit as per the signal of the control unit
Input to the multiplier unit is data (MESSAGE / CIPHER
TEXT), output of modulus unit (i.e. R1 or R2 or R3), RST, control signal
(C1, C2) and CLK.
OPERATION:
• When C1=1 and C2=1 then the output of multiplier output port
(o/p) (32 bit ) is initialized to 1.
• When C1 =1 and C2= 0 the multiplier begins to perform the
multiplication operation .
• The multiplier performs the multiplication operation as shown in
STEP 1, STEP 3 and STEP 5 producing a 32 bit result.
• On completion of the operation it generate DONE1=’1’ indication
the completion of the operation and passes the result as input to the
modulus unit.
ECE, S.K.T.R.M.C.E
- 63 -
MESSAGE / R1, R2, R3

CIPHERTEXT
C1,C2
RST
CLK MULTIPLIER
e/d
DONE 1
O/P
Fig. 4.5: MULTIPLIER UNIT
4.3.4 MODULUS
The modulus unit performs the modulus operation (i.e. finding the
remainder of the two inputs , the dividend (i.e. O/P) and divisor (i.e. N) and
passes the result to the next unit as per the signal from the control unit.
The inputs to the modulus unit are output of the multiplier unit
(i.e. O/P), RST, control signals (i.e.C1, C2) and CLK.
OPERATION:
• When C1=0 and C2=0 the output of the modulus unit gets initialized to
1.
• When C1=0 and C2=1 the modulus unit perform the operation as shown
in STEP 2, STEP 4 and STEP 6 producing 16 bit result .
ECE, S.K.T.R.M.C.E
- 64 -
O/P
RST
C1,C2
MODULUS UNIT R
CLK
R1, R2, R3 DONE 2
Fig. 4.6: MODULUS UNIT
• On completion of the operation it generates DONE 2 = 1, indicating the

completion of the operation and passes the result to the next unit as per
the signal of the control unit.
4.3.5 CONTROL UNIT :

The control unit is used for timing and control of each individual
module. It generates the control signal C1,C2 ,READ,WRITE and RST .
This is the key unit for the proper functioning of the total system. It controls
and co ordinate all the module in meeting the specifications of the design.
The input to the control unit are DONE1 , DONE2 ,ENABLE and
CLK .
ECE, S.K.T.R.M.C.E
- 65 -
DONE 1 DONE 2
RST
RSTIN
C1,C2
CLK
CONTROL UNIT
ENABLE
e/d
Fig. 4.7: CONTROL UNIT
OPERATION:
• When RSTIN (system reset) =’1’then the control unit generates the
control signal RST=’1’ which clears and initializes all the modules. All
the modules are initializing as said above.
• When RSTIN =’0’ and ENABLE =’1’ the control unit generates the
control signal RST=’0’ and instructs each module to perform its
operation at their specific timings.
• First clock pulse:
The control unit sets READ to ‘1’.During this time the input
buffer gets enabled and reads the input data.
• Second clock pulse :
C1 and C2 are set to ‘1’.These signals initialize the multiplier
unit where multiplier unit results 0001 to modulator unit.
ECE, S.K.T.R.M.C.E
- 66 -
• Third clock pulse :

C1 and C2 are set to ‘0’. These signals initialize the modulus unit
where the modulator output results 0001.
• Fourth clock pulse:
C1 sets to ‘1’ and C2 sets to’0’.During this pulse multiplier
performs the operation of multiplication. The controller provides the
multiplier with lowermost bit of the encryption/decryption key i.e
e(0)/d(0).As soon as the multiplication operation is finished the multiplier
unit returns DONE 1 =’1’ to the control unit.
• Fifth clock pulse:
The control unit set C1 to ‘0’ and C2 to ‘1’ .During this pulse the
modulation operation takes place. As soon as the modulation operation is
finished the modulus unit return DONE 2 =’1’ to the control unit.
• Multiplier and Modulus unit functions as shown in above two clock
pulse are performed alternatively in each clock pulses until all key bits
are finished.
• The final result of the encrypted/decrypted data is stored in the output
buffer.
• Last clock pulse::
The write signal gets set to ‘1’ and this enables the output buffer .Output
buffer transforms the data (cipher text / message) as the output of the
system (ENCRYPTION / DECRYPTION).
ECE, S.K.T.R.M.C.E
- 67 -
OPERATION OF ENCRYPTION SYSTEM BLOCK DIAGRAM:

All the steps described below are performed as per the timing and control of
the control unit .
The system performs operation on RST =’0’. When system is reset the output
of modulus unit is set to ‘1’ (i.e. R1=’1’).
STEP 1: O/P= R1 * MESSAGEê(0)

Perform the above operation and transfers the result to modulus unit..
STEP 2: R2 = O/P MOD N
Perform the above operation and transfers the result to multiplier.
STEP 3: O/P = R2^2 * MESSAGEê(1)
STEP 4 R3 = O/P MOD N
Perform the above operation and transfers the result to multiplier
STEP 5: O/P= R3 * MESSAGEê (2)
Perform the above operation and transfers the result to modulus unit.
STEP 6: R= O/P MOD N
Performs the above operation and transfers the results the out put buffer
as the signal of the control unit.
ECE, S.K.T.R.M.C.E
- 68 -
OPERATION OF DECYPTION SYSTEM BLOCK DIAGRAM:

All the steps described below are performed as per the timing and control of
the control unit.
The system performs operation on RST =’0’. When system is reset the output
of modulus unit is set to ‘1’ (i.e. R1=’1’).
STEP 1 : O/P= R1 * CIPHER TEXT^d(0)
STEP 2: R2 = O/P MOD N
Perform the above operation and transfers the result to multiplier.
STEP 3: O/P = R2^2 * CIPHER TEXT^d(1)
STEP 4 R3 = O/P MOD N
Perform the above operation and transfers the result to multiplier
STEP 5: O/P= R3 * CIPHER TEXT^d(2)
Perform the above operation and transfers the result to modulus unit.
STEP 6: R= O/P MOD N
Performs the above operation and transfers the results the out put buffer as the
signal of the control unit.
VHDL MODULES FOR ENCRYPTION SYSTEM
ECE, S.K.T.R.M.C.E
- 69 -
1. Input Buffer
library IEEE;
use IEEE.STD_LOGIC_1164.all;
use ieee.std_logic_unsigned.all;
use ieee.std_logic_arith.all;
entity ip is
port(
plain : in STD_LOGIC_VECTOR(15 downto 0);
rst : in STD_LOGIC;
read : in STD_LOGIC;
o : out STD_LOGIC_vector(15 downto 0)
);
end ip ;
architecture ip_arch of ip is
begin
process(rst,read)
variable temp:std_logic_vector(15 downto 0);
begin
if rst='1' then
o<="----------------";
elsif read='1' then
temp:=plain;
o<=temp;
end if;
end process;
end ip_arch;
2. Multiplier
ECE, S.K.T.R.M.C.E
- 70 -
library IEEE;
entity multi is
port(
rst,c1,c2,e,clk : in STD_LOGIC;
a,b : in STD_LOGIC_VECTOR(15 downto 0);
done : out STD_LOGIC;
o_mul : out STD_LOGIC_VECTOR(31 downto 0)
);
end multi;
architecture multi_arch of multi is

begin
process(clk)
variable temp1,temp,op1:integer;
variable i:integer:=1;
begin
if rst='1' then
o_mul<="--------------------------------";
done<='0';
elsif clk'event and clk='1' then
if c1='1' and c2='1' then
o_mul<="00000000000000000000000000000001";
done<='1';
elsif c1='1' and c2='0' then
if e='0' then
temp:=1;
else
temp:=conv_integer(a);
end if;
temp1:=conv_integer(b);
if i=1 then
temp1:=temp1;
i:=i+1;
elsif i=2 then
temp1:=temp1*temp1;
end if;
op1:=temp*temp1;
o_mul<=conv_std_logic_vector(op1,32);
done<='1';
else
ECE, S.K.T.R.M.C.E
- 71 -
done<='0';
end if;
end if;
end process;
end multi_arch;
3. Modulus
library ieee;
use ieee.std_logic_1164.all;
entity mod1 is
port(o_mul: in std_logic_vector(31 downto 0);
rst,c1,c2:in std_logic;
clk:in std_logic;
o_mod:out std_logic_vector(15 downto 0);
done:out std_logic);
end mod1;
architecture mod_arch of mod1 is
begin
process(rst,clk)
variable a,b,c:integer;
constant n:integer:=33;
begin
if rst='1'then
o_mod<="----------------";
done<='0';
elsif clk'event and clk='1'then
if c1='0'and c2='0'then
o_mod<= "0000000000000001";
done<='1';
elsif c1='0'and c2='1'then
a:=conv_integer(o_mul) / n;
b:=a*n;
c:=conv_integer(o_mul)- b;
o_mod<=conv_std_logic_vector(c,16);
done<='1';
else
done<='0';
ECE, S.K.T.R.M.C.E
- 72 -
end if;
end if;
end process;
end mod_arch;
4.control unit
library IEEE;
entity cu is
port(
rstin : in STD_LOGIC;
clk : in STD_LOGIC;
done1 : in STD_LOGIC;
enable : in STD_LOGIC;
c1 : buffer STD_LOGIC;
e : out STD_LOGIC;
read,write:out std_logic
);
end cu;
architecture cu_arch of cu is
begin
process(clk)
variable s :integer range 1 to 10;
begin
if rstin='1'then
read<='-';
write<='-';
ECE, S.K.T.R.M.C.E
- 73 -
c1<='-';
c2<='-';
s:=1;
e<='-';
elsif (clk'event and clk='1') and enable='1' then
case s is
when 1=>
read<='1';
write<='-';
c1<='-';
c2<='-';
when 2=>
read<='0';
write<='-';
c1<='1';
c2<='1'; --initialize m,ultiplier
--e<='0';
when 3=>
read<='0';
write<='-';
c1<='0';
c2<='0'; --initialize modulus
-- e<='0';
when 4=>read<='0';
write<='-';
c1<='1';
c2<='0'; --first multiplication
e<='0';
when 5=>
read<='0';
write<='0';
e<='0';
ECE, S.K.T.R.M.C.E
- 74 -
if(done1='1' or (c1='1' and c2='0'))then

c1<='0'; --first modulation
c2<='1';
end if;
when 6=>
read<='0';
write<='0';
e<='1'; --2nd mul
c1<='1';
c2<='0';
end if;
when 7=>
read<='0';
write<='0';
e<='1'; --2nd mod
c1<='0';
c2<='1';
end if;
when 8=>
read<='0';
write<='0';
e<='1';
c1<='1';
c2<='0';
end if;
when 9=>
ECE, S.K.T.R.M.C.E
- 75 -
read<='0';
write<='0';
e<='1';
c1<='0';
c2<='1';
end if;
when 10=>
write<='1';
read<='0';
c1<='-';
c2<='-';
e<='-';
--when others=>null;
end case ;
if s=10 then
s:=1;
else
s:=s+1;
end if;
end if;
--end if;
end process;
end cu_arch;
5.output buffer
library IEEE;
ECE, S.K.T.R.M.C.E
- 76 -
entity op is
port(
o_mod : in STD_LOGIC_VECTOR(15 downto 0);
rst : in STD_LOGIC;
write : in STD_LOGIC;
cipher : out STD_LOGIC_VECTOR(15 downto 0)
);
end op ;
architecture op_arch of op is
begin
process(rst,write)
begin
if rst='1' then
cipher<="----------------";
elsif write='1' then
temp:=o_mod;
cipher<=o_mod;
end if;
end process;
end op_arch;
6.Encryption Top Module
library IEEE;
ECE, S.K.T.R.M.C.E
- 77 -
entity rsatop is
port(
plain : in STD_LOGIC_vector(15 downto 0);
clk : in STD_LOGIC;
rst,enable : in STD_LOGIC;
cipher : out STD_LOGIC_vector(15 downto 0)
);
end rsatop;
architecture rsatop_arch of rsatop is

component ip is
port(
plain : in STD_LOGIC_VECTOR(15 downto 0);
rst : in STD_LOGIC;
);
end component ;
component multi is
port(
rst,c1,c2,e,clk : in STD_LOGIC;
);
end component ;
component mod1 is
clk:in std_logic;
ECE, S.K.T.R.M.C.E
- 78 -
end component ;
component cu is
port(
clk : in STD_LOGIC;
e : out STD_LOGIC;
);
end component ;
component op is
port(
rst : in STD_LOGIC;
cipher : out STD_LOGIC_VECTOR(15 downto 0)
);
end component ;
signal read,c1,c2,done1,e,done2,write:std_logic;
signal o,out_mod:std_logic_vector(15 downto 0);
signal out_mul:std_logic_vector(31 downto 0);
begin
u1: ip port map(plain,rst,read,o);
u2:multi port map(rst,c1,c2,e,clk,o,out_mod,done1,out_mul);
u3:mod1 port map(out_mul,rst,c1,c2,clk,out_mod,done2);
u5:op port map(out_mod,rst,write,cipher);
u4:cu port map(rst,clk,done1,done2,enable,c1,c2,e,read,write);
ECE, S.K.T.R.M.C.E
- 79 -
end rsatop_arch;
VHDL Modules For Decryption System
1.Input Buffer
library IEEE;
entity ip_dec is
port(
cipher : in STD_LOGIC_VECTOR(15 downto 0);
rst : in STD_LOGIC;
);
end ip_dec ;
architecture ip_arch of ip_dec is

begin
process(rst,read)
begin
if rst='1' then
o<="----------------";
elsif read='1' then
temp:=cipher;
o<=temp;
end if;
end process;
ECE, S.K.T.R.M.C.E
- 80 -
end ip_arch;
2.multiplier
library IEEE;
entity multi_dec is
port(
rst,c1,c2,d,clk : in STD_LOGIC;
);
end multi_dec;
architecture multi of multi_dec is

begin
process(clk)
variable temp1,temp,op1:integer;
variable i:integer:=1;
begin
if rst='1' then
o_mul<="--------------------------------";
done<='0';
elsif clk'event and clk='1' then
if c1='1' and c2='1' then
o_mul<="00000000000000000000000000000001";
done<='1';
elsif c1='1' and c2='0' then
ECE, S.K.T.R.M.C.E
- 81 -
if d='0' then
temp:=1;
else
temp:=conv_integer(a);
end if;
temp1:=conv_integer(b);
if i=1 then
temp1:=temp1;
i:=i+1;
elsif i=2 then
temp1:=temp1*temp1;
i:=i+1;
elsif i=3 then
temp1:=temp1*temp1;
end if;
op1:=temp*temp1;
o_mul<=conv_std_logic_vector(op1,32);
done<='1';
else
done<='0';
end if;
end if;
end process;
end multi;
3.modulus
library ieee;
use ieee.std_logic_1164.all;
entity mod_dec is
ECE, S.K.T.R.M.C.E
- 82 -

clk:in std_logic;
end mod_dec;
architecture mod1 of mod_dec is
begin
process(rst,clk)
variable a,b,c:integer;
constant n:integer:=33;
begin
if rst='1'then
o_mod<="----------------";
done<='0';
elsif clk'event and clk='1'then
if c1='0'and c2='0'then
o_mod<= "0000000000000001";
done<='1';
elsif c1='0'and c2='1'then
a:=conv_integer(o_mul) / n;
b:=a*n;
c:=conv_integer(o_mul)- b;
o_mod<=conv_std_logic_vector(c,16);
done<='1';
else
done<='0';
end if;
end if;
end process;
ECE, S.K.T.R.M.C.E
- 83 -
end mod1;
4.control unit
library IEEE;
entity cu_dec is
port(
clk : in STD_LOGIC;
d : out STD_LOGIC;
);
end cu_dec;
--}} End of automatically maintained section
architecture cu_arch of cu_dec is
begin
process(clk)
variable s :integer range 1 to 10;
begin
if rstin='1'then
read<='-';
write<='-';
ECE, S.K.T.R.M.C.E
- 84 -
c1<='-';
c2<='-';
s:=1;
d<='-';
elsif (clk'event and clk='1') and enable='1' then
case s is
when 1=>
read<='1';
write<='-';
c1<='-';
c2<='-';
when 2=>
read<='0';
write<='-';
c1<='1';
c2<='1'; --initialize m,ultiplier
d<='0';
when 3=>
read<='0';
write<='-';
c1<='0';
c2<='0'; --initialize modulus
d<='0';
when 4=>read<='0';
write<='-';
c1<='1';
c2<='0'; --first multiplication
d<='1';
when 5=>
read<='0';
write<='0';
d<='1';
ECE, S.K.T.R.M.C.E
- 85 -

c1<='0'; --first modulation
c2<='1';
end if;
when 6=>
read<='0';
write<='0';
d<='1'; --2nd mul
c1<='1';
c2<='0';
end if;
when 7=>
read<='0';
write<='0';
d<='1'; --2nd mod
c1<='0';
c2<='1';
end if;
when 8=>
read<='0';
write<='0';
d<='1';
c1<='1';
c2<='0';
end if;
when 9=>
ECE, S.K.T.R.M.C.E
- 86 -
read<='0';
write<='0';
d<='1';
c1<='0';
c2<='1';
end if;
when 10=>
write<='1';
read<='0';
c1<='-';
c2<='-';
d<='-';
--when others=>null;
end case ;
if s=10 then
s:=1;
else
s:=s+1;
end if;
end if;
--end if;
end process;
-- enter your statements here --
end cu_arch;
6. Decryption Top Module
ECE, S.K.T.R.M.C.E
- 87 -
library IEEE;
entity rsa_dec_top is
port(
cipher : in STD_LOGIC_vector(15 downto 0);
clk : in STD_LOGIC;
rst,enable : in STD_LOGIC;
plain : out STD_LOGIC_vector(15 downto 0)
);
end rsa_dec_top;
--}} End of automatically maintained section
architecture rsadec_arch of rsa_dec_top is

component ip_dec is
port(
cipher: in STD_LOGIC_VECTOR(15 downto 0);
rst : in STD_LOGIC;
);
end component ;
component multi_dec is
port(
rst,c1,c2,d,clk : in STD_LOGIC;
);
end component ;
ECE, S.K.T.R.M.C.E
- 88 -
component mod_dec
clk:in std_logic;
end component ;
component cu_dec is
port(
clk : in STD_LOGIC;
d : out STD_LOGIC;
);
end component ;
component op_dec is
port(
rst : in STD_LOGIC;
plain : out STD_LOGIC_VECTOR(15 downto 0)
);
end component ;
signal read,c1,c2,done1,d,done2,write:std_logic;
signal o,out_mod:std_logic_vector(15 downto 0);
signal out_mul:std_logic_vector(31 downto 0);
ECE, S.K.T.R.M.C.E
- 89 -
begin
u1: ip_dec port map(cipher,rst,read,o);
u2:multi_dec port
map(rst,c1,c2,d,clk,o,out_mod,done1,out_mul);
u3:mod_dec port map(out_mul,rst,c1,c2,clk,out_mod,done2);
u5:op_dec port map(out_mod,rst,write,plain);
u4:cu_dec port
map(rst,clk,done1,done2,enable,c1,c2,d,read,write);
-- enter your statements here --
end rsadec_arch;
CHAPTER 5
SIMULATION RESULTS
5.1 ENCRYPTION SYSTEM:
ECE, S.K.T.R.M.C.E
- 90 -
Fig. 5.1: WAVEFORM OF INPUT BUFFER
ECE, S.K.T.R.M.C.E
- 91 -
Fig.5.2: WAVE FORM OF MULTIPLIER UNIT
ECE, S.K.T.R.M.C.E
- 92 -
Fig. 5.3: WAVE FORM OF MODULUS UNIT
ECE, S.K.T.R.M.C.E
- 93 -
Fig. 5.4: WAVE FORM OF CONTROL UNIT
ECE, S.K.T.R.M.C.E
- 94 -
Fig. 5.5: WAVE FORM OF OUT PUT BUFFER
ECE, S.K.T.R.M.C.E
- 95 -
Fig. 5.6: WAVE FORM OF ENCRYPTION SYSTEM
5.2 DECRYPTION SYSTEM:
ECE, S.K.T.R.M.C.E
- 96 -
Fig. 5.7: WAVE FORM OF INPUT BUFFER
ECE, S.K.T.R.M.C.E
- 97 -
Fig. 5.8: WAVE FORM OF MULTIPLIER
ECE, S.K.T.R.M.C.E
- 98 -
Fig. 5.9: WAVE FORM OF MODULUS UNIT
ECE, S.K.T.R.M.C.E
- 99 -
Fig. 5.10: WAVE FORM OF CONTROL UNIT
ECE, S.K.T.R.M.C.E
- 100 -
Fig. 5.11: WAVE FORM OF OUT PUT BUFFER
ECE, S.K.T.R.M.C.E
- 101 -
Fig. 5.12: WAVE FORM OF DECRYPTION SYSTEM
ECE, S.K.T.R.M.C.E
- 102 -
CHAPTER 6
6.1 SYNTHESIS REPORT FOR ENCRYPTION SYSTEM
Release 4.2i - xst E.35

Copyright (c) 1995-2001 Xilinx, Inc. All rights reserved.
========================================================
---- Source Parameters
Input Format : VHDL
Input File Name : en_top.prj
---- Target Parameters
Target Device : xcv300-fg456-6
Output File Name : en_top
Output Format : NGC
Target Technology : virtex
---- Source Options
Entity Name : en_top
Automatic FSM Extraction : YES
FSM Encoding Algorithm : Auto
FSM Flip-Flop Type :D
Mux Extraction : YES
Resource Sharing : YES
Complex Clock Enable Extraction : YES
ROM Extraction : Yes
RAM Extraction : Yes
RAM Style : Auto
Mux Style : Auto
Decoder Extraction : YES
Priority Encoder Extraction : YES
Shift Register Extraction : YES
Logical Shifter Extraction : YES
XOR Collapsing : YES
Automatic Register Balancing : No
---- Target Options
Add IO Buffers : YES
Equivalent register Removal : YES
ECE, S.K.T.R.M.C.E
- 103 -
Add Generic Clock Buffer(BUFG) : 4

Global Maximum Fanout : 100
Register Duplication : YES
Move First FlipFlop Stage : YES
Move Last FlipFlop Stage : YES
Slice Packing : YES
Pack IO Registers into IOBs : auto
Speed Grade :6
---- General Options
Optimization Criterion : Speed
Optimization Effort :1
Check Attribute Syntax : YES
Keep Hierarchy : No
Global Optimization : AllClockNets
Write Timing Constraints : No
========================================================
Compiling vhdl file C:/Xilinx/bin/abc/ipbuffer.vhd in Library work.
Entity <ipbuffer> (Architecture <ipbuf>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/mul2.vhd in Library work.
Entity <mul2> (Architecture <mul2>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/MOD2.vhd in Library work.
Entity <mod2> (Architecture <mod2>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/controler_en.vhd in Library work.
Entity <controler_en> (Architecture <controler>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/opbuffer.vhd in Library work.
Entity <opbuffer> (Architecture <opbuf>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/en_top.vhd in Library work.
Entity <en_top> (Architecture <encryption>) compiled.
Analyzing Entity <en_top> (Architecture <encryption>).
Entity <en_top> analyzed. Unit <en_top> generated.
Analyzing Entity <ipbuffer> (Architecture <ipbuf>).
Entity <ipbuffer> analyzed. Unit <ipbuffer> generated.
Analyzing Entity <mul2> (Architecture <mul2>).
Entity <mul2> analyzed. Unit <mul2> generated.
Analyzing Entity <mod2> (Architecture <mod2>).
Entity <mod2> analyzed. Unit <mod2> generated.
Analyzing Entity <controler_en> (Architecture <controler>).
ECE, S.K.T.R.M.C.E
- 104 -
Entity <controler_en> analyzed. Unit <controler_en> generated.
Analyzing Entity <opbuffer> (Architecture <opbuf>).

Entity <opbuffer> analyzed. Unit <opbuffer> generated.
Synthesizing Unit <opbuffer>.
Related source file is C:/Xilinx/bin/abc/opbuffer.vhd.
Summary:
inferred 16 Latch(s).
Unit <opbuffer> synthesized.
Synthesizing Unit <controler_en>.
Related source file is C:/Xilinx/bin/abc/controler_en.vhd.
Found 1-bit register for signal <c1>.
Found 1-bit register for signal <rd>.
Found 1-bit register for signal <wr>.
Found 1-bit register for signal <e>.
Found 4-bit up counter for signal <cn>.
Summary:
inferred 1 Counter(s).
inferred 5 D-type flip-flop(s).
Unit <controler_en> synthesized.
Synthesizing Unit <mod2>.
Related source file is C:/Xilinx/bin/abc/MOD2.vhd.
Found 16-bit register for signal <r>.
Found 1-bit register for signal <done>.
Found 16-bit subtractor for signal <$n0006> created at line 31.
Found 32x7-bit multiplier for signal <$n0014> created at line 29.
Summary:
inferred 1 Adder/Subtracter(s).
inferred 1 Multiplier(s).
Unit <mod2> synthesized.
Synthesizing Unit <mul2>.

Related source file is C:/Xilinx/bin/abc/mul2.vhd.
Using one-hot encoding for signal <i>.
Found 32-bit register for signal <op>.
ECE, S.K.T.R.M.C.E
- 105 -

Found 32-bit register for signal <i>.
Summary:
Unit <mul2> synthesized.
Synthesizing Unit <ipbuffer>.

Related source file is C:/Xilinx/bin/abc/ipbuffer.vhd.
Summary:
Unit <ipbuffer> synthesized.
Synthesizing Unit <en_top>.

Related source file is C:/Xilinx/bin/abc/en_top.vhd.
Unit <en_top> synthesized.
========================================================
HDL Synthesis Report
Macro Statistics
# Registers : 10
16-bit register :1
1-bit register :7
32-bit register :2
# Latches :2
16-bit latch :2
# Counters :1
4-bit up counter :1
# Adders/Subtractors :1
16-bit subtractor :1
# Multipliers :3
32x7-bit multiplier :1
========================================================
Starting low level synthesis...
ECE, S.K.T.R.M.C.E
- 106 -
Optimizing unit <controler_en> ...

Optimizing unit <opbuffer> ...
Optimizing unit <mod2> ...
Optimizing unit <mul2> ...
Optimizing unit <ipbuffer> ...
Optimizing unit <en_top> ...
Building and optimizing final net list ...
FlipFlop x3_r_0 has been replicated 1 time(s)
========================================================
Final Results
Top Level Output File Name : en_top
Output Format : NGC
Keep Hierarchy : No
Macro Generator : macro+
Macro Statistics
# Registers : 56
1-bit register : 55
32-bit register :1
# Counters :1
4-bit up counter :1
# Multipliers :3
Design Statistics
# IOs : 35
Cell Usage :
# BELS : 918
ECE, S.K.T.R.M.C.E
- 107 -
# GND :1
# LUT1 :4
# LUT2 : 42
# LUT2_D : 14
# LUT2_L : 89
# LUT3 :4
# LUT4 : 52
# LUT4_L : 91
# MULT_AND : 128
# MUXCY : 242
# MUXF5 :3
# VCC :1
# XORCY : 247
# FlipFlops/Latches : 80
# FDC :2
# FDCPE :4
# FDE :5
# FDRE : 34
# FDSE :3
# LD : 32
# Clock Buffers :1
# BUFGP :1
# IO Buffers : 34
# IBUF : 18
# OBUF : 16
========================================================
TIMING REPORT
NOTE: THESE TIMING NUMBERS ARE ONLY A SYNTHESIS
ESTIMATE.
FOR ACCURATE TIMING INFORMATION PLEASE REFER TO THE
TRACE REPORT
GENERATED AFTER PLACE-and-ROUTE.
Clock Information:
-----------------------------------+------------------------+-------+
Clock Signal | Clock buffer(FF name) | Load |
-----------------------------------+------------------------+-------+
x4_wr:Q | NONE | 16 |
ECE, S.K.T.R.M.C.E
- 108 -
x4_rd:Q | NONE | 16 |
clk | BUFGP | 48 |
-----------------------------------+------------------------+-------+
Timing Summary:
---------------
Speed Grade: -6
Minimum period: 25.627ns (Maximum Frequency: 39.021MHz)
Minimum input arrival time before clock: 3.412ns
Maximum output required time after clock: 6.994ns
Maximum combinational path delay: No path found
Timing Detail:
--------------
All values displayed in nanoseconds (ns)
-------------------------------------------------------------------------
Timing constraint: Default OFFSET IN BEFORE for Clock 'clk'
Offset: 3.412ns (Levels of Logic = 1)
Source: en
Destination: x4_c1
Destination Clock: clk rising
Data Path: en to x4_c1
Gate Net
Cell:in->out fanout Delay Delay Logical Name (Net Name)
---------------------------------------- ------------
IBUF:I->O 9 0.768 1.908 en_IBUF (en_IBUF)
FDE:CE 0.736 x4_c1
----------------------------------------
Total 3.412ns (1.504ns logic, 1.908ns route)
(44.1% logic, 55.9% route)
-------------------------------------------------------------------------
Timing constraint: Default OFFSET OUT AFTER for Clock 'x4_wr:Q'
Source: x5_dout_0
Destination: ciphertext_0
Source Clock: x4_wr:Q falling
Data Path: x5_dout_0 to ciphertext_0

Gate Net
ECE, S.K.T.R.M.C.E
- 109 -

---------------------------------------- ------------
LD:G->Q 1 1.171 1.035 x5_dout_0 (x5_dout_0)
OBUF:I->O 4.787 ciphertext_0_OBUF (ciphertext_0)
----------------------------------------
(85.2% logic, 14.8% route)
========================================================
CPU : 11.52 / 11.58 s | Elapsed : 12.00 / 12.00 s
6.2 SYNTHESIS REPORT FOR DECRYPTION SYSTEM
Release 4.2i - xst E.35

Copyright (c) 1995-2001 Xilinx, Inc. All rights reserved.
--> Parameter TMPDIR set to .
CPU : 0.00 / 0.06 s | Elapsed : 0.00 / 0.00 s
--> Parameter overwrite set to YES
CPU : 0.00 / 0.06 s | Elapsed : 0.00 / 0.00 s
--> Parameter xsthdpdir set to ./xst
CPU : 0.00 / 0.08 s | Elapsed : 0.00 / 0.00 s
========================================================
---- Source Parameters
Input Format : VHDL
Input File Name : dc_top.prj
---- Target Parameters
Target Device : xcv300-fg456-6
Output File Name : dc_top
Output Format : NGC
---- Source Options
Entity Name : dc_top
Automatic FSM Extraction : YES
FSM Encoding Algorithm : Auto
FSM Flip-Flop Type :D
Mux Extraction : YES
Resource Sharing : YES
Complex Clock Enable Extraction : YES
ROM Extraction : Yes
ECE, S.K.T.R.M.C.E
- 110 -
RAM Extraction : Yes

RAM Style : Auto
Mux Style : Auto
Decoder Extraction : YES
Priority Encoder Extraction : YES
Shift Register Extraction : YES
Logical Shifter Extraction : YES
XOR Collapsing : YES
Automatic Register Balancing : No
---- Target Options
Add IO Buffers : YES
Equivalent register Removal : YES
Add Generic Clock Buffer(BUFG) : 4
Global Maximum Fanout : 100
Register Duplication : YES
Move First FlipFlop Stage : YES
Move Last FlipFlop Stage : YES
Slice Packing : YES
Pack IO Registers into IOBs : auto
Speed Grade :6
---- General Options
Optimization Effort :1
Check Attribute Syntax : YES
Keep Hierarchy : No
Global Optimization : AllClockNets
Write Timing Constraints : No
========================================================
Compiling vhdl file C:/Xilinx/bin/abc/d_inbuffer.vhd in Library work.
Entity <d_ipbuffer> (Architecture <ipbuf>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/d_mul2.vhd in Library work.
Entity <d_mul2> (Architecture <d_mul2>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/d_mod2.vhd in Library work.
Entity <d_mod2> (Architecture <d_mod2>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/d_control_dc.vhd in Library work.
Entity <d_controler_dc> (Architecture <controler>) compiled.
Compiling vhdl file C:/Xilinx/bin/abc/d_opbuffer.vhd in Library work.
Entity <d_opbuffer> (Architecture <opbuf>) compiled.
ECE, S.K.T.R.M.C.E
- 111 -
Compiling vhdl file C:/Xilinx/bin/abc/dc_top.vhd in Library work.

Entity <dc_top> (Architecture <decryption>) compiled.
Analyzing Entity <dc_top> (Architecture <decryption>).

Entity <dc_top> analyzed. Unit <dc_top> generated.
Analyzing Entity <d_ipbuffer> (Architecture <ipbuf>).

Entity <d_ipbuffer> analyzed. Unit <d_ipbuffer> generated.
Analyzing Entity <d_mul2> (Architecture <d_mul2>).

rst.
Entity <d_mul2> analyzed. Unit <d_mul2> generated.
Analyzing Entity <d_mod2> (Architecture <d_mod2>).
Entity <d_mod2> analyzed. Unit <d_mod2> generated.
Analyzing Entity <d_controler_dc> (Architecture <controler>).
Entity <d_controler_dc> analyzed. Unit <d_controler_dc> generated.
Analyzing Entity <d_opbuffer> (Architecture <opbuf>).
Entity <d_opbuffer> analyzed. Unit <d_opbuffer> generated.
Synthesizing Unit <d_opbuffer>.
Related source file is C:/Xilinx/bin/abc/d_opbuffer.vhd.
Summary:
Unit <d_opbuffer> synthesized.
Synthesizing Unit <d_controler_dc>.
Related source file is C:/Xilinx/bin/abc/d_control_dc.vhd.
Found 1-bit register for signal <rd>.
Found 1-bit register for signal <wr>.
Found 1-bit register for signal <d>.
Found 4-bit up counter for signal <cn>.
Summary:
Inferred 1 Counter(s).
Unit <d_controler_dc> synthesized.
Synthesizing Unit <d_mod2>.
Related source file is C:/Xilinx/bin/abc/d_mod2.vhd.
Found 16-bit register for signal <r>.
ECE, S.K.T.R.M.C.E
- 112 -

Found 16-bit subtractor for signal <$n0006> created at line 33.
Summary:
inferred 1 Adder/Subtracter(s).
Unit <d_mod2> synthesized.
Synthesizing Unit <d_mul2>.
Related source file is C:/Xilinx/bin/abc/d_mul2.vhd.
Using one-hot encoding for signal <i>.
Found 32-bit register for signal <op>.
Found 32-bit register for signal <i>.
Summary:
Unit <d_mul2> synthesized.
Synthesizing Unit <d_ipbuffer>.
Related source file is C:/Xilinx/bin/abc/d_inbuffer.vhd.
Summary:
Unit <d_ipbuffer> synthesized.
Synthesizing Unit <dc_top>.

Related source file is C:/Xilinx/bin/abc/dc_top.vhd.
Unit <dc_top> synthesized.
========================================================
HDL Synthesis Report
Macro Statistics
# Registers : 10
16-bit register :1
1-bit register :7
32-bit register :2
# Latches :2
16-bit latch :2
ECE, S.K.T.R.M.C.E
- 113 -
# Counters :1
4-bit up counter :1
# Multipliers :3
========================================================
Starting low level synthesis...
Optimizing unit <d_controler_dc> ...
Optimizing unit <d_opbuffer> ...
Optimizing unit <d_mod2> ...
Optimizing unit <d_mul2> ...
Optimizing unit <d_ipbuffer> ...
Optimizing unit <dc_top> ...
Building and optimizing final netlist ...
========================================================
Final Results
Top Level Output File Name : dc_top
Output Format : NGC
Keep Hierarchy : No
Macro Generator : macro+
Macro Statistics
# Registers : 56
1-bit register : 55
32-bit register :1
# Counters :1
4-bit up counter :1
ECE, S.K.T.R.M.C.E
- 114 -
# Multipliers :3
Design Statistics
# IOs : 35
Cell Usage :
# BELS : 917
# GND :1
# LUT1 :4
# LUT2 : 42
# LUT2_D : 14
# LUT2_L : 89
# LUT3 :4
# LUT4 : 51
# LUT4_L : 91
# MULT_AND : 128
# MUXCY : 242
# MUXF5 :3
# VCC :1
# XORCY : 247
# FlipFlops/Latches : 80
# FDC :2
# FDCPE :4
# FDE :5
# FDRE : 34
# FDSE :3
# LD : 32
# Clock Buffers :1
# BUFGP :1
# IO Buffers : 34
# IBUF : 18
# OBUF : 16
========================================================
Clock Information:
-----------------------------------+------------------------+-------+
Clock Signal | Clock buffer(FF name) | Load |
-----------------------------------+------------------------+-------+
ECE, S.K.T.R.M.C.E
- 115 -
x4_wr:Q | NONE | 16 |
x4_rd:Q | NONE | 16 |
clk | BUFGP | 48 |
-----------------------------------+------------------------+-------+
Timing Summary:
---------------
Speed Grade: -6
Minimum period: 25.627ns (Maximum Frequency: 39.021MHz)
Minimum input arrival time before clock: 3.412ns
Maximum output required time after clock: 6.994ns
Maximum combinational path delay: No path found
Timing Detail:
All values displayed in nanoseconds (ns)
-------------------------------------------------------------------------
Timing constraint: Default OFFSET IN BEFORE for Clock 'clk'
Source: en
Destination: x4_c1
Destination Clock: clk rising
Data Path: en to x4_c1

Gate Net
---------------------------------------- ------------
IBUF:I->O 9 0.768 1.908 en_IBUF (en_IBUF)
FDE:CE 0.736 x4_c1
----------------------------------------
(44.1% logic, 55.9% route)
-------------------------------------------------------------------------
Timing constraint: Default OFFSET OUT AFTER for Clock 'x4_wr:Q'
Source: x5_dout_0
Destination: message_0
Source Clock: x4_wr:Q falling
Data Path: x5_dout_0 to message_0

Gate Net
ECE, S.K.T.R.M.C.E
- 116 -

---------------------------------------- ------------
LD:G->Q 1 1.171 1.035 x5_dout_0 (x5_dout_0)
OBUF:I->O 4.787 message_0_OBUF (message_0)
----------------------------------------
(85.2% logic, 14.8% route)
========================================================
CPU : 11.45 / 11.53 s | Elapsed : 12.00 / 12.00 s
ECE, S.K.T.R.M.C.E
- 117 -
Fig. 6.1: LOGICAL ROUTING OF ENCRYPTION SYSTEM
The above diagram shows the implementation of encxryption system

on to the targeted FPGA (xcv300-fg456-6) created on FPGA editor tool.
ECE, S.K.T.R.M.C.E
- 118 -
Fig. 6.2 : LOGICAL PLACEMENT OF ENCRYPTION SYSTEM (BEL)
The above figure shows the enlarged BEL taken from the
implemented design as shown in above targeting (xcv300-fg456-6) FPGA
Editor tool.
ECE, S.K.T.R.M.C.E
- 119 -
Fig.6.3: FLOOR PLANNING FOR ENCRYPTION SYSTEM
The above figure shows the floor plan implementation of the

implemented encryption design developed on FPGA floor planner tool.
ECE, S.K.T.R.M.C.E
- 120 -
Fig. 6.4: ENCRYPTION SYSTEM PACKAGE PIN VIEW
The above figure shows the chip view implementation of the

implemented encryption design developed on FPGA floor planner.
ECE, S.K.T.R.M.C.E
- 121 -
Fig. 6.5: LOGICAL ROUTING FOR DECRYPTION SYSTEM
The above figure shows the enlarged BEL taken from the implemented design
as shown in above targeting (xcv300-fg456-6) FPGA Editor tool.
ECE, S.K.T.R.M.C.E
- 122 -
Fig. 6.6 LOGICAL PLACEMENT OF DECRYPTION SYSTEM (BEL)
The above figure shows the enlarged BEL taken from the
implemented decryption design as shown in above targeting (xcv300-fg456-6
) FPGA Editor tool.
ECE, S.K.T.R.M.C.E
- 123 -
Fig 6.7: FLOOR PLANNING FOR DECRYPTION SYSTEM
The above figure shows the floor plan implementation of the

implemented decryption design developed on FPGA floor planner tool
ECE, S.K.T.R.M.C.E
- 124 -
Fig 6.8: PIN PACKAGE VIEW OF DECRYPTION SYSTEM
The above figure shows the chip view implementation of the implemented
decryption design developed on FPGA floor planner.
ECE, S.K.T.R.M.C.E
- 125 -
CHAPTER 7
CONCLUSION
The design “VHDL Implementation of Network Security using RSA

Algorithm” is a project that finds lot of applications in the field of data
security.
The development and design of VHDL source code for various
modules associated with this project are completed. These modules have been
simulated for logical verifications and the results are found to be satisfactory.
These logically verified VHDL codes are further synthesized using
Xilinx ISA 4.2 version to convert simulated code into netlist.
Over all the complete design is verified for its functionality and found
to be satisfactory.
ECE, S.K.T.R.M.C.E

Final RSA Documentation

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Final RSA Documentation

Diunggah oleh

Hak Cipta:

Format Tersedia

-1-

VHDL Implementation of RSA

Data security is an important aspect of data on computer

• To prevent eavesdropping to get access of data.

Cryptography, defined as "the science and study of secret writing"

Cryptographic systems are characterised along three independent dimensions:

1) The type of operations used for transforming plaintext to ciphertext: All

3) The way in which the plaintext is processed: A block cipher processes

Encryption is the transformation of data into a form that is impossible

Information hidden from anyone for whom it is not intended, even

Decryption is the reverse of encryption; it is the transformation of

Encryption and Decryption generally requires the use of some

While modern cryptography is growing increasingly diverse,

1.2 IMPORTANCE OF CRYPTOGRAPHY

Cryptography allows people to carry over the confidence found in the

1.3 CRYPTOGRAPHY APPLICATIONS

Cryptography is extremely useful; there is a multitude of applications,

In general, the less complex the application, the more quickly it

Secure communication is the most straight forward use of

• Identification and Authentication:

Identification and authentication are two widely used

Every automatic teller machine (ATM) card is associated with a

Authentication is similar to identification, in that both allow an

Key recovery is a technology that allows a key to reveal under

Secondly, if a law enforcement agency wishers to eavesdrop on a

Cryptography is not confined to the world of computers.

1.4 KEY BASED CRYTOGRAPHY

Currently, most cryptography used in practice is key based, that is a

The most important automated tool for network and communications

Fig. 2.1: MODEL FOR NETWORK SECURITY

There are two forms of encryption in common use.

2.1 CONVENTIONAL / SYMMETRIC ENCRYTION

Symmetric encryption also referred to as conventional encryption or

TRUSTED THIRD PARTY

SECRET KEY SECRET KEY

--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. DES)

Fig. 2.2: MODEL OF SYMMETRIC ENCRYPTION SCHEME

There are two requirements for secure use of conventional encryption:

There are two general approaches to attacking an encryption scheme:

We first consider cryptanalysis and then discuss brute-force attacks.

Table 2.1 Types of Attacks on Encrypted Messages

Cipher text only • Encryption algorithm

together with its corresponding decrypted

The above table summarizes the various types of cryptanalytic

2.3 PUBLIC-KEY/ ASYMMETRIC ENCRYPTION

communications security. A related cryptographic area is that of cryptographic

Public-key cryptography provides a radical departure from all that has

2.3.1 PRINCIPLES OF PUBLIC-KEY CRYPTOSYSTEMS

A brief description of both the problems is given below:

In order to solve the key management problem, Whitfield Diffie

2.3.2 PUBLIC KEY CRYPTOSYSTEM

Asymmetric cipher model

PUBLIC KEY PRIVATE KEY

--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. RSA)

Fig. 2.3: MODEL OF PUBLIC –KEY ENCRYPTION SCHEME

There is some source A that produces a message in plaintext,

Fig. 2.4: ENCRYPTION USING PUBLIC KEY CRYPTOGRAPHY

--- ENCRPYPTION/ DECRYPTION ALGORITHM( e.g. RSA)

 In this case, A prepares a message to B and encrypts it using A’s private

Fig. 2.5 AUTHENTICATION USING PUBLIC KEY CRYPTOGRAPHY

---ENCRYPTION / DECRYPTION ALGORITHM (e.g. RSA)

 Moreover, it is impossible to alter the message without access to A’s private

a = (bc) mod n = (b mod n)(c mod n) mod n