Journal of Signal Processing Systems

, Volume 88, Issue 1, pp 1–12 | Cite as

AES-GCM and AEGIS: Efficient and High Speed Hardware Implementations

  • Karim M. Abdellatif
  • Roselyne Chotin-Avot
  • Habib Mehrez


Authenticated Encryption (AE) is a block cipher mode of operation which provides confidentiality and integrity simultaneously. In terms of the hardware implementation, it produces smaller area compared to two separated algorithms. Therefore, it has become popular and a number of modes have been proposed. This paper presents two efficient hardware implementations for AE schemes, AES-GCM and AEGIS. In terms of AES-GCM, the performance of the system is always determined by the Galois Hash (GHASH) architecture because of the inherent computation feedback. This paper introduces an efficient method for implementing the pipelined Karatsuba Ofman Algorithm (KOA)-based GHASH on FPGAs. In particular, the computation feedback is removed by analyzing the complexity of the computation process. In addition, an efficient AEGIS is also implemented using only five AES rounds. The proposed architectures are evaluated with three different implementations of AES SubBytes (BRAMs-based SubBytes, composite field-based SubBytes, and LUT-based SubBytes) to increase the flexibility of the presented work. The presented architectures are implemented using Xilinx Virtex-5 FPGAs. Our comparison to previous work reveals that our architectures are more performance-efficient (Throughput/Slices).


Authenticated encryption AES-GCM AEGIS FPGAs GHASH Karatsuba Ofman algorithm (KOA) 


  1. 1.
    McGrew, D., & Viega, J. (2005). The security and performance of the Galois/Counter Mode (GCM) of operation. Progress in Cryptology-INDOCRYPT, 377–413.Google Scholar
  2. 2.
    Wu, H., & Preneel, B. (2013). AEGIS:A Fast Authenticated Encryption Algorithm, Cryptology ePrint Archive Report 2013/695.Google Scholar
  3. 3.
    IEEE, IEEE Standard for Local and metropolitan area networks–Media Access Control (MAC) Security Amendment 1: Galois Counter Mode–Advanced Encryption Standard– 256 (GCM-AES-256) Cipher Suite.Google Scholar
  4. 4.
    Satoh, A. (2006). High-speed hardware architectures for authenticated encryption mode GCM. IEEE International Symposium on Circuits and Systems. ISCAS.Google Scholar
  5. 5.
    Crenne, J., Cotret, P., Gogniat, G., Tessier, R., & Diguet, J. (2011). Efficient key-dependent message authentication in reconfigurable hardware. International Conference on Field-Programmable Technology (FPT), 1–6.Google Scholar
  6. 6.
    Abdellatif, K. M., Chotin-Avot, R., & Mehrez, H. (2014). Authenticated encryption on FPGAs from the static part to the reconfigurable part, microprocessors and microsystems: Elsevier.Google Scholar
  7. 7.
    Zhou, G., Michalik, H., & Hinsenkamp, L. (2007). Efficient and High-Throughput Implementations of AES-GCM on FPGAs. In International Conference on Field-Programmable Technology, FPT (pp. 185–192).Google Scholar
  8. 8.
    Zhou, G., Michalik, H., & Hinsenkamp, L. (2009). Improving Throughput of AES-GCM with Pipelined Karatsuba Multipliers on FPGAs. Journal of Reconfigurable Computing: Architectures, Tools and Applications, 193–203.Google Scholar
  9. 9.
    Henzen, L., & Fichtner, W (2010). FPGA parallel-pipelined AES-GCM core for 100g ethernet applications.Google Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  • Karim M. Abdellatif
    • 1
  • Roselyne Chotin-Avot
    • 2
  • Habib Mehrez
    • 2
  1. 1.Center of Microelectronics in Provence (CMP)Saint-tienneFrance
  2. 2.LIP6-SoC Laboratory, University of Paris VIParisFrance

Personalised recommendations