Design and Implementation of Real-Time Image Acquisition Chip Based on Triple-Hybrid Encryption System

Abstract

With the improved hardware storage capabilities and the rapid development of artificial intelligence image recognition technology, information is becoming image-oriented. Increasingly sensitive image data needs to be processed. When facing a large amount of real-time sensitive image data encryption and decryption, ensuring both the speed and the security is an urgent demand. This paper proposes an original triple-hybrid encryption system for a real-time sensitive image acquisition chip. This encryption system optimizes the symmetric encryption algorithm AES, asymmetric encryption algorithm ECC, and chip authentication algorithm PUF in pursuit of security, calculation speed, and to ensure that it is lightweight. The three optimized algorithms are further mixed and reused on the circuit level, to ensure mutual protection while making full use of their advantages. Apart from sensitive image protection at the algorithm level, the image chip itself is also protected by an innovative PUF chip authentication method that prevents it from being tampered with and copied. Triple-hybrid encryption system hardware implementation achieves a frequency of 132.5 MHz under the Virtex-5 FPGA with an area of 2834 Slices; with Virtex-7 FPGA, it reaches a frequency of 137.6 MHz with an area of 2716 Slices. The system is also implemented on SMIC 40 nm ASIC, and the clock frequency reaches 480 MHz and the area is 94,812.4 $\mathsf{\mu }$m${}^2$. In terms of computing speed, the peak image encryption speed is 6.15 Gb/s, which meets the real-time image encryption requirement. In terms of hardware resource usage, AES reduced the hardware area by 60.1% compared with the results in other literature, ECC reduced the hardware area by 43.4%, and the PUF hardware area decreased exponentially with the increase in information entropy. The implementation of the three algorithms is reasonable and cost-effective, and the mixture of algorithms does not increase the required capacity of the hardware resource. The triple-hybrid encryption system cooperates with the image acquisition subsystem, storage subsystem, and asynchronous clock subsystem through software control to realize a complete triple-hybrid encryption SoC chip solution, and was successfully taped-out under the SMIC 40 nm process with all constraints passed and a total area of 10.59 mm${}^2$.

1. Introduction

1.1. Research Background

With the rapid development of image processing technology comes the growing need for the enhanced safety of image storage [1,2,3,4], especially in sensitive applications such as face recognition payment, ID verification, license plate recognition, satellite radar imaging and secret military image storage, electronic backup of confidential documents, etc. Cryptographic algorithms are often used in these applications as security assurance. However, the upgrading of image acquisition equipment has increased the standard image resolutions of today to 1080P, 2K, 4K, 8K, and even higher [5], which tests the speed and security of encryption. For example, to encrypt a 30-frame-rate RAW10 format 1080P continuous images in real-time, the requirement of the encryption speed is as high as $1920\times 1080\times 10\times 30$ = 622 Mb/s. When image resolution increases to 8K, the encryption bandwidth increases to 9.95 Gb/s. In these scenarios, software-based encryption can no longer meet the encryption requirements. Consequently, the search for a hardware-based solution that can provide images with high-speed encryption, authentication, and other important cryptographic functions constitutes a popular research direction.

The algorithms of encryption have undergone promising development, but not all of them are suitable for image applications. At present, encryption algorithms are divided into symmetric encryption algorithms and asymmetric encryption algorithms [6].

The encryption and decryption modes of the symmetric encryption algorithm use the same key, so it is faster and cheaper. Typical symmetric encryption algorithms include the Data Encryption Standard (DES), Triple DES (3DES), and the Advanced Encryption Standard (AES). The AES algorithm is mainstream and is currently the most common data encryption algorithm [7]. It has high throughput and is easy to implement in hardware. The shortcoming of AES and other symmetric encryption algorithms mainly lies in the unique key used both in encryption and decryption, which run the security risk of being hijacked or leaked during data communications.

The asymmetric encryption algorithms represented by RSA (Rivest, Shamir, Adleman) and Elliptic Curve Cryptography (ECC) fundamentally solve the problem of key leakage by using a public–private key pair, and are often used in high-security encryption scenarios. To achieve the same security level, ECC has the advantages of shorter keys and a faster computation speed compared with RSA; thus, it is becoming the most widely adopted asymmetric encryption algorithm of today [8]. The disadvantage of ECC is that the hardware implementation area and encryption speed are inferior to symmetric encryption algorithms, making it generally unable to meet the needs of image encryption.

To further strengthen the safety of hardware-based image encryption, attention should be paid to the security of the hardware itself instead of solely focusing on the encryption algorithm. The Physical Unclonable Function (PUF) is a type of hardware authentication algorithm that can guarantee that the chip is not copied or cloned [9]. A comprehensive survey is carried out in [10] on PUF-based authentication and key agreement protocols for IoT, WSNs and smart grids. Among all the PUF algorithms, SRAM PUF is a kind of PUF based on the SRAM initial data and is already successfully applied in commercial cryptography chips. However, the helper data of soft-decision SRAM PUF has the security risk of being tampered with. Another shortcoming is that the SRAM data are easy to read by attackers [11,12]. Therefore, implementing the SRAM PUF algorithm on hardware directly to prevent the chip from cloning is not the best solution. A new method of SRAM PUF hardware authentication is urgently needed.

1.2. Related Work

1.2.1. Cryptographic Algorithm Hardware Implementation

On account of the low complexity of the AES algorithm, many previous studies achieved its high-speed implementation by focusing on critical path optimization and pipelining. A low-latency, low-power AES hardware structure on ASIC is designed in [13]. By balancing the latency of different critical paths, it reached an encryption speed of 5.90 Gb/s under 12,108.33 equivalent logic gates. In [14], Ueno proposed a new multiplicative data-path compression method that can improve performance without additional overhead, achieving a speed of 10.08 Gb/s under 12,127 logic gates. Baby used storage space division, algorithm pipeline expansion design, and targeted pipeline optimization in [15]. The design finally reached an ultra-high speed of 104.06 Gb/s with an area cost of 2617 Virtex-7 FPGA slices. It can be concluded from these previous works that the hardware implementation of AES can achieve a very fast encryption speed with a low cost of hardware resources and that the encryption speed of AES at the Gb/s level can meet or even exceed the needs of image encryption, making it suitable for the encryption of real-time image acquisition hardware.

The ECC algorithm can be applied to both binary and prime fields. Since the basic addition operation in binary-field ECC is carry-free, the advantages in complexity and critical path make binary-field ECC more suitable for hardware and the main research object of ECC hardware implementation [16]. Two 571-bit multipliers were used in [17] for faster ECC point multiplication (PM) on $GF\left(2^{571}\right)$. Its implementation with Virtex-7 FPGA occupied an area of 290,001 LUTs (Look Up Table) and a single PM could be completed in 6.79 $\mathsf{\mu }$s. It reached the top speed of a 571-bit ECC point multiplier, 84.01 Mb/s, which is apparently still far less than the speed of AES and the requirement of real-time image encryption, not to mention the fact that it will increase the design area significantly. Therefore, rather than image data encryption, ECC works better as a sub-encryption algorithm to solve the safety issue concerning the single private key in AES. This solution reduces the speed requirements of ECC, so ECC can adopt a more cost-effective implementation method. Moreover, ECC on the lower-bit-width binary field such as $GF\left(2^{163}\right)$ is sufficient to guarantee the safety of the AES key. Since the size of the resource-dominant multiplier in the ECC is in direct proportion to the bit-width of the binary field, choosing a lower-bit-width binary field will further reduce the level of occupied hardware resources. A more cost-effective, high-performance hardware implementation with $GF\left(2^{163}\right)$ is proposed [18]. Instead of speed, this literature mainly focuses on reducing the area cost of ECC by employing a multi-cycle scheme of one 41-bit multiplier. Only 4271 LUTs are used on the Virtex-7 FPGA, and the encryption speed is 163/10.51 = 15.5 Mb/s. Although the encryption speed is reduced, as long as the need to provide asymmetric encryption protection for AES is met, the hardware area saved by this method and the corresponding power consumption is more valuable. This also clarifies the aim of this paper, as we believe that ECC hardware should be cost-effective and hardware area should not have to be sacrificed for high speed.

With the rise of the PUF concept, there is an increasing amount of research on attacks against PUF. Methods of protocol attacks are proposed in [19,20,21], such as gaining temporary access to PUF, reusing the PUF of previous sessions, creating stealth channels to perform malicious activities on PUF, leaking information through error correction schemes, etc. Additionally, Refs. [22,23] proposed a method of silicon attack in an invasive way to forge and traverse all possible PUF values or to modify the PUF values of the chip. Although SRAM PUF can resist some of the attack methods above, it is difficult to achieve absolute security and confidentiality with only the initial value of SRAM. For example, in actual engineering practice, the CPU in the system is connected to SRAM, and the CPU can access SRAM data using software programs that directly read the initial value of SRAM [24]. Even if SRAM is not connected to the CPU, an attacker can measure the initial value of SRAM with an invasive method such as scanning electron microscopy (SEM) or thermal laser stimulation (TLS) [25]. Due to the security risk of the leakage of the initial SRAM value, this paper modified the algorithm of SRAM PUF so as to effectively solve the security problem and further improve SRAM PUF technology.

1.2.2. Image Encryption Chips

The focus on image encryption hardware has also increased in recent years. A survey was carried out in [26] towards integrating image encryption with compression. For image encryption, most papers use symmetric encryption, with which it is easier to achieve the required high speed. The proposed system in [27,28] integrates image compression with image encryption, and its encryption method adopts symmetric encryption algorithms. Among this research, some noticed the security risk of AES keys being hijacked during communications, and took measures to solve it. The ECC algorithm was used in [29,30,31] to protect the AES private key from the transmission leakage risk. This encryption method has certain advantages in terms of security and speed. However, it is implemented on software, and cannot meet the encryption speed requirement of real-time images. Hafsa used an improved image encryption method that combines AES with ECC, using ECC to encrypt AES keys [32].

The improved AES runs on NOIS II processors, and ECC is implemented entirely in hardware. However, this paper keeps the key in a non-volatile storage device. Maintaining the confidentiality of keys in non-volatile memory in engineering is not always feasible and is often made difficult due to different active or passive attacks. Therefore, a better solution is to use PUF to solve the security of the hardware itself. However, in other relevant literature on real-time high-throughput image encryption hardware [33,34,35,36,37,38,39,40], up to two algorithms have been used. As for the security problems of the hardware being cloned, there has been no research on the combination of AES, ECC, and PUF. We focused on innovating such techniques with a triple-hybrid encryption system combining three algorithms, so that real-time image acquisition and encryption hardware can be perfected.

1.3. Contributions and Paper Structure

This paper seeks innovation at both the algorithm level and hardware implementation level. In terms of algorithms, this paper conducts research on the optimization of AES and ECC algorithms, proposes the SRAM PUF algorithm combined with the ECC protocol, and proposes a new application mode for hardware security authorization. By combining the three algorithms of AES, ECC, and PUF, a triple-hybrid encryption system is proposed. In terms of hardware implementation, this paper implements the hardware of the optimized AES, ECC, and PUF algorithms and constitutes a triple-hybrid image encryption subsystem. Based on this sub-system, a System on Chip (SoC) is designed, successfully taped out, and finally achieves real-time image acquisition and encryption. The main contributions of this paper are as follows:

• A new triple-hybrid encryption system that takes full advantage of the characteristics of each modified algorithm of AES, ECC, and PUF is designed. SRAM PUF no longer acts as a key in a triple-hybrid encryption system, but in combination with software programs, guaranteeing secure authorization of hardware in a new way of application;
• The proposed triple-hybrid encryption system is implemented as an image encryption subsystem that can provide high-speed and secure image encryption and hardware authentication functions;
• The image encryption subsystem, software control and bus subsystem, image acquisition subsystem, image encryption subsystem, storage subsystem, and asynchronous clock subsystem are jointly built as an SoC, which realizes the complete application of the triple-hybrid encryption system. Finally, the real-time image acquisition chip based on the triple-hybrid encryption system was applied in an SMIC 40 nm process and achieved a successful tape-out.

2. Principles of Cryptographic Algorithms

In the history of the development of cryptography, classical cryptography is constructed by simple logical substitution and mathematical calculations, and modern cryptography has a strict and perfect mathematical foundation and structural system to ensure information security. The symmetric encryption algorithm AES, the asymmetric encryption algorithm ECC, and the chip authentication algorithm SRAM PUF used in this design have rigorous mathematical principles. This section will introduce the algorithm principles of AES, ECC, and PUF in detail. The introduction of the basic principles provides a solid theoretical basis for the subsequent development of the content.

2.1. AES Encryption and Decryption Principles

AES is categorized as AES-128, AES-192, or AES-256 based on the key length. The cipher of these different types share the same size of a 128-bit block, but their key sizes are 128, 192, and 256 bits, respectively. AES with a longer key takes longer to compute but is more secure for data. In field applications, the length needs to be traded off according to the encryption speed needs and the encryption level requirements.

Figure 1 illustrates the general process of AES encryption and decryption. A number of repetitions of transformation rounds convert the input plaintext into the final output ciphertext. Each round consists of several standard processing steps, including “SubBytes”, “ShiftRows”, “MixColumns”, and “AddRoundKey”. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key.

2.2. ECC Protocols

Figure 2 illustrates the ECC algorithm structure, which can be divided into the modular computing layer, the elliptic curve arithmetic layer, and the protocol layer.

The modular computing layer constitutes the basic operations including modular multiplication(Mod Mul), modular add/sub(Mod Add/Sub) and modular inversion(Mod Inv) of binary field $GF\left(2^n\right)$. The NIST-recommended binary fields of ECC include $GF\left(2^{163}\right)$, $GF\left(2^{233}\right)$, $GF\left(2^{283}\right)$, $GF\left(2^{409}\right)$ and $GF\left(2^{571}\right)$, and are most commonly used. A longer bit width leads to a stronger safety level, but the difficulty and complexity of the basic calculations also increase exponentially. In practice, the binary field of ECC needs to be traded off according to encryption speed requirements and safety level requirements.

The elliptic curve arithmetic layer includes point addition, point doubling, and point multiplication on the elliptic curve. Point multiplication is a combination of point addition and point doubling, each of which is a combination of the basic modular operations in the modular computing layer. Due to the difficulty of the elliptic curve discrete logarithm problem, the complexity of the elliptic curve PM reverse solution is much greater than the complexity of the forward solution. Based on this nature, asymmetric private-public key pairs can be generated, ensuring the security and reliability of keys.

Eventually, various ECC protocols can be accomplished by point operations in the elliptic curve arithmetic layer. The majority of these protocols include Elliptic Curve Diffie–Hellman Keyma Exchange (ECDH), the Elliptic Curve Digital Signature Algorithm (ECDSA), etc. This design implements the ECDH-based encryption algorithm and ECDSA algorithm, which are described separately.

2.2.1. ECDH-Based Encryption Algorithm

Figure 3 illustrates the overall flow of the ECDH-based encryption and decryption algorithm. Only the public key, ciphertext, and curve information are passed through the channel. Even if the eavesdroppers launch an attack, the plaintext cannot be obtained without the private key. This is a full reflection of the security advantages of asymmetric keys.

ECDH is a key exchange protocol performed on elliptic curves. Suppose that two people, Alice and Bob, wish to exchange a secret key with each other. Alice generates a private key $d_1$ and a public key $H_1=d_{1}G$ (where G is the base point of the curve). If Alice send the public key $H_1$ to Bob, he can obtain $S_2=d_2{H}_1$ with his private key $d_2$. Similarly, if Bob sends the public key $H_2=d_{2}G$, Alice can obtain point $S_1=d_1{H}_2$. Because $S_1=d_1{H}_2=d_1{d}_{2}G=d_2{H}_1=S_2$, Alice and Bob can obtain the same information using ECDH. Therefore if valuable secret information is encrypted by the calculated points $S_1$ and $S_2$, any eavesdropper would only have access to the public key and the base point in the channel, which are not sufficient to obtain the real encryption key of the shared secret information.

To take this one step further, if the secret data are involved in the ECDH process, ECDH-based data encryption can be achieved. Suppose that two people, Alice and Bob, wish to exchange secret data with each other. Alice has a private key d and sends the public key H over the channel to Bob. Bob maps the plaintext m to a point on the elliptic curve using plaintext embedding. After that, Bob selects a random number r less than the order n as his private key, and calculates the point $C_1=M+rH$ and $C_2=rG$, corresponding to the shared secret information S and the public key $H_2$ in the ECDH algorithm. In this way, the plaintext is mixed into shared secret information by a point addition. Finally, Bob uses $C_1$ and $C_2$ as ciphertexts and sends them back to Alice to complete the data encryption.

The ECDH-based decryption algorithm works in the following way: Alice uses her private key and the received ciphertext to calculate $C_1-d{C}_2$. Substitute the formulas $C_1=M+rK$, $C_2=rG$, and $H=dG$ into $C_1-d{C}_2$ to obtain:

$$C_1-d{C}_2=M+rH-drG=M+rdG-drG=M$$

(1)

Therefore, calculating $C_1-d{C}_2$ can help to find Bob’s plaintext embedding point M and then recover the plaintext m to complete decryption.

2.2.2. ECDSA

ECDSA uses elliptic curves to create a signature on the data. The signature ensures that the message content has not been tampered with by a third party. Anyone can verify its authenticity without compromising security.

Figure 4 illustrates the overall process of the ECDSA signature and verification, which only passes the public key and signature in the channel, ensuring the privacy of the private key.

To create an ECDSA signature, the sender of the message, Alice, will perform the following steps:

• Select a random number k, complete PM to obtain the point $P=kG$ and the x coordinate of P;
• Calculate the first non-zero signature value $r=xmodn$;
• Perform a HASH operation on the message m to obtain its digest value z;
• Calculate the second non-zero signature value $s=k^{-1}(z+rd)modn$;
• Send the public key H, message m and signature $(r,s)$ to Bob.

To verify an ECDSA signature, the recipient, Bob, will perform the following steps:

• Perform a HASH operation on the message m to obtain its digest value z;
• Calculate $u_1=s^{-1}zmodn$ and $u_2=s^{-1}rmodn$;
• Calculate $P=u_{1}G+u_{2}H$;
• Compare the x coordinate value of P with the signature r. If they are equal, the verification is passed. If they are not equal, the verification fails.

The principle of the ECDSA verification can be deduced by expanding the P:

$$P=(u_1+u_{2}d)G=(s^{-1}z+s^{-1}rd)G=s^{-1}(z+rd)G$$

(2)

Substitute $s=k^{-1}(z+rd)modn$ into the formula of P, and the following formula can be obtained:

$$P=s^{-1}(z+rd)G=kG$$

(3)

From the deduction above, it is clear that the P in the signature stage and the P in the verification stage are the same points obtained through different calculation methods. Therefore, whether $r==x_{P}modn$ is established can determine whether the ECDSA verification is passed.

2.3. SRAM PUF Soft-Decision Algorithm

The SRAM power-on value is unique due to random differences caused by process deviations during manufacturing. Based on this principle, SRAM PUF uses the SRAM initial value to build PUF and achieves the chip authentication function.

SRAM PUF is sensitive to noise. Ambient noise can reverse some SRAM units that are not strongly biased toward “1” or “0”, so the initial value of SRAM is different at each power-on. SRAM tests were carried out in [41,42] at different temperatures, which led to the conclusion that the probability of error is between 3% and 15%. As the temperature decreases, the probability of error may be higher. However, when SRAM PUF is used as a chip key or for identity authentication, a fixed value must be guaranteed for each power-on. Therefore, error correction codes are used to correct the initial SRAM power-on value and solve the problem of unstable SRAM PUF output. Bosch completed SRAM PUF error correction on hardware for the first time with the Helper Data Algorithm (HDA) [43]. The principle of HDA is to use helper data to map the SRAM PUF to a codeword of the error correction code. Moreover, HDA can ensure that the helper data do not cause SRAM PUF information leakage.

It is stated in [44] that the error of each bit in SRAM is not entirely random. Most of the bits are very stable, and the power-on value of only some bits changes frequently. Therefore, HDA usually uses a soft-decision method. The principle of soft-decision HDA is to sample the data multiple times and record the error probability of each bit. The error correction code can work more efficiently and generate more accurate results by considering the error probability [44,45]. For SRAM, error probability can be easily obtained by simply powering on and counting repeatedly, which makes soft-decision HDA very practical. The specific algorithm of soft-decision HDA is as follows, which is divided into an enrollment stage and a recovery stage, as shown in Figure 5.

Enrollment stage: Select an SRAM initial value y as the standard value, which is the target value to be corrected during the recovery stage. Repeat the SRAM power-on 100 times and record the error probabilities $P_i$ of each bit between the initial value of each time and y. Then, randomly select a codeword c of Reed–Muller code, calculate the helper data $w=c\oplus y$, and save w, P to FLASH. Since P is the probability of an error occurring between each SRAM value, it is impossible to determine whether a particular bit is “1” or “0”, so P does not affect the overall security. The statistical process of P and the writing process of w and P should be performed at manufacturing.

Recovery stage: After the chip is delivered to the user, a random SRAM initial value is obtained during each power-on. Due to the initial value bit error rate, the SRAM initial value $y^{\prime }$ is different from y. Calculate $c^{\prime }=y^{\prime }\oplus w$, and the result $c^{\prime }$ is an RM codeword with an error. Use P and $c^{\prime }$ for RM soft-decision error correction to obtain the correct code word c. The P provides more information for the RM code, thereby improving the error correction ability. After the error correction is complete, the correct PUF value $y=c\oplus w$ can be calculated.

3. Optimization and Application of Cryptographic Algorithms Based on Image Real-Time Acquisition Chips

For modern high-resolution real-time images, the data throughput is enormous. For example, in the image processing of 5 RGB888 consecutive images per second with a resolution of 4K, the throughput is as high as $5\times 4096\times 2160\times 3\approx$ 132.7 MB/s. The JPEG algorithm’s image throughput with a 50% compression ratio is also as high as 66.4 MB/s. To support this throughput on a digital circuit with a clock frequency of 500 MHz, the encryption rate requirement is as high as $66.4/500\times 8=1.062$ bits per cycle. Symmetric encryption algorithms operate faster than asymmetric encryption algorithms and can meet the requirement of such data throughput. The hardware design of AES-128 can complete encryption every ten cycles [46], which can be seen as a processing speed of $128/10=12.8$ bits per cycle, meeting the encryption rate requirement of $1.062$ bits per cycle and leaving enough of a margin. On the contrary, even the fastest ECC hardware implementation requires thousands of cycles to complete encryption on $GF\left(2^{163}\right)$ [17], which can be seen as less than 0.1 bits per cycle, and is far from meeting the speed requirement of real-time image encryption. Therefore, the symmetric encryption algorithm AES is a better choice in a real-time image encryption scenario. However, there is a risk of exposure to AES private keys during transmission. Once the key is intercepted by an attacker, the security of the entire chip is under threat. Therefore a solution to increase the security level of AES is necessary. In this design, the asymmetric algorithm ECC is used to encrypt the AES private key to solve this problem. To further guarantee the safety of the entire high-speed hardware design, the secure chip authentication PUF algorithm is also required to prevent chip cloning.

In summary, this section provided the algorithm base of a triple-hybrid encryption system with the combinations of AES, ECC, and PUF. In addition, these three classic encryption algorithms are optimized according to the image real-time acquisition chip scenario to increase safety performance, calculation speed, and resource utilization. The proposed optimized algorithms include modified AES with private key encryption by ECC, a modified AES-based pseudo-random number generator (PRNG), ECC PM optimization, custom ECDSA algorithm, and a fast ECDSA-PUF algorithm. In the following subsection, the triple-hybrid encryption system is introduced first. Afterward, the principle and function of each optimized algorithm in the triple-hybrid encryption system are introduced in detail.

3.1. Proposed Triple-Hybrid Encryption System Based on Image Encryption

Figure 6 illustrates the proposed original triple-hybrid encryption system. The encryption system has three layers. The top application layer based on ECC and AES algorithms is responsible for image data encryption. The bottom application layer is responsible for hardware authorization by using the ECC algorithm. The developer layer is responsible for generating PUF and it involves ECC and PUF algorithms. The details of the three layers of the encryption system are introduced in the following parts. Figure 7 illustrates the overall flow.

The top application layer uses the ECDH algorithm to encrypt the AES private key, which is then used to encrypt image data. The specific steps are as follows:

• The user saves an ECC private key $d_1$ in the host computer, which then generates an ECC public key $H_1$ and sends it to the real-time image acquisition chip.
• The image real-time acquisition chip uses a modified AES-based PRNG hardware which consists of one LSFR and two AES to generate a random number W as the private key of the AES used to encrypt image data. The AES private key and the received public key $H_1$ undergo ECDH-based encryption, and the results are sent back to the host computer.
• After receiving the “ECDH-encrypted AES private key” and “AES encrypted image data”, the host computer uses the ECC private key $d_1$ to decrypt the AES private key, which is then used to decrypt the image data.
• If the users want to update the AES private key, the image real-time acquisition chip repeats step 2. A new pair of “AES private key cipher after ECDH encryption and AES encrypted image datum” is obtained and the host computer reads the new pair of datum for decryption.

The bottom application layer is used to authorize hardware and prevent attackers from using unauthorized hardware. {Program, PUF value y} (concatenate Program and y) are verified by custom-ECDSA to prove that the hardware belongs to authorized users, an original algorithm proposed in this paper. Only when the custom-ECDSA verification is passed can the software program jump to the main function flow. Otherwise, the CPU will not be able to run the software program. The hardware authorization process is divided into the user enrollment stage and the user activation stage.

At the user enrollment stage, the authorization of the hardware has not been completed. The developer holds the private key $d_2\_enroll$ and users cannot obtain it. The custom ECDSA verification uses the solidified public key $H_2\_enroll$, so only the developer can make the program pass the verification and enter the main function. To authorize users, the developer assigns a pair of key $d_2$ and $H_2$ to users and write $H_2$ to the one-time programmable (OTP) device. At the user activation stage, the authorized user signs {Program, y} with $d_2$ provided by the developer. The hardware verifies the {Program, y} with $H_2$, which has been solidified in the OTP device. Passing the verification indicates that the program is valid and proves that the current user has been authorized.

In the bottom application layer, we proposed an innovative application of PUF technology. Since the PUF value is used as a part of the message, the same software program and signature cannot be successfully verified on different chips due to changes in the PUF value, which further prevents unauthorized attackers from using the chip. If an attacker steals an authorized user’s software program and signature, the software program will still not execute properly on another unauthorized hardware.

The developer layer uses fast ECDSA-PUF, an originally proposed algorithm, to prevent an attacker from tampering with the PUF to pass the custom ECDSA of the bottom application layer. The developer signs the error probability P and the helper data w with an ECC private key $d_3$. The hardware uses public key $H_3$ in the ROM to verify P and w. If the verification is passed, the PUF value y is valid.

In summary, the triple-hybrid encryption system mixes AES, ECC, and PUF algorithms. In terms of performance, the chip executes the bottom application layer and developer layer only once in the software bootloader. After that, the chip repeatedly performs the image encryption requests at the top application layer. The encryption system does not reduce the efficiency due to the multi-level algorithm, which ensures the system’s performance. In terms of security, each layer of the system is interconnected. As shown in Figure 8, problems at the upper layer are resolved in the lower layers. The failure of any link in the system will lead to authentication failure of the entire system, which significantly increases the difficulty of attacking and improves the system security.

In the following subsections, the principles of each optimized algorithm used in the triple-hybrid encryption system are introduced sequentially.

3.2. AES Optimization and Application

3.2.1. AES Key Encryption

To solve the security problem of AES key, it is common practice to encrypt this key with an asymmetric encryption algorithm [32]. The novelty in this paper lies in the slow ECDH encryption used to encrypt the key. Since the slow process will only execute once in AES key encryption and once in AES key decryption, while the data encryption and decryption use the fast AES algorithm, the security problem is solved without dragging down the data processing speed.

3.2.2. Modified AES-Based PRNG

Since PRNG is used to generate AES keys in the triple-hybrid encryption system, it is essential to pay attention to the security of PRNG. PRNG needs to be practical and lightweight. The Linear Feedback Shift Register (LFSR) has a minor hardware overhead and is widely used to generate random numbers. However, Meier and Staffelbach proposed a rapidly related attack method for LFSR [47], which reduced the time complexity of cracking LFSR to $O\left(k\right)$. Todo optimized the rapid correlation attack method to achieve a more effective attack on LFSR [48]. Therefore, using the output of LFSR as the key of the cryptography system poses a great threat.

To further protect LFSR, an AES-based PRNG is proposed, based on the research result of [49], which states that random numbers will have sufficient redundancy after two AES encryption processes and cannot be inferred. Figure 9 illustrates the proposed AES-based PRNG. LFSR generates two different random numbers from two different cycles, one is used as the plaintext of the first AES, and the other is used as the key of the first AES. The first AES generates two ciphertexts from two cycles, which are used as the plaintext and the key of the second AES. Eventually, the ciphertext output of the second AES is the secure random number. Since an AES module already exists in the AES key encryption circuit, that AES module can be re-used in this AES-based PRNG encryption when that part is idle. In this way, the reliability of the random generator is greatly increased without adding additional hardware overhead.

3.3. ECC Optimization and Application

Since the ECC in our design does not affect the system encryption speed, its design purpose is more cost-dominant. As a result, ECC is implemented on the binary field $GF\left(2^{163}\right)$, which has the lowest bit-width and thus lowest complexity in all NIST-recommended binary field ECC. Since the difficulty of cracking ECC on $GF\left(2^{163}\right)$ is still much bigger than cracking AES, such selection will reduce the hardware yield, but will not affect the system’s safety.

Since modular inversion operation is one of the most complex and resource-consuming operations in ECC, and no projected coordinate system can avoid it, this paper proposes a new method that completely removes modular inversion calculations in ECDSA hardware. The proposed method is custom ECDSA, which modifies some ECDSA steps while ensuring safety. The ECDSA protocol can be modified because both the sender and receiver of ECDSA in a triple-hybrid encryption system are the hardware owners. The local-based protocol does not need to agree with the receiver in the open channel so that the protocol can be customized. Furthermore, the proposed protocol customization method is non-public, which also increases the difficulty of cracking.

Custom ECDSA removes two modular inversions in the protocol. Figure 10 illustrates the process of custom ECDSA, where Alice is the host computer and Bob is the chip. The first modular inversion to be removed is the calculation of $x_P$ in ECDSA verification when the projected coordinate system is restored to the affine coordinate system. The custom ECDSA protocol verifies whether $x_{P}Z$ is equal to X ($X,Z$ are the projected coordinate values of the point P) instead of whether $x_P$ is equal to r. The second modular inversion to be removed is the calculation of $s^{-1}$ in the ECDSA signature formula. In the triple-hybrid encryption system, the image real-time acquisition chip only needs to perform the verification, and the signature is completed on the host computer. Therefore, $s^{-1}$ can be calculated in advance on the host computer, and then sent to the chip and saved as a signature. Similarly, $x_{P}Z$ can also be pre-calculated on the host and sent to the chip. Based on the improvements above, the optimized verification no more has modular inversion operation, which reduces the overhead of the image real-time acquisition chip and improves the speed.

3.4. SRAM PUF Optimization and Application

3.4.1. Risks of SRAM PUF

SRAM PUF soft-decision is based on the premise that SRAM is secure and invisible outside the chip. However, SRAM is directly connected to the CPU in the image real-time acquisition chip. Attackers can read it using software or even probes or SEM for invaded forced reads. Once the attacker reads the SRAM, $y^{\prime }$ is fetched. The attacker then uses the same method to read FLASH to obtain w and P and calculates with $y^{\prime }$. Finally the attacker obtains all SRAM PUF-related data y, $c^{\prime }$, c. Since the soft-decision algorithm adds P, the attacker can modify P to indirectly control the corrected c to modify y, achieving the effect of cloning PUF.

3.4.2. Optimized Fast ECDSA-PUF

The triple-hybrid encryption system proposes an ECDSA-based soft-decision SRAM PUF (ECDSA-PUF) algorithm, which signs the helper data w and the error probability P with ECDSA. SRAM PUF must perform ECDSA verification on w and P before each generation. Under the protection of ECDSA, even if an attacker modifies w and P in FLASH, it is impossible to generate a valid ECDSA signature and verify SRAM PUF successfully. In this way, a cloning attack is prevented.

Figure 11 illustrates the optimized fast ECDSA-PUF algorithm. The fast ECDSA-PUF algorithm reuses the custom ECDSA already in the triple-hybrid encryption system, so only a small area increment is induced. As for speed, since some steps in custom ECDSA are moved to the enrollment stage which is calculated before leaving the factory, the computation time it takes in the recovery stage on the chip is shorter than normal ECDSA. Therefore, integrating custom ECDSA in PUF greatly increases the safety level of SRAM PUF, at the price of a little more boot time, which is bearable.

Since the custom ECDSA verification in ECDSA-PUF uses the result whether X is equal to $x_{P}Z$, such a single-bit signal is vulnerable to direct attack and modification in the circuit layout, which will thereby modify the correctness of the entire ECDSA-PUF. In order to solve this problem, the ECDSA-PUF adds X and $x_{P}Z$ in different places of the algorithm’s formula, as highlighted in red in Figure 11. If $X==x_{P}Z$, two XOR will be eliminated, and the correct PUF value can eventually be obtained. This optimization method can improve the overall complexity and safety level without adding redundant circuits.

4. Design and Implementation of Proposed Image Encryption Subsystem

In this section, the implementation of an image encryption subsystem based on the proposed triple-hybrid encryption system is discussed in detail. The subsystem includes the hardware implementations of all optimized cryptographic algorithms mentioned before, to provide the crucial high-speed and secure encryption function for the real-time image acquisition chip. In addition, the ASIC and FPGA implementation results of this subsystem are compared with other mainstream designs.

4.1. Subsystem Overall Structure

Figure 12 illustrates the overall structure of the image encryption subsystem. On the left side lies the bus communication part in charge of communicating control signals and data with other subsystems. The CPU outside the subsystem can use software to access APB and AHB buses, and configure the public key and base point of ECDH, the public key, base point, signature, and message of ECDSA. The ECDH ciphertext and ECDSA verification results can also be read through these buses. The data that users need to write or read through APB and AHB buses are all in the application layer of the triple-hybrid encryption system. Other data, including AES keys, encrypted random numbers, image data before encryption, and SRAM PUF values, is entirely controlled by hardware and cannot be accessed by software methods, ensuring the security of the image encryption subsystem.

The core of the design is the encryption function part on the right side of Figure 12, which covers AES encryption, ECDH encryption, custom ECDSA, fast ECDSA-PUF, and AES PRNG. As these algorithms share the same basic operations of modular computations, only one set of basic modular computations hardware is implemented and then scheduled by the top-level control to avoid simultaneous invocation and maximize its utilization. Other details of AES and ECDH-ECDSA-PUF modules will be described separately in the following subsections.

4.2. Hardware Design of AES Module

Different from other designs, the structure of AES in this work is optimized for the modified AES-PRNG mentioned in Section 3.2.2 as shown in Figure 13. Figure 14 illustrates the whole AES data flow, where the red AES part is multiplexed. In the hardware circuit, the design utilizes the idle time of AES data encryption and multiplexes the AES module to protect the PRNG. Outputting the LFSR to the AES encryption module adds sufficient redundancy to complete the implementation of a secure PRNG. The generated secure random number is used as the AES key for image encryption and the plaintext to be encrypted by the ECDH module.

4.3. Hardware Design of ECDH-ECDSA-PUF Module

4.3.1. Module Reuse Strategy

As ECC and PUF modules are not emphasized on computation speed in the triple-hybrid encryption system, the hardware structure design of the ECDH-ECDSA-PUF algorithm is mainly aimed at hardware reuse and speed matching.

The first multiplex technique is that the fast ECDSA-PUF algorithm and custom ECDSA verification algorithm share the same ECDSA verification module, which is shown in Figure 15. Figure 16 is the data flow that illustrates how the same ECDSA hardware module is shared by two different processes in different stages. When the system calculates the fast ECDSA-PUF process, the ECDSA verification module needs to verify the helper data, error probability, and signature saved in FLASH, and the PUF module is responsible for executing the soft-decision HDA algorithm. When the system calculates the custom ECDSA process, the ECDSA verification module needs to verify the message and signature from APB and AHB buses.

The second multiplex technique is that the ECC point operation module is shared by a custom ECDSA verification process and ECDH encryption process. Figure 17 illustrates their data flow, where the red point operation part is multiplexed. The two processes are designed to reuse the same ECC point operating hardware module to make a lightweight system.

4.3.2. PUF Structure

Figure 18 illustrates the PUF module structure, which is divided into a helper data part and a RM soft-decision part. The helper data part mainly contains XOR gates, corresponding to the three XOR calculations in the recovery stage of the fast ECDSA-PUF algorithm. RM soft-decision part includes RM code recursion logics, an address generator, and a RM code ALU. The address generator can generate SRAM read and write addresses based on recursive logic. ALU is used to calculate the operation of RM code decoding. In this design, the data path is optimized as a pipeline design, the SRAM read is performed in advance before the next ALU calculation, and the SRAM write is performed in parallel during the current ALU calculation. There is no stall in hardware computing, which improves the utilization of hardware.

4.3.3. ECDSA and ECDH Structure

The scheduling of basic point and modular operations in ECC protocol and ECC PM takes on a step-by-step sequential feature, so PM and upper-level protocol can be implemented by software methods. This work adopts the design method of [50] which designed the CPU-like hardware structure of “instruction ROM + RAM + ALU”. While the structure in [50] is only built for the PM layer, this design modified it to the ECDH and ECDSA layer to further reduce the resource overhead of the ECC-related module.

Figure 19 illustrates the modified “instruction ROM + RAM + ALU” structure of the ECDH encryption module and the ECDSA verification module. Both modules share the same point operation module as a shared public region and use a multiplexer to distribute control signals. The modular multiplication and HASH modules are exclusive parts of the ECDSA verification module. The plaintext embedding algorithm is an exclusive part of the ECDH encryption module. In the “instruction ROM + RAM + ALU” structure, the control signals of the ECDH encryption algorithm and the custom ECDSA verification algorithm are solidified and saved in instruction ROMs. The two algorithms have two corresponding instruction ROMs which can be selected by the switching signal. RAM caches all variables and changes the address according to the control signal in the instruction ROMs, and the write data is selected according to multiplexers. ALU supports basic functions of modular multiplication, modular addition, and modular square on binary field. The calculation type is controlled according to the instruction ROM, and the result can be output outside the module or written back to RAM to realize point operations including point multiplication, point addition, and point doubling. All data is written to RAM uniformly and dispatched by RAM address, reducing the logic circuit overhead of the data path.

4.4. Implementation Results and Comparisons

The ASIC implementation results of the image encryption subsystem proposed in this chapter come from the final chip solution, an image acquisition chip manufactured in SMIC $40$ nm process. In addition to the ASIC implementation, the image encryption subsystem is also implemented on the FPGA platform to verify the subsystem more fairly compared with other works, especially works focusing on AES and ECC. To ensure equity, result comparisons of FPGA implementation should use the same series of FPGA. There is no guarantee of fairness in ASIC comparison because the performance of the same circuit varies greatly on a different process, voltage, and temperature. Therefore, only the PUF algorithm which is strictly related to hardware and cannot be reliably verified by FPGA should be compared with other literature using ASIC results.

4.4.1. FPGA and ASIC Implementation Results

ASIC results are synthesized on SMIC 40 nm library by Synopsys Design Compiler synthesis tool. The maximum clock frequency of the subsystem can reach 480 MHz, and the total area is 94,812.4 $\mathsf{\mu }$m${}^2$. Note that this result is before Place and Route (P&R).

Table 1. Image encryption subsystem resource usage results under ASIC implementation.

	Module	Area ($\mathsf{\mu }$m${}^2$)	Gate Equivalent
Encryption function part	AES	11,314.5	15,753.9
	ECDH+ECDSA	64,291.9	89,518.1
	PUF	15,776.6	21,966.8
	Overall	91,383.0	127,238.9
Bus communication part	Bus	3429.4	4774.9
Subsystem	Overall	94,812.4	132,013.8

shows the resource usage results of each module, where the gate equivalent (GE) is calculated as the total area divided by one NAND2 gate area under the corresponding process [51,52]. According to the area results, the ECDH encryption module and the ECDSA verification module accounted for 67.8% of the total subsystem area with 89,518.1 GE. If the module multiplexing design were not adopted, the hardware resource usage of the two modules would have been doubled, leading to approximately 60% more area in the entire system. The area of the PUF module is comparable to the AES module, with only 21,966.8 GE, which can fully reflect the lightweight of the SRAM PUF algorithm. Because of module multiplexing, the ECDSA-PUF algorithm does not add additional resources to the PUF module to realize the ECDSA algorithm in it.

At the maximum frequency,

Table 2. Image encryption subsystem speed results under ASIC implementation.

Algorithm	Latency ($\mathsf{\mu }$s)
AES encryption	0.02083
ECDH encryption	93.64
Custom ECDSA Verification	90.88
Fast ECDSA-PUF	100.8

shows the calculation speed of each algorithm on ASIC. The time to generate PUF is equal to 100.8 $\mathsf{\mu }$s, which is counted as part of the bootloader time. An additional 100.8 $\mathsf{\mu }$s boot time is considered acceptable for normal users. The other speed-emphasized algorithm, AES, has a computation time of 0.02083 $\mathsf{\mu }$s, which can achieve a peak encryption speed of 6.15 Gb/s with uninterrupted input. This speed performance can fully meet the requirements of real-time encryption of high-resolution and high-frame-rate images.

As for FPGA results, the Synplify Premier synthesizer is used for implementations on Xilinx Virtex-5 and Virtex-7 devices.

Table 3. Image encryption subsystem resource usage results under FPGA implementation.

Module	Submodule	Virtex-5 Area (Slices)	Virtex-7 Area (Slices)
AES	/	344	194
ECDH+ECDSA	ECC PM	616	616
	Other unique parts	1416	1454
PUF	/	108	112
Bus	/	350	340
Subsystem	/	2834	2716

shows the area results implemented on the two FPGA devices. The clock frequency of the image encryption subsystem can reach 132.5 MHz on Virtex-5, and 137.6 MHz on Virtex-7.

Table 4. Image encryption subsystem speed results under FPGA implementation.

Algorithm	Virtex-5 Latency ($\mathsf{\mu }$s) in 132.5 MHz	Virtex-7 Latency ($\mathsf{\mu }$s) in 137.6 MHz
AES encryption	0.075	0.073
ECC PM	165	162
ECDH encryption	340	334
Custom ECDSA Verification	330	324
Fast ECDSA-PUF	366	360

shows the calculation time of AES, ECC, and PUF based on the two devices. The area ratio of each module and the speed ratio of the algorithm implemented by FPGA are basically the same as those implemented by ASIC.

4.4.2. FPGA Result Comparisons of AES and ECC

Table 5. AES implementation results comparison.

Works	Device	Area (Slices)	Throughput (Gb/s)	Performance (Mb/s/Slices)
[54]	Virtex-7	2444	5.30	2.17
[55]	Virtex-7	486	3.44	7.08
[53]	Virtex-7	4089	6.34	1.55
This work	Virtex-7	194	1.76	9.08
[56]	Virtex-5	8896	25.89	2.91
[53]	Virtex-5	3788	29.73	7.84
[57]	Virtex-5	1499	199.3	8.06
This work	Virtex-5	344	1.69	4.93

shows the comparison results of the AES FPGA implementation with other works. Since works on the hardware implementation of AES may either choose the “full-pipeline design” idea or the “multi-cycle design” idea, comparisons between designs with different biases are meaningless. Therefore, the reference works we chose to list in Table 5 are all “multi-cycle design”. In order to better evaluate the trade-off between area and speed of each design, the formula (4) is used to calculate performance [53]. The higher the performance, the more cost-effective the design.

$$Performance(Mb/s/Slices)=Throughput(Gb/s)\ast 1000/Area\left(Slices\right)$$

(4)

Table 5 shows that although the throughput of the proposed AES design is the lowest of all designs, the implementation area is the smallest. This is because the proposed design cares about the image encryption speed but does not blindly aim at the extreme speed. The number of hardware resources is significantly reduced. It is 60.1% smaller than the design of [55], which uses the least amount of resources among all literature. Thanks to the reduced hardware area and sufficient throughput, the design in this paper has the highest performance among all Virtex-7 implementations. Among all the Virtex-5 implementations, refs. [53,57] use a “partial-pipeline design”, which improves throughput at the cost of area. Their performance is higher than the proposed design, but considering that the AES of the proposed design is also used for the PRNG and shares the clock frequency limit of other modules such as ECC, the performance under Virtex-5 is still acceptable. It can then be concluded that the AES resource usage of this design is at the top level, and the AES performance is relatively high.

Table 6. ECC implementation results comparison.

Works	Device	Area (Slices)	PM Latency ($\mathsf{\mu }$s)
[58]	Virtex-7	10,272	2.83
[18]	Virtex-7	1476	10.5
[59]	Virtex-7	2491	10.7
[60]	Virtex-7	2532	25.3
This work	Virtex-7	616	165
[58]	Virtex-5	10,548	3.99
[18]	Virtex-5	1089	14.0
[61]	Virtex-5	2114	32.3
This work	Virtex-5	616	165

shows the result comparison of the ECC algorithm. This ECC implementation is a custom design, which is to adapt to the entire encryption system, not simply to optimize area or speed. Therefore, from the comparison of Table 6, it can be concluded that the hardware resource area of this design is the lowest. Compared with the lowest area literature [18], the proposed hardware resource is reduced by 43.4%. This is because the proposed hardware reduces the width of the multiplier, saving a lot of multiplier hardware area. Moreover, although the ECC implementation of this design is inferior to the other designs in terms of speed, its speed is sufficient for encrypting the AES key and will not drag down the system encryption speed. On the other hand, the reduction in hardware area and power consumption at the expense of speed loss contributes greatly to the whole system.

4.4.3. ASIC Result Comparisons of PUF

The hardware implementation result of the fast ECDSA-PUF algorithm is compared with that of other works on SRAM PUFs. The comparison of SRAM PUF mainly aims at lower BER (bit error rate) and GE (gate equivalent) per bit. BER is to measure the PUF stability. GE per bit reflects the consumption of hardware resources excluding the influence of the PUF length. GE per bit can be calculated by formula (5) [62]. In fact, the parameter of BER and GE per bit has little to do with the process, therefore implementations of different processes can be compared as shown in Table 7.

$$GE\_per\_bit=area/NAND2\_area/PUF\_bit$$

(5)

It can be obtained from Table 7 that the number of GE per bit in this paper is at the middle level. However, refs. [63,64], which have less GE per bit, are worse in terms of BER. The BER of [63,64] is too high, which may affect the normal functioning of the chip.

Table 7. PUF implementation results comparison.

Works	ASIC Process (nm)	Area per bit ($\mathsf{\mu }$m${}^2$/bit)	GE per bit (GE/bit)	BER
[62]	65	49.12	25.58	2.7 × 10${}^{-10}$
[63]	14	1.84	11.83	1.45 × 10${}^{-2}$
[65]	65	50.7	26.40	1.56 × 10${}^{-2}$
[64]	65	17.9	9.32	2.5 × 10${}^{-2}$
This work	40	15.40	21.45	3 × 10${}^{-5}$

Table 7. PUF implementation results comparison.

Works	ASIC Process (nm)	Area per bit ($\mathsf{\mu }$m${}^2$/bit)	GE per bit (GE/bit)	BER
[62]	65	49.12	25.58	2.7 × 10${}^{-10}$
[63]	14	1.84	11.83	1.45 × 10${}^{-2}$
[65]	65	50.7	26.40	1.56 × 10${}^{-2}$
[64]	65	17.9	9.32	2.5 × 10${}^{-2}$
This work	40	15.40	21.45	3 × 10${}^{-5}$

Moreover, the ECDSA-PUF hardware of this paper can increase the SRAM PUF bit number by multiplexing the ECDSA-PUF module and repeating the custom ECDSA and soft-decision HDA calculation. Therefore, in other application scenarios that require higher information entropy, GE per bit of the structure used in this design will decrease exponentially, as is shown in Figure 20. This is an unachievable effect on other related works, proving that the proposed design is more advanced in terms of lightweight. The SRAM PUF proposed by [62] is very advanced in BER. The fast ECDSA-PUF proposed in this paper pays more attention to speed, security, and lightweight, so an error correction code with a lower BER is chosen, but it is still sufficient for the current BER requirement.

In summary, the implementation results of AES, ECC and PUF prove that the three proposed algorithms have been reasonably optimized for the requirements, and the speed and area of the triple-hybrid encryption system hardware are not affected by the algorithm mixture.

5. Real-Time Image Acquisition SoC Based on Triple-Hybrid Encryption System

In order to realize a complete application of the image encryption subsystem, this section illustrates the integration of the subsystem into a real-time image acquisition SoC. The SoC implements an application example that captures one 4208 × 3120 RAW10 image per second and completes real-time encryption and storage.

5.1. SoC Hardware Structure

Figure 21 illustrates the subsystem connection relationship in SoC hardware. The image encryption subsystem is the core system to ensure the system’s security. The input of the image encryption subsystem is an image acquisition subsystem that collects and transmits image data. And its encrypted output is stored in a storage subsystem. These three subsystems together form the data path of the image data. In order to control and schedule the three subsystems, the SoC has added software control and bus subsystem to provide software program functions for the whole system. The software program only controls the scheduling of hardware and does not really participate in image data processing, encryption, and calculation, which are all done by hardware modules. In order to reduce the power consumption of SoC, an asynchronous clock subsystem is added to turn on the clock of each module only when it is active. Image encryption subsystem, image acquisition subsystem, storage subsystem, software control, bus subsystem, and asynchronous clock subsystem constitute a real-time image acquisition SoC based on the triple-hybrid encryption system.

Figure 22 shows the detailed structure of the SoC. In the software control and bus subsystem, since all data processing in the chip is completed by hardware and the software only needs to read and write registers for subsystem scheduling, there is no demand for CPU for complex computing ability. Therefore, this design uses ARM Cortex-M0+ CPU, a lightweight CPU for embedded chips suitable for this design. In the image acquisition subsystem, the image data is streamed to the image encryption subsystem through the data path of “MIPI Controller-ISP-JPEG”. AXIS bus is used and the highest clock frequency is allocated as the image data transmission of the MIPI controller, ISP module, and JPEG compression module is the path that requires the highest transmission speed in the SoC. In the storage subsystem, three types of non-volatile storage devices are designed: (1) NAND FLASH in the chip package; (2) External pluggable SD card; (3) Transfer to the host computer via USB. Diversified storage methods allow the SoC to meet different target requirements.

5.2. SoC Software Programs

With the help of software control and bus subsystems, the SoC can control each subsystem through a software program. The software program includes all the control and scheduling of subsystems and can be divided into two parts. The first part is the software for the bootloader, as exhibited in Figure 23. The second part is the software for the main function, as shown in Figure 24.

The bootloader program is invisible and is solidified by the boot ROM. To protect the bottom application layer and the developer layer as is mentioned in Section 3.1, the steps of generating PUF and program verification are placed in the bootloader so that users cannot bypass it, which strengthens the security of the chip.

The software program jumps to the main function part after bootloader loading is completed. The main function part includes the processes of the top application layer of the triple-hybrid encryption system and image acquisition, storage, and transmission required to cooperate with the top application layer. Since there are three storage modes, the main function selects the mode at the beginning and executes storage-subsystem-related programs according to the mode. The program then configures the asynchronous clock according to the current storage mode, configures all image-acquisition-related modules, and starts image acquisition. After that, the program adjusts the focus according to the current image’s clarity and performs JPEG compression after focusing. Finally, the JPEG image is output to the image encryption subsystem, and the software program enters the main loop and continues to work until the data is all processed.

5.3. Implementation Results

The image acquisition SoC based on the proposed triple-hybrid encryption system is implemented on ASIC. The results are synthesized by Synopsys Design Compiler synthesis tool based on SMIC 40 nm process library. All timing constraints of the SoC passed. The total area is 10,590,806 $\mathsf{\mu }$m${}^2\approx$ 10.59 mm${}^2$, and

Table 8. Area of each subsystem in SoC.

System	Area ($\mathsf{\mu }$m${}^2$)
Software control and bus subsystem	315,206.0
Image acquisition subsystem	5,627,581.2
Storage subsystem	4,212,028.3
Asynchronous clock subsystem	65,706.6
Image encryption subsystem	94,812.4
SoC	10,590,806.0

shows the area consumption of each subsystem. The SoC is successfully placed and routed under the layout floorplan of 4 mm × 4 mm, and then delivered to the foundry to complete the tape out. The final back-end layout is shown in Figure 25.

Figure 26 illustrates the actual workflow of the triple-hybrid encryption system on the implemented chip, together with the actual time required for each step. In Example 2, when a new batch of image data is ready to be encrypted, a new AES private key should be re-encrypted first. Although ECDH encryption accompanies each AES encryption, the time of ECDH encryption only accounts for 0.00475% and 0.00317% of each encryption time, respectively. In the two examples, the time from start to the {software program, PUF} verification step is the entire preparation time for each encryption flow. The additional boot time of 0.192 ms is barely noticeable by users, which only accounts for 0.00959% and 0.00383% of the total time, respectively. In field applications, as the amount of encrypted image data increases after each startup, the proportion of the preparation time will be lower, which fully reflects the advantage that the triple-hybrid encryption system will not slow down the software startup speed but will significantly improve the security of the whole chip.

6. Conclusions

This paper proposes an original triple-hybrid encryption system for the requirements of real-time image acquisition chips. The proposed encryption system makes full use of the respective advantages of the three algorithms so that the real-time image acquisition chip can obtain sufficient security. The encryption system also provides a new idea for other designs with the exact security requirements. The improved algorithm and triple-hybrid encryption system are implemented in hardware and constitute an image encryption subsystem. Finally, the image encryption subsystem, image acquisition subsystem, storage subsystem, software control, and bus subsystem, and asynchronous clock subsystem form a real-time image acquisition SoC based on the triple-hybrid encryption system. In the age of information, high-speed cryptography technology will become an essential demand for future security development, and the demand for image security is bound to be higher. The research results presented above in this paper will contribute to the development of high-speed cryptography and image encryption applications.