Thesis for receiving a master's degree (M.Sc)
Electrical engineering field - electronics orientation
Abstract
The hash function is a type of abstract function that is used in all cryptographic designs and Security protocols are used to generate random numbers and the password storage mechanism for authentication and digital signature in the digital world.
The National Institute of Standards and Technology started a competition to improve common hashing algorithms, the hashing algorithms sent to this contest were named SHA-3, including 5 resistant algorithms that made it to the final round of the competition, while the JH algorithm was in the final round as the algorithm. Therefore, the purpose of this thesis is to investigate the JH abstract generator algorithm for implementation on FPGA. In this algorithm, the obtained observations do not include imaginary sources. These simulations show to what extent the performance of the JH abstract generator algorithm has been able to be simulated and synthesized on the FPGA.
Chapter 1-Overview of the basic concepts of cryptography
1-1-Introduction
Today, security is of great importance and is widespread in the economic and commercial environment. is used The types of solutions presented so far are of the type of data security. There are many reasons for data protection at any place and time, but in the real world, dealing with multiple cases of information theft and the possibility of passing required tests and audits has always been a concern for information security and encryption [1]. For this reason, various types of passwords are used for data to ensure data security in communication [1].
1-3- Types of attacks
1-3-1- Changing information
In this type of active attack, information is attacked during transmission to the destination and data integrity is lost. Upon receiving the information, the attacker modifies it or replaces it with other information. The destination also does not recognize this issue and uses the data. To prevent this type of attack, abstractor functions [1] are used [1].
1-3-2-Impersonation
In this type of active attack, the attacker presents himself as an authorized user to local systems and thus uses various local network services. Digital signatures are used to prevent these types of attacks and provide authentication of users and software. In this way, attackers prevent an institution from providing services. It is easy to set up this type of attack and it is often done using impersonation methods and sending large amounts of Internet Protocol systems [2]. These attacks are called DOS for short [3]; and are part of active attacks. These attacks can be reduced by using a firewall [1].
1-3-3-Eavesdropping
In this attack type of passive attack[4], information is not changed, but its confidentiality is lost. If you want to send information in plain text and not encrypted to remote systems, then this information may be received by unauthorized persons. Extortion of information may be done in different places such as local networks, data transfer switches or the Internet. Now there are different software to get different information from the local network and viruses and attackers can also get the information transferred on a public network.To avoid this security problem, symmetric and asymmetric data encryption techniques are used [1].
1-4- Data encryption
Encryption is a process during which data is changed from its normal form and becomes almost impossible to read without having the necessary information (decryption); Therefore, in this method, by encrypting the data, unauthorized people are prevented from accessing the data and data confidentiality is obtained. In this method, encryption is done at the origin and then encrypted data is sent to the destination. An attacker who eavesdrops and receives data packets in transit over the network obtains encrypted data that is unusable to him. The recipient of the data at the destination also receives the encrypted data, but because he has the data decoding information, he can decode and use the data. There are two methods for data encryption, symmetric and asymmetric. The idea of ??symmetric encryption has existed for years and is not a new problem, but asymmetric encryption uses mathematical principles and complex algorithms and is considered a new method in data encryption [1]. Create the necessary complexity for the data. It is also used to perform encryption operations using a common and secret key between the sender and the receiver. In this method, the data is encrypted at the source with a shared key and sent to the destination, and the data is decrypted with the shared key at the destination. In symmetric encryption, it is assumed that the attacker is aware of the encryption algorithm and relies only on the confidentiality of the shared encryption key. In general, the longer the key length, the more time it takes to break the data and the more security is obtained. Considering the current processing power, choosing more keys than 128 bits seems appropriate. Also, cryptographic keys should be changed after some time of use and new keys should be randomly selected even if possible to achieve maximum security. Symmetric encryption algorithms are divided into 2 categories: block algorithms [5] and stream algorithms, and data is encrypted or decrypted bit by bit. Stream algorithms are faster than block algorithms. Algorithms such as [6] DES are block and algorithms such as RCCL are streams, although it should be noted that symmetric encryption also provides authentication. If an encrypted data is received, according to the key used, the identity of the person sending the data can be confirmed because these keys are assumed to be confidential. Symmetric encryption has good efficiency and provides little delay in data encryption and decryption operations; Therefore, it can be used to encrypt a large amount of data. This type of encryption is widely used in wireless security protocols. Algorithm 3DES, DES, IDEA [7], RC4 [8], etc. are symmetric algorithms [1]. In this algorithm, instead of permuting and replacing data, mathematical functions are used, and instead of a shared secret key, a public key and a private key are created, and the public key is available to everyone and the private key is available only to the user. For private key confidentiality, a password to access the private key database is considered. The concept of public key cryptography was created after trying to solve the two problems of key distribution in a secure way and digital signature, and it has the following two important and basic characteristics. 1- It is computationally impossible to calculate the decryption key from the encryption key. 2- Both public and private keys can be used for encryption. Of course, another key must be used for decryption. In this encryption method, first the public key of the destination is provided in a valid way and then the data is encrypted and sent to it by the public key of the destination.