Abstract
Cryptography can ensure data confidentiality, integrity, and authenticity, which are important for protecting privacy and securing online transactions. However, their implementations pose significant challenges due to their complexity and high computational demands, especially on devices with limited resources. These challenges require a balance between compatibility and performance within systems. Software-hardware co-design, typically utilized in system-on-chip (SoC) designs, emerges as an effective solution by combining hardware and software to enhance the performance, efficiency, and security of cryptographic applications. This thesis comprehensively explores the design and implementation of cryptographic algorithms on SoC platforms. Specifically, it focuses on hardware architecture, optimization of arithmetic operations, system-level integration, and practical deployment in real-world scenarios.The research includes a detailed analysis of the software-hardware co-design for CRYSTALS-Dilithium, a lattice-based digital signature scheme selected for standardization in the NIST PQC process. The design features high-speed and resource efficient hardware modules for NTT/INTT, point-wise multiplication/addition, and SHAKE to accelerate time-consuming operations. All hardware modules are parameterized to allow full support for run-time configuration, increasing versatility. The proposed software-hardware architecture and streamlined operating workflows are designed to minimize data transmission overhead between the processor and other hardware modules. The hardware accelerator is implemented with reconfigurable logic on an FPGA and integrated with a high-performance ARM embedded processor in the Xilinx Zynq Architecture. Overall, our co-design approach significantly enhances the performance of key cryptographic operations compared to pure software implementations.
Additionally, the thesis investigates the design of the number-theoretic transform (NTT) through high-level synthesis (HLS), a fundamental arithmetic in lattice cryptography. The focus is on optimizing HLS for NTT and exploring various design approaches, including developing efficient modular multiplication algorithms and evaluating their performance and resource usage. A case study demonstrates different optimization approaches in the performance of the basic NTT algorithm. Additionally, this study examines the NTT design with a higher level of parallelism, which includes parallel coefficient and memory access scheme, parallel architecture with multiple butterfly units, and parallel code design with optimization command. By leveraging HLS, the NTT design space and trade-offs are thoroughly explored. The performance is evaluated across different parameters and levels of parallelism, highlighting the efficiency and effectiveness compared with related HLS and HDL-based NTT designs.
The thesis further involves deploying lightweight public-key cryptography into IoT, with LoRa as a promising choice due to its lightweight features and the extensive support provided by the LoRa Alliance. However, the typical LoRaWAN protocol, a fundamental part of LoRa, faces severe security challenges due to its insecure utilization of AES-128 to support the low-cost feature. To enhance security, the standard LoRaWAN protocol is extended with public-key infrastructures, supporting public-key features such as key exchange and authentication through lightweight hardware implementations of SHA-2, ECDH, EdDSA, and TRNG. A lightweight RISC-V processor with a security coprocessor has been implemented and verified using FPGA technology. The security protocol and prototype hardware system have undergone validation and evaluation in practical applications, demonstrating the feasibility of enhancing security in IoT systems without compromising the low-cost requirements.
| Date of Award | 23 Aug 2024 |
|---|---|
| Original language | English |
| Awarding Institution |
|
| Supervisor | Chak Chung Ray CHEUNG (Supervisor) |