Important: Use custom search function to get better results from our thousands of pages

Use " " for compulsory search eg:"electronics seminar" , use -" " for filter something eg: "electronics seminar" -"/tag/" (used for exclude results from tag pages)

Tags: Palladium, Cryptography, Download, Seminar, Report, Palladium Cryptography, palladium cryptography ppt, palladium cryptography pdf, cryptography and network security, cryptography algorithms, cryptography application block, cryptography and math, cryptography articles, cryptography and matrices, cryptography as a career, cryptography api, cryptography examples, cryptography engineering, cryptography engineering pdf, cryptography export restrictions, cryptography education, cryptography engineering torrent, cryptography entropy, cryptography encryption,
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Palladium Cryptography (Download Seminar Report)
Post: #1

As we tend towards a more and more computer centric world, the concept of data security has attained a paramount importance. Though present day security systems offer a good level of protection, they are incapable of providing a trust worthy environment and are vulnerable to unexpected attacks. Palladium is a content protection concept that has spawned from the belief that the pc, as it currently stands, is not architecturally equipped to protect a user forms the pitfalls and challenges that an all-pervasive network such as the Internet poses.

As a drastic change in pc hardware is not feasible largely due to economic reasons, palladium hopes to introduce a minimal change in this front. A paradigm shift is awaited in this scenario with the advent of usage of palladium, thus making content protection a shared concern of both software and hardware. In the course of this paper the revolutionary aspects of palladium are discussed in detail.

A case study to restructure the present data security system of JNTU examination system using palladium is put forward.
Post: #2
how to get full report of this technology..?
Post: #3
am here going to post Palladium Cryptography seminar report...please read and download the attachment

.docx  Palladium Cryptography.docx (Size: 204.16 KB / Downloads: 506)
Palladium Cryptography


As we tend towards a more and more computer centric world, the concept of data security has attained a paramount importance. Though present day security systems offer a good level of protection, they are incapable of providing a "trust worthy" environment and are vulnerable to unexpected attacks. Palladium is a content protection concept that has spawned from the belief that the pc, as it currently stands, is not architecturally equipped to protect a user forms the pitfalls and challenges that an all-pervasive network such as the Internet poses.
As a drastic change in pc hardware is not feasible largely due to economic reasons, palladium hopes to introduce a minimal change in this front. A paradigm shift is awaited in this scenario with the advent of usage of palladium, thus making content protection a shared concern of both software and hardware. In the course of this paper the revolutionary aspects of palladium are discussed in detail.
A case study to restructure the present data security system of JNTU examination system using palladium is put forward.


Need for security:
Many organizations posses valuable information they guard closely. As more of this information is stored in computers the need of data security becomes increasingly important. Protecting this information against unauthorized usage is therefore a major concern for both operating systems and users alike.

Threats of data:

From a security perspective computer systems have 3 general goals with corresponding threats to them as listed below:
The first one data confidentiality is concerned with secret data remaining secret. More specifically if the owner of some data has decided that the data should be available
only to certain people and no others, then the system should guarantee that release of data to unauthorized people does not occur. Another aspect of this is individual privacy.
The second goal, data integrity, means that unauthorized users should not be able to modify any data without the owner's permission. Data modification in this context includes not only changing the data, but also removing data and adding false data as well. Thus it is very important that a system should guarantee that data deposited in it remains unchanged until the owner decides to do so.
The third goal, system availability, means that nobody can disturb the system to make unstable. It must be able to ensure that authorized persons have access to the data and do not suffer form denial of service. The most classical example of a threat it this is excessive 'PING'ing of a web site, in order to slow it down.
Types of data threats: Intruders:
In security literature people who are nosing around places where they have no business being are called intruders or sometimes adversaries. Intruders can be broadly divided as passive and active. Passive intruders just want to read the files they are not authorized to. Active intruders are more malicious and intend to make unauthorized changes to data. Some of the common activities indulged by intruders are:
¦ Casual Prying: non-technical users who wish to read other people's e-mail and private files mostly do this.
¦ Snooping: This term refers to the breaking of the security of a shared computer system or a server. Snooping is generally done as a challenge and is not aimed at stealing or tampering of confidential data.
¦ Commercial Espionage: This refers to the determined attempts to make money using secret data. For example an employee in an organization can secure sensitive data and sell it away to rival companies for monetary gains.
It is very important that potential intruders (and their corresponding activities) are taken into consideration before devising a security system. This is essential as the level of threat and intended damage differ from one to another. Virus:
Basically a virus is a piece of code that replicates itself and usually does some damage. In a sense the writer of a virus is also an intruder, often with high technical skills. In the same breath it must be said that a virus need not always be intentional and can simply be a code with disastrous run time errors. The difference between a conventional intruder and a virus is that the former refers to person who is personally trying to break into a system to cause damage whereas the latter is a program written by such a person and then released into the world hoping it causes damage.
The most common types of viruses are: executable program viruses, memory resident viruses, boot sector viruses, device driver viruses, macro viruses, source code viruses, Trojan horses etc.


Cryptography: Cryptography is the method in which a message or file, called plain text, is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plane text. This is done commonly in four ways:
Secret key cryptography, public key cryptography, one way function cryptography and digital signatures. Unless the encryption technique used is very complex it is possible, with some effort, for crackers to decrypt files.
User authentication: It is a method employed by the operating system or a program of a computer to determine the identity of a user. Types of user authentication are:
Authentication using passwords, authentication using physical objects (like smart cards, ATM cards etc.), authentication using biometrics (like Finger prints, retinal pattern scan, signature analysis, voice recognition etc.). Inherent problems of user authentication are password cracking, duplication of physical objects and simulation of biometrics by artificial objects.
Anti-virus software: an anti virus software scans every executable file on a computer's disk looking for viruses known in its database. It then repairs, quarantines or deletes an infected files. However a clever virus can infect the anti-virus software itself. Some of the popular anti-virus soft wares are Norton, PCcillin, MCcafee etc.
Firewalls: it is a method of preventing unauthorized access to a computer system often found in network computes. A firewall is designed to provide normal service to authorized users while at the same time preventing unauthorized users from gaining access to the system. In reality they add a level of inconvenience to legal users and their ability to control illegal access may be questionable.

Palladium-"a revolutionary breakthrough in data security"

Palladium is the code name for a revolutionary set of "features" for the "windows" operating system. The code name of this initiative -"palladium", is a moniker drawn from the Greek mythological goddess of wisdom and protector of civilized life.
Till date most forms of data security have been software oriented with little or no hardware involvement. Palladium can be touted as the first technology to develop software-hardware synchronization for better data security. Hardware changes incorporated by palladium are reflected in the key components of the CPU, a motherboard chip (cryptographic co-processor), input and output components such as the graphics processor etc.
When combined with a new breed of hardware and applications, these "features" will give individuals and groups of user's greater data security, personal privacy, and system integrity. In addition, palladium will offer enterprise consumers significant new benefits for network security and content protection.
Core principles of the palladium initiative:
> Palladium is not a separate operating system. It is based in architectural enhancements to the windows kernel and to computer hardware, including the CPU, peripherals and chipsets, to create a new trusted execution subsystem (see figure 1).
> Palladium will not eliminate any features of windows that users have come to rely on; everything that runs today will continue to run with palladium.
> It is important to note that while today's applications and devices will continue to work in "palladium", they will gain little to no benefit from "palladium" environment or new applications must be written.
> In addition, palladium does not change what can be programmed or run on the computing platform. Palladium will operate with any program the user specifies while maintaining security.


Palladium comprises two key components: hardware and software. Hardware components
Engineered for ensuring the protected execution of applications and processes, the protected operating environment provides the following basic mechanisms:
Trusted space (or curtained memory): This is an execution space is protected form external software attacks such as a virus. Trusted space is set up and maintained by the nexus and has access to various services provided by palladium, such as sealed storage. In other words it is protected R.A.M.
Sealed storage: Sealed storage is an authenticated mechanism that allows a program to store secrets that cannot be retrieved by non-trusted programs such as a virus or Trojan horse. Information in sealed storage can't be read by other non-trusted programs (sealed storage cannot be read by unauthorized secure programs, for that matter, and cannot be read even if another operating system is booted or the disk is carried to another machine.) these stored secrets can be tied to the machine, the nexus or the application. Palladium will also provide mechanisms for the safe and controlled backup and migration of secrets to other machines. In other words it is a secured and encrypted part of the hard disk.
Secure input and output: A secure path from the keyboard and mouse to palladium applications and a secure path from palladium applications to the screen ensure input-output security.
Attestation: Attestation is a mechanism that allows the user to reveal selected characteristics of the operating environment to external requestors. In reality it takes the form of an encryption co-processor. It is entrusted with the job of encryption and decryption of data "to and from" the "sealed storage".
These basic mechanisms provide a platform for building distributed trusted software.

Software components.

The following are the software components of palladium:
Nexus (a technology formerly referred to as the " trusted operating root (TOR)"): This component manages trust functionality for palladium user-mode processes (agents). The nexus executes in kernel mode in the trusted space. It provides basic services to trusted agents, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of requests of requests and the sealing and unsealing of secrets.
Trusted agents: A trusted agent is a program, a part of a program, or a service that runs in user mode in the trusted space. A trusted agent calls the nexus for security-related services and critical general services such as memory management. A trusted agent is able to store secrets using sealed storage and authenticates itself using the attestation services of the nexus. One of the main principles of trusted agents is that they can be trusted or not trusted by multiple entities, such as the user, an IT department, a merchant or a vendor. Each trusted agent or entity controls its own sphere of trust and they need not trust or rely on each other.
Together, the nexus and trusted agents provide the following features:
> Trusted data storage, encryption services for applications to ensure data integrity and protection.
^ Authenticated boot, facilities to enable hardware and software to authenticate


Palladium is a new hardware and software architecture. This architecture will include a new security computing chip and design changes to a computer's central processing unit (CPU), chipsets, and peripheral devices, such as keyboards and printers. It also will enable applications and components of these applications to run in a protected memory space that is highly resistant to tempering and interference.
The pc-specific secret coding within palladium makes stolen files useless on other machines as they are physically and cryptographically locked within the hardware of the machine. This means software attacks can't expose these secrets. Even if a sophisticated hardware attack were to get at them, these core system secrets would only be applicable to the data within a single computer and could not be used on other computes.


Palladium prevents identity theft and unauthorized access to personal data on the user's device while on the internet and on other networks. Transactions and processes are verifiable and reliable through the attestable hardware and software architecture and they cannot be imitated.
With palladium, a system's secrets are locked in the computer and are only revealed on terms that the user has specified. In addition, the trusted user interface prevents snooping and impersonation. The user controls what is revealed and can separate categories of data on a single computer into distinct realms. Like a set of vaults, realms provide the assurance of separability. With distinct identifiers, policies and categories of data for each, realms allow a user to have a locked-down work environment and fully open surfing environment at the same time, on the same computer.
Finally, the " palladium" architecture will enable a new class of identity service providers that can potentially offer users choices for how their identities are represented in online transactions. These service providers can also ensure that the user is in control of policies for how personal information is revealed to others. In addition, palladium will allow users to employ identity service providers of their own choice.
From the perspective of privacy ( and anti-virus protection), one of the key benefits of palladium is the ability for users to effectibely delegate certification of code. Anyone can certify 'palladium" hardware or software, and it is expected that many companies and organizations will offer this service. Allowing multiple parties to independently evaluate and certify " palladium" capable systems means that users will be able to obtain verification of the system's operation from organizations that they trust. In addition, this will form the basis for a strong business incentive to preserve and enhance privacy and security. Moreover, palladium allows any number of trusted internal or external entities to interact with a trusted component or trusted platform.


Though palladium can provide a higher degree of much needed data security it is not without its share of problems like:
1. Software and applications have to be rewritten to synchronize with palladium or new applications must be written.
2. Changes are to be made to the existing computer hardware to support palladium.
3. It would be a long time before this technology became commonplace.


Existing system: In order to eliminate the leakage of question papers, the Jawaharlal Nehru technological university (J.N.T.U), Hyderabad, has recently decided to implement the system of electronic distribution of examination papers (EDEP) - a new method of conduct of examinations.
In this system 4 sets of question papers are generated and encrypted into a " college-
specific" C.D.
=> The encrypted CD is supplied to the examination centers about 3 days in advance. => The question papers in encrypted form are also made available on the JNTU examination website.
= Password to read the CDs is supplied one hour before the commencement of examination to the principal/chief superintendent through internet, cell phone, telephone or Fax.
= The principal soon after receipt of password decrypts the original question papers of that day using the software supplied by JNTU examination branch. The EDEP employs the method of public key cryptography. Though this system is largely stable and secure it has certain loopholes like:
1. As the encrypted question papers are also available on the Internet there is every chance of crackers downloading and trying to decrypt them.
2. This method of 4 sets of question papers has been resented by the student and teacher community alike.
3. There is every chance of failure or miss-match of the college specific C.D., due to the large number of affiliate colleges (as is been observed in some cases).
4. Also, in one case, a previous examination C.D. was mistakenly decrypted, and the question papers thus printed, distributed initially at an examination center.

Palladium-as a solution (as shown in the figure 2):

Palladium is based on the concept of trusted space. A closed sphere of trust binds data or a service, to both a set of users and to a set of acceptable applications. Due to this an unauthorized user cannot access the data or software which is based on a server.
In the revised system the encrypted question papers are put up on the J.N.T.U's palladium based server and all the affiliate colleges use college-specific palladium computers. It works as follows:
¢ A third party trusted agent (government or private programmed) is employed who is responsible for granting of access to JNTU examination server. It processes the requests and forwards only those certified by the "nexus" of the JNTU's palladium based server.
¢ If an unauthorized system (without palladium) forwards a request it is immediately rejected by the server's trusted agent. Even if an unauthorized palladium PC tries to access the server its request is rejected.
¢ The PC-specific secret coding within palladium makes stolen files useless on other machines as they are physically and cryptographically locked within the hardware of the server or trusted computer.
¢ During examinations the palladium computer of the college issues a request to the common trusted agent (of JNTU and college) via internet. This request is granted and each-particular question paper pertaining to that day is accessed by the college.


> As the process of question paper down load is highly secure, the chances of leakage are literally nil.
> Since this method is highly trustworthy a single set question paper system can be employed.
> An advanced system of Internet communication can be adopted for a broader reach, thus eliminating the role of C.D.
> Since the download of question papers is "request-specific and time bound" there can not be a case of question paper mis-match.


Today, it managers face tremendous challenges due to the inherent openness of end-user machines, and millions of people simply avoid some online transactions out of fear. However, with the usage of "palladium" systems, trustworthy, secure interactions will become possible. This technology will provide tougher security defenses and more abundant privacy benefits than ever before. With palladium, users will have unparalleled power over system integrity, personal privacy and data security.
Thus it wouldn't be exaggeration to say that palladium is all to secure the computing world in ways unimaginable.


== Modern Operating Systems by Andrew. S. Tanenbaum.
=> Digit magazine.
= Microsoft Press Pass.
== J.N.T.U website.
Post: #4
hey, can any1 please send me d ppt f palladium cryptography..i need it real quick..pls help me out n if possible,mail t 2 sandheeramathew[at]
Post: #5

.pdf  final.doc.pdf (Size: 400.63 KB / Downloads: 346)
Cryptography is an algorithmic process of converting a plain text message to a cipher text message based on an algorithm that both the sender and receiver know, so that the cipher text message can be returned to its original, plain text form. In its cipher form, a message cannot be read by anyone other than the intended receiver. The act of converting a plain text message to its cipher text is called enciphering. Reversing that act is deciphering. Enciphering and deciphering are more commonly referred to as encryption and decryption, respectively. Cryptography concerns itself with four objectives:
1) Confidentiality (the information cannot be understood by anyone for whom
it was unintended)
2) Integrity (the information cannot be altered in storage or transit between
sender and intended receiver without the alteration being detected)
3) Non-repudiation (the creator/sender of the information cannot deny at a
later stage his or her intentions in the creation or transmission of the
4) Authentication (the sender and receiver can confirm each other’s identity
and the origin/destination of the information)
Procedures and protocols that meet some or all of the above criteria are known as crypto systems. There are a number of algorithms for performing encryption and decryption, but comparatively few such algorithms have stood the test of time. The most successful algorithms use a key. A key is simply a parameter to the algorithm that allows the encryption and decryption process to occur. There are many modern key-based cryptographic techniques. These are divided into two classes: symmetric and asymmetric (also called public/private) key cryptography. In symmetric Key cryptography, the same key is used for both encryption and decryption. In asymmetric key cryptography, one key is used for encryption and another, mathematically related key, is used for decryption.
Cryptographic algorithms are of two types:
1.1.1 Secret key or Symmetric key algorithms
1.1.2 Public key cryptographic algorithms
Symmetric-key systems are simpler and faster, but their main drawback is
that the two parties must somehow exchange the key in a secure way. Publickey
encryption avoids this problem because the public key can be distributed
in a non-secure way, and the private key is never transmitted.
Symmetric-key cryptography is sometimes called secret-Key cryptography.
The most popular symmetric-key system is the Data Encryption Standard
The study and application of asymmetric encryption systems Classical symmetric cryptographic algorithms provide a secure communication channel to each pair of users. In order to establish such a channel, the symmetric key algorithms employ a classical encryption scheme in which both the algorithm depend on the same secret key k. This key is used for both encryption and decryption. After establishing a secure communication channel, the secrecy of a message can be guaranteed. Symmetric cryptography also includes methods to detect modification s of messages and methods to verify the origin of a message. Thus, confidentiality and integrity can be accomplished using secret key techniques. In secret key algorithms we have D (k, E (k, m)) = m for each plain text m. There are many algorithms in this process .The famous ones among them are DES, IDEA etc. An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. Contrast this with public-key cryptology, which utilizes two keys - a public key to encrypt messages and a private key to decrypt them. Which use one key for encryption and another for decryption. A corresponding pair of such keys constitutes a key pair. Also called asymmetric cryptography. It is a coding system in which encryption and decryption are done with public and private keys, allowing users who don’t know each other to send secure or verifiable messages. Suppose Fred wants to send a message. He would encrypt it with his private key, which no one else knows; then, the recipient would decrypt it using Fred’s publicly available key, thus verifying that the message came from Fred. Alternately, suppose Fred wants to receive an encrypted message. The sender would encrypt the message with Fred’s public key, and only Fred would be able to decrypt it, using his private key. This method, also known as dual-key cryptography contrasts with the older secret-key or symmetric cryptography, in which the sender and recipient must agree on and use the same private key for encryption and decryption. Type of cryptography in which the encryption process is publicly available and unprotected, but in which a part of the decryption key is protected so that only a party with knowledge of both parts of the decryption process can decrypt the cipher text. In public key cryptography, keys are created in matched pairs. Encrypt with one half of a pair and only the matching other half can decrypt it. This contrasts with symmetric or secret key cryptography in which a single key known to both parties is used for both encryption and decryption. One half of each pair, called the public key, is made public. The other half, called the private key, is kept secret. Messages can then be sent by anyone who knows the public key to the holder of the private key. Encrypt with the public key and you know only someone with the matching private key can decrypt. Public key techniques can be used to create digital signatures and to deal with key management issues, perhaps the hardest part of effective deployment of symmetric ciphers. The resulting hybrid cryptosystems use public key methods to manage keys for symmetric ciphers. Many organizations are currently creating PKCs, public key infrastructures to make these benefits widely available.
Post: #6
Testability is a major issue, particularly for secure chips. Design-for-Testability techniques based on scan chains proved to be a highway for potential attacks. BIST approaches appear as good alternatives since they do not rely on visible scan chains. In this paper we propose a generic BIST solution for block-cipher devices. Taking advantage of the iterative process involved in such encryption algorithms which results in structural implementation consisting of (quasi) identical round transformations executed by the same piece of hardware, self-test procedures are easily set- up. Compared to classical BIST solutions based on pseudo-random test pattern generation and output responses compactors, its main advantages are a negligible area overhead and a very short test time, while guaranteeing 100% of fault coverage.

1. Introduction

Public, industry, and state agencies rely on cryptography for the protection of information and communications in various domains of application such as pay TV, e-commerce, critical infrastructures, etc. At the core of the device offering cryptographic services is the cryptographic module. Crypto-cores execute cryptographic algorithms for providing services such as privacy, confidentiality, integrity, and authentication. Although cryptography is used to provide security, weaknesses such as weak crypto- algorithms, poor design or physical failure of the hardware platform that implements the crypto- algorithm can render the product insecure and place highly sensitive information at risk. Consequently, appropriate validation and testing of the crypto- algorithm and corresponding crypto-core are essential to provide security assurance. United States National Institute for Standards and Technology (NIST) organized contest for selecting encryption standards. The Data Encryption Standard (DES) [1] was adopted as national standard in 1976, and the Advanced Encryption Standard (AES) [2] has been selected in October 2000. Since the hardware implementation of DES is not expensive, it is still used in many applications in the form of Triple DES for security improvement [3]. Validation of such algorithms for efficient encryption is not discussed here. This paper aims at providing efficient test solution for the physical platform that implements the crypto-algorithm, i.e. the dedicated piece of hardware that executes the encryption. Independently of the intended function, defects created during the manufacturing process of integrated circuit (IC) are unavoidable and some number of ICs is expected to be faulty. Post-manufacturing testing is thus required to guarantee fault free products. It’s all the more important for applications requiring digital security because a faulty chip could fail to protect the secret data. IC testing consists of applying a set of test stimuli to the inputs of the device under test (a crypto core for instance) while analysing the output responses. Circuits that produce the expected responses pass the test and are considered to be fault-free. Due to the extremely large number of possible defect types and defect locations, fault models are used for computational efficiency during fault simulation and test stimuli generation. A combination of different fault models is generally used in the evaluation of testing approaches; among them the stuck-at fault model remains inescapable. Detection of such faults generally requires test- oriented design methodology that aim to facilitate generation of proper test stimuli. Scan design is the most widely used structured Design-for-Testability (DfT) methodology. While it greatly facilitates the test of the IC and minimizes the probability to deliver faulty chips, it compromises the security of the system IEEE/IFIP DSN-2008 2nd Workshop on Dependable and Secure Nanocomputing, June 27, 2008 Page 1/6 ________________________________________
Page 2
since it provides facilities for controlling or observing sensitive data. Scan based attacks have been demonstrated in [4] (DES) and [5] (AES). Countermeasure such as secure scan design methodologies detailed in [5][6][7][8][9] prevent abusive usage of the scan facility but requires extra area and design efforts. Conversely, the Built-In Self-Test (BIST) approach does not require visible scan chains. The test patterns are classically generated on chip by an additional Test Pattern Generator (TPG) and test responses are compacted into a signature before comparison with the pre-computed golden one with the help of a Signature Analyzer (SA). The result of the comparison is the only test output. This test strategy is a good alternative if it provides low area overhead and acceptable fault coverage. Note that apart from its recurrent cost, extra silicon area for BIST may in turn be subject to faults. As usual, additional hardware for BIST implementation must be kept as low as possible. Conversely to scan design relying on deterministic test sequences, BIST classically relies on pseudo- random sequences due to the impossibility to store or generate deterministic sequences at low cost with built- in hardware. However, pseudo-random testing is an efficient technique for crypto-cores [10]. High fault coverage can be achieved with short pseudo-random test sequences because traditional cryptographic operations (XOR, substitution, modulo, …) are easily tested with random data. Moreover, the inherent properties of these operations allow the propagation of random data through the circuit. In order to save TPG and SA related area overheads, we propose a BIST methodology specifically designed for block-cipher circuits. The proposed BIST technique incurs almost no area overhead. The paper is organized as follows: Section 2 discusses inherent properties of cryptographic algorithms and it introduces the BIST approach. Section 3 describes the DES and the AES, while Section 4 presents experimental results. Eventually, Section 5 concludes this paper. 2. Cryptography and testability The security provided by block cipher algorithms such as Data Encryption Standard (DES) and its successor the Advanced Encryption Standard (AES) relies on two main properties named "diffusion and confusion". Confusion refers to making the relationship between the key and the ciphertext as complex and involved as possible; diffusion refers to the property that redundancy in the statistics of the plaintext is "dissipated" in the statistics of the ciphertext. Those properties are supported by using a Feistel [11][1] network in the first case and by a substitution- permutation network for the later one (see next sections). These two algorithms also have some common characteristics: • They are iterative algorithms. DES is composed of 16 rounds while AES is made of 10 rounds. All rounds are identical i.e. the result of a round is used as the input of the next round. Since the rounds are identical, their hardware implementations typically consist of a single round and a feedback loop. • Ciphering and deciphering algorithms are almost identical. • Since block ciphering is a bijective operation (one- to-one mapping), each round is a bijective operation too (on a set of 264 elements for DES, on a set of and 2128 elements for AES). The diffusion property is a very interesting feature with regard to the test of their hardware implementation: • It implies that every input bit of a round influences many output bits, i.e. every input line of a round is in the logic cone of many output bits. In other words, an error caused by a fault in the body of the round is very likely to propagate to the output. Thus, the circuit is very observable. • Moreover, since rounds are bijective, the input logic cone of every output contains many inputs. In other words, each fault is highly controllable. It can be concluded that the circuits are highly testable by nature. Thus, for this kind of circuit, we propose the following self-test procedure: 1. Encrypt an initial message M0 into M1=E(M0) 2. Repeat n times : Mi+1 = E(Mi) 3. Compare the final cipher Mn with the expected one E(E(E(…..E(M)…)). If they differ, the circuit is faulty otherwise it is correct. In other words, the result of an encryption is used as the next test vector. It should be noticed than for n encryptions, the main part of the circuit under test (i.e. the hardware implementation of the round) receives R test vectors, being R the number of iterations of the concerned algorithm (R=10 for the AES, R=16 for the DES). We investigate now whether this procedure leads to the application of n×R distinct test vectors. To our knowledge, there is no published general result about the length of the cycles on the output state IEEE/IFIP DSN-2008 2nd Workshop on Dependable and Secure Nanocomputing, June 27, 2008 Page 2/6 ________________________________________
Page 3
graph for either algorithm. Nevertheless, we conjecture that the length k of such a cycle (i.e. Mi+k = Mi) is quite large. Since the support set is very large (264 or 2128), and the encryption is bijective, these two algorithms can be considered as random permutations. As a consequence, the probability distribution function is flat. It can be computed that the expected cycle length is 264/2 for DES and 2128/2 for AES. Thus the probability that the output states fail in a loop is very small for moderate values of n. In practice (see section 5) we never observed such cycles. To resume, whatever the initial message M0 and the secret key (except weak keys of DES), the actual length of the test sequence will be n×R. Finally, concerning test response comparison, due to the diffusion property and to the size of the support sets, the fault masking phenomenon is very unlikely to happen. That is, there are very few chances that in the presence of a fault the final signature equals to the correct one (and again we never noticed this phenomenon). 3. Symmetric encryption algorithms In this section we describe the characteristics of two considered algorithms Data Encryption Standard (DES) and Advanced Encryption Standard (AES). 3.1. Data Encryption Standard (DES) The Data Encryption Standard (DES) has been selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976. DES is a block cipher, with a block size of 64 bits and a key of 64 bits. However, only 56 bits of the key are actually used by the algorithm, while the other 8 bits are used for checking parity, and are thereafter discarded. The algorithm's overall structure is shown in Figure 1.a: There are 16 identical stages of processing, called rounds. There are also an initial and a final permutation, called IP and FP, which are inverses (i.e., IP(x) = FP-1(x)). In each round, the block is divided into two 32-bit halves and processed alternately. This crossing scheme is known as the Feistel scheme [11]. The F-function scrambles half a block together with some of the key. The output from the F-function is then combined with the other half of the block, and the halves are swapped before the next round. After the final round, the halves are not swapped; this is a feature of the Feistel structure which makes encryption and decryption similar processes. The F-function, depicted in Figure 1.b, operates on half a block (32 bits) at a time and consists of four stages: • Expansion: the 32-bit half-block is expanded to 48 bits using the expansion permutation, denoted E in the diagram, by duplicating some of the bits; • Key mixing: the result is combined with a subkey using an XOR operation. Sixteen 48-bit subkeys (one for each round) are derived from the main key using the key schedule (described below); • Substitution: after mixing in the subkey, the block is divided into eight 6-bit pieces before processing by the S-boxes, or substitution boxes. Each of the eight S-boxes replaces its six input bits with four output bits according to a non-linear transformation, provided in the form of a lookup table; • Permutation: finally, the 32 outputs from the S- boxes are rearranged according to a fixed permutation, the P-box. In order to generate the round keys, the 56 bits of the original key are divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected: 24 bits from the left half, and 24 from the right. (a) Overall structure of DES (b) Function F Figure 1: DES Algorithm 3.2. Advanced Encryption Standard (AES) AES [2] is a block cipher adopted as an encryption standard by the U.S. government. AES began immediately to replace the Data Encryption Standard (DES, used since 1976) for the reason that it outperforms in long-term security thanks to, among other things, larger key sizes (128, 192, or 256 bits). Another major advantage of AES is its efficient implementation on various platforms. It is suitable for small 8-bit microprocessor platforms, common 32-bit processors, and dedicated hardware implementations that can reach throughput rates in the gigabit range. IEEE/IFIP DSN-2008 2nd Workshop on Dependable and Secure Nanocomputing, June 27, 2008 Page 3/6 ________________________________________
Page 4
The AES algorithm’s internal operations are performed on a two dimensional array of bytes called State. For sake of simplicity, we focus on key length equal to 128 bits. The State consists of 4 rows of bytes and each row has Nb=4 bytes. Each byte is denoted by Si,j (0 ≤ i < 4, 0 ≤ j < Nb) . The four bytes in each column of the State array form a 32-bit word, with the row number as the index for the four bytes in each word. The 128-bit block can be expressed as 16 bytes: in0, in1, in2… in15. Encryption and decryption processes are performed on the State, at the end of which the final value is mapped to the output bytes array out0, out1, out2, … out15. The AES algorithm is an iterative algorithm composed of 10 rounds. At the start of encryption, input is copied to the State array. After the initial secret key addition (roundkey(0)), the first 9 rounds are identical, with small difference in the final round. As illustrated in Figure 2, each of the first 9 rounds consists of 4 transformations: SubBytes, ShiftRows, MixColumns and AddRoundKey. The final round excludes the MixColumns transformation. The encryption scheme in Figure 1 can be inverted to get a straightforward structure for decryption. SubBytes Transformation The SubBytes transformation is a non-linear byte substitution that operates independently on each byte of the State using a substitution table (S-Box). This S- Box is constructed by composing two transformations: 1. Take the multiplicative inverse in the finite field GF(28); the element (00000000)2 is mapped to itself; 2. Apply the following affine transformation (over GF(2)): i i i i i i i c b b b bbb ⊕ ⊕ ⊕ ⊕ ⊕ = + + + + 8 mod )7( 8 mod )6( 8 mod )5( 8 mod )4( ' for 0 ≤ i < 8, where bi is the ith bit of the byte, and ci is the ith bit of a byte c whose value is fixed and is equal to {01100011}. This transformation can be pre-calculated for each possible input value since it works on a single byte, therefore there are only 256 values. S-Boxes can be implemented either as a ROM or as combinational logic. ShiftRows Transformation In this transformation, the bytes in the first row of the State do not change. The second, third, and fourth rows shift cyclically to the left one byte, two bytes, and three bytes, respectively. Figure 2: AES Algorithm (encryption) MixColumns Transformation The MixColumns transformation is performed on the State array column-by-column. Each column is considered as a four-term polynomial over GF(28) and multiplied by a(x) modulo x4 + 1, where: a(x) = (00000011)2 x3 + (00000001)2 x2 + (00000001)2 x + (00000010)2 AddRoundKey Transformation In AddRoundKey transformation, a roundkey is added to the State array by bitwise XOR operation. Each roundkey consists of 16 words generated from Key Expansion described below. Key Expansion The key expansion routine, as part of the overall AES algorithm, takes the input secret key of 128 bits. The output is an expanded key of 11*128 bits, i.e., the expanded key is composed of the secret key and 10 roundkeys, one for each round. Details of the algorithm that allows determining the value of each roundkey are given in [2]. 4. Testability Analysis In the following two sub-sections we provide some results related to the area overhead and the fault coverage for the self-test scheme, applied to the DES and the AES. The two architectures have been described in VHDL and synthesized using Synopsys Design Compiler [14] using a 350nm CMOS library provided by AMS [15]. In both cases we have studied a theoretical approach to pre-calculate the number of encryptions needed to reach 100% of fault coverage. We considered the following aspects: 1. the stream generated by a crypto algorithm when the input is fed by its output can be considered as Plaintext (128 bits) Ciphertext (128 bits) roundkey(0) for i=1 to 9 SubBytes ShiftRows MixColumns roundkey(i) SubBytes ShiftRows roundkey(10) IEEE/IFIP DSN-2008 2nd Workshop on Dependable and Secure Nanocomputing, June 27, 2008 Page 4/6 ________________________________________
Page 5
random. Strong randomness is an inherent feature of crypto algorithms. This property has been confirmed using the NIST statistical tests [12]. In both cases the bit streams passed the 15 randomness test [13]; 2. substitution boxes represent the biggest part of the device, and their inputs are independently fed by a sub-part of the input. We can therefore assume that they are fed by a random stream; 3. each substitution box needs N deterministic patterns to be fully tested and it receives one pattern every clock cycle; 4. we assume that test patterns able to test faults in the Sbox are also able to test faults in the remaining parts of the circuit (see 5.1 and 5.2 for details on the particular architecture). All these points allow us to estimate the number of clock cycles (and therefore the number of encryptions) required to fully test the circuit using the formula that gives the minimal-length random sequence that would include N patterns, having probability p to appear, with a given confidence level [13]: [ ] ( )n k 1i 1i ip1 i k 1)( 1nXP − ⎟ ⎟ ⎠ ⎞ ⎜ ⎜ ⎝ ⎛ − − = ≤ ∑ = + (1) 4.1 DES Hardware Implementation The architecture of the Self-Test approach for DES is depicted in Figure 3. The area overhead of the proposed approach is equal to 3,58%, corresponding to the initial 64-bits multiplexer and some additional logic for the control unit. In order to determine the number of clock cycles required to fully test the circuit we applied the equation (1). In particular, we considered a confidence level of 99% for a sequence of k=64 patterns (i.e., the exhaustive set of input pattern for the Sbox), where each pattern has the same probability to appear (p=1/64). From this equation it comes that the length of a random sequence that contains each necessary vector with a confidence level of 99% is n=540 patterns. According to the implementation of the Sboxes, and in particular based on the actual number of deterministic patterns k (≤64) required to fully test the Sbox, the length of the test procedure can vary from 440 clock cycles (28 encryptions, being each encryption composed of 16 clock cycles) to 540 cycles (34 encryptions). Concerning the other parts of the DES, they are mainly xor operations and they should be very easily tested using the same random patterns issued from the Sboxes. Experimental results confirmed this result. We fault simulated the DES with several keys and initial input messages. It comes that after 21 encryptions (i.e. 336 clock cycles) the circuit is fully tested. Register R2 Cipher text Register R1 Key Generation Control E SBoxes P Start Test FP IP Plaintext 32 32 64 Figure 3: AES Algorithm (encryption) 4.2 AES Hardware Implementation The architecture of the Self-Test approach for AES is depicted in Figure 4. The area overhead of the proposed approach is equal to 2,13%. Regarding the testability and the number of encryptions required to reach 100% of fault coverage, we computed the minimal-length random sequence (with a confidence level of 99%) that would include k=256 patterns (i.e., the exhaustive set of input pattern for the Sbox), where p is equal in this case to 1/28 (since the Sbox operates on 8 bits). From this equation it comes that the minimal random sequence length is n=2593 patterns. The same experiment have been performed for various implementations of the Sboxes and thus for different minimal deterministic test sets. In any case, the theoretical minimal length of the random sequence for including the targeted deterministic patterns ranges from 2400 to 2593 patterns. Concerning the other operations of the AES, ShitRow function requires only wires for its implementation and is tested when every bit of this interconnection structure has been set to both “0” and “1” (under the assumption of stuck-at fault model). IEEE/IFIP DSN-2008 2nd Workshop on Dependable and Secure Nanocomputing, June 27, 2008 Page 5/6 ________________________________________
Page 6
This should be easily achieved with the patterns issued from the Sboxes (bijective operations fed with 2600 random patterns). MixColumn and AddRoundKey operations are mainly xor trees and should be very easily tested too using random patterns issued from the Sboxes. Register R2 Cipher text Key Generation Secret Key K Plaintext RKi Control Select Register R1 Sub Bytes Shift Row Mix Column Start Last-round Encryption Round Key 0 1 Round Test Figure 4: AES Algorithm (encryption) As for the DES, in order to confirm this hypothesis we have performed a fault simulation on the proposed AES core sets in self-test mode. This experiment has shown that all the faults have been tested after 210 encryptions (i.e. 2100 round cycles). This experiment has been repeated with different plaintexts and secret keys as starting points. We obtained test sequences ranging from 2100 to 2500 patterns for 100% fault coverage, as expected from the equation (1). From a practical point of view, 2600 round cycles in self-test mode should be sufficient to test the whole structure with a confidence level of 99%. 5. Conclusions In the context of secure circuits, BIST approaches appear as good alternatives since they do not rely on visible scan chains. In this paper, a generic BIST solution for cryptographic devices is presented. The basic principle is to feed the device with its own output and let the device run for a certain number of encryptions, and then to compare the output of the final encryption with a pre-computed signature. We showed that the area overhead entailed by this technique is negligible and the required test time is very short, while guaranteeing 100% of fault coverage.
Post: #7

.ppt  05_Chapt5.ppt (Size: 959.5 KB / Downloads: 238)

.ppt  05_Chapt5.ppt (Size: 959.5 KB / Downloads: 238)


Stream cipher:
encryption rule depends on the plaintext symbol’s position in the stream of plaintext symbols
Block cipher:
encrypt several plaintext symbols at once in a block
Post: #8
hi.. very good.. it is helpful for all students who are facing problems to handle reports
Post: #9
hiiiiiiiiiiiiii i iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii

Attached File(s)
.pdf  algo.pdf (Size: 173.03 KB / Downloads: 57)
Post: #10
please sent the ppts or pdf files of "pallandium cryptography" seminar topic.
Post: #11
please send ppt of palladium cryptography to my mail id..
Post: #12
this is prachi...
i liked the concept behin palladium kindly help me by providing full information regarding it..
Post: #13
hiii, this is very important and helpfull to me.
Post: #14
To get more information about the topic "Palladium Cryptography " please refer the link below
Post: #15
to get information about the topic cryptography full report fullreport,ppt and related topic refer the link bellow

Marked Categories : palladium cryptography code identity, ieee seminar topics for electronics and communication for palladium cryptography, seminar topics on cryptography, sandboxing in antivirus, palladium ieee seminar topic for computer science with full abstract, palladium cryptography seminar report, palladium seminar topic, ppt for palladium cryptography free download, technical project seminar on palladium, seminar report of palladium cryptography, ppt for palladium cryptography, sandbox technology power point presentation, cryptography abstract doc, palladium cryptography ppt download, cryptography, palladium cryptography, palladium network security documentation,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  abstract of ieee seminar paper on bionic eye Guest 3 199 Yesterday 09:20 PM
Last Post: SharonJer
  digital image watermarking project source code free download riya40 0 0 Yesterday 05:52 PM
Last Post: riya40
  Mini project report on SHADOW ALARM project girl 6 11,060 20-01-2018 02:07 PM
Last Post: Austinfloro
  water cooler project report Guest 2 0 20-01-2018 10:21 AM
Last Post: Guest
  seminar abstract for laser communication Guest 2 0 20-01-2018 06:55 AM
Last Post: Austinfloro
  hydroforming full report project report tiger 5 25,509,305 19-01-2018 01:37 AM
Last Post: Guest
  nrega project report er diagram Guest 1 0 18-01-2018 03:31 PM
Last Post: dhanabhagya
  download ppt in hindi on kanyadan clss10 from slide share Guest 1 295 18-01-2018 03:24 PM
Last Post: dhanabhagya
  vivekananda spoken english books to download Guest 1 0 18-01-2018 02:19 PM
Last Post: dhanabhagya
  school management software vb6 source code free download Guest 1 0 18-01-2018 01:03 PM
Last Post: dhanabhagya
This Page May Contain What is Palladium Cryptography (Download Seminar Report) And Latest Information/News About Palladium Cryptography (Download Seminar Report),If Not ...Use Search to get more info about Palladium Cryptography (Download Seminar Report) Or Ask Here