An Efficient Implementation of the Blowfish Encryption Algorithm A thesis submitted to the Graduate School of the University of Cincinnati In partial fulfillment of the requirements For the degree of Master of Science In the Department of Electrical and Computer Engineering Of the College of Engineering and Applied Sciences July 2014 By Ramya Krishna Addluri B.E, Electronics and Communications Engineering, University College of Engineering, Osmania University, India, 2011 Thesis Advisor and Committee Chair: Dr. Carla Purdy ABSTRACT Global networking and mobile computing are prevalent today, with the increase of communication methods such as telephones, computers, internet, broadcasting, etc. Because these transmission channels are open, there is no guarantee to avoid unauthorized access of the information through eavesdropping. Thus, several encryption algorithms have been designed for the security of the information being stored or transmitted. Several applications require such high throughputs for encryption and decryption that they cannot be executed on a regular general purpose microprocessor. FPGAs are a great platform for such implementations. We briefly study several cryptographic algorithms designed to prevent eavesdropping and then focus in detail on the Blowfish encryption algorithm. It is widely used in tools for password management, database security, email encryption etc. The algorithm is implemented in VHDL. It is then deployed onto a Nios II soft core processor on Altera DE1 board. Altera Quartus II is used to synthesize the design. Software based Huffman encoding is used to encode the input to the algorithm to reduce redundancy and to achieve lossless data compression. The results are analyzed. ii iii ACKNOWLEDGEMENT First of all, I would like to thank my advisor, Dr. Carla Purdy for her continued support and guidance throughout my thesis. I would like to thank Dr. George Purdy and Dr. Wen Ben Jone for being a part of my defense committee. Thanks to my family and friends for their support and cooperation. iv TABLE OF CONTENTS 1. INTRODUCTION ........................................................................................................................... 1 1.1 Motivation ............................................................................................................................. 1 1.2 Goals of Thesis ....................................................................................................................... 3 1.3 Thesis Organization ............................................................................................................... 3 2. BACKGROUND ............................................................................................................................. 4 2.1 Need for Cryptography .......................................................................................................... 4 2.2 Types of Cryptographic Algorithms ....................................................................................... 5 3. OUTLINE OF RESEARCH ............................................................................................................. 17 3.1 Blowfish Encryption Algorithm............................................................................................ 17 3.2 HDL Implementation ........................................................................................................... 20 3.3 Huffman Encoding ............................................................................................................... 23 4. RESULTS ..................................................................................................................................... 28 4.1 Implementation and Simulation ......................................................................................... 28 4.2 ANALYSIS ............................................................................................................................. 29 5. CONCLUSIONS AND FUTURE WORK ......................................................................................... 33 5.1 Conclusions .......................................................................................................................... 33 5.2 Future Work ........................................................................................................................ 34 REFERENCES .................................................................................................................................. 35 v APPENDIX ...................................................................................................................................... 39 Tutorial for Simulation in Modelsim and Quartus II ................................................................. 39 vi LIST OF FIGURES Figure 2.1: Types of Cryptography [17] .................................................................................... 5 Figure 2.2: ECB Mode Encryption [22] ...................................................................................... 9 Figure 2.3: ECB Mode Decryption [22] ..................................................................................... 9 Figure 2.4: CBC Mode Encryption [22] .................................................................................... 11 Figure 2.5: CBC Mode Decryption [22] ................................................................................... 11 Figure 2.6: CFB Mode Encryption [22] .................................................................................... 13 Figure 2.7: CFB Mode Decryption [22] .................................................................................... 14 Figure 2.8: OFB Mode Encryption [22] ................................................................................... 16 Figure 2.9: OFB Mode Decryption [22] ................................................................................... 16 Figure 3.1: Blowfish Feistel Structure [25] .............................................................................. 17 Figure 3.2: Blowfish Feistel Function [25] ............................................................................... 18 Figure 3.3: Blowfish Algorithm [28] ........................................................................................ 19 Figure 3.4: Block diagram of Blowfish Implementation ......................................................... 22 Figure 3.5: Initialization of Memory in Form of Arrays........................................................... 23 Figure 3.6: Huffman Encoding Example .................................................................................. 25 Figure 4.1: Simulation Results Using Altera Quartus II ........................................................... 29 Figure 4.2: Logic Circuitry Utilization in EP2C70F896C7 and EP2C20F484C7 (DE1) ............... 30 Figure 4.3: Utilization of Pins in EP2C70F896C7 and EP2C20F484C7 (DE1) ........................... 31 Figure 4.4: 3-DES and Blowfish resource utilization comparison ........................................... 32 Figure A.1: Device Settings in Quartus II ................................................................................. 40 Figure A.2: Unsuccessful Compilation Window ...................................................................... 41 Figure A.3: Successful Compilation Window .......................................................................... 42 vii Figure A.4: Blowfish Encryption .............................................................................................. 43 Figure A.5: Blowfish Decryption ............................................................................................. 44 viii LIST OF TABLES Table 3.1: Symbols and Their Corresponding Codes .............................................................. 25 Table 3.2: American English Alphabet and Corresponding Frequencies [31] ........................ 27 ix 1 INTRODUCTION 1.1 Motivation Encryption allows us to hide information being transmitted or stored. Depending on chosen keys, a given algorithm is used to transform the message from one form into another, i.e., to convert plaintext into ciphertext. Encryption does not prevent interception of itself, but it denies the message content to the interceptor [1]. The ciphertext can be read only if decrypted. Key management is as important as protecting the data. There are several hardware modules to protect the key from unauthorized attacks. Choosing an encryption key is a crucial issue. It in turn depends on how long the information needs to be secure, type of encryption used, how valuable the data is, and several other factors. A 64-bit symmetric key is sufficient for data that needs to be secure for less than several weeks. A 128-bit key is sufficient for data that needs to be secure for years or decades. However, a 160-bit key is required if the data has to be secure for a longer period of time [2]. Hence, encryption algorithms with varying key sizes are a great area to focus on. DES has been the predominant data encryption standard since it was developed by IBM in the 1970’s [3]. It was designed for efficient hardware implementation. Several alternative block cipher designs have been proposed due to its relatively slow operation in software. On January 2, 1997, NIST (National Institute of Standards and Technology) had announced that they wanted to choose a successor to DES [4]. Advanced Encryption Standard (AES), then under the name Rijndael was selected as the replacement [5]. It came