I. INTRODUCTION II. the ocb mode III. the ocb implementation IV. Algorithm for ocb V. Discussion VI. Properties of ocb VII. comparision of ocb with other mode VIII. THE C compiler IX. conclusion X. referencesSoftware Implementation of OCB (GMU Fall 2006) 1Software Implementation of OCB Mode Abstract—The OCB (Offset Code Book) is a block cipher mode of operation used for encryption which provides both confidentiality and authenticity at the same time. This implementation is cost efficient as we do not have to design a separate hardware for authentication process. The OCB can be executed on any platform like C, JAVA and Assembly languages. This implies that it can be implemented by hardware or software. Index Terms— OCB, Rijndael AES I. INTRODUCTION The new modes of operation have been introduced in order to enhance the functionality of the block cipher encryptions. The OCB mode is one of them. The OCB mode is an authenticated encryption scheme. This OCB scheme has been invented by Phil Rogaway . The OCB mode is implemented in Hybrid mode. The main code is written in C and then it is interfaced to the hardware [8]. In our present work the OCB has been implemented in C (Software). In general the authenticity is provided by a shared secret key encryption on a hash function (Message Authentication Code). The implementation of this code requires another algorithm and sufficient hardware. This increases the cost of the overall encryption system. In the OCB mode, the algorithm is designed in such a way that it provides both authenticity and confidentiality. In the OCB mode any block cipher such as DES or AES can be used. In our project we have used the Advanced Encryption Standard. To be more precise it is Rijndael AES. In this encryption standard each Baba Prashanth Namatheertham, Ritesh Suppala, Bharath Govindool, Paradesi Ravi Kiran time 128bits of message are considered and pre computations are done on it and are encrypted. In our present work OCB mode is implemented in the same way as it was created [5] except for that the mode is implemented in software. By doing so we can create a code which will allow us to use the encryption method in our personal PCs where data privacy is necessary in communication. The OCB mode can be shown as an efficient method compared to other modes which is done in this project. The other mode used for the comparison is the CBC mode which is also implemented in C. The clock cycles required for the execution of the code are calculated in both modes and are compared. From these values efficiency of the code can be confirmed. II. THE OCB MODE Before running the OCB mode certain parameters need to be initialized. The parameters include the offset generation which requires L value generation, Random number generation and also padding. Thus the overall implementation of the OCB mode involves the following steps. 1. Partitioning the entire text message into blocks of 128 bits. 2. The last message may not contain exactly 128 bits so it is padded with zeroes. 3. A random number generation and encrypting it with AES 4. L value generation, the number of L values is equal to the number of blocks of message. 5. The generation of the hash function, this is used for message authentication. 6. Now by using all the above values the message blocks are encrypted using AES. The figure 1 shows the outline model of OCB.Software Implementation of OCB (GMU Fall 2006) 2 Figure 1: OCB Implementation process In order to implement the OCB mode the first major task is to understand the encryption method used which is the Advanced Encryption Standard (AES).Hence first and foremost the AES encryption scheme is studied clearly. The Rijndael AES encryption method [1] [3] operates on 128 bits at a time and the size of the key can be in 128, 192 or 256 bits. The key used for the AES scheme is the key for the entire OCB mode. The AES cipher exhibits greater complexity and more secure compared to DES block cipher. Hence this cipher is preferred to DES. The AES scheme involves certain number of rounds which can be 10, 12 or 14 basing on the key size. In our implementation we consider a key size of 128 bits so the numbers of rounds are 10 [1]. Each round performs the following operations. 1. Substitute Bytes 2. Shift Rows 3. Mix Columns 4. Add Round Key This procedure is done for 10 rounds and for each round a new round key is used. If we arrange the 128 bits in terms of bytes and put them in a matrix then we get a 4x4 matrix of four columns of words. Thus each 128 bit data represents four words arranged in columns. Before the round operations are executed there are few initial operations to be carried out. The key which is a 4x4 matrix consisting of 4 words (128 bits) key is expanded into a 44 word key. For every round 4 words are used as a round key. The Fig 2 explains the AES encryption. The given plain text is first arranged in the form of bytes in a 4x4 matrix (4 words) and the given key is expanded into a 44 word key. Substitute Bytes: In order to perform this substitution first we need to initialize the substitution box. This substitution box is a 16x16 matrix. Each byte of the message is substituted with another byte from the S-Box. The byte is selected from the S-Box using the row and column numbers. The row is given by the first four bits of the message byte and Plain Text Cipher Text Figure 2: AES encryption Substitute Bytes Shift Rows Mix Columns Add Round Key Substitute Bytes Shift Rows Mix Columns Add Round Key Message partitioning Offset Value Generation. Encryption of the message Add Round Key Combining all the cipher texts Tag GenerationSoftware Implementation of OCB (GMU Fall 2006) 3 the next four bits represent the column. Basing on this logic the bytes in the message are substituted. The S-Box values are generated basing on certain rules [3]. Shift Rows: The Shift rows block of the round will shift the bytes in the rows. The row byte elements are not shifted. The second row byte elements are shifted by one byte towards the left, the third row byte elements are shifted by two bytes towards left and the final fourth row byte elements are shifted by three bytes towards left. This operation will shift all the rows. Mixing Columns: This transformation operates on each column individually. Each byte of a column is mapped into a new value that is a
View Full Document
Unlocking...