Cryptography Engine Design for IEEE 1609.2 WAVE Secure Vehicle Communication using FPGA

In this paper, we implement the IEEE 1609.2 secure vehicle communication (VC) standard using FPGA by fast and efficient ways. Nowadays, smart vehicle get nearer to our everyday life. Therefore, design of safety smart vehicle is critical issue in this field. For this reason, secure VC is must implemented into the smart vehicle to support safety service. However, secure process in VC has significant overhead to communication between objectives. Because of this overhead, if circumjacent vehicles are increased, communication overhead of VC is exponentially increased along the number of adjacent vehicles. To remove this kind of overhead, we design fast and efficient IEEE 1609.2 cryptography engine using FPGA. This engine consists of AES-CCM encryption, SHA-256 hash function, Hash_DRBG random bit generator, and ECDSA digital signature algorithm and each algorithm is analyzed carefully and optimized with specific technics. For the AES-CCM, we optimized AES encryption engine. First, we use 32-bit S-box structure to remove 8-bit operation of AES. Second, we employ the key save register file architecture to reduce frequently key expansion operation when input of key value is always same for AES encryption engine. Third, to protect external attacks, we use internal register files to save processed data. Finally, we design parallel architecture for both CBC-MAC and counter in AES-CCM algorithm. SHA-256 hash function is frequently used in ECDSA algorithm that is significant reason of optimization. So, we use parallel architecture for the preprocessing block and the hash computation block. And, we design latest schedule block to reduce usage of register and combinational logics. In ECDSA, Hash-DRBG is used to generate key value and signature for vehicle message. To make Hash-DRBG, we use our SHA-256 design much fast generation of random value. ECDSA is most critical and complex module in our cryptography engine. For this module, we use affine representation of elliptic curve in ECDSA. So, we can replace the prime arithmetic operation by right shift operation and bit operation. And, we implement scalar multiplier to optimize arithmetic operation of ECDSA. This kind of replacement is hardware kindly, so we can reduce complexity of ECDSA hardware design. To implement all of algorithm in IEEE 1609.2 standard, we use Xilinx Virtex-5 FPGA chip with ISE 14.6 synthesis tool and Verilog-HDL.

[1]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[2]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[3]  Yunpeng Wang,et al.  Throughput and Delay Limits of 802.11p and its Influence on Highway Capacity , 2013 .

[4]  Vasilios I. Kelefouras,et al.  On the exploitation of a high-throughput SHA-256 FPGA design for HMAC , 2012, TRETS.

[5]  Zoubir Mammeri,et al.  Authentication and consensus overhead in vehicular ad hoc networks , 2013, Telecommun. Syst..

[6]  Miguel Morales-Sandoval,et al.  On the hardware design of an elliptic curve cryptosystem , 2004, Proceedings of the Fifth Mexican International Conference in Computer Science, 2004. ENC 2004..

[7]  Torsten Schütze,et al.  Automotive Security : Cryptography for Car 2 X Communication , 2011 .

[8]  John Kelsey,et al.  Recommendation for Random Number Generation Using Deterministic Random Bit Generators , 2014 .

[9]  Tao Zhang,et al.  Vehicle Safety Communications - Protocols, Security, and Privacy , 2012, Wiley series on information and communication technology.

[10]  Haeyoung Rha,et al.  Efficient Pipelined Multistream AES CCMP Architecture for Wireless LAN , 2012, 2012 International Conference on Information Science and Applications.

[11]  Youngmin Kim,et al.  Implementation of efficient SHA-256 hash algorithm for secure vehicle communication using FPGA , 2014, 2014 International SoC Design Conference (ISOCC).

[12]  Ignacio Algredo-Badillo,et al.  Efficient hardware architecture for the AES-CCM protocol of the IEEE 802.11i standard , 2010, Comput. Electr. Eng..

[13]  Rommel García,et al.  A compact FPGA-based processor for the Secure Hash Algorithm SHA-256 , 2014, Comput. Electr. Eng..

[14]  Máire O'Neill,et al.  WLAN security processor , 2006, IEEE Transactions on Circuits and Systems I: Regular Papers.

[15]  Morris Dworkin,et al.  Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2003 .

[16]  Guillermo Acosta-Marum,et al.  Wave: A tutorial , 2009, IEEE Communications Magazine.

[17]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[18]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[19]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[20]  William Stallings,et al.  Cryptography and network security - principles and practice (3. ed.) , 2014 .