Presentation is loading. Please wait.

Presentation is loading. Please wait.

Study of AES Encryption/Decription Optimizations Nathan Windels.

Published byAgatha Carr Modified over 9 years ago

Similar presentations

Presentation on theme: "Study of AES Encryption/Decription Optimizations Nathan Windels."— Presentation transcript:

1 Study of AES Encryption/Decription Optimizations Nathan Windels

2 Outline  Introduction  AES Algorithm  Areas of Optimization  Progress/Conclusion

3 Introduction

4 Three major implementation methods:  Software  -Typically, this method is much slower than hardware implementations.  FPGA  -Implemented as a hardware module directly to pins.  -Peripheral to a soft-core processor (communicates via on-chip bus).  -Tightly-coupled hardware implemented as an extended instruction set.  Custom Hardware (ASIC)

5 Introduction (2)  High throughput implementations are mainly used for high-end devices such as accelerator cards for e-commercial service and security trunk communications.  These types of implementations are typically unrolled loops within the AES algorithm with a pipelining of the 128-bit datapath.  Although they typically have a very high throughput, their area is very large.

6 Introduction (3)  The 32-bit AES implementations mainly multiplex the 128-bit datapath to 32 bits  This reduces circuit area at the expense of lowering speed.  This type of implementation is actually ideal for embedded applications.  My goal is to provide synthesis results for the different implementations as well as simulation/implemented results if time permits.

7 The AES Algorithm

8 AES Algorithm: Top Level Encryptor Encryption Key Data Cypher Data

9 AES Algorithm: Input StateCypher Key 2B28AB09 7EAEF7CF 15D2154F 16A6883C 328831E0 435A3137 F6309807 A88DA234 to Encryption Processto Key Schedule

10 AES Algorithm: Data Path From Key Schedule

11 AES Algorithm: Data Path – SubBytes

12 AES Algorithm: Data Path – ShiftRows 1 2 3

13 AES Algorithm: Data Path – MixColumns 020301 020301 0203 01 02 X =

14 AES Algorithm: Data Path – Add Key DataRound Key

15 AES Algorithm: Key Schedule  Without going into too much detail, the Key is generated in a ‘similar’ way.  In each Round a new Round Key is generated from the previous key.  This key is added to the dataset at the end of the round.

16 Areas of Optimization

17 Physical Layout - Starting Point

18 Optimization: Key Expansion  Pre-calculated in software and then stored in hardware (loaded when needed)  Low area  Hardware has to wait if new key is introduced (not good for continually changing key)  Calculated in parallel with the corresponding iteration  This allows for a changing key to be calculated on the fly  Extra hardware/area cost (not good for (embedded) fixed key applications)  Calculated in hardware ahead of time and stored  High hardware cost – introduces latency when a new key is introduced  The circuit can be ‘turned off’ in ASIC solution

19 Optimization: Shift Row  16x8 memory with shifting ability  2 shift registers  Rearrangement of wires (requires no extra area, but may cause congestion in the wiring)

20 Optimization: Substitute Byte  LUT  Easy to implement and understand. Would be a good idea to use the on chip ROM rather than LE’s (depending on application).  Uses lots of resources  Combinational logic  No need for memories (XOR circuit could be good in FPGA as we’ve seen earlier in this class)  Slow due to complex circuit.

21 Optimization: Mix Columns  Multiplication and XOR done in combinational logic  Easy to implement  Could be slow and cover a large area  Combine the MixCols multiplication with the sbox and leave XOR in the LE’s  Uses very few LE’s. Removes multiplication from the equation.  Quadrupals the size of the necessary ROM - could be a drawback

22 Conclusion: So Far....  Studied Papers that address several of the optimizations listed above  Decided on an approach to modify and test existing code  Begun modifications on the code that I’ve decided to use as a starting point ...don’t quite have synthesis results yet...

23 Papers “Embedded a Low Area 32-bit AES for Image Encryption/ Decryption Application” “Exploring HW/SW Co-Design of AES Algorithm Using Custom Instructions” “Improved Method to Increase AES System Speed” “An AES Tightly Coupled Hardware Accelerator in an FPGA-based Embedded Processor Core” “DSP’s, BRAM’s and Pinch of Logic: New Recipes for AES on FPGA’s”

Download ppt "Study of AES Encryption/Decription Optimizations Nathan Windels."

Similar presentations

AES Side Channel Attacks

AES Side Channel Attacks
DSPs Vs General Purpose Microprocessors

DSPs Vs General Purpose Microprocessors
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
1 Advanced Computer Architecture Limits to ILP Lecture 3.

1 Advanced Computer Architecture Limits to ILP Lecture 3.
Pipeline Computer Organization II 1 Hazards Situations that prevent starting the next instruction in the next cycle Structural hazards – A required resource.

Pipeline Computer Organization II 1 Hazards Situations that prevent starting the next instruction in the next cycle Structural hazards – A required resource.
1 KU College of Engineering Elec 204: Digital Systems Design Lecture 9 Programmable Configurations Read Only Memory (ROM) – –a fixed array of AND gates.

1 KU College of Engineering Elec 204: Digital Systems Design Lecture 9 Programmable Configurations Read Only Memory (ROM) – –a fixed array of AND gates.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Programmable Logic Devices

Programmable Logic Devices
FPGA-Based System Design: Chapter 3 Copyright  2004 Prentice Hall PTR SRAM-based FPGA n SRAM-based LE –Registers in logic elements –LUT-based logic element.

FPGA-Based System Design: Chapter 3 Copyright  2004 Prentice Hall PTR SRAM-based FPGA n SRAM-based LE –Registers in logic elements –LUT-based logic element.
From Sequences of Dependent Instructions to Functions An Approach for Improving Performance without ILP or Speculation Ben Rudzyn.

From Sequences of Dependent Instructions to Functions An Approach for Improving Performance without ILP or Speculation Ben Rudzyn.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
Advanced Encryption Standard

Advanced Encryption Standard
Advanced Encryption Standard For Smart Card Security Aiyappan Natarajan David Jasinski Kesava R.Talupuru Lilian Atieno Advisor: Prof. Wayne Burleson.

Advanced Encryption Standard For Smart Card Security Aiyappan Natarajan David Jasinski Kesava R.Talupuru Lilian Atieno Advisor: Prof. Wayne Burleson.
Cryptography and Network Security

Cryptography and Network Security
This Lecture: AES Key Expansion Equivalent Inverse Cipher Rijndael performance summary.

This Lecture: AES Key Expansion Equivalent Inverse Cipher Rijndael performance summary.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
The Spartan 3e FPGA. CS/EE 3710 The Spartan 3e FPGA  What’s inside the chip? How does it implement random logic? What other features can you use?  What.

The Spartan 3e FPGA. CS/EE 3710 The Spartan 3e FPGA  What’s inside the chip? How does it implement random logic? What other features can you use?  What.
1 COMP541 Sequencing – III (Sequencing a Computer) Montek Singh April 9, 2007.

1 COMP541 Sequencing – III (Sequencing a Computer) Montek Singh April 9, 2007.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Similar presentations

Ads by Google