Advertisement

A Compact Rijndael Hardware Architecture with S-Box Optimization

  • Akashi Satoh
  • Sumio Morioka
  • Kohji Takano
  • Seiji Munetoh
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2248)

Abstract

Compact and high-speed hardware architectures and logic optimization methods for the AES algorithm Rijndael are described. Encryption and decryption data paths are combined and all arithmetic components are reused. By introducing a new composite field, the S-Box structure is also optimized. An extremely small size of 5.4 Kgates is obtained for a 128-bit key Rijndael circuit using a 0.11-μmCMOS standard cell library. It requires only 0.052 mm2 of area to support both encryption and decryption with 311 Mbps throughput. By making effective use of the SPN parallel feature, the throughput can be boosted up to 2.6 Gbps for a high-speed implementation whose size is 21.3 Kgates.

Keywords

Block Cipher Advance Encryption Standard Data Encryption Standard Critical Path Delay Isomorphism Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. [1]
    ANSI (American National Standards Institute). Triple Data Encryption Algorithm Modes of Operation, 1998.Google Scholar
  2. [2]
    J. Daemen and V. Rijmen. AES Proposal: Rijndael. NIST AES Proposal, June 1998. Available at http://csrc.nist.gov/encryption/aes /rijndael/Rijndael.pdf.
  3. [3]
    A. J. Elbirt, W. Yip, B. Chetwynd, and C. Paar. An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists. In The Third Advanced Encryption Standard Candidate Conference, pages 13–27. NIST, April 2000. Available at http://csrc.nist.gov/encryption/aes/round2/conf3/papers/08-aelbirt.pdf.
  4. [4]
    J.L. Fan and C. Paar. On Efficient Inversion in Tower Fields of Characteristic Two. In International Symposium on Information Theory, page 20. IEEE, June 1997.Google Scholar
  5. [5]
    V. Fischer and M. Drutarovsky. Two Methods of Rijndael Implementation in Reconfigurable Hardware. In Workshop on Cryptographic Hardware and Embedded Systems (CHES2001), pages 81–96, May 2001.Google Scholar
  6. [6]
    K. Gaj and P. Chodowiec. Comparison of the Hardware Prformance of the AES Candidates using Reconfigurable Hardware. In The Third Advanced Encryption Standard Candidate Conference, pages 40–56. NIST, April 2000. Available at http://csrc.nist.gov/encryption/aes/round2/conf3/papers/22-kgaj.pdf.
  7. [7]
    J. Guajardo and C. Paar. Efficient Algorithms for Elliptic Curve Cryptosystems. In Jr. Burton S. Kaliski, editor, Advances in Cryptology—CRYPTO’ 97, volume 1294 of Lecture Notes in Computer Science, pages 342–356. Springer-Verlag, August 1997.CrossRefGoogle Scholar
  8. [8]
    T. Ichikawa, T. Kasuya, and M. Matsui. Hardware Evaluation of the AES Finalists. In The Third Advanced Encryption Standard Candidate Conference, pages 279–285. NIST, April 2000. Available at http://csrc.nist.gov/encryption/aes/round2/conf3/papers/15-tichikawa.pdf.
  9. [9]
    T. Ichikawa, T. Tokita, and M. Matsui. On Hardware Implementation of 128-bit Block Ciphers (III). In 2001 Symposium on Cryptography and Information Security (SCIS 2001), pages 669–674, January 2001. (Japanese).Google Scholar
  10. [10]
    H. Kuo and I. Verbauwhede. Architectural Optimization for a 1.82 Gbits/sec VLSI Implementation of the AES Rijndael Algorithm. In Workshop on Cryptographic Hardware and Embedded Systems (CHES2001), pages 53–67, May 2001.Google Scholar
  11. [11]
    M. McLoone and J.V. McCanny. High performance Single-chip FPGA Rijndael Algorithm Implementations. In Workshop on Cryptographic Hardware and Embedded Systems (CHES2001), pages 68–80, May 2001.Google Scholar
  12. [12]
    S. Morioka and Y. Katayama. Design Methodology for a One-Shot Reed-Solomon Encoder and Decoder. In International Conference on Computer Design (ICCD’ 99), pages 60–67. IEEE, October 1999.Google Scholar
  13. [13]
    National Institute of Standards and Technology (U.S.). Advanced Encryption Standard (AES). Available at http://csrc.nist.gov/publications/drafts/d.ps-AES.pdf.
  14. [14]
    National Institute of Standards and Technology (U.S.). Data Encryption Standard (DES). FIPS Publication 46-3, NIST, 1999. Available at http://csrc.nist.gov/publications/.ps/.ps46-3/.ps46-3.pdf.
  15. [15]
    C. Paar. A New Architecture for a Parallel Finite Field Multiplier with Low Complexity Based on Composite Fields. IEEE Transactions on Computers, 45(7):856–861, July 1996.zbMATHCrossRefMathSciNetGoogle Scholar
  16. [16]
    A. Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi. Efficient Rijndael Encryption Implementation with Composite Field Arithmetic. In Workshop on Cryptographic Hardware and Embedded Systems (CHES2001), pages 175–188, May 2001.Google Scholar
  17. [17]
    N. Weaver and J. Wawrzynek. A Comparison of the AES Candidates Amenability to FPGA Implementation. In The Third Advanced Encryption Standard Candidate Conference, pages 28–39. NIST, April 2000. Available at http://csrc.nist.gov/encryption/aes/round2/conf3/papers/13-nweaver.pdf.
  18. [18]
    B. Weeks, M. Bean, T. Rozylowicz, and C. Ficke. Hardware Performance Simulation of Round 2 Advanced Encryption Standard Algorithm. Available at http://csrc.nist.gov /encryption/aes/round2/NSA-AES.nalreport.pdf.

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Akashi Satoh
    • 1
  • Sumio Morioka
    • 1
  • Kohji Takano
    • 1
  • Seiji Munetoh
    • 1
  1. 1.IBM Research, Tokyo Research LaboratoryIBM Japan Ltd.KanagawaJapan

Personalised recommendations