ram.ppt
TRANSCRIPT
FPGA Implementation of Diffie-Hellman Key Exchange Algorithm for Zero Knowledge Proof
Presented by: V. SeethaRama Rao (12B81D5727)UNDER GUIDENCE OFMr. M. Ashok Sir..(Sr. Asst.Professor)
•AIM of Project
•Attacks
•Network Security block diagram
•D-H key Exchange Algorithm
•ZKP Version1 and Version 2
•Simulation Results
•Applications
•Conclusion
•Future scope
•References
CONTENTS :
Aim of Project:The main aim of project is to design Zero Knowledge Proof protocol
and resists the known attacks.
Network Security is to provide security for the network which is done by Cryptography.
Cryptography means hiding the data.
Security Attack:Any action that compromises the security of information
owned by an organization
Active Attacks: Active attacks involve some modification of the data stream or the creation of a false stream.
• Masquerade• Replay• Modification of message• Denial of Service
Passive Attack:
A passive attack on a cryptosystem is one in which the cryptanalyst cannot interact with any of the parties involved, attempting to break the system solely based upon observed data i.e. the cipher text.
• Release of message contents• Traffic analysis
Security Services:
• Confidentiality• Integrity• Authentication• Nonrepudiation• Access Control• Availability
Model for Network Security:
Terminologies present:
Plain Text. Cipher Text. Encryption. Decryption. Symmetric Cryptography (Conventional Encryption). Asymmetric Cryptography (Publickey Encryption). Cryptanalysis (Breaking Code).
Classification of Security Algorithms:Symmetric Ciphers
Same key for Encryption and DecryptionEx: DES, AES…. etc
Asymmetric CiphersDifferent keys for Encryption and Decryption
Ex: RSA, Diffie-Hellman…. etc
Cryptographic data Integrity AlgorithmsEx:MD5, SHA 0,sha 1… etc
Differences between Symmetric and Asymmetric
Parameter Symmetric Asymmetric
Encryption &Decryption
Fast Slow
Key Distribution Difficult Easy
Complexity O(Log N) O (N3)
Security Moderate Highest
Security Services Confidentially Confidentially, integrity, non repudiation
Example AES,DES RSA,DH Algorithm
D-H key Exchange Algorithm:
It has different names such as Diffe-Hellman Protocol or Diffe-Hellman Hand Shake or DH for convenience.
It was invented by White Field Diffie and Martin Hellman in the year 1976.
It is one of the asymmetric (Public Encryption ) algorithm used for exchange of secret key in a number of commercial products.
DH Algorithm:
Steps present in DH Algorithm:1.Let two parties(Alice &Bob) chooses a two numbers p and g where p is a
prime number and g is a primitive root p.2. Alice chooses a random number x such that 0<x<p where ‘x’ is Alice Private
key Calculate R1= gX (mod p).3.Bob chooses a random number y such that 0<y<p where ‘y’ is Bobs Private
key Calculate R2= gY (mod p).
4.Alice sends R1to Bob5.Bob sends R2to Alice6.Alice computes Ka= R2 X (mod p).7.Bob computes Kb= R1Y(mod p). Finally both Alice & Bobs are equal Ka=Kb= gYX (mod p).
Example:1) Alice and Bob agree to use a prime number p = 23 and base g = 5.2) Alice chooses a secret integer x = 6, then sends Bob R1 = gx mod p
R1 = 56 mod 23 R1 = 15,625 mod 23 R1 = 8
3) Bob chooses a secret integer y= 15, then sends Alice R2= gy mod p R2 = 515 mod 23 R2 = 30,517,578,125 mod 23 R2 = 19
4) Alice computes Ka = R1 x mod p R2 = 196 mod 23 R2 = 47,045,881 mod 23 R2 = 2
5) Bob computes Kb = R2 y mod p Kb = 815 mod 23 Kb = 35,184,372,088,832 mod 23 Kb = 2
6) Alice and Bob now share a secret (the number 2) because 6 × 15 is the same as 15 × 6.
Continued….Advantages:DH Algoritham key agrrement not limited to negotiateing a key
shared by only two participants.
Disadvantages: DH Algoritham is susceptible to two types of attacks. 1)Discrete logarithmic attack 2)Man in the middle attack
Man in the middle attack:
Zero Knowledge Proof:
Zero-knowledge proof (ZKP) plays an important role in authentication without revealing secret information
• A zero-knowledge proof is an interactive method for one party to prove to another that a statement is truewithout revealing anything other than the verity of the statement.
The proposed protocol is designed to satisfy the zeroknowledge proof properties and resists the known attacks.
Version 1:
Version 2:
Tools used:Design Entry Verilog HDL
Synthesis Xilinx Synthesis Tool(XST)
Simulation ISE Simulator
Implementation FPGA Editor, Plan Ahead Impact
FPGA board SPARTAN 3E (XC3s 500e fg320)
Simulation Results
Power module Simulation:
Schematic:
RTL Schematic:
Device Utilization Summary:
Binary Division:
Schematic:
Device Utilization Summary:
DH Simulation Results:
Schematic:
Device Utilization Summary:
ZKP Version 1
Simulation Results of Version 1:
Simulation Results of Version 1:
Schematic:
Device utilization summary:
ZKP Version 2
Simulation Results of Version 2:
Simulation Results of Version 2:
RTL Schematic:
Device utilization summary:
Applications:Diffie-Hellman is currently used in many protocols, namely:
• Secure Sockets Layer (SSL)• Transport Layer Security (TLS)• Secure Shell (SSH)• Internet Protocol Security (IPSec)• Public Key Infrastructure (PKI)
FPGA Prototyping:
01110001
Conclusion:
•The proposed ZKP protocol is a deterministic algorithm and it is protected against Discrete logarithm attack and Man-in-the-middle attack.
•The proposed algorithm serves as key exchange algorithm with the addition to authentication services
•The major Security goals are satisfied and give confidence to users to communicate securely.
Future Scope:These techniques not only used for secure data transfer, but
also it can be extended to transfer digital images by encrypting each pixel value
These can be extended to other asymmetric algorithms such as RSA, Elliptic Curve Cryptography, Digital Signature Algorithm etc…
References:
[1] Ibrahem M.K(2012)Modification of Diffie-Hellman key exchange algorithm for Zero Knowledge Proof Published in: future communication Networks (ICFCN)2012 International conference.
[2] Joseph M, (2010), "Feige-Fiat-Shamir ZKP Scheme Revisited", International Journal of Computing and ICT Research, Vol. 4, No. 1, June 2010.
[3] Carts, David A., (2001), "A Review of the Diffie- Hellman Algorithm and its Use in Secure Internet Protocols", SANS Institute, 2001
[4] Stallings, William (2010), "Cryptography and Network Security", Prentice Hall, 5th Ed. 2010
THANK YOU….!!!