Laboratory 3

In laboratory 3 you will design a system-on-chipi which includes one Microblaze soft-processori, several IP cores, and an OPB bus which connects all of the components in the system. Like the previous laboratories, you will be using the Xilinxi BSB wizard to create a basic hardware design for your system. Unlike previous laboratories, however, you will be modifying the basic design by adding a custom peripheral. This custom peripheral, which will be provided for you, performs 128-bit encryption and decryption using the Blowfish algorithm. Using this Blowfish hardware peripheral, you will design and implement a software application which will encrypt and decrypt data. Additionally, your software will be responsible for retrieving data from a host computer using the RS-232 serial port.

Project Assignment

  1. Create a system-on-chipi design which includes the following components:
    • A Microblaze soft-processori
    • A serial port for debug output
  2. Add the custom blowfish hardware core to your system-on-chipi
    • Download the hardware design
    • Unzip the design into the "pcores" directory inside of your project
    • Add the "OPB_BLOWFISH" hardware core to your system
    • Assign a base address to the blowfish core
  3. Create a software application which performs the following
    • Read a pass phrase using the serial port and use it to initialize the hardware encryption key
    • Read input from the serial port and store it in an array
    • Encrypt the data input from the serial port and print the encrypted array
    • Decrypt the encrypted data and print the decrypted array
    • Continue reading input, encrypting, and decrypting in an infinite loop
  4. Synthesize your system-on-chipi, compile your software project, and combine them into a bitstream
  5. Download your bitstream onto the XUPi development board, execute it, and demonstrate your design to your TA

The due date for this project will be the week of September 29, 2008 through October 3, 2008. The project reports will be due on Friday, October 3, 2008. Ensure that you demonstrate your project to your TA during your laboratory period and turn in your complete project submission, including the project report, by the Friday due date.

Project Directions: First Week

For the first week of this laboratory you should concentrate on getting a basic "read-eval-print" loop working. To accomplish this you will first need to get a basic system-on-chipi design working using the BSB. Refer to laboratory 1 if you do not remember how to use the BSB. At this point, do not worry about adding the custom blowfish encryption core. All you will need is a Microblaze processor and a RS-232 serial port for communicating with the host computer.

Once you have created, downloaded and tested your hardware design you should build a basic skeleton for the software. The software for this laboratory should consist of two basic phases: initialization and a "read-eval-print" loop. In the initialization phase you will read in a 128-bit pass phrase to use for encryption/decryption. In the "read-eval-print" loop you will read in a string, encrypt that string, decrypt the encrypted string, and then print the original, encrypted, and decrypted strings. For the first week, just get the reading and printing working for skeleton application. We will learn how to encrypt and decrypt with the blowfish hardware next week.

There are two special things to note about the software for this laboratory. First, for this laboratory we would like you to use the low-level function inbyte() to read values from the serial port. This function, which has the signature "char inbyte()", will read a single character from the serial port and return it to the caller. You should make wrapper functions for inbyte() as necessary. For instance, it would be wise to write a wrapper function which reads in a 128-bit string one character at a time using the inbyte() function.

The second special thing to note is that the blowfish hardware requires data in 64-bit blocks. The software, however, will be reading input strings to encrypt and decrypt 8-bits at a time. Thus, it will be necessary for you to pad input strings to be a multiple of 64-bits by appending 0's as necessary. For instance, if the user enters "encryptthis" as the content to encrypt then the input string will be 88-bits which is not a multiple of 64-bits. In this case your software will need to append 40-bits of zero to the input string before encrypting and decrypting. You can do this in any way that is convenient for your design.

For this project you do not need to do any sort of dynamic memory management. It is fine for your software to limit the size of the user input to some maximum value. This way you can simply use statically declared arrays for reading input data and storing encrypted and decrypted values. We advise that doing this will substantially reduce the complexity of your software.

Project Directions: Second Week

[video file=/sites/default/files/video/lab3.flv]

Adding Blowfish Hardware
Click to Play

For the second week of this project you will be adding a custom Blowfish encryption hardware core to the basic system-on-chipi design that you created during the first week. You will then be modifying the "read-eval-print" loop that you created during the first week to add support for performing encryption. To begin this project you will need to download the Blowfish Encryption Hardware. Once you have this file downloaded, you will need to unzip the file into the "pcores" directory inside of your existing system-on-chipi design. For instance, if your system-on-chipi design is located in the directory "H:\eecs388\lab3" then you will unzip the Blowfish encryption hardware into the directory "H:\eecs388\lab3\pcores" (this directory should already exist).

Once you have done this, the Blowfish hardware will be available for addition to your design. First, open up your existing system-on-chipi design. Once the design is open, click on the "IP Catalog" button in the upper left quadrant of the XPS window; also ensure that the "System Assembly View" tab is selected near the middle of the window. In the "IP Catalog" panel you should see a entry named "Project Local Pcores". Click on the plus sign next to this entry and then double click on "OPB_BLOWFISH" to add the Blowfish hardware to your design. You now need to attach the Blowfish hardware to the sytem bus. Do this by looking in the main window for the "opb_blowfish_0" entry. If you do not see this entry then ensure that "Bus Interface" is the selected filter near the top middle of the window. Click on the plus sign next to the "opb_blowfish_0" entry. You should see a green line extending out to the left from the entry and connecting to another line which goes up to the label "OPB". The empty bubble at the intersection of the two lines indicates that the "opb_blowfish_0" core is not yet connected to the OPB bus. Clicking on the bubble will connect it to the bus and fill in the bubble to indicate that the core is now connected to the bus.

Once the Blowfish hardware is connected to the bus, you will need to assign an address space to it. Click on the "Addresses" filter in the top middle of the screen to view the current system memory-map. Locate the entry for "opb_blowfish_0" and give it a "base address", typically "0x42000000" will be an available address. Once the base address had been selected you can click on the "Size" drop down menu and select the size of the address space, typically 64K is a good value. Doing this will automatically setup the "high address" for you. Note: Instead of doing this manually each time you can also simply click on the "Generate Addresses" button near the top middle of the screen. This will let the tools automatically create a memory-map for you.

At this point your system-on-chipi design for this lab should be complete. The only remaining step is to control the Blowfish encryption hardware from your software design in order to encrypt and decrypt data with it. In this laboratory you will need to write your own software from scratch to do this.

The register set for the Blowfish hardware is show in the picture to the right. There are nine 32-bit memory-mapped registers which are organized into four logical registers. The following describes the registers:

  1. Control Register
    This is a write-only 32-bit register located at offset +0 from the base address. Writing the value 0x00000000 to the control register will initialize the hardware with the encryption key stored in the key register. Writing 0x00000001 will encrypt the value in the data register and store the outcome in the results register. Likewise, writing 0x00000002 wil decrypt the value in the data register and store the outcome in the results register.
     
  2. Data Register
    This is a logical 64-bit read/write register located at offset +4 and +8 from the base address. The register is composed of two 32-bit registers allowing 32-bit processors access to the 64-bit data one DWORD at a time. The high 32-bits of the data is stored at offset +4 while the low 32-bits of the data is stored at offset +8. The data register is used to store the data to operate on before either the encrypt or the decrypt command is written to the control register.
     
  3. Key Register
    This is a logical 128-bit read/write register located at offsets +12, +16, +20, and +24 from the base address. The operation of this register is the same as the data register with the highest 32-bits located at offset +12 and the lowest 32-bits located at offset +24. The key register is used to store the encryption / decryption key before the initialize key command is written to the control register.
     
  4. Results Register
    This is a logical 64-bit read/write register located at offset +28 and +32 from the base address. This register operates similarly to the data register with the high 32-bits located at offset +28 and the low 32-bits located at offset +32. The results register is used to store either the encrypted outcome when the encrypt command is written to the control register or the decrypted outcome when the decrypt command is written to the control register. 

The Blowfish encryption core supports three operations: initializing the key, encrypting data, and decrypting data. All of these operations are controlled by the software through the control register in the hardware. The software steps required to interact with the Blowfish hardware are described below:

To complete this project sucessfully you will need to read in a 128-bit key from the serial port and then initialize the Blowfish hardware using the key. Once the hardware has been initialized, you will then encrypt and decrypt additional data read in from the serial port using the Blowfish hardware. Data input, encryption and decryption should be performed infinitely while your application is running. Additionally, your application should output the original input data, the encrypted data, and the decrypted data every time new input is read and encrypted / decrypted. To get full points on this project the original input data and decrypted data must be the same.

Project Questions

  1. What register set is exposed by the blowfish encryption peripheral? Describe each register.
  2. How do values get read by the software from the host computer which is attached to the FPGAi? Describe the necessary hardware, the FPGAi side software mechanisms, and the required software on the host computer.
  3. Describe the steps required to initialize the Blowfish hardware key.
  4. Describe the steps required to encrypt or decrypt a 64-bit data block using the Blowfish hardware.
  5. Describe any additional steps needed when encrypting variable length byte arrays with the Blowfish hardware.