{"title":"适合 FPGA 的紧凑高效 AES 类 8 × 8 S-box","authors":"Ahmet Malal , Cihangir Tezcan","doi":"10.1016/j.micpro.2024.105007","DOIUrl":null,"url":null,"abstract":"<div><p><span>One of the main layers in the Advanced Encryption Standard (AES) is the substitution layer, where an 8 × 8 S-Box is used 16 times. The substitution layer provides confusion and makes the algorithm resistant to </span>cryptanalysis<span> techniques. Therefore, the security of the algorithm is also highly dependent on this layer. However, the cost of implementing 8 × 8 S-Box on FPGA platforms is considerably higher than other layers of the algorithm. Since S-Boxes are repeatedly used in the algorithm, the cost of the algorithm highly comes from the substitution layer. In 2005, Canright used different extension fields to represent AES S-Box to get FPGA-friendly compact designs. The best optimization proposed by Canright reduced the gate-area of the AES S-Box implementation by 20%.</span></p><p><span>In this study, we use the same optimization methods that Canright used to optimize AES S-Box on hardware platforms. Our purpose is not to optimize AES S-Box; we aim to create another 8 × 8 S-Box which is strong and compact enough for FPGA platforms. We create an 8 × 8 S-Box using the inverse field operation as in the case of AES S-Box. We use another irreducible polynomial to represent the finite field and get an FPGA-friendly compact and efficient 8 × 8 S-Box. The finite field we propose provides the same level of security against cryptanalysis techniques with a 3.125% less gate-area on Virtex-7 and Artix-7 FPGAs compared to Canright’s results. Moreover, our proposed S-Box requires 11.76% less gate on Virtex-4 FPGAs. These gate-area improvements are beneficial for resource-constraint </span>IoT<span> devices and allow more copies of the S-Box for algorithm parallelism. Therefore, we claim that our proposed S-Box is more compact and efficient than AES S-Box. Cryptographers who need an 8 × 8 S-Box can use our proposed S-Box in their designs instead of AES S-Box with the same level of security but better efficiency.</span></p></div>","PeriodicalId":49815,"journal":{"name":"Microprocessors and Microsystems","volume":"105 ","pages":"Article 105007"},"PeriodicalIF":1.9000,"publicationDate":"2024-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"FPGA-friendly compact and efficient AES-like 8 × 8 S-box\",\"authors\":\"Ahmet Malal , Cihangir Tezcan\",\"doi\":\"10.1016/j.micpro.2024.105007\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p><span>One of the main layers in the Advanced Encryption Standard (AES) is the substitution layer, where an 8 × 8 S-Box is used 16 times. The substitution layer provides confusion and makes the algorithm resistant to </span>cryptanalysis<span> techniques. Therefore, the security of the algorithm is also highly dependent on this layer. However, the cost of implementing 8 × 8 S-Box on FPGA platforms is considerably higher than other layers of the algorithm. Since S-Boxes are repeatedly used in the algorithm, the cost of the algorithm highly comes from the substitution layer. In 2005, Canright used different extension fields to represent AES S-Box to get FPGA-friendly compact designs. The best optimization proposed by Canright reduced the gate-area of the AES S-Box implementation by 20%.</span></p><p><span>In this study, we use the same optimization methods that Canright used to optimize AES S-Box on hardware platforms. Our purpose is not to optimize AES S-Box; we aim to create another 8 × 8 S-Box which is strong and compact enough for FPGA platforms. We create an 8 × 8 S-Box using the inverse field operation as in the case of AES S-Box. We use another irreducible polynomial to represent the finite field and get an FPGA-friendly compact and efficient 8 × 8 S-Box. The finite field we propose provides the same level of security against cryptanalysis techniques with a 3.125% less gate-area on Virtex-7 and Artix-7 FPGAs compared to Canright’s results. Moreover, our proposed S-Box requires 11.76% less gate on Virtex-4 FPGAs. These gate-area improvements are beneficial for resource-constraint </span>IoT<span> devices and allow more copies of the S-Box for algorithm parallelism. Therefore, we claim that our proposed S-Box is more compact and efficient than AES S-Box. Cryptographers who need an 8 × 8 S-Box can use our proposed S-Box in their designs instead of AES S-Box with the same level of security but better efficiency.</span></p></div>\",\"PeriodicalId\":49815,\"journal\":{\"name\":\"Microprocessors and Microsystems\",\"volume\":\"105 \",\"pages\":\"Article 105007\"},\"PeriodicalIF\":1.9000,\"publicationDate\":\"2024-01-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Microprocessors and Microsystems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0141933124000024\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Microprocessors and Microsystems","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0141933124000024","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
FPGA-friendly compact and efficient AES-like 8 × 8 S-box
One of the main layers in the Advanced Encryption Standard (AES) is the substitution layer, where an 8 × 8 S-Box is used 16 times. The substitution layer provides confusion and makes the algorithm resistant to cryptanalysis techniques. Therefore, the security of the algorithm is also highly dependent on this layer. However, the cost of implementing 8 × 8 S-Box on FPGA platforms is considerably higher than other layers of the algorithm. Since S-Boxes are repeatedly used in the algorithm, the cost of the algorithm highly comes from the substitution layer. In 2005, Canright used different extension fields to represent AES S-Box to get FPGA-friendly compact designs. The best optimization proposed by Canright reduced the gate-area of the AES S-Box implementation by 20%.
In this study, we use the same optimization methods that Canright used to optimize AES S-Box on hardware platforms. Our purpose is not to optimize AES S-Box; we aim to create another 8 × 8 S-Box which is strong and compact enough for FPGA platforms. We create an 8 × 8 S-Box using the inverse field operation as in the case of AES S-Box. We use another irreducible polynomial to represent the finite field and get an FPGA-friendly compact and efficient 8 × 8 S-Box. The finite field we propose provides the same level of security against cryptanalysis techniques with a 3.125% less gate-area on Virtex-7 and Artix-7 FPGAs compared to Canright’s results. Moreover, our proposed S-Box requires 11.76% less gate on Virtex-4 FPGAs. These gate-area improvements are beneficial for resource-constraint IoT devices and allow more copies of the S-Box for algorithm parallelism. Therefore, we claim that our proposed S-Box is more compact and efficient than AES S-Box. Cryptographers who need an 8 × 8 S-Box can use our proposed S-Box in their designs instead of AES S-Box with the same level of security but better efficiency.
期刊介绍:
Microprocessors and Microsystems: Embedded Hardware Design (MICPRO) is a journal covering all design and architectural aspects related to embedded systems hardware. This includes different embedded system hardware platforms ranging from custom hardware via reconfigurable systems and application specific processors to general purpose embedded processors. Special emphasis is put on novel complex embedded architectures, such as systems on chip (SoC), systems on a programmable/reconfigurable chip (SoPC) and multi-processor systems on a chip (MPSoC), as well as, their memory and communication methods and structures, such as network-on-chip (NoC).
Design automation of such systems including methodologies, techniques, flows and tools for their design, as well as, novel designs of hardware components fall within the scope of this journal. Novel cyber-physical applications that use embedded systems are also central in this journal. While software is not in the main focus of this journal, methods of hardware/software co-design, as well as, application restructuring and mapping to embedded hardware platforms, that consider interplay between software and hardware components with emphasis on hardware, are also in the journal scope.