FPGA Implementation of Diffie-Hellman Key

Exchange Algorithm for Zero Knowledge Proof

Presented by:
V. SeethaRama Rao
(12B81D5727)
UNDER GUIDENCE OF
Mr. M. Ashok Sir..
(Sr. Asst.Professor)

CONTENTS :
AIM of Project
Attacks
Network Security block diagram
D-H key Exchange Algorithm
ZKP Version1 and Version 2
Simulation Results

Applications
Conclusion
Future scope
References

Aim of Project:
The main aim of project is to design Zero Knowledge Proof protocol

and resists the known attacks.

Network Security is to provide security for the network which is

done by Cryptography.
Cryptography means hiding the data.

Security Attack:
Any action that compromises the security of information
owned by an organization

Active Attacks: Active attacks involve some modification of

the data stream or the creation of a false stream.

Masquerade
Replay
Modification of message
Denial of Service

Passive Attack:
A passive attack on a cryptosystem is one in which the cryptanalyst cannot
interact with any of the parties involved, attempting to break the system solely based
upon observed data i.e. the cipher text.

Release of message contents

Traffic analysis

Security Services:

Confidentiality
Integrity
Authentication
Nonrepudiation
Access Control
Availability

Model for Network Security:

Terminologies present:
Plain Text.
Cipher Text.
Encryption.
Decryption.
Symmetric Cryptography (Conventional Encryption).
Asymmetric Cryptography (Publickey Encryption).
Cryptanalysis (Breaking Code).

Classification of Security Algorithms:

Symmetric Ciphers

Same key for Encryption and Decryption

Ex: DES, AES. etc
Asymmetric Ciphers

Different keys for Encryption and Decryption

Ex: RSA, Diffie-Hellman. etc
Cryptographic data Integrity Algorithms

Ex:MD5, SHA 0,sha 1 etc

Differences between Symmetric and Asymmetric

Parameter

Symmetric

Asymmetric

Encryption &Decryption

Fast

Slow

Key Distribution

Difficult

Easy

Complexity

O(Log N)

O (N3)

Security

Moderate

Highest

Security Services

Confidentially

Confidentially, integrity,
non repudiation

Example

AES,DES

RSA,DH Algorithm

D-H key Exchange Algorithm:

It has different names such as Diffe-Hellman Protocol or

Diffe-Hellman Hand Shake or DH for convenience.
It was invented by White Field Diffie and Martin Hellman in
the year 1976.
It is one of the asymmetric (Public Encryption ) algorithm

used for exchange of secret key in a number of commercial

products.

DH Algorithm:

Steps present in DH Algorithm:

1.Let two parties(Alice &Bob) chooses a two numbers p and g where p is a
prime number and g is a primitive root p.
2. Alice chooses a random number x such that 0<x<p where x is Alice Private
key
Calculate R1= gX (mod p).
3.Bob chooses a random number y such that 0<y<p where y is Bobs Private
key
Calculate R2= gY (mod p).
4.Alice sends R1to Bob
5.Bob sends R2to Alice
6.Alice computes Ka= R2 X (mod p).
7.Bob computes Kb= R1Y(mod p).
Finally both Alice & Bobs are equal Ka=Kb= gYX (mod p).

Example:
1)
2)

3)

4)

5)

6)

Alice and Bob agree to use a prime number p = 23 and base g = 5.

Alice chooses a secret integer x = 6, then sends Bob R1 = gx mod p
R1 = 56 mod 23
R1 = 15,625 mod 23
R1 = 8
Bob chooses a secret integer y= 15, then sends Alice R2= gy mod p
R2 = 515 mod 23
R2 = 30,517,578,125 mod 23
R2 = 19
Alice computes Ka = R1 x mod p
R2 = 196 mod 23
R2 = 47,045,881 mod 23
R2 = 2
Bob computes Kb = R2 y mod p
Kb = 815 mod 23
Kb = 35,184,372,088,832 mod 23
Kb = 2
Alice and Bob now share a secret (the number 2) because 6 15 is the same as 15 6.

Continued.
Advantages:
DH Algoritham key agrrement not limited to negotiateing a key
shared by only two participants.
Disadvantages:
DH Algoritham is susceptible to two types of attacks.
1)Discrete logarithmic attack
2)Man in the middle attack

Man in the middle attack:

Zero Knowledge Proof:

Zero-knowledge proof (ZKP) plays an important role in
authentication without revealing secret information
A zero-knowledge proof is an interactive method for one
party to prove to another that a statement is truewithout
revealing anything other than the verity of the statement.
The proposed protocol is designed to satisfy the
zeroknowledge proof properties and resists the known
attacks.

Version 1:

Version 2:

Tools used:
Design Entry

Verilog HDL

Synthesis

Xilinx Synthesis Tool(XST)

Simulation

ISE Simulator

Implementation

FPGA Editor, Plan Ahead Impact

FPGA board

SPARTAN 3E (XC3s 500e fg320)

Power module Simulation:

Schematic:

RTL Schematic:

Device Utilization Summary:

Binary Division:

Schematic:

Device Utilization Summary:

DH Simulation Results:

Schematic:

Device Utilization Summary:

Simulation Results of Version 1:

Simulation Results of Version 1:

Schematic:

Device utilization summary:

Simulation Results of Version 2:

Simulation Results of Version 2:

RTL Schematic:

Device utilization summary:

Applications:
Diffie-Hellman is currently used in many protocols, namely:
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Secure Shell (SSH)
Internet Protocol Security (IPSec)
Public Key Infrastructure (PKI)

FPGA Prototyping:

01110001

Conclusion:

The proposed ZKP protocol is a deterministic algorithm and it is

protected against Discrete logarithm attack and Man-in-the-middle
attack.
The proposed algorithm serves as key exchange algorithm with the
addition to authentication services
The major Security goals are satisfied and give confidence to users to
communicate securely.

Future Scope:
These techniques not only used for secure data transfer, but

also it can be extended to transfer digital images by encrypting

each pixel value
These can be extended to other asymmetric algorithms such as

RSA, Elliptic Curve Cryptography, Digital Signature

Algorithm etc

References:

[1] Ibrahem M.K(2012)Modification of Diffie-Hellman key

exchange algorithm for Zero Knowledge Proof Published in:
future communication Networks (ICFCN)2012 International
conference.
[2] Joseph M, (2010), "Feige-Fiat-Shamir ZKP Scheme
Revisited", International Journal of Computing and ICT
Research, Vol. 4, No. 1, June 2010.
[3] Carts, David A., (2001), "A Review of the Diffie- Hellman
Algorithm and its Use in Secure Internet Protocols", SANS
Institute, 2001
[4] Stallings, William (2010), "Cryptography and Network
Security", Prentice Hall, 5th Ed. 2010