A Key Management Architecture for Securing Off-Chip Data Transfers

  • Jonathan Graf
  • Peter Athanas
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3203)


Data security is becoming ever more important in embedded and portable electronic devices. The sophistication of the malicious techniques used by attackers is amazingly advanced. Defensive measures for protecting a device must be even more sophisticated and robust. This paper presents an architecture that manages cryptographic keys for a secure memory interface on an FPGA. The architecture includes functional units that serve to authenticate a user, create a key with multiple layers of security, and encrypt an external memory interface using that key. Cryptographic methods built into the system include an RSA-related secure key exchange, the Secure Hash Algorithm, a certificate storage system, and the Data Encryption Standard algorithm in counter mode.


Advance Encryption Standard Data Encryption Standard Embed Application Memory Interface Secure Hash Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Celoxica Limited: RC1000 Hardware Reference Manual. Version 2.3. RM-1120-0 (2001),
  2. 2.
    Maxim/Dallas Semiconductor Corporation: Java-Powered Cryptographic iButton (2003),
  3. 3.
    National Institute of Standards and Technology (NIST): FIPS Publication 46-2. Data Encryption Standard (1993)Google Scholar
  4. 4.
    Xilinx, Incorporated: Virtex-E 1.8V Field-Programmable Gate Arrays (2002),
  5. 5.
    Maxim Integrated Products: DS9097U Universal 1-Wire COM Port Adapter (2004),
  6. 6.
    Chappell, S., Sullivan, C.: Handel-C for co-processing & co-design of Field Programmable System on Chip. In: Workshop on Reconfigurable Computing and Applications (JCRA) (September 2002)Google Scholar
  7. 7.
    Maxim/Dallas Semiconductor Corporation: iB-IDE – New IDE for the Java-powered iButton (2003),
  8. 8.
    Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 2(21), 120–126 (1978)CrossRefMathSciNetGoogle Scholar
  9. 9.
    National Institute of Standards and Technology (NIST): NIST PKI Program (2001),
  10. 10.
    National Institute of Standards and Technology (NIST): FIPS Publication 180. Secure Hash Standard (1993)Google Scholar
  11. 11.
    Lipmaa, H., Rogaway, P., Wagner, D.: Comments to NIST concerning AES Modes of Operations. CTR-Mode Encryption. Modes of Operation for Symmetric Key Block Ciphers. First Modes of Operation Workshop, online (October 2000), at
  12. 12.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)zbMATHGoogle Scholar
  13. 13.
    National Institute of Standards and Technology (NIST): FIPS Publication 197. Advanced Encryption Standard (2001)Google Scholar
  14. 14.
    National Institute of Standards and Technology (NIST): FIPS Publication 46-3. Data Encryption Standard (1999)Google Scholar
  15. 15.
    Xilinx, Incorporated: Virtex-II 1.5V Field-Programmable Gate Arrays (2001),

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Jonathan Graf
    • 1
  • Peter Athanas
    • 1
  1. 1.Virginia Tech Department of Electrical and Computer EngineeringBlacksburgUSA

Personalised recommendations