Bitslice Implementation of AES

  • Chester Rebeiro
  • David Selvakumar
  • A. S. L. Devi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4301)


Network applications need to be fast and at the same time provide security. In order to minimize the overhead of the security algorithm on the performance of the application, the speeds of encryption and decryption of the algorithm are critical. To obtain maximum performance from the algorithm, efficient techniques for its implementation must be used and the implementation must be tuned for the specific hardware on which it is running.

Bitslice is a non-conventional but efficient way to implement DES in software. It involves breaking down of DES into logical bit operations so that N parallel encryptions are possible on a single N-bit microprocessor. This results in tremendous throughput. AES is a symmetric block cipher introduced by NIST as a replacement for DES. It is rapidly becoming popular due to its good security features, efficiency, performance and simplicity. In this paper we present an implementation of AES using the bitslice technique. We analyze the impact of the architecture of the microprocessor on the performance of bitslice AES. We consider three processors; the Intel Pentium 4, the AMD Athlon 64 and the Intel Core 2. We optimize the implementation to best utilize the superscalar architecture and SIMD instruction set present in the processors.


Clock Cycle Block Cipher Advance Encryption Standard Advance Encryption Standard Algorithm Fast Software Encryption 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E.: A Fast New DES Implementation in Software. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 260–272. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  2. 2.
    National Institute of Standards and Technology (NIST), Information Technology Laboratory (ITL), Advanced Encryption Standard (AES), Federal Information Processing Standards (FIPS) Publication 197 (2001)Google Scholar
  3. 3.
    National Institute of Standards and Technology (NIST), Computer Security Division, Recommendation for Block Cipher Modes of Operation: Methods and Techniques, Special Publication 800-38A (2001)Google Scholar
  4. 4.
    Daemen, J., Rijmen, V.: AES Proposal: Rijndael, Version 2, AES submission (1999),
  5. 5.
    Kwan, M.: Bitslice implementation of DES,
  6. 6.
    Rudra, A., Dubey, P.K., Jutla, C.S., Kumar, V., Rao, J.R., Rohatgi, P.: Efficient Implementation of Rijndael Encryption with Composite Field Arithmetic. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 319. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Gaubatz, G., Sunar, B.: Leveraging the Multiprocessing Capabilities of Modern Network Processors for Cryptographic Acceleration. In: 4th IEEE International Symposium on Network Computing and Applications (NAC 2005), Cambridge, Massachusetts (July 2005)Google Scholar
  8. 8.
    Rijmen, V.: Efficient Implementation of the Rijndael SBox,
  9. 9.
    Wolkerstorfer, J., Oswald, E., Lamberger, M.: An ASIC implementation of the AES Sboxes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 67–78. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Canright, D.: A Very Compact S-Box for AES. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 441–455. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Matsui, M., Fukuda, S.: How to Maximize Software Performance of Symmetric Primitives on Pentium III and 4 Processors. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 398–412. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: the Case of AES (2005),
  13. 13.
    Bernstein, D.J.: Cache-timing attacks on AES (2005),
  14. 14.
    Aoki, K., Lipmaa, H.: Fast Implementations of AES Candidates. In: Proceedings of the 3rd AES Candidate Conference (2000), available at:
  15. 15.
    AMD Manual: Software Optimization Guide for AMD Athlon 64 and AMD Opteron Processors,
  16. 16.
    Intel Manual, IA-32 Intel Architecture Optimization Reference Manual,
  17. 17.
    Fog, A.: Instruction tables: Lists of instruction latencies, throughputs and micro-operation breakdowns for Intel and AMD CPU’s (2006),
  18. 18.
    The microarchitecture of Intel and AMD CPUs (2006),
  19. 19.
    Gladman, B.: AES Code,
  20. 20.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Chester Rebeiro
    • 1
  • David Selvakumar
    • 1
  • A. S. L. Devi
    • 1
  1. 1.Real Time Systems GroupCentre For Development of Advanced ComputingBangaloreIndia

Personalised recommendations