Abstract
The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplicative inversion s(x) = x − 1 in GF(256) and followed by an affine transformation in GF(2). The S-box is the most expansive building block of any hardware implementation of the AES, and the multiplicative inversion is the most costly step of the S-box transformation. There exist many publications about hardware implementations of the S-box and the smallest known implementations are based on normal bases. In this paper, we introduce a new method to implement the multiplicative inversion over GF(256) based on normal bases that have not been considered before in the context of AES implementations.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Austria Microsystems. Standard Cell Library 0.35μm CMOS (C35), http://asic.austriamicrosystems.com/databooks/c35/databook_c35_33
Canright, D.: A very compact Rijndael S-box (May 2005), http://web.nps.navy.mil/~dcanrig/pub .
Canright, D.: A Very Compact S-Box for AES. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 441–455. Springer, Heidelberg (2005)
Certicom. \(F_{2^4}\) with Optimal Normal Basis Representation, http://www.certicom.com/index.php?action=ecc_tutorial,math9_1
Lidl, R., Niederreiter, H.: Introduction to Finite Fields and their Applications. Cambridge University Press, New York (1986)
Mentens, N., Batina, L., Preneel, B., Verbauwhede, I.: A Systematic Evaluation of Compact Hardware Implementations for the Rijndael S-Box. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 323–333. Springer, Heidelberg (2005)
Mullin, R.C., Onyszchuk, I.M., Vanstone, S.A., Wilson, R.M.: Optimal Normal Bases in GF(p n). Discrete Appl. Math. 22, 149–161 (1989)
Paar, C.: Efficient VLSI Architectures for Bit-Parallel Computation in Galois Fields. PhD thesis, Institute for Experimental Mathematics, University of Essen (1994)
Rijmen, V.: Efficient Implementation of the Rijndael S-box (2000), www.iaik.tugraz.at/RESEARCH/krypto/AES/old/~rijmen/rijndael/sbox.pdf
Rudra, A., Dubey, P.K., Jutla, C.S., Kumar, V., Rao, J.R., Rohatgi, P.: Efficient rijndael encryption implementation with composite field arithmetic. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 171–184. Springer, Heidelberg (2001)
Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)
Tillich, S., Feldhofer, M., Großschädl, J., Popp, T.: Area, Delay, and Power Characteristics of Standard-Cell Implementations of the AES S-Box. Journal of Signal Processing Systems 50(2), 251–261 (2008)
Wolkerstorfer, J., Oswald, E., Lamberger, M.: An ASIC Implementation of the AES SBoxes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 67–78. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nikova, S., Rijmen, V., Schläffer, M. (2008). Using Normal Bases for Compact Hardware Implementations of the AES S-Box. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds) Security and Cryptography for Networks. SCN 2008. Lecture Notes in Computer Science, vol 5229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85855-3_16
Download citation
DOI: https://doi.org/10.1007/978-3-540-85855-3_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85854-6
Online ISBN: 978-3-540-85855-3
eBook Packages: Computer ScienceComputer Science (R0)