This chapter presents a low complexity processor design for efficient and compact hardware implementation for WISP system security using the involution cipher Anubis algorithm. WISP has scarce resources in terms of hardware and memory, and it is reported that it has 32K of program and 8K of data storage, thus providing sufficient memory for design implementation. The chapter describes Minimal Instruction Set Computer (MISC) processor designs with a flexible architecture and simple hardware components for WISPs. The MISC is able to make use of a small area of the FPGA and provides security programs and features for WISPs. In this chapter, an example application, which is Anubis involution cipher algorithm, is used and proposed to be implemented onto MISC. The proposed MISC hardware architecture for Anubis can be designed and verified using the Handel-C hardware description language and implemented on a Xilinx Spartan-3 FPGA.
TopIntroduction
In a typical RFID system, assets, products and objects are usually labeled with a tag. Each tag contains a very small microchip with a limited computational, storage capabilities and a coupling element. Such devices are usually being classified according to their memory type and input power source (either active or passive). In (Peris-Lopez, Hernandez-Castro, Tapiador, & Ribagorda, 2009), the author proposed a method for tag classification that bases on which were the operations supported on-chip. High-cost tags are divided into two class types: simple and full 〉edged. The full-〉edged tags are able to support conventional cryptography like symmetric encryption, cryptographic one-way functions and even the resource-consuming public key cryptography. Simple tags can support random number generators and one-way hash functions. Likewise, there are also two classes divided for low-cost tags: lightweight and ultra-lightweight. Lightweight tags usually support random number generation but not cryptographic hash function. Moreover, ultra-lightweight tags can only compute simple bitwise operations such as: XOR, AND, OR, etc. SO, ultra-lightweight tags pose great design challenges as they are expected to be widely used.
On the other hand, the Intel Research Seattle had come up with an improved version of RFID tags called the WISP (Wireless Identification and Sensing Platform). WISP is a wireless, battery-free platform for sensing and computation that is powered and read by a standards-compliant Ultra-High Frequency (UHF) RFID reader. The notable features of WISP are battery free sensing, UHF communication, and a fully programmable 16-bit flash microcontroller with analog to digital converter. The conventional security mechanism for lightweight devices is cryptographic solutions. Since there are limited resources on WISP, some security trade off, between the security strength, on-chip-resources and low-power; has to be made to abide to the WISP standard. In (Sample, Yeager, Powledge, Mamishev, & Smith, 2008), the author has implemented the RC5 algorithm on WISP, which is the first strong cryptographic algorithm to be implemented on a UHF RFID tag. WISP has set a new standard for RFID applications. When we observe popular approaches taken by researchers to meet the area constraints in RFID tags are to implement lightweight encryption algorithms, so that the processing requirement are less computationally demanding and result in smaller hardware implementations. The Tiny Encryption Algorithm (TEA), proposed by P. Israsena from the National Electronics and Computer Technology Centre (NECTEC) is an example of a lighter encryption algorithm. The TEA is a Feistal cipher that incorporates only XOR, ADD and SHIFT operations (Israsena, 2006). Other lightweight encryption hardware implementations which have been proposed can be found in (Engels, Fan, Gong, Hu, & Smith, 2010) and (Hell, Johansson, & Meier, 2007).
However, the use of lightweight encryption algorithms poses greater security risk as compared to stronger encryption algorithms such as the Advance Encryption Standard (AES, also known as Rijndael) (Technology, 2001). Several researchers have proposed low complexity hardware architectures for the AES algorithm (Good & Benaissa, 2006; Rouvroy, Standaert, Quisquater, & Legat, 2004). In (Good & Benaissa, 2006), a very small FPGA Processor for AES has been proposed by Tim Good and Mohammed Benaissa. Their low complexity ASIP structure and compact hardware area gives greater advantage of implementing a stronger cipher on a smaller hardware area. One of designer for AES, Vincent Rijnmen, together with Paulo S. L. Barreto has come up with a new cryptographic primitive design called the Anubis. Anubis is a Rijndael variant that uses involutions for the various operations. The involution nature of Anubis allows low-cost hardware and compact software implementations to use the same operations for both encryption and decryption. Both the Substitution box and the mix columns operations are involutions. Anubis is expected to behave as good as can be expected from a block cipher with the given block and key length. Cipher strength-wise; this implies that the most efficient key-recovery attack for Anubis is exhaustive key search. Otherwise, this cipher is considered secure.