Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
The Design of Low-Area 32-Bit AES Encryption-Decryption System on FPGA

The Design of Low-Area 32-Bit AES Encryption-Decryption System on FPGA

Ratings: (0)|Views: 300|Likes:
Published by Wattanit Hotrakool
This is unpublished work under Creative Commons Attribution-ShareAlike 3.0 Unported License.
For more detail visit http://creativecommons.org/licenses/by-sa/3.0/
This is unpublished work under Creative Commons Attribution-ShareAlike 3.0 Unported License.
For more detail visit http://creativecommons.org/licenses/by-sa/3.0/

More info:

Published by: Wattanit Hotrakool on Jun 21, 2011
Copyright:Attribution Share Alike

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF or read online from Scribd
See more
See less

05/24/2012

pdf

 
The Design of Low-area 32-bit AESEncryption/Decryption System on FPGA
Wattanit Hortrakool, AAI AlHarbiy, Ji Song, Xiao-Yang Ji, Yu-Ou Jiang
 Abstract
– In many papers, FPGA design for theAdvanced Encryption Standard (AES) Rijndaelalgorithm mainly focused on the high throughput thatis up to twenty gigabit per second (Gbps). While thereare few application need high throughput, instead, thelow cost and low area are more suitable. This paperindicates a 32-bit core architecture which occupiesonly 288 slices in Spartan-3 device and provide thethroughput upto 195 Mbps.
 Index Terms
— Advanced Encryption Standard(AES), Field Programmable Gate Array (FPGA),Encryption, decryption, and low area.
I.
 
I
NTRODUCTION
 This coursework objective is to design aencryption and decryption unit using the AdvancedEncryption Standard (AES) algorithm andimplement the system on Field Programmable GateArray(FPGA) board.National Institute of Standards andTechnology replacing propose AES of Rijndaelcipher algorithm on 2001. It is a new digitalencryption standard that replace Digital EncryptionStandard (DES). Moreover, it is a Symmetric KeyCryptosystem that means the encryption anddecryption use the same key ciphers. Thisalgorithm could use the 128, 192 and 256 bits asthe block ciphers size on 128-bit data block, and itis more flexible, security and effective in thecryptography [1].Recently, the low area consumption of AES areapplied in Wireless Local Area Networks (WLAN),Wireless Personal Area Networks (WPAN),Wireless Sensor Networks (WSN) or other fields[2]. Typically, AES algorithm with loop-unrolledand 128-bit data path is high-speed design, but theconsumption and area also remain high. Reducingthe data-path from 128-bit to 32-bit could decreasethe slices of area, thus the 32-bit data path isapplied in our design with 128-bit ciphers length.This paper is organized as follows. In section 2indicates an overview of AES. Section 3 presentsour the 32-bit low-area architecture. Theimplementation result and comparison with otherworks are shown in Section 4. Finally, Section 5makes a conclusion of this paper.II.
 
A
DVANCE
E
NCRYPTION
S
TANDARD
 The Advance Encryption Standard is a round-based symmetric bloc cypher algorithm. AES usesa cipher key of length 128, 192, or 256 bits toencrypt or decrypt the data block of 128 bits [3].The number of iteration round Nr depends on thesize of key, which are 10, 12, 14 roundsrespectively. In each round between 1 to Nr-1,there are four basic operations which are SubByte,ShiftRow, MixColumn and AddRoundKey. Each128-bit data block called state. SubByte is anonlinear byte substitution, uses a substitution table(Sbox) to operate on each byte of the stateindependently. ShiftRow circularly shifts differentnumbers of bytes on the row of state. MixColumnmixes the bytes in the columns using themultiplication of the state with a polynomialmodulo. Finally, AddRoundKey is an XOR process,adding a round key from Key Expansion unit to thestate in each iteration. The encryption anddecryption flow diagrams are shown in Figure 1.
(a) Encryption (b) DecryptionFigure 1 128-bit AES Encryption/Decryption flow diagram.
Normal
 
textAddRoundKeySubByteShiftRowMixColumnAddRoundKeySubByteShiftRowAddRoundKeCypher
 
TextNormal
 
text
 
AddInvRoundKeyInvSubByte
 
InvShiftRow
 
InvMixColumInvSubByte
 
InvShiftRow
 
AddInvRoundKeNormal
 
textAddInvRoundKe
 
In thilow-areaimplemedevice (designHoweve192-bitarchitect
 A.
 
SubB
In thi(shown2048x9These BLUT forthe Bloceach rowwide, thconnectewhereasencryptiBRAMsoperatioThe useoccupiedcomputithroughppresente
 B.
 
Shift 
The(shown i16-bit Sshift regibecauseshift regmeans tbecausecapableslice of III.
 
P
ROPOS
s section, oAES systemnted on theC3S50). Thsing 32-bit, this systemand 256-biture of this sys
 yte and Inves
s design, thin Figure 3)ual-port Blolock RAMsSBox and Ink RAMs pro. The addresse first 8 bitd to the inthe 9
th
bitn/decryptioncan perforfor 4 bytes,of these Bby 4 sets of g 4 SBoxut especiallyin the syste
ow and Inve
design of n Figure 4) aift Registerssters are grouof 32-bit datister to handere are 32 rSRL16 requito put 2 regipartan 3 cont
ED
A
RCHITEC
r designedis presentedsmallestis design isdatapath witcan be redey as well.tem is shown
SubByte
SubByte aare implemek RAMs(Rre treated asvSBox. Eachvides the Suof the Blocs address oput data fris used toLUT. AltoSubByte a
 
which is 1 cAM halp recombinationes, as welwhen there i.
seShiftRow
hiftRow ane implement(SRL16) andped as a bytepath- Therele the data f gisters presires only 1ter into a siains 2 LUTs)
FiguTURE
 architecture. Our designilinx Spartahe round-bash 128-bit k sign easilyThe high-lein Figure 2.nd InvSubBnted using tMB16_S9_SROMs to st8-bit outputByte resultRAM is 11-each portom every rselect betweether, thesend InvSubBlumn, at a tiduce the slil logic usedl as increis no pipeliniInvShiftRd using a gromultiplexers. In this desiare 4 groupsor one colunted. HowevLUT, theregle slice (C.
e 2 High-level a
forisn3edy.forelteo9).reof forbitrewen2tee.esforsengwup
 
. 8n-of n,er,reBomsiesicthIn
InInInIn
rchitectureFigure 3 Im
 The outputeration isultiplexers usmple calculficiently contgnal. As a remponent occe input datavShiftRow.
Figure 4
 
Byte
 
1
 
inByte
 
2
 
inByte
 
3
 
inByte
 
4
 
inE/D
put row 1put row 2put row 3put row 4O
plementation of 
of ShiftRdone by cing 4-state Fition, eachrolled usingult, the Shiftupies only 1nd the outpu
esign of ShiftRo
Addr
 
BRAM
 
Addr
 
Addr
 
BRAM
 
Addr
 
utput row 1-4
SubByte/InvSub
w and Invontrolling thnite State Mamultiplexeronly singletRow and Invslices. Tablt data of Shi
w and InvShiftR
O
Byte
 
4
 
Byte
 
1Byte
 
2Byte
 
3
 
Byte
ShiftRowe 7-to-1chine. Bycan beit controlShiftRow1 showstRow and
ow
utut
 
 
8xSRL1
6
8xSRL1
6
8xSRL1
6
xSRL1
6
 
C.
 
 Mix
Galoicolumn tcolumnparametecalculateand decr
Thea consta
Whileby a fixeThis eimplemeof {0b}implemewhere
HoweInvMixCresults iusing thdifferent
Figure
As shInvMixCthe loginumberInsteaapply aftbe seen,each of Moreovemean onl 
0
 
41
 
52
 
63
 
7
(a)
 
In
Table 1 Result
olumn and In
Field multiransformatioare represer in GF (d by functionption. The f 
ix column mt polynomial
03
, in the decrd polynomial
0
quation of innted owing t, {0d}, {09nt as follow.
08
 
ver, thisolumn is verlarge circuimethod mmethod follo
5 Implementatio
own in Figolumn in thisand resourf slices occu
of computer
in ord
has othem is strr, {05} coully one multipl
 
 
8
 
12
 
0
 
9
 
13
 
5
 
10
 
14
 
10
 
11
 
15
 
15
put
 
(b)Aft
f ShiftRow and I
verseMixCol
lication is e, and in the 3nted as pol
). Everythat is variarm of polyno
ultiplied modc(x).
01
0
ption the ind (x), shown

 
09
verse mix coo complicate} and {0e}
08
004
 0
method of y complex, it. In this dentioned abowing [4].
of mix columncolumn
re 5, thesystem are des in orderied. By usin
 01
 04
 0
ing
direr to get the inly two mulaightforwardd equal toication need
4
 
8 12
 
9
 
13
 
1
 
14
 
2 6
 
3
 
7 11
 
er
 
ShiftRow
 
(c)Af 
InvShiftRow
mn
sential for2-bit system tynomials wbyte couldle in encryptimials is
 
 ulo
 1
w
1  02
 erse multipliby
 0
 lumn is direcmultiplicati. It could
 
08
 
 implementiefficient whisign, insteade, we apply
and inverse mix
ixColumn aesigned to shto optimize tthis relation 
 
5
 ctly,
cverse. As it ctiplications ato impleme{04}+{01} talculate.
 
 
0
 
4
 
8
 
123
 
1
 
5
 
90
 
14
 
2
 
67
 
11
 
15 3
er
 
InvShiftRow
 
ixheithbeonithedtlyonbengchof andreheananndnt.atscM
 D
eecwrewstbutcwcDaRFiwdRfithopacM
 E.
emcac
kere
By using tstem is mmponent ocixColumn an
.
 
Key Expans
Generally thpansion. Thery block of n change keay will repesult in speeday is to comore all keys ifore key adilising themponent.In order to aay is used.mponent cecryption unid then storeAM(RAMB1gure 6.
Figu
As a new keill store in 3lay. When totWord, S-Brst column reat, the newe clock andocess is reped stored. Thlumn beingachine.
Control Un
The contrcryption/decultiplexers.me from thea masterntroller also
 
 _inset
is method, tch reducedupies totald InvMixCol
ion
ere are twofirst way isencrypted davery fastt key schedreduction anlete whole k nto block raition. Thisresource,chieve low-aBy using thn be shart. We first prthem in a 56_36), the
re 6 Structure of 
y come in, t-deep shift re fourth colx and thenading from tolumn creatadd with thted until allcontrol of Ralculate are
it 
l of datyption is dohe coltrol siFinite Statecontroller.used to cont
FSMRRcon
the complexi. As a reof 56 slicesmn.ays to implprocess keyta. Using thiith no delayule every tiinefficient.ey expansionm, then readsecond wayespeciallyrea degsign, tis way, theed with Ecompute all12x9 single-iagram is
Key Expander
he first threegister aftermn flow in,dd with Rcohe shift regised will be dsecond col10 round keycon and thedone by a Fia path une by contrgnals for mMachine whioreover, thirol the round
 
delotWord
 
S
Box
 
ty of thesult, thisfor bothment keyscheduleway one, but thise, whichThe otherfirst andthem justalso helpSubBytee secondSubBytecryption/ ound keyort block hown incolumnsne clock it will don and theter. Afterlayed bymn. Thisare donehosen fornite Stateing forlling theltiplexersch workss masterkey read
ay
 
3deep
 
SRL16
 
key

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->