This repository complements the work published in Constant-Cycle Hardware Private Circuits. It provides the implementations of the CCHPC gadgets, along with circuit/architecture designs used in the case studies of the paper.
The `ImplementationsΒ΄ folder contains the following files. Both the CCHPC gadgets and the CCHPC-composed designs support configurable, arbitrary security orders. The testbenches are tailored to a specific security order as indicated.
The linear CCHPC gadget can be configured to implement either a CCHPC-XOR or CCHPC-XNOR. The non-linear CCHPC gadget supports configurations for CCHPC-AND, CCHPC-NAND, CCHPC-OR, and CCHPC-NOR.
Implementations
|
βββ basic_components.v // DRP components (cf. Section 3) and basic reused modules
β
βββ Gadgets
β β
β βββ RTL // Gadget implementations:
β β βββ inv_CCHPC.v // - CCHPC-NOT (cf. Section 4.1.1)
β β βββ mux_CCHPC_wNAND.v // - CCHPC-X(N)OR (cf. Section 4.1.2)
β β βββ linear_CCHPC_wNAND.v // - CCHPC-MUX (cf. Section 4.1.2)
β β βββ nonlinear_CCHPC_wNAND.v // - non-linear CCHPC/CCHPC_RS (cf. Section 4.1.3)
β β
β βββ TB // Testbenches for:
β βββ linear_tb_d2.v // - 2nd-order CCHPC-XOR
β βββ nonlinear_tb_d1.v // - 1st-order CCHPC_RS-AND
β βββ nonlinear_tb_d2.v // - 2nd-order CCHPC_RS-AND
β ... // ...
β
βββ AES Boyar-Peralta S-box // S-Box Case Study (cf. Section 5)
β β
β βββ RTL
β β βββ sbox_bp_CCHPC_wNAND.v // CCHPC/CCHPC_RS S-box
β β
β βββ TB
β βββ sbox_bp_tb_d1.v // 1st-order CCHPC_RS BP S-box testbench
β
βββ AES encryption core // Round-based AES Case Study (cf. Section 5)
β
βββ RTL
β βββ CCHPC_AES_duality.v // CCHPC_PL AES with Duality
β βββ controller_CCHPC.v // AES controller
β βββ linear_CCHPC_wNAND_pipeline_layer0.v // linear gadget (layer 0 only)
β βββ linear_CCHPC_wNAND_pipeline_consecutive.v // linear gadget (except layer 0)
β βββ mux_CCHPC_wNAND_layer0.v // mux gadget (layer 0 only)
β βββ mux_CCHPC_wNAND_consecutive.v // mux gadget (except layer 0)
β βββ nonlinear_CCHPC_wNAND_pipeline_layer0.v // non-linear gadget (layer 0 only)
β βββ nonlinear_CCHPC_wNAND_pipeline_consecutive.v // non-linear gadget (except layer 0)
β βββ bitstate_reg_CCHPC.v // CCHPC representation register
β βββ precharger_reg_CCHPC.v // (unshared) control signal register
β βββ reg_pipeline.v // configurable register pipeline
|
βββ TB
βββ CCHPC_AES128_duality_tb_d1.v // 1st-order CCHPC_PL Duality AES testbench
βββ CCHPC_AES128_duality_tb_d2.v // 2nd-order CCHPC_PL Duality AES testbench
βββ CCHPC_AES128_duality_tb_d3.v // 3rd-order CCHPC_PL Duality AES testbench
We used Vivado 2022.1.2 to simulate the designs. It follows a step-by-step guide on how to use the testbenches in the source files accordingly.
- Create a Vivado project.
- Add the design sources:
- Implementations/basic_components.v
- Implementations/Gadgets/RTL/*
- Implementations/AES Boyar-Peralta S-box/RTL/*
- Implementations/AES encryption core/RTL/*
- Add the simulation sources:
- Implementations/Gadgets/TB/*
- Implementations/AES Boyar-Peralta S-box/TB/*
- Implementations/AES encryption core/TB/*
- Set the desired testbench as the top module.
- Run the Simulation.
Each testbench includes one or more testvectors to verify correct computation. Due to the nature of the CCHPC scheme, layers are executed/evaluated in consecutive clock cycles.
For the gadgets and S-Box implementations, inputs are applied sequentially to the unit under test. The outputs of each layer stabilize in the same clock cycle as the corresponding (share) inputs are applied, completing the computation within the layer. The outputs are checked during both the pre-charge and evaluation phases in the testbenches, and the TCL Console reports any erroneous states accodingly.
For the AES testbenches, all inputs are applied simultaneously to the cicuit. The outputs are then passed through register pipelines that compensate the clock-cycle offset. As a result, the final register at each output in the testbenches holds the complete result in the final clock cycle. The outputs are validated against the expected values to confirm correctness.