A Compact Implementation of Grain Cipher using PIC16F84

This post demostrates an example of compact grain cipher implementation using PIC16F84, a stream cipher invented by Martin Hell, Thomas Johansson and Willi Meier. This stream cipher is based on Linear Feedback Shift Register (LFSR) and non-linear feedback shift register (NFSR).

The core of this cipher are two shift registers, two tapping function for determining the next state of the cipher. The last filtering function is used to determine the bit stream output based on the current cipher state.

All shift registers are emulated as 8 consecutive registers which is treated as a unity. The linear boolean function are implemented on the fly while non-linear boolean function are stored as a lookup table to save memory usage and to simplify the implementation.

I have tested the source source code against several known test vector. Here is the example.


Test Vector
Cipher Key : 44 44 44 44 44 44 44 44 44 44
IV : 55 55 55 55 55 55 55 55
Bit Stream : aa 65 8e e6 45 ef d3 4f 34 28

test vector result:

The code is released for free under the term of GNU Public License v3.0 without any warranty implied. You may use this code for educational purpose only.

Related Stuff

Download
Source Code | v1.0 | v1.1
Grain Stream Cipher Specification
MPLAB 8.40

Reference
Grain Cipher

Embedding The Enigma Railway into ATMega32

A couple weeks ago, i have ported the implementation of Enigma Railway from PIC16F84 based to the one geared by ATMega32 running at 16 MHz. The code is rewriten from assembly to C for better understanding.

The hardware is based on ATMega8535 development board produced by innovative electronics with small changes on system frequency and microcontroller replacement. The code is compiled using codevision 1.25.3 and you may use another compiler with minor changes. The code is freely available for anyone under the GNU Public License 3.0 terms. You way use and modify it with no warranty implied.

In this post, i used the ATMega32 to continuously monitor the serial connection form PC to microcontroller (at 115200) for incoming data. Once [a-z:A-Z] characeter found, i’t will subsequentially encode the incoming character through Enigma Railway substitution cipher and pass back the result. The PC side control is hosted by Teraterm configured at 115200 8n1 with no flow control.

The code is verified against the “Enigma Railway Simulator” coded by Geoff Sullivan found here. The test vector comparison is performed by enciphering 600 of “A” characters using the same initial condition

In addition, i used several number and symbol to control the inner state of Enigma Railway Cipher Machine. The Control Character is shown at screenshot section below.

Screenshots:
Development Board

AVR USB Programmer

Menu Page

About Page

Licensing Page

Usage Page

Resulting Cipher

The Enigma Railway Simulator

After your compiled and burned the HEX code to the chip, you can connect it to PC and type “?” (a question mark) to display those menus.

Related Stuff

Download
Enigma Railway AVR Source Code v0.1

Tiny Encryption Algorithm (TEA) on PIC18F4550

Tiny Encryption Algorithm (TEA) was a fast and simple block cipher designed by Roger Needham and David Wheeler. This cipher uses simple 32-bit operations such XORs, Additions, Subtractions and Shifts. Initially, those instructions were not applicable directyly to PIC18F4550. However those 32-bit instructions are availabe under emulation. Here is an example of Tiny Encryption Algorithm (TEA) implementation on PIC18F4550, hopefully you enjoy it . The program are available under GNU Public License v3.0. Please feel free to use it without any warranty implied. Leave your comment below, so i can hear your voice. Happy coding

.

Below is test the result of TEA test vector and it has satisfactory results, the same  as specification ,

Test Vector Result:
Plain Text : 0×0123456789abcdef
Cipher Key : 0×00112233445566778899aabbccddeeff
Cipher Text : 0×126c6b92c0653a3e

Plain Text

Note : Cipher Key is marked red

Cipher Text

Note : Cipher Key is marked red

RELATED  STUFF

Download:
Source Code | v1.0
PIC18F4550 Datasheet
TEA Specification
TEA PIC18F4550 Documentation
MPLAB v8.10

Reference:
Tiny Encryption Algorithm
Roger Needham
David Wheeler

Fast RC4 Stream Cipher Implementation on AVR

As quoted on wikipedia, RC4 is a stream cipher designed by Professor Ronald Rivest from MIT. This block cipher employs simple bytewise permutation over 256 bytes state array. This characteristic makes RC4 easy to implement in programmable device such microcontroller.

AVR is a powerful microcontroller that cope all requirements needed for RC4 implementation, from indirect memory addressing for array operation, addition and so on. The lookup process of RC4 is depicted below.

The previous platform of RC4 implementation that I made was PIC18F4550, which gave good performance, but AVR is better. AVR has more specific single cycled instruction that made it faster and superior than PIC18F4550 on this case.

In order to validate cipher result, I tested my code to encrypt plain text “Plaintext” with cipherkey “Key” and it generated the same hex value which was “BBF316E8D940AF0AD3″. The test vector example was taken from RC4 page on wikipedia. Take a look those three pictures below.

Plain Text

Cipher Key

Cipher Text

RELATED STUFF

Download :
Source Code | v1.0

Reference:
RC4
Ronald Rivest

Final Project Plan

Yesterday, i was thinking about my final project will be started on January 2009, perhaps up to June 2009. A great chance that drives me to learn more and more. The topics is around applied embedded cryptography, probably PSTN cryptophone .

A PSTN cryptophone is basically a device that interface telephone line. The device will encrypt and decrypt voice using RC4 stream cipher combined with Diffie Hellman Key Exchange algorithm. In addition i’m planning to use environment driven Pseudo Random Number Generator that combines generated random number and noise captured from environment .

I realized that PICmicro microcontrollers are no longer sufficient to fulfill my needs. I am supposed to use another microcontroller. A great candidate is AVR, a cool, fancy, fast, and single cycled machine. Far away before, i was motivated my self to grab the sense of using AVR by on hand practices, and it works, thanks God. Now i’m able to program AVR, i’m pursuing my dream to create my own hand made PSTN cryptophone, wish me luck .

The motivation of this idea comes from the needs of privacy over unsecure PSTN (Public Switched Telephone Number) which is secure enough and affodable for public use. PSTN is said to be unsecure, since it was easy to tap and intecept any conversation without any hard effort. Can you imagine if someone is passing his sensitive data through telephone line and a bad guy is tapping the wire and steal that informations? Of course, that could be a horrible things to be heard .

If possible, i will publish this project as a book and ebook. Yeah, i had a dream to publish a book which is cool, original, exceptional and high tech. Hopefully everything is running well .

LOKI91 in Hardware

LOKI91 is a variant of LOKI block cipher. This cipher was designed in response to the attacks on its predecessor which is LOKI89. LOKI block cipher was developed by Australian cryptographers which are Lawrie Brown, Josef Pieprzyk, and Jennifer Seberry. The design of this block cipher was intended as an alternative of DES (Data Encryption Standard) replacement.

LOKI91 Expansion Permutation

LOKI91 uses  32 to 48 bit expansion/permutation on each iteration. The 32-bit half block of data passes expansion/permutation before being substituted. The substitution is summarized below:

Afterwards, each 12-bit of permutation/expansion result then connected to substitution phase.

LOKI91 SBOX

The LOKI91 SBOX transforms 12-bit input into 8-bit out. The output is determined by the row and column selection, characterized by:

The r parameter is taken and concatenated from 2 leftmost input and 2-rightmost input. Instead of having arithmetical view of multiplication by 17, it is also possible to describe the process in logical view. The process is started by mapping each combination of input r to the result of multiplication by 17 followed by bitwise XOR by 0xff. Mathematically speaking, that process is characterized by equation, and depicted as a truth table below:

Then Simplified to:

The table above than analyzed bit by bit, by expressing each bit of output as a function of input bits. The analysis is completed by using Karnaugh-Map and summarized as follow:

The Boolean equation above represents bit inverting and copying that implemented as follow.

LOKI91 uses extensive Galois Field computation on its SBOX. Its SBOX has 12-bit input and 8-bit output. The internal process is consisted of operations that includes exponentiation along GF(2⁸). The exponent number and polynomial modulo are designed to be scheduled. The schedule is shown below.

If we analyze the relationship between each input and output using Karnaugh-Map, there are equations that represent each bit of output as a function of all input. Those equations are listed below.

The equation above is representable as a circuit below:

In physical interpretation, the exponentiation process is consisted of squaring and multiplication while multiplication is cocsisted of addition and multiplication by two. However, squaring is a special case of multiplication where both number are the same.

Since LOKI91 uses scheduled polynomial modulo, therefore it is important to extend the basic of multiplication by two such that it open to different types of polynomial. At last, the output of scheduling schematic is connected to the basic circuit of multiplication by two to obtain scheduled multiplication by two.

The above circuit then extended gradually to construct scheduled multiplication circuit then exponentiation circuit. In addition, i verivied that circuit against 16 test vectors. The results are test1, test2, test3, test4, test5, test6, test7, test8, test9, test10, test11, test12, test13, test14, test15, test16.

The multiplication along scheduled polynomial P_r is implemented as circuit below.

The exponentiation can be described as a set of squaring and multiplication, depicted by equation below.

The process above is summarized as a block diagram below:

The rest of SBOX implementation will be discussed soon.

LOKI91 32-bit PBOX permutation

At last, the output of substitution process then concatenated and permutated. the permutation is characterized below:

LOKI91 Key Scheduling
LOKI91 uses simple key scheduling scheme. LOKI91 has 16 iterations, therefore it requires 16 subkeys. The process of generating subkeys is mereley rotation and swap. In short, it is also possible to define subkey as bit by bit mapping.

If cipher key defined as follow:

Then subkey each subkey is defined as follow:

To be continue…

The Implementation of MD4 Hash Function on PIC18F4550

MD4 is a message digest algorithm designed by Professor Ronald Rivest from MIT. This function creates small chunk of data as a hash value of any string that being computed. The size of hash is 128-bit. The internal of MD4 is consisted of 3 rounds of functions. Each function has 16 iterations. In total, MD4 has 48 steps to process data input into hash value.

MD4 is the predecessor of MD5, the hash function that still widely use for now on. MD4 has many weakness in terms of security. That was the reason why Professor Ronald Rivest proposed the next hash function which is MD5.

This post is merely to show how MD4 hash function was done on PIC18F4550. The way of implementation is basically easy and approximately near to MD5 implementation. I developed this code using MPLAB v8.0. The code has been tested against several test vector and works. The code is available under GNU Public License v3.0 with no charge and no warranty.

See those pictures below. I took them during simulation.

Hash Buffer

Hash Result

If you have question, don’t hesitate to leave some comments or contact me by email. I’ll try to answer your question regarding to this post.

RELATED STUFF

Download:
Source Code | v1.0
PIC18F4550 Datasheet
MPLAB v8.0

Reference:
MD4
Reference:
Ronald Rivest

Mini AES implementation on PIC16F84

Mini AES represents AES in simple way. This cipher is consisted of 2 rounds 16 bits block size and key length. Its operation is mainly built of nibble XOR, nibble substitution, column shift and multiplication along GF(2⁴) with modulo 0×03. The matrix multiplication of Mini AES mix column is designed such that the inverse process is equal to the process itself. In addition, shift row behaves the same as mixcolumn which its inverse process is equal to the process itself.

This code is developed is MPLAB v8.0 and released for free under GNU Public License v3.0 terms. Below are pictures taken during simulation

Plain Text

Cipher Text

Feel free to use this code and take your own risk .

RELATED STUFF

Source Code | v1.0
Mini AES Specification
PIC16F84 Datasheet
Mid-Range Reference Manual
MPLAB v8.0

MD5 Implementation on PIC18F4550

MD5 is a widely use Hash algorithm. It works by destructing message into smaller pieces called hash value. hash value is similar to to the concept of fingerprint. The same data will result the same hash value. Therefore, hash algorithms take significant place on security for example integrity proofing.

In addition, this post will show you you to bring MD5 hash function into PIC18F4550 microcontroller. Since PIC18F4550 has large memory space, it has ability to cope large message.

The development of this code is divided into two version which are size optimized and speed optimized. Version 1.x is intended for speed effectiveness while the other one concern on performance. the picture below show the result of md5 hashing as well as its buffer during execution.

Hash Result

Buffer

I developed the code on MPLAB v8.0 and released for free under the term of GNU Public License version 3.0 with no guarantee implied. Please leave some comments if you have question or suggestion prior to this post.

RELATED STUFF

Download:
Source Code (Size Optimized) | v1.0
PIC18F4550 Datasheet
MPLAB v8.0

Reference:
MD5

Mini-AES In Hardware

Mini-AES is mini version of Advanced Encryption Standard created by Raphael Chung as a testbed for crypanalysts studensts. This cipher immitates rijndael in such simple way. It inherits rijndael characteristics.

There are several things to  consider while learning Mini-AES, such multiplication along GF(2⁴), substitution, key scheduling, matrix multiplication, and block XOR. This post will gradually upadeted to give information about Mini-AES in hardware.

First,  Mini-AES multiplication in GF(2⁴) is characterized by polynomial m(x) = x⁴ + x + 1. In hardware multiplication by 2 and multiplication by 3 are defined by circuits below

Multiplication by 2

Multiplication by 3

The Mix-Column of Mini-AES is defined by circuit below

While Mini-AES substitution as well as its inverse are defined by table below

To derive the functions that define SBOX table, map the table above into K-Map, look for similarity and derive the function one by one. The picture below is the mapping result in K-Map. Cells that marked green, blue and red share common function, while cells that marked orange are unique.

The chart above is characterized by equations below:

To be continue..