comprehensive design review
DESCRIPTION
HDD Lock. Comprehensive Design Review. Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva. Advisor: Professor Michael Zink. Department of Electrical & Computer Engineering. HDD Lock. Outline. System Overview CDR Deliverables Android Application Bluetooth Communication Demo - PowerPoint PPT PresentationTRANSCRIPT
HDDLock
Department of Electrical & Computer Engineering
Advisor:Professor Michael Zink
Team:Brigit Lyons
Fadi MaalouliTony PanettaRenzo Silva
Comprehensive Design Review
HDDLockOutline
• System Overview• CDR Deliverables• Android Application• Bluetooth Communication• Demo• Hard drive read/write and UI• Hardware Encryption• FPR Goals
Department of Electrical & Computer Engineering 2
HDDLockSystem Overview
Department of Electrical & Computer Engineering 3
Security device
HDDLockCDR Deliverables
• Android Application:• User login/authentication• Send encryption key to security device
• Security Device:• Communication between development board and
Bluetooth module• Encryption algorithm working on development
board• Research OS libraries for read/write from hard drive
Department of Electrical & Computer Engineering 4
HDDLock
Android Application BasicsConnect to security device via Bluetooth, verify user credentials, then
send master encryption key to security device
Department of Electrical & Computer Engineering 5
HDDLockAndroid User Authentication
• Requires Username and Password– Both username and master encryption key are
encrypted with AES128 using password as key– Stored in SharedPreferences
• User submits username and password– Username is encrypted with password and compared to
stored username cipher• If comparison is valid, stored master encryption key
unencrypted with password and sent to security device
Department of Electrical & Computer Engineering 6
HDDLockAndroid Password Recovery
• At account creation, user picks security question and answers it
• Security question is encrypted using answer as key and is stored in SharedPreferences– Generated master encryption key is also encrypted
with security answer and stored• At password recovery, correct security
question/answer are used to retrieve clear text master encryption key
Department of Electrical & Computer Engineering 7
HDDLockSecurity Device
• DE2 board faster and more efficient– Cyclone II FPGA– Memory: 8 MB SDRAM, 512 KB SRAM,
4 MB Flash– I/O interfaces: RS232, USB, Ethernet…
• Bluetooth module– signals at a rate of up to 464 Kbps– very low power consumption– high speed UART – RS232 interface
Department of Electrical & Computer Engineering 8
HDDLockBluetooth Communication
• Encryption key is received by Bluetooth module RN-240• Key is passed along to DE2 via UART-RS232– Baud rate is synced to 115200 Bits/s on both ends– Wrong data was received at different baud rates
• C code was written in order to grab the key from Bluetooth module– To read data off the port – For data flow control
• Encryption/Decryption done in C– AES 128 encryption algorithm is used– Slower than hardware encryption– Proof of concept
Department of Electrical & Computer Engineering 9
HDDLock
Demo
Department of Electrical & Computer Engineering 10
HDDLock
Department of Electrical & Computer Engineering 11
Encryption Hardware
Two separate modules…
Encrypt Decrypt
Sbox
Key Expand
Rcon
Inverse Sbox
Key Expand
Rcon
Plain Text
Key
Plain Text
Cipher Text
Key
Cipher Text
HDDLock
Department of Electrical & Computer Engineering 12
Encryption Control Logic
I/O To Text In FIFO
I/O To Key FIFO
I/O To Text Out
FIFO
clk
clk, reset, end_of_text_in, enc_or_dec, aes_start, key_recv_rdy, key, text_in_recv_rdy, text_in, text_out_send_rdy, text_out_write_req, /*enc_done, dec_done, dec_key_rdy,*/ key_read_req, text_in_read_req, text_out, enc_go, dec_go, dec_key_go
rese
t
enc_
or_d
ec
aes_
star
t
end_
of_t
ext_
in
key_recv_rdy
key
key_read_req
text_in_recv_rdy
text_in
text_in_read_reqtext_out_send_rdy
text_out
text_out_write_req
enc_
goen
c_do
ne
text
_in
key
dec_
gode
c_do
nede
c_ke
y_go
dec_
key_
done
I/O To Encrypt/Decrypt Modules
I/O To System
AES_TOP
HDDLock
Department of Electrical & Computer Engineering 13
Encryption Control FSM
HDDLock
Department of Electrical & Computer Engineering 14
Encryption Control FSM Design
WAIT OUTPUT
DONE
DECRYPT DONE
ENCRYPT DONE DECRYPT
DEC KEY WAIT
DEC KEY LOAD
ENC WAIT
ENCRYPT
READ INPUTS
WAIT INPUTS
REQUEST INPUTS
IDLE
DEC WAIT
HDDLock
Department of Electrical & Computer Engineering 15
HDDLock
Department of Electrical & Computer Engineering 16
NIOS DE2
AES_KEY_FIFO_8_128 :inputk_fifo
AES_IN_FIFO_32_128 : input_fifo
AES_ENC:aes_unit
AES_OUT_FIFO_128_32: output_fifo4
key_pio[8:0]
key_isfull
key_write_req
.data[8:0]
.wrfull
l .wrreq
wrcl
krdclk
aclr
q[128:0]
.rdreq
.rdempty
data_pio[32:0]
data_isfull_pio
data_wreq_pio
data_pio[32:0]
result_ready_pio
data_wreq_pio
.data[32:0] .w
rfulll .w
rreq q[128:0]
.rdreq
.rdempty
aclr rdclk
wrclk
.data[32:0] .w
rfulll .w
rreqq[128:0]
.rdreq
.rdempty
aclr wrclk
rdclk
HDDLockFDR Goals
• Finalize communication between NIOS, FIFOs, and encryption/decryption modules
• Implement user-friendly options for the Android application
• Implement interface to send and receive files from the computer
Department of Electrical & Computer Engineering 17
HDDLock
Department of Electrical & Computer Engineering 18
Questions?