DES encryption and decryption algorithm implementation based on FPGA

Subhi R. M. Zeebaree
Duhok Polytechnic University, Technical College of Informatics, Information Technology Department, Iraq

Article Info

Article history:
Received Sep 7, 2019
Revised Nov 8, 2019
Accepted Nov 22, 2019

Keywords:
Cryptography
DES algorithm
FPGAs
VHDL
Block cipher

ABSTRACT

Nowadays there is a lot of importance given to data security on the internet. The DES is one of the most preferred block cipher encryption/decryption procedures used at present. This paper presents a high throughput reconfigurable hardware implementation of DES Encryption algorithm. This achieved by using a new proposed implementation of the DES algorithm using pipelined concept. The implementation of the proposed design is presented by using Spartan-3E (XC3S500E) family FPGAs and is one of the fastest hardware implementations with much greater security. At a clock frequency of 167.448MHz for encryption and 167.870MHz for decryption, it can encrypt or decrypt data blocks at a rate of 10688Mbps.

Copyright © 2020 Institute of Advanced Engineering and Science. All rights reserved.

1. INTRODUCTION

Within the last decade, there has been a vast increment in the accumulation and communication of digital computer data in both the private and public sectors. Much of this information has a significant value, either directly or indirectly, and requires protection. It is common to find data transmissions, which constitute monetary transfers of billions of dollars daily. Sensitive information concerning individuals, organizations, and corporate entities are collected by Federal agencies in accordance with statutory requirements and is processed in computer systems. This information requires some type of protection, and cryptographic protection may be specified by the authority responsible for the data [1]. For efficient computation process, High performance Field Programmable Gate Array (FPGA) devices can be depended which produce capability of implementing parallel computing via constructing parallel Processing Elements (PEs) called virtual processors. Due to that fact that FPGAs perform as special purpose devices, hence, any system implementing any system grounded on FPGAs provides more rapidly and precise results than those provided based on PCs, even when parallel processing techniques depended for PCs [2]. FPGAs are ideal for the implementation of the cryptographic algorithms. They represent the reconfigurable platform that gives time and cost-effective solutions as compared to ASICs that are expensive and require the largest development time [3]. It provides far above the ground performance than software implementations and can be reconfigured on the fly to store the updated encryption or decryption standard [3].

Many previous researchers like FOZIA HANIF [3], J. P. Kaps and C. Paar [4], M. McLoone and McCanny [5], Nazar A. Saqib K. M. A [6], Abd El-Latif, Hamed, Hasaneen [7], Seddik Bri [8], Soufiane Oukili [9], Noor Najeeb [10], they used FPGA to implemented DES encryption/decryption methods using different architectures. Most problems involving complex computations can be solved by implementing them using FPGAs devices characterized by high speed, high performance compared personal computers.

Journal homepage: http://ijeecs.iaescore.com
An FPGA implementation of efficient image encryption algorithm using a chaotic map has been proposed by [11]. The Failed Path Fixes technique proposed by [12] to reduce the timing violation in the FPGA prototyped design. Ooe [13] proposed a system uses an FPGA home hub as its local analytic engine with an IoT platform to store the sensory data. The architecture of the Hybrid Multilayered Perceptron HMLP neural network for implementation on FPGA is proposed by [14]. An automatic car parking system using FPGA based on emergency conditions was proposed by [15] to detect the driver’s condition and perform specific tasks. Several Public Key Cryptography (PKC) algorithms based on the perspective of researchers’ effort invented in the last four decades addressed by [16]. Cryptographic hashing method using for secure and similarity detection in distributed cloud data been explained by [17]. A first quantum alternative of the scheme Key-Policy Attribute Based Encryption proposed by [18], where the information, the encryption/decryption key, and the attributes are made of qutrits. The concept of distributed Searchable Asymmetric Encryption (SAE) introduced by [19], which is useful for security and can enable search operations on encrypted data. Dynamic crypto processor used for selected symmetric key cryptographic ciphers depended by [20], and provided an implementation of 16bit cryptographic processor that performs logical and arithmetic operations, and key expansion operation on FPGA. The quantitative analysis and comparison of some symmetric key cryptographic ciphers (DES, 3DES, AES, Blowfish, RC5, and RC6) provided by [21]. An efficient protocol produced by [22] that assures the confidentiality of the RFID system by encrypting the messages communicated between tags and readers and the freshness of the messages by using pseudorandom number generator.

In this paper, DES encryption/decryption algorithms were implemented using FPGA devices. The use of these devices greatly reduced the time required to encrypt or decrypt secure information. The rest of this paper is organized as follows. Section 2 mentions DES encryption/decryption algorithms. Section 3 explains organization of the proposed system in details. Section 4 illustrates Implementation Results. Section 5 presents the conclusion.

2. RESEARCH METHOD

This section deals with the depended methodology to illustrate the semaphores of the algorithms relate to the proposed system. In addition, the architectures of the proposed system will be explained.

a. Data Encryption Standard (DES)

The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and Technology (NIST), as Federal Information Processing Standard 46 (FIPS PUB 46). For DES, data are encrypted in 64-bit blocks using a 56-bit key. The algorithm transforms 64-bit input in a series of steps into a 64-bit output shown in Figure 1. The same steps, with the same key, are used to reverse the encryption [23].

![Figure 1. Encryption and Decryption with DES [23]](image)

b. DES Encryption

The encryption process is made of two permutations (P-boxes), which I call initial and final permutations, and sixteen Feistel rounds [24, 25]. The overall scheme for DES encryption is illustrated in Figure 2. As with any encryption scheme, there are two inputs to the encryption function: the plaintext to be encrypted and the key. In this case, the plaintext must be 64 bits in length and the key is 56 bits in length [23].
c. DES Decryption

As with any Feistel cipher, decryption uses the same algorithm as encryption, except that the application of the subkeys is reversed [23].

---

d. Organization of the Proposed Systems

DES encryption and decryption algorithm used as a case study to carry out the code-encrypt/decrypt process using FPGA devices. The goal of using these devices is to greatly reduce the time required to break the code of the above algorithm.

e. Encryption Algorithm Architecture

DES encryption algorithm was built within the FPGA device to encrypt any given plain text. The system consists of one FPGA with one encryption algorithm designed as pipeline fashioned consists of sixteen stages, the first stage was used to generate C0, D0 TO C16, D16 and L0, R0.

The maximum frequency can be achieved is (167.44MHz). It means that the maximum time required to encrypt any given plain text using this algorithm is (1/167.44MHz= 5.972 nanosecond).

a) Related diagrams forr encryption algorithm

The encryption algorithm block diagram Shown in Figure 4 and the simulation process of encryption algorithm is shown in Figure 5. The timing summery in synthesis report which the maximum frequency shown in Figure 6. Table 1 illustrates the resources for the required design.

Figure 4. Encryption Algorithm Block Diagram

A: Encryption process at clock 0H

B: Encryption process at clock 11H

C: Encryption process at clock 19H

Figure 5. Simulation Process for Encryption Algorithm
**Clk:** The clk signal is fed into all 16 stages and plaintext queue and ciphertext queue. It is used to synchronize the events of the system and has a frequency of about (167.44 MHz).

**Plain (63 downto 0):** These Data lines are fed into the system represented by 64-Bit and are represented by the plaintext encrypted unknown key. The Plain text is saved into 2D array of signals (8 blocksx56 bits) (vectors: (0 to 7) (55 downto 0)).

**Cipher (63 downto 0):** These are 64-Bit lines is output from last stage (stage 17).

**Clk_no (7 downto 0):** It is a signal used to display the block number in the simulation process.

**key_s (63 downto 0):** Through these lines, the key was entered to the system to encrypt plaintext.

When the system was tested the plaintext was 8 blocks, So it needs 17 clock cycles (11H in Hexa) to encrypt the first plaintext and obtain the first ciphertext block, and the second plaintext will be encrypted after clock 18, and the first will be repeated after (17+8) 25 (19H in Hexa) clocks.

![Timing Summary](image)

**Figure 6. Timing Summary for Encryption Algorithm**

<table>
<thead>
<tr>
<th>Logic Utilization</th>
<th>Used</th>
<th>Available</th>
<th>Utilization</th>
</tr>
</thead>
<tbody>
<tr>
<td>Number of Slices</td>
<td>2143</td>
<td>14752</td>
<td>14%</td>
</tr>
<tr>
<td>Number of Slice Flip Flop</td>
<td>1160</td>
<td>29504</td>
<td>3%</td>
</tr>
<tr>
<td>Number of 4 input LUTs</td>
<td>3967</td>
<td>29504</td>
<td>13%</td>
</tr>
<tr>
<td>Number of bonded IOBs</td>
<td>193</td>
<td>250</td>
<td>77%</td>
</tr>
<tr>
<td>Number of GCLKs</td>
<td>1</td>
<td>24</td>
<td>4%</td>
</tr>
</tbody>
</table>

**f. Decryption Algorithm Architecture**

The designing of the DES Decryption algorithm was built within the FPGA device to decrypt any given cipher text. The system consists of one FPGA with one decryption algorithm designed as pipeline fashioned consists of sixteen stages; first stage was used to generate C16, D16 TO C0, D0 and L16, R16. This system uses the same algorithm as encryption, except that the application of the subkeys is reversed.

The maximum frequency can be achieved is (167.870MHz), It means that the maximum time required to encrypt any given plain text using this algorithm is (1/167.870MHz = 5.956 nanosecond).

**a) Related diagrams for Decryption algorithm**

The decryption algorithm block diagram Shown in Figure 7 and the simulation process of encryption algorithm is shown in Figure 8 and the timing summery in synthesis report which the maximum frequency shown in Figure 9, Table 2. illustrates the resources for the required design.

![Decryption Algorithm Block Diagram](image)

**Clk:** The clk signal is fed into all 16 stages and plaintext queue and ciphertext queue. It is used to synchronize the events of the system and has a frequency of about (167.870MHz).

**Cipher (63 downto 0):** These Data lines are fed into the system represented by 64-Bit and are represented by the ciphertext decrypted by unknown key. The Plain text is saved into 2D array of signals (8 blocksx56 bits) (vectors: (0 to 7) (55 downto 0)).
**DES encryption and decryption algorithm implementation based on FPGA**

(Subhi R. M. Zeebaree)

Plain (63 downto 0): These are 64-Bit lines is output from last stage (stage 17).

Clk_no (7 downto 0): It is a signal used to display the block number in the simulation process.

Key_s (63 downto 0): Through these lines, the key was entered to the system to encrypt plaintext or to decrypt the ciphertext.

A: Decryption Process at Clock 0H

B: Decryption Process at Clock 11H

C: Decryption Process at Clock 19H

Figure 8. Simulation Process for Decryption Algorithm

Figure 9. Timing Summary for Decryption Algorithm

Table 2. Fpga Device Utilization Decryption Algorithm

<table>
<thead>
<tr>
<th>Logic Utilization</th>
<th>Used</th>
<th>Available</th>
<th>Utilization</th>
</tr>
</thead>
<tbody>
<tr>
<td>Number of Slices</td>
<td>2172</td>
<td>14752</td>
<td>14%</td>
</tr>
<tr>
<td>Number of Slice Flip Flop</td>
<td>1168</td>
<td>29504</td>
<td>3%</td>
</tr>
<tr>
<td>Number of 4 input LUTs</td>
<td>4036</td>
<td>29504</td>
<td>13%</td>
</tr>
<tr>
<td>Number of bonded IOBs</td>
<td>193</td>
<td>250</td>
<td>77%</td>
</tr>
<tr>
<td>Number of GCLKs</td>
<td>1</td>
<td>24</td>
<td>4%</td>
</tr>
</tbody>
</table>

3. **RESULTS AND ANALYSIS**

Xilinx System Generator implements the High-Level Language design of DES Encryption and Decryption Algorithm. The design is simulated over System Generator, Xilinx ISE 10.1 and has been implemented over XC3S500E Spartan-3E FPGA.
In this paper, an efficient FPGA implementation of the DES encryption/decryption algorithms based on pipelining concept is presented. The goal of using this concept is to achieve highest possible throughput. The 16-stage pipelining design. At a clock frequency of 167.448 MHz for encryption and 167.870 MHz for decryption, the 16 pipelining design can encrypt/decrypt data block at a rate of 10688 Mbps. The proposed implementation has been compared with other recent hardware implementations. The comparison has indicated that highest throughput can be achieved by the proposed FPGA implementation. Finally, designing any system by the use of the (FPGA) devices affects the allowed frequencies. If a higher frequency is chosen than that which is permitted by the (Synthesizer), it will cause a system failure and raise the FPGA device temperature and make it out of the service. So, the system designer must choose the frequency which will be used as a clock generator of a frequency slightly less than that allowed by the (Synthesizer). In the future, it can be breaking other breakable encryption algorithms that more complex than the system designed for more benefits.

ACKNOWLEDGEMENTS

Full thanks expressed to Duhok Polytechnic University (DPU). Great thanks to Dr. Riyadh Zaghlol, Dr. Amira Bibo, and Diyar Qader Zeebaree.

REFERENCES


BIOGRAPHIES OF AUTHOR

Dr. Subhi Rafeeq Mohammed Zeebaree is an Assistant Professor in Computer Engineering. He is the Director of Culture and Student Activities Center at Duhok Polytechnic University (DPU). He got his BSc, MSc and PhD Degrees from University of Technology-Baghdad-Iraq at 1990, 1995 and 2006 respectively. He is an Assistant Professor since 2012. He started teaching and supervising post-graduate courses and students (PhD and MSc) since 2007 and until now. Twenty-five of his PhD and MSc students completed their studying and got their degrees. Now there are number of PhD and MSc students under his supervising inside and outside of Iraq. He has joint PhD supervisions with UTM (Malaysia), Firat University (Turkey), and EMU (Cyprus). He was the Chairman of Scientific and Research Advices Committee of DPU for five years. He is a member of IEEE Iraq-section. He was the chair of two international conference sponsored by IEEE institution (ICOASE2018 and ICOASE2019). His Official Email: subhi.rafeeq@dpu.edu.krd.

DES encryption and decryption algorithm implementation based on FPGA (Subhi R. M. Zeebaree)