High Throughput, low cost, Fully Pipelined Architecture for AES Crypto Chip

2006 Annual IEEE India Conference Pub Date : 2006-09-01 DOI:10.1109/INDCON.2006.302814

N. Iyer, P. Anandmohan, D. Poornaiah, V. Kulkarni

{"title":"High Throughput, low cost, Fully Pipelined Architecture for AES Crypto Chip","authors":"N. Iyer, P. Anandmohan, D. Poornaiah, V. Kulkarni","doi":"10.1109/INDCON.2006.302814","DOIUrl":null,"url":null,"abstract":"Reprogrammable devices such as field programmable gate arrays (FPGA's) are highly attractive options for hardware implementations of encryption algorithms. This paper proposes compact, memory less, high-speed hardware architectures for the Rijndael AES encryptor/decryptor, with combined data path, resource sharing and logic optimization for novel networking applications. Architectural optimization exploits the strength of pipelining, loop unrolling and sub-pipelining. Speed is increased by processing multiple rounds simultaneously at the cost of increased area. Algorithmic optimization exploits algorithmic strength inside each round unit. Various methods such as resource sharing and common sub expression elimination method for realizing various transformations in each round unit are presented to reduce the critical path and area issues between encryptor, and decryptor, advantage of sub-pipelining can be further explored by eliminating the unbreakable delay incurred by look-up tables in the conventional approaches, the widely used implementation of S-box, which uses combinational logic only. We explore the use of subfield arithmetic for efficient implementations of Galois Field arithmetic such as multiplication and inversion. Our technique involves mapping field elements to a composite field representation and a representation technique which minimizes the computation cost of the relevant arithmetic. Our method results in a very compact and fast gate circuit for Rijndael encryption and decryption. The pipelined architecture can be made to toggle between the encryption and decryption modes without the presence of any dead cycle. Using the proposed architecture, a fully sub-pipelined AES-128 core with both inner and outer round pipelining and a 5 sub-stages in each round unit implemented using Virtex-E devices can achieve a throughput of 26.64 Gbps at 206.84 MHz and 11720 CLB Slices in non-feedback modes with reduction of reconfigurable logic area of the complete cipher by up to 30%., and S-box with 64% reduction in area, which is faster and more efficient than the fastest previous FPGA implementation known to date","PeriodicalId":122715,"journal":{"name":"2006 Annual IEEE India Conference","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 Annual IEEE India Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDCON.2006.302814","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 30

Abstract

Reprogrammable devices such as field programmable gate arrays (FPGA's) are highly attractive options for hardware implementations of encryption algorithms. This paper proposes compact, memory less, high-speed hardware architectures for the Rijndael AES encryptor/decryptor, with combined data path, resource sharing and logic optimization for novel networking applications. Architectural optimization exploits the strength of pipelining, loop unrolling and sub-pipelining. Speed is increased by processing multiple rounds simultaneously at the cost of increased area. Algorithmic optimization exploits algorithmic strength inside each round unit. Various methods such as resource sharing and common sub expression elimination method for realizing various transformations in each round unit are presented to reduce the critical path and area issues between encryptor, and decryptor, advantage of sub-pipelining can be further explored by eliminating the unbreakable delay incurred by look-up tables in the conventional approaches, the widely used implementation of S-box, which uses combinational logic only. We explore the use of subfield arithmetic for efficient implementations of Galois Field arithmetic such as multiplication and inversion. Our technique involves mapping field elements to a composite field representation and a representation technique which minimizes the computation cost of the relevant arithmetic. Our method results in a very compact and fast gate circuit for Rijndael encryption and decryption. The pipelined architecture can be made to toggle between the encryption and decryption modes without the presence of any dead cycle. Using the proposed architecture, a fully sub-pipelined AES-128 core with both inner and outer round pipelining and a 5 sub-stages in each round unit implemented using Virtex-E devices can achieve a throughput of 26.64 Gbps at 206.84 MHz and 11720 CLB Slices in non-feedback modes with reduction of reconfigurable logic area of the complete cipher by up to 30%., and S-box with 64% reduction in area, which is faster and more efficient than the fastest previous FPGA implementation known to date

查看原文本刊更多论文

高吞吐量，低成本，全流水线架构的AES加密芯片

现场可编程门阵列(FPGA)等可编程设备是加密算法硬件实现的极具吸引力的选择。本文为Rijndael AES加密/解密器提出了紧凑、内存少、高速的硬件架构，并结合了数据路径、资源共享和逻辑优化，用于新型网络应用。架构优化利用了流水线、循环展开和子流水线的优势。速度的提高是通过同时处理多个回合，以增加面积为代价。算法优化利用每个回合单元内部的算法强度。提出了资源共享、公共子表达式消除等实现每个轮单元中各种变换的方法，以减少加密者和解密者之间的关键路径和区域问题，通过消除传统方法中查找表所带来的不可破解延迟，可以进一步探索子流水线的优势，广泛使用的S-box实现仅使用组合逻辑。我们探讨了子域算法在伽罗瓦场算法(如乘法和反演)的有效实现中的应用。我们的技术包括将字段元素映射到复合字段表示和一种最小化相关算法计算成本的表示技术。我们的方法为Rijndael加密和解密提供了一个非常紧凑和快速的门电路。流水线架构可以在加密和解密模式之间切换，而不会出现任何死循环。采用所提出的架构，采用virtexe器件实现的具有内部和外部轮管道以及每个轮单元5子阶段的完全子管道的AES-128内核在206.84 MHz和11720个CLB切片的非反馈模式下可以实现26.64 Gbps的吞吐量，并将完整密码的可重构逻辑区域减少高达30%。S-box的面积减少了64%，比迄今为止已知的最快的FPGA实现更快、更高效

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2006 Annual IEEE India Conference

自引率

0.00%

发文量