GOST 28147-89 Verilog HDL code

Description

This is a implementation of the GOST 28147-89 - a Soviet and Russian government standard symmetric key block cipher (now as part of standard GOST R 34.12-2015). GOST 28147-89 has a 64-bit blocksize and 256-bit keysize.

Note	Russian description available here: http://idoka.ru/crypto-ip-core-gost-28147-89/

This implementation provide trade off size and performance. The goal was to be able to fit in to a low cost Xilinx Spartan series FPGA and still be as fast as possible. As one can see from the implementation results below, this goal has been achieved.

Short Chipher Detail

Date published	1989
Structure	Feistel network
Key sizes	256 bits
Block sizes	64 bits
Rounds	32

Features

• SystemVerilog RTL and TB code is provided

• Implements both encryption and decryption in the same block

• GOST 28147-89 algorithm focusing on very low area applications

• Implementation takes about 32 cycles to encrypt/decrypt a block

• EBC-cipher mode support

• Now support following set of S-boxes (names on accordence with RFC4357)

  • id-GostR3411-94-TestParamSet

  • id-Gost28147-89-CryptoPro-A-ParamSet

  • id-Gost28147-89-CryptoPro-B-ParamSet

  • id-Gost28147-89-CryptoPro-C-ParamSet

  • id-Gost28147-89-CryptoPro-D-ParamSet

  • id-tc26-gost-28147-param-Z

  • additional R34.11-94 CryptoPro S-box supported

Status

• Core implementations have been tested on a Xilinx Spartan-3E FPGA succesfully

Employment

For run synthesize design using Synplify tool use command:

$ make synthesis

To compile and run simulation RTL-design using ModelSim with CLI:

$ make sim

To compile and run simulation RTL-design using ModelSim with GUI:

$ make sim-gui

In order to determine which S-box will be used for synthesis/simulation you must to pass apropriate define by command line argument:

• GOST_SBOX_TESTPARAM - for id-GostR3411-94-TestParamSet S-box using

• GOST_SBOX_CRYPTOPRO_A - for id-Gost28147-89-CryptoPro-A-ParamSet S-box using

• GOST_SBOX_CRYPTOPRO_B - for id-Gost28147-89-CryptoPro-B-ParamSet S-box using

• GOST_SBOX_CRYPTOPRO_C - for id-Gost28147-89-CryptoPro-C-ParamSet S-box using

• GOST_SBOX_CRYPTOPRO_D - for id-Gost28147-89-CryptoPro-D-ParamSet S-box using

• GOST_SBOX_TC26_Z - for id-tc26-gost-28147-param-Z S-box using

• GOST_SBOX_R3411 - for GOST R34.11-94 CryptoPro S-box using

All procedures like synthesis or simulation was tested on the Linux environment (x86_64 host).

Synthesis

Sample Synthesis Results for the ECB-mode GOST 28147-89

Technology 	       Size/Area 	Speed/Performance
==============================================================
Xilinx Spartan-3E      525 LUTs         75 Mhz (150 Mbits/sec)

Limitations

The design uses SystemVerilog as language for RTL-implementation therefore your Design Tools should support SystemVerilog for synthesis and simulation.

TODO.adoc

BUGS.adoc

References

• Description of GOST 28147-89 (ENGLISH)

• Description of GOST 28147-89 (RUSSIAN)

• Digital signature standard GOST R 34.10-2012 (RUSSIAN)

• Hash function GOST R 34.11-94 (ENGLISH)

• Hash function GOST R 34.11-94 (RUSSIAN)

• NIST SP800-38A: Recommendation for Block Cipher Modes of Operation

• Block cipher mode of operation (RUSSIAN)

• Block cipher mode of operation (ENGLISH)

• ISO/IEC 18033-3 Information technology — Security techniques — Encryption algorithms — Part 3: Block ciphers

• RFC5831: GOST R 34.11-94 Hash Function Algorithm

• RFC4357: Additional Cryptographic Algorithms for Use with GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 Algorithms

• RFC4490: Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and GOST R 34.10-2001 Algorithms with Cryptographic Message Syntax (CMS)

• Recommendation of definition S-box (id-tc26-gost-28147-param-Z) for GOST 28147-89 (RUSSIAN)

Feel free to send me comments, suggestions and bug reports