Advance Encryption Standard | Cryptography | Public Key Cryptography

www.final-yearproject.com | www.finalyearthesis.

com

In today’s world most of the communication is done using electronic media. Data Security plays a vital role in such communication. Hence, there is a need to protect data from malicious attacks. Cryptography is the science of secret codes, enabling the confidentiality of communication through an insecure channel. It protects against unauthorized parties by preventing unauthorized alteration of use. Generally speaking, it uses a cryptographic system to transform a plaintext into a cipher text, using most of the time a key. Advanced Encryption Standard (AES), also known as Rijndael, is an encryption standard used for securing information. AES was published by NIST (National Institute of Standards and Technology). AES is a block cipher algorithm that has been analyzed extensively and is now used widely. AES is a symmetric block cipher that is intended to replace DES as the approved standard for a wide range of applications. The block cipher Rijnddael was designed by Dr. Joan Daemen and Dr. Vincent Rijmen and the name of the algorithm is a combination of the names of its two creators. Rijndael is very secure and has no known weakness. Rijndael is conventional (symmetric key) system and is relatively simple cipher in many respects. It takes an input block of a certain size, usually 128, and produces a corresponding output block of the same size. The transformation requires a second input, which is the secret key. It is important to know that the secret key. In this work, both encryption and decryption will be carried out with the key length of 128 bits, that is, both AES encrypter and the AES decrypter were integrated. Hence the input block and secret key will be provided for encryption and the cipher block and same secret key will be provided to the decryption to get the proper block as output. All the transformations of both Encryption and Decryption will be developed using VHDL language and will be verified with the help of its simulation result. The AES Encryption and Decryption is synthesized on FPGA family of Virtex-2 using Xilinx ISE tool and hence the design operates at a maximum clock frequency of 18.970 MHz with a minimum period of 52.716ns.

1

www.final-yearproject.com | www.finalyearthesis.com

INDEX 1.INTRODUCTION 1.1 Introduction 1.1.1 What is cryptography 1.1.2 How does cryptography work 1.1.3 The purpose of cryptography 1.2 Methods of encryption 1.2.1 Symmetric cryptography 1.2.2 Asymmetric cryptography 1.3 Types of cryptographic algorithms 1.4 Introduction to AES 1.4.1 Block cipher 1.5 Application 2. ADVANCED ENCRYPTION STANDARD ALGORITHM 2.1 Introduction 2.2 Terminologies 2.3 Algorithm parameters 2.4 AES algorithm 2.4.1 Specification 2.4.2 Description 2.5 Encryption 2.5.1 AES cipher functions 2.5.1.1 Subbytes transformation 2.5.1.2 Shiftrows transformation 2.5.1.3 Mixcolumns transformation 2.5.1.4 Addroundkey transformation 2.5.2 Key expansion 2.6 Decryption 28 2.6.1 AES inverse cipher functions 2.6.1.1 Invsubbytes transformation 2.6.1.2 Invshiftrows transformation
2

1-13 1 1 2 3 4 4 7 10 11 12 13 14-31 14 14 15 16 16 16 18 19 21 22 24 25

29 29 29

www.final-yearproject.com | www.finalyearthesis.com

2.6.1.3 Invmixcolumns transformation 2.7 Summary

30 31

3. AES ALGORITHM IMPLEMENTATION 3.1 Introduction 3.2 Implementation requirements 3.3 Notation and conventions 3.4 Mathematical preliminaries 3.5 General implementation flow 3.6 Implementation 3.7 Summary 4.CODING 4.1 Package of functions required for AES algorithm 4.2 Entity for AES encryption / decryption round 4.3 Entity for last AES encryption / decryption round 4.4 Entity for testing AES encryption / decryption round 4.5 Entity for testing AES encryption / decryption round 5.RESULTS AND DISCUSSION 5.1 Introduction 5.2 Simulation results 5.3 Introduction to FPGA 5.4 Synthesis result 5.5 Summary

32-40 32 32 33 35 36 37 40 41-61 41 51 53 54 59 62-75 62 62 71 72 75

6.CONCLUSION AND FUTURE SCOPE
3

76-78

www.final-yearproject.com | www.finalyearthesis.com

6.1 Conclusion 6.2 Future scope 7.BIBILOGRAPHY

76 76 79

4

final-yearproject.www.com LIST OF FIGURES 1.4 Simulation Result of Decryption with Internal Operation for Set-1 Inputs 5.com | www. 1.1 Simulation Result of AES Encryption and Decryption for Set-1 Inputs 5.finalyearthesis.2 Block Diagram for AES Round and AES Last Round 2. the sender and receiver use the same key for encryption and decryption functions.6 AddRoundKey Operation 2.3 Asymmetric cryptosystem 1.2 Using symmetric algorithms.2 General Implementation Flow Diagram 5.5 MixColumns operates on the State column-by-column 2.1 State Array Input and Output 3.2 Simulation Result of AES Encryption and Decryption for Set-2 Inputs 5.3 SubBytes Operation of the State 2.5 Simulation Result of Encryption with Internal Operation for Set-2 Inputs 5.1 Encryption and decryption 1 1.3 Simulation Result of Encryption with Internal Operation for Set-1 5.5 Three types of cryptographic algorithms 2.6 Simulation Result of Decryption with Internal Operation for Set-2 Inputs 5 7 9 11 17 20 21 22 24 25 30 34 36 63 64 65 67 68 68 5 .4 Type of security service that will be provided 1.1 Top Level Block Diagram of AES Algorithm 2.4 ShiftRows Operation of the State 2.7 InvShiftRows Operation of the State 3.

12 RTL Schematic 70 70 71 72 73 6 .7 Simulation Result of Encryption for Set-1 Inputs 69 5.8 Simulation Result of Decryption for Set-1 Inputs 5.www.finalyearthesis.com 5.final-yearproject.com | www.11 Logic Block 5.9 Simulation Result of Encryption for Set-2 Inputs 5.10 Simulation Result of Decryption for Set-2 Inputs 5.

7 .1 WHAT IS CRYPTOGRAPHY To enhance the security of the data.www. code language for writing messages were used. even those who can see the encrypted data.finalyearthesis. The method of disguising plaintext in such a way as to hide its substance is called encryption. The process of reverting ciphertext to its original plaintext is called decryption. Figure 1. Cryptography is a science of coding message secretly while cryptanalysis is a science of breaking codes.1 illustrates this process. Cryptography is a science of using mathematics to encrypt and decrypt data. You use encryption to ensure that information is hidden from anyone for whom it is not intended.com INTRODUCTION 1.1 Encryption and decryption 1. CRYPTOLOGY CRYPTOGRAPHY CRYPTANALYSIS Our project is concerned with cryptography.final-yearproject. Cryptology consists of two streams namely cryptography and cryptanalysis. Figure 1.com | www. Encrypting plaintext results in unreadable gibberish called ciphertext. Cryptography enables to store sensitive information or transmit it across insecure networks so that it cannot be read by any one except the intended recipient. The branch of mathematics that investigates the code languages and methods is called cryptology.1.1 INTRODUCTION Data that can be read and understood without any special measures is called plaintext or cleartext.

is a mathematical function used in the encryption and decryption process. How difficult? Given all today’s computing power and available time. 1. While cryptography is science of securing data. than claims of impenetrability. Cryptography is used in applications present in technology advanced in societies. The result of the strong Cryptography is cipher text that is very difficult to decipher without possession of the appropriate decoding tool.1. PGP is also about the latter sort of cryptography. The same plaintext encrypts to different ciphertext with different keys. pattern finding.com | www. There are two kinds of cryptography in this world: cryptography that will stop major governments from reading our files. Cryptology is considered to be a branch of both mathematics and computer science.final-yearproject. A cryptographic algorithm works in combination with a key—a word.finalyearthesis. and is afflicted closely with information theory.www. determination. and luck. or phrase—to encrypt the plaintext. examples include the security of the ATM cards. application of mathematical tools.even a billion computers doing a billion checks a second – it is not possible to decipher the result of strong cryptography before the end of the universe. number.2 HOW DOES CRYPTOGRAPHY WORK A cryptographic algorithm. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key. Cryptography can be strong or weak. then. Cryptography embraces both cryptography and cryptanalysis. or cipher. however. 8 . Vigilance and conservatism will protect us better. computer security and engineering. In modern times. Cryptanalysts are also attackers. Cryptography strength is measured in the time and the resources it would require to recover plain text. One would think. cryptanalysis is a science of analyzing and breaking secure communication. that strong Cryptography would hold up rather well against even an extremely determined cryptanalyst. Classical involves and interesting combination of analytical reasoning. Who’s really to say? No can prove that the strongest encryption obtainable today will hold up under tomorrow’s computing power. as explained above.com Cryptography or Cryptology is derived from Greek kryptos “hidden” and the verb grafo “write” or legein “to speak” is the practice and study of hiding information. computer pass words and electronic commerce which all depend upon Cryptography.

It is no surprise. when an Egyptian scribe used non-standard hieroglyphs in an inscription.) • Privacy/confidentiality: Ensuring that no one can read the message Integrity: Assuring the receiver that the received message has not been Non-repudiation: A mechanism to prove that the sender really sent this except the intended receiver.final-yearproject. particularly the Internet. then. CRYPTOSYSTEM SOFTWARE 1. Within the context of any application-to-application communication. then. cryptography is necessary when communicating over any un-trusted medium.www.com A cryptographic algorithm. that new forms of cryptography came soon after the widespread development of computer communications. with applications ranging from diplomatic missives to war-time battle plans. In data and telecommunications. the first documented use of cryptography in writing dates back to circa 1900 B. in general. which includes just about any network. Cryptosystem can be divided in to Software and Hardware. there are some specific security requirements including: • Authentication: The process of proving one's identity. but can also be used for user authentication. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based. both of which are notoriously weak.finalyearthesis.com | www. PGP is a cryptosystem.C. There are.3 THE PURPOSE OF CRYPTOGRAPHY HARDWARE Cryptography is the science of writing in secret code and is an ancient art. • altered in any way from the original. plus all possible keys and all the protocols that make it work comprise a cryptosystem.1. not only protects data from theft or alteration. three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) 9 . Cryptography. Some experts argue that cryptography appeared spontaneously sometime after writing was invented. • message.

they will be referred to as Carol and Dave. they must use different keys for encryption and decryption purposes.2.2 METHODS OF ENCRYPTION Although there can be several pieces to an encryption method. also called public keys. Eve is an eavesdropper.1 SYMMETRIC CRYPTOGRAPHY In a cryptosystem that uses symmetric cryptography. Just pay close attention and we will get through this just fine. two communicating parties will be referred to as Alice and Bob. this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. public-key (or asymmetric) cryptography. each of which is described below. algorithms are usually complex mathematical formulas that dictate the rules of how the plaintext will be turned into cipher text. This provides dual functionality. For two entities to be able to communicate via encryption. which will in turn (usually) be decrypted into usable plaintext.www. It is encrypted into ciphertext.2. the two main pieces are the algorithms and the keys. 10 . also called secret keys. Symmetric versus Asymmetric Algorithms Cryptography algorithms use either symmetric keys. In some encryption methods. Mallory is a malicious party. many times. that intruder would have the ability to decrypt any intercepted message encrypted with this key. or asymmetric keys. both parties will be using the same key for encryption and decryption. as shown in Figure 1. symmetric keys are also called secret keys because this type of encryption relies on each user to keep the key a secret and properly protected. As we said. If there is a third or fourth party to the communication. In all cases. they must use the same algorithm and.com | www. As encryption was not complicated enough.finalyearthesis. As stated earlier.com cryptography. the titles that are used to describe the key type’s only make it worse. 1. the same key.final-yearproject. 1. In many of the descriptions below. and Trent is a trusted third party. A key is a string of random bits that will be inserted into the algorithm. the receiver and the sender use the same key and in other encryption methods. the initial unencrypted data is referred to as plaintext. and hash functions. If this key got into an intruder’s hand. The following sections explain the difference between these two types of encryption methods.

but does not necessarily want to spend his days looking for the right key to be able to communicate with Dave.950 symmetric keys. This means if Dan and Iqqi want to communicate. then he would need to keep track of 45 different keys. one for each friend. If Dan were going to communicate with 100 other people. then all messages encrypted with that key can be decrypted and read by an intruder.2 Using symmetric algorithms. Figure 1. the sender and receiver use the same key for encryption and decryption functions. If a key is compromised.com | www. Dan is a pretty bright guy.finalyearthesis.www. both need to obtain a copy of the same key. This is complicated further by how symmetric keys are actually shared and updated when necessary. This should raise red flags to you if you have ever had to depend on a whole staff of people to keep a secret. This might not sound like a big deal until Dan realizes that he may communicate with hundreds of people over a period of several months. If Dan were going to communicate with 10 other people.final-yearproject. The security of the symmetric encryption method is completely dependent on how well users protect the key. then he would have to maintain and keep up with 4. If Dan wants to communicate to Norm for the first time.com Each pair of users who want to exchange data using symmetric key encryption must have their own set of keys. Dan has to 11 . he now needs to have three separate keys. and keeping track and using the correct key that corresponds to each specific receiver can become a very daunting task. If Dan also wants to communicate using symmetric encryption with Norm and Dave.

send it to him via snail mail. symmetric algorithms scream in speed. Well. Because both users use the same key to encrypt and decrypt messages. Scalability Each pair of users needs a unique pair of keys. but some things you just want to keep 1.2 ASYMMETRIC CRYPTOGRAPHY private. so the number of Keys grow exponentially.final-yearproject. why use them at all? They are very fast and can be hard to break. The following list outlines the strengths and weakness of symmetric key systems: • • • • • • • • Strengths Much faster than asymmetric systems Hard to break if using a large key size Weaknesses Key distribution It requires a secure mechanism to deliver keys properly. or have a secure carrier deliver it to Norm. if symmetric cryptosystems have so many problems and flaws. but they cannot provide authentication or non-repudiation. Limited security It can provide confidentiality.com | www. It is also very difficult to uncover data that is encrypted with a symmetric algorithm if a large key size was used. The following are examples of symmetric key cryptography algorithms: • • • Data Encryption Standard (DES) Triple DES (3DES) Advanced Encryption Standard (AES) Some things you can tell the public. This is a huge hassle. Compared to asymmetric systems. 12 .com figure out how to get Norm the right key. There is no way to prove who actually sent a message if two people are using the exact same key. Dan has to get the key to Norm through an out-of-band method.2. but not authenticity or nonrepudiation.finalyearthesis. symmetric cryptosystems can provide confidentiality. and each method is very clumsy and insecure. They can encrypt and decrypt large amounts of data that would take an unacceptable amount of time if an asymmetric algorithm was used instead. Dan can save the key on a floppy disk and walk over to Norm’s desk. It is not safe to just send it in an e-mail message because the key is not protected and it can be easily intercepted and used by attackers.www.

final-yearproject. the other key is required to decrypt the message. All she needs to do is encrypt her reply with Bob’s public key. 13 . the receiver must have a copy of Bob’s public key to decrypt it. The public key can be known to everyone. a single secret key is used between entities.com In symmetric key cryptography.finalyearthesis. If Bob encrypts a message with his private key.www. The two different asymmetric keys are mathematically related. If a message is encrypted by one key. or asymmetric keys. but cannot be derived from each other. it does not mean he can now use some mathematical magic and find out Bob’s private key. In a public key system. public keys are listed in directories and databases of e-mail addresses so they are available to anyone who wants to use these keys to encrypt or decrypt data when communicating with a particular person.3 illustrates an asymmetric cryptosystem. Figure 1. Figure 1.com | www. and then Bob can decrypt the message with his private key. whereas in public key systems.3 Asymmetric cryptosystem The public and private keys are mathematically related. and the private key must only be known to the owner. This means that if an evildoer gets a copy of Bob’s public key. each entity has different keys. Many times. The receiver can decrypt Bob’s message and decide to reply back to Bob in an encrypted form. the pair of keys is made up of one public key and one private key. It is not possible to encrypt and decrypt using the exact same key when using an asymmetric key encryption technology.

If authentication is the most important security service to the sender. because Bob is the only one who is supposed to have his private key. Symmetric keys do not provide authenticity because the same key is used on both ends.com Bob can encrypt a message with his private key and the receiver can then decrypt it with Bob’s public key. then Bob can be sure that the message came from her and no one else. she would encrypt the file with the receiver’s public key. This provides authentication. If she uses her private key to encrypt the message. If she encrypted the response with Bob’s public key. then she would encrypt the message with her private key. Encrypting a message with the sender’s private key is called an open message format because anyone with a copy of the corresponding public key can decrypt the message. confidentiality is not ensured. Now the receiver can also encrypt her response with her private key instead of using Bob’s public key. This is called a secure message format because it can only be decrypted by the person who has the corresponding private key.com | www. The receiver would then need to decrypt the message with his own private key and then decrypt it again with the sender’s public key. it does not provide authenticity because anyone can get a hold of Bob’s public key. she will encrypt the response with his public key. This provides confidentiality 14 . By decrypting the message with Bob’s public key. the sender would encrypt the message with her private key and then encrypt it again with the receiver’s public key. thus. the receiver can be sure that the message really came from Bob. For a message to be in a secure and signed format.finalyearthesis. Using one of the secret keys does not ensure that the message originated from a specific entity. Why would she do that? She wants Bob to know that the message came from her and no one else. This provides assurance to the receiver that the only person who could have encrypted the message is the individual who has possession of that private key.final-yearproject. authentication is not provided because this public key is available to anyone. A message can only be decrypted with a public key if the message was encrypted with the corresponding private key.www. Only Bob will be able to decrypt the message because he is the only one who has the necessary private key. If the sender encrypted the message with the receiver’s public key. When the receiver wants to make sure Bob is the only one that can read her reply. If confidentiality is the most important security service to a sender.

Asymmetric systems also provide for easier and more manageable key distribution than symmetric systems and do not have the scalability issues of symmetric systems. authentication. An asymmetric cryptosystem works much slower than symmetric systems.www. and non repudiation depending on its configuration and use.finalyearthesis.4. The following outlines the strengths and weaknesses of asymmetric key systems: • • • • Strengths Better key distribution than symmetric systems Better scalability than symmetric systems Can provide confidentiality. They both have the capability to encrypt and decrypt data. Each key type can be used to encrypt and decrypt. Figure 1. but can provide confidentiality.com and authentication for that delivered message.4 Type of security service that will be provided. and non repudiation Weaknesses 15 • . authentication. The different encryption methods are shown in Figure 1.final-yearproject.com | www. so do not get confused and think the public key is only for encryption and the private key is only for decryption.

3 TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms.finalyearthesis.5. For purposes of this paper. and further defined by their application and use. • • • Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information 16 . The three types of algorithms those are discussed in Figure 1.com | www.www.final-yearproject. they will be categorized based on the number of keys that are employed for encryption and decryption.com • • • • • • Works much slower than symmetric systems The following are examples of asymmetric key algorithms: RSA Elliptic Curve Cryptosystem (ECC) Diffie-Hellman El Gamal Digital Signature Standard (DSS) 1.

com Figure 1. The transformation requires a second input. 192 and 256 bits. and produces a corresponding output block of the same size.final-yearproject. after the Data Encryption Standard was found too weak because of its small key size and the technological advancements in processor power. Fifteen candidates were accepted and based on public comments the pool was reduced to five. 1. Encryption converts data to an unintelligible form called cipher-text. whose name is based on the names of its two Belgian inventors.4.4 INTRODUCTION TO AES The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data. It takes an input block of a certain size. usually 128 bits. which is a series of mathematical operations that use substitutions (also called S-Box) and permutations (P-Boxes) and their careful definition implies that each output bit depends on every input bit. AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information.www. which is the secret key with lengths of 128. One of these five algorithms was selected as the forthcoming standard: a slightly modified version of the Rijndael.finalyearthesis.5 Three types of cryptographic algorithms 1. Unlike DES. called plaintext. The Rijndael. AES is a substitution-permutation network. Original Message 128 Cipher Message 128 Original Message 128 Encryption Algorithm Decryption Algorithm 128 Secret Key Figure 1. decrypting the cipher-text converts the data back into its original form. which means that it works on fixed length group of bits. which are called blocks.com | www.6 Overall Representations of Encryption and Decryption The Advanced Encryption Standard.1 BLOCK CIPHER 17 . which is based on Feistel network. Joan Daemen and Vincent Rijmen is a Block cipher.

com When a block cipher algorithm is used for encryption and decryption purposes.www.com | www. AES is very hard to attack or crack when compared to DES. The algorithm dictates all the possible functions available to be used on the message.final-yearproject. input message of length 128 bits can be encrypted which is more than the DES and Triple DES. transposition. L. the message is divided into blocks of bits. The Expanded Key shall ALWAYS be derived from the Cipher Key and never be specified directly. 100-235) requires cryptographic protection • High speed ATM/Ethernet/Fiber-Channel switches Secure video teleconferencing Routers and Remote Access Servers • • 18 . which is later used for the actual operation. AES has the various secret key lengths such as 128 bits.5 APPLICATION • This standard may be used by Federal departments and agencies when an agency determines that sensitive (unclassified) information (as defined in P. 192 bits and 256 bits. whereas DES and Triple DES have fixed length of 64 bits. and it is the key that will determine what order these functions will take place. Advantages of AES: • • • • Through AES. because the attacker does not know these values. The cipher key is expanded into a larger key. basically impossible. Strong algorithms make reengineering or trying to figure out all the functions that took place on the message. • • 1. It has been said that the properties of a cipher should contain confusion and diffusion. Different unknown key values cause confusion. and diffusion is accomplished by putting the bits within the plaintext through many different functions so that they are dispersed throughout the algorithm. Block ciphers use diffusion and confusion in their methods.finalyearthesis. AES will be faster when compared to the Triple DES. These blocks are then put through substitution. and other mathematical functions.

final-yearproject.www. Such use is encouraged when it provides the desired security for commercial and private organizations. 19 .finalyearthesis.com • In addition.com | www. this standard may be adopted and used by non-Federal Government organizations.

A binary digit having a value of 0 or 1.www. Secret. Series of transformations that converts cipher text to plaintext using the Cipher Key. The AES algorithm is a block cipher that uses the same binary key both to encrypt and decrypt data blocks is called a symmetric key cipher.com ADVANCED ENCRYPTION STANDARD ALGORITHM 2. State and Round Key.finalyearthesis. is that there exists no attack better than key exhaustion to read an encrypted message. Routine used to generate a series of Round Keys from the Cipher Key.. efficient and exportable. the plain text of 128 bits is given as input to encryption block in which encryption of data is made and the cipher text of 128 bits is throughout as output. can be pictured as a rectangular array of bytes.No.com | www. such as the AES.g. adoptable to diverse application. Series of transformations that converts plaintext to cipher text using the Cipher Key. Sequence of binary bits that comprise the input. 1 2 3 4 5 6 7 8 9 10 11 Term AES Array Bit Block Byte Cipher Cipher Key Cipher text Inverse Cipher Key Expansion Plaintext Definition Advanced Encryption Standard An enumerated collection of identical entities (e. Data input to Cipher or output from the Inverse Cipher. 2.final-yearproject. having four rows and Nk columns.2 TERMINOLOGIES The various terminologies and their definitions used in this project were discussed in this section. output. an array of bytes). In this project work. A group of eight bits that is treated either as a single entity or as an array of 8 individual bits. Data output from the Cipher or input to the Inverse Cipher. A commonly accepted definition of a good symmetric key algorithm. S. The key length of 128 bits is used in process of encryption. cryptographic key that is used by the Key Expansion routine to generate a set of Round Keys. 20 . Blocks are also interpreted as arrays of bytes. The length of a sequence is the number of bits it contains.1 INTRODUCTION The main objectives of AES are high level security.

having four rows and Nb columns. Number of rounds. The round constant word array. Round keys are values derived from the Cipher Key Round Key using the Key Expansion routine. The length of a Round Key equals the size of the State (i. the Round Key length equals 128 bits/16 bytes). for Nb = 4. Nr = 10. Nb = 4.3 ALGORITHM PARAMETERS The different parameters and symbols used in this project were discussed in this section. they are applied to the State in the Cipher and Inverse Cipher. Parameters & Symbols AddRoundKey Definition Transformation in the Cipher and Inverse Cipher in which a Round Key is added to the State using an XOR operation. Nk = 4.com | www.final-yearproject. which is a function of Nk and Nb (which is fixed).www. Transformation in the Cipher that takes all of the columns of the State and mixes their data (independently of one another) to produce new columns. For this standard. Transformation in the Inverse Cipher that is the inverse of SubBytes. S.No.1 Terminologies and their Definitions Rijndael 2. Cipher Key. For this standard. Table 2.finalyearthesis. Intermediate Cipher result that can be pictured as a State rectangular array of bytes. A group of 32 bits that is treated either as a single entity Word or as an array of 4 bytes. Number of columns (32-bit words) comprising the State.com 12 13 14 15 16 Cryptographic algorithm specified in this Advanced Encryption Standard (AES).e.. For this standard. Non-linear substitution table used in several byte substitution transformations and in the Key Expansion S-box routine to perform a one-for-one substitution of a byte value. Function used in the Key Expansion routine that takes a four-byte word and performs a cyclic permutation. Transformation in the Inverse Cipher that is the inverse of ShiftRows. 21 1 2 3 4 5 6 7 8 9 10 11 InvMixColumns InvShiftRows InvSubBytes K MixColumns Nb Nk Nr Rcon RotWord . Transformation in the Inverse Cipher that is the inverse of MixColumns. Number of 32-bit words comprising the Cipher Key.

called state.4. Transformation in the Cipher that processes the State SubBytes using a nonlinear byte substitution table (S-box) that operates on each of the State bytes independently. the output block and the State is 128 bits. The different transformations operate on the intermediate results.finalyearthesis. Function used in the Key Expansion routine that takes a SubWord four-byte input word and applies an S-box to each of the four bytes to produce an output word. AES is a secret key encryption algorithm. the length of the Cipher Key.www. This is represented by Nb = 4. a sequence of eight bits treated as a single 22 . • • • AES works by repeating the same defined steps multiple times. where Nr = 10 when Nk = 4. which is 16 bytes. For the AES algorithm. The number of rounds is represented by Nr. 2. For the AES algorithm. which reflects the number of 32bit words (number of columns) in the State. Symbols and their Definitions 2. XOR Exclusive-OR operation. The key length is represented by Nk = 4.com 12 13 14 15 Transformation in the Cipher that processes the State ShiftRows by cyclically shifting the last three rows of the State by different offsets.com | www.2 DESCRIPTION The AES is an iterated block cipher with a fixed block size of 128 and a variable key length. which means that. Table 2. The state is a rectangular array of bytes and since the block size is 128 bits.final-yearproject. AES operates on a fixed number of bytes AES as well as most encryption algorithms is reversible. which reflects the number of 32-bit words (number of columns) in the Cipher Key. The basic unit for processing in the AES algorithm is a byte. the length of the input block. This means that almost the same steps are performed to complete both encryption and decryption in reverse order. The AES algorithm operates on bytes. which makes it simpler to implement. the number of rounds to be performed during the execution of the algorithm is dependent on the key size. is 128 bits.4. K. the rectangular array is of dimensions 4x4.4 AES ALGORITHM The AES is an iterated symmetric block cipher.2 Parameters. 2.1 SPECIFICATION For the AES algorithm.

For both its Cipher 23 .1 shows the top level blocks available in the AES algorithm. the row size is fixed to four and the number of columns varies. The cipher key is similarly pictured as a rectangular array with four rows. which are fixed: A key of size 128 has 10 rounds. The number of columns is the block size divided by 32 and denoted Nb.www. AES uses a variable number of rounds.com | www. denoted Nk. output and Cipher Key bit sequences which are processed as arrays of bytes that are formed by dividing these sequences into groups of eight contiguous bits to form arrays of bytes. is equal to the key length divided by 32. Also the basic inputs to the system and the outputs from the system were clearly represented. In the Rijndael version with variable block size. As per the standard.1 Top Level Block Diagram of AES Algorithm The above figure 2. The number of columns of the cipher key.finalyearthesis.final-yearproject. AES Input Data Data_Vali d Inpu t Dat a ROUND OUT 0 ROUND OUT 09 ⊕ DOUT VALID 0 Data Out (128) Round Last Round 01 Round 09 DOUT VALID 09 Dout Valid ROUND KEY 0 ROUND KEY 1 ROUND KEY 9 ROUND KEY LAST ROUND KEYS Key (128) Key _En CLK Key Reg KEY EXPANSION Figure 2.com entity. The input. 10 rounds for 128 bits key length were carried out in which the last round will be performed separately.

5 ENCRYPTION At the start of the Encryption or Cipher. the new set of keys will be generated in the Key Expansion block and is given to the each round as input. Initially the XOR operation should be performed between each byte of the input data and the input key and the output will be given as the input of the Round-1. The final State is then copied to the output.www. After an initial Round Key addition. with the final round differing slightly from the first Nr–1 rounds. that is. the input data and the input key were copied to the State array using the conventions. The round function is parameterized using a key schedule that consists of a one-dimensional array of four-byte words derived using the Key Expansion routine. the AES algorithm uses a round function that is composed of four different byte-oriented transformations:  Byte substitution using a substitution table (S-box)  Shifting rows of the State array by different offsets  Mixing the data within each column of the State array  Adding a Round Key to the State Above mentioned functions were carried out for every individual round and in the last round the third function. The individual transformations that carried out are listed below.finalyearthesis.com and Inverse Cipher. 2. the State array is transformed by implementing a round function 10 times.com | www. Mixing the data within each column of the State array will not be performed.final-yearproject. Based on the key provided.  SubBytes  ShiftRows  MixColumns  AddRoundKey 24 . Hence the last round is carried out separately.

2.5.1 AES CIPHER FUNCTIONS The block diagram shown in the figure 2. which does not include the MixColumns transformation.2 represents the functions carried out in each round and the functions performed in the last round.www. Thus the cipher text.com Table 2. All Nr rounds are identical with the exception of the final round.com | www.3 represents the operation performed at each round and its order in which each one is carried out. encrypted data will be achieved at the end of the final round.3 AES encryption cipher using a 16 byte key Table 2. that is.finalyearthesis.final-yearproject. 25 .

finalyearthesis.2 Block Diagram for AES Round and AES Last Round 26 .com Figure 2.final-yearproject.com | www.www.

com | www.1 having a value of {ed}. operating on each byte of the state independently. For example. if S1. Each byte of the state is then substituted by the value in the S-Box whose index corresponds to the value in the state.1 = {53}.3 illustrates the effect of the SubBytes transformation on the State clearly. 2. This would result in S1. pre-calculated forms are used. The substitution table (S-Box) is invertible and is constructed by the composition of two transformations:  Take the multiplicative inverse in Rijndael's finite field  Apply an affine transformation Since the S-Box is independent of any input.1.5. if enough memory (256 bytes for one S-Box) is available.1.final-yearproject.3 SubBytes Operation of the State The S-Box for the Encryption is given in the Appendix-1 for the reference.com 2. then the substitution value would be determined by the intersection of the row with index ‘5’ and the column with index ‘3’.www. 27 . This is not a bit wise shift. A byte that was in the second position may end up in the third position after the shift.finalyearthesis. The S-Box will be of a 16X16 matrix in which the row is represented as “x” and the column is represented by “y”.5. Figure 2. Figure 2.2 ShiftRows Transformation Arranges the state in a matrix and then performs a circular shift for each row. The S-box used in the SubBytes transformation is presented in hexadecimal form and hence the substitution value would be determined by the intersection of the row and the column.1 SubBytes Transformation The SubBytes operation is a non-linear byte substitution. The circular shift just moves each byte one space over. These values can be referred in the S-Box present in the Appendix-1.

5. Each value in the column is eventually multiplied against every value of the matrix (16 total multiplications).finalyearthesis.www. each row of the state is cyclically shifted to the left. 2.com | www. parts of the state are multiplied against which parts of the matrix. The transformation operates on the State column-by-column. The multiplication is performed one column at a time (4 bytes).com The circular part of it specifies that the byte in the last position shifted one space will end up in the first position in the same row.  The 3rd row is shifted 2 positions to the left. Figure 2.  The 1st row is shifted 0 positions to the left. The shifting operation will be carried out horizontally as follows.4 ShiftRows Operation of the State Figure 2. while the “lowest” bytes wrap around into the “top” of the row.1. Hence in this ShiftRows operation.  The 2nd row is shifted 1 positions to the left. depending on the row index. There fore 4 bytes input.3 MixColumns Transformation In MixColumns operation. 16 multiplications 12 XORs and 4 bytes 28 .final-yearproject.4 illustrates the ShiftRows transformation. The results of these multiplications are XORed together to produce only 4 result bytes for the next state.  The 4th row is shifted 3 positions to the left. The sate is arranged into a 4 row table (as described in the Shift Row function). This has the effect of moving bytes to “lower” positions in the row.

The first result byte is calculated by multiplying 4 values of the state column against 4 values of the first row of the matrix. The result of each multiplication is then XORed to produce 1 Byte. The second result byte is calculated by multiplying the same 4 values of the state column against 4 values of the second row of the matrix.www. The pre-defined 4X4 matrix value and the first column of the ShiftRows state are represented as follows. The third result byte is calculated by multiplying the same 4 values of the state column against 4 values of the third row of the matrix. The fourth result byte is calculated by multiplying the same 4 values of the state column against 4 values of the fourth row of the matrix.finalyearthesis. The result of each multiplication is then XORed to produce 1 Byte. Hence putting it all together. the first column will include state bytes 1-4 and will be multiplied against the matrix in the following manner: 29 . until there are no more state columns.com output.com | www. The multiplication is performed one matrix row at a time against each value of a state column.final-yearproject. The result of each multiplication is then XORed to produce 1 Byte. The result of each multiplication is then XORed to produce 1 Byte. for the multiplication. This procedure is repeated again with the next column of the state.

The second time Add Round Key is executed.finalyearthesis. Each of the 16 bytes of the state is XORed against each of the 16 bytes of a portion of the expanded key for the current round. So once the first 16 bytes are XORed against the first 16 bytes of the expanded key then the expanded key bytes 1-16 are never used again.www. a Round Key is added to the State by a simple bitwise XOR operation. 30 .com | www. 2.4 AddRoundKey Transformation In the AddRoundKey transformation. The Expanded Key bytes are never reused.5 illustrates the MixColumns transformation Figure 2.com Figure 2.final-yearproject.5 MixColumns operates on the State column-by-column Hence the pictorial representation of the MixColumns operation represented above gives the clear view on this transformation.1. The first time Add Round Key gets executed.5. The next time the Add Round Key function is called bytes 17-32 are XORed against the state.

Figure 2. 2. The expanded key is used in the Add Round Key function defined above. The Key Expansion generates a total of Nb (Nr + 1) words: the algorithm requires an initial set of Nb words. Each time the Add Round Key function is called a different part of the expanded key is XORed against the state. The resulting key schedule consists of a linear array of 4-byte words. The graphical representation of this operation can be seen below.final-yearproject.finalyearthesis.com This process will be continued until the operation ends. K.com | www.5. and performs a Key Expansion routine to generate a key schedule. and each of the Nr rounds requires Nb words of key data. In order for this to work the Expanded Key must be large enough so that it can provide key material for every time the Add Round Key function is executed.6 AddRoundKey Operation The above figure 2.6 represents the clear view on the AddRoundKey transformation which takes place between the results of MixColumns and KeyExpansion and gives the resultant matrix that is used as the input to the next reound. The Add Round Key function gets called for each round as well as one extra time at beginning of the algorithm. 31 .www. The AES algorithm takes the Cipher Key.2 KEY EXPANSION Prior to encryption or decryption the key must be expanded.

2. If the key is 16 bytes long the first 16 bytes of the expanded key will be the same as the original key.www. For an 128-bit key.3. Hence an 128 bit key is expanded to an 176 byte key. The amount of rounds of the key expansion algorithm depends on the key size. The key expansion routine executes a maximum of 4 consecutive functions. Table 2. the number of rounds and the ExpandedKey size.com Since the key size is much smaller than the size of the sub keys. Each round adds 4 bytes to the Expanded Key. the key is actually “stretched out” to provide enough key space for the algorithm. These functions are:  ROT WORD  SUB WORD  RCON  XOR Rot Word (4 bytes) This does a circular shift on 4 bytes similar to the Shift Row Function. There is a relation between the cipher key size. which equals 176 byte. there is one initial AddRoundKey operation plus there are 10 rounds and each round needs a new 16 byte key. An iteration of the above steps is called a round.final-yearproject.com | www.4.3.4 Key Expansion The first bytes of the expanded key are always equal to the key.1.finalyearthesis.4 which will be rotated and obtain the result as 2. let’s take a sequence 1. For Example. If the key size is 32 bytes then the first 32 bytes of the expanded key will be the same as the original key. therefor we require 10+1 RoundKeys of 16 byte. The 4byte word is cyclically shifted 1 byte to the left. 32 . With the exception of the first rounds each round also takes the previous rounds 4 bytes as input operates and returns 4 bytes.

w[i-1]. Steps in Key Expansion • The first n bytes of the expanded key are simply the cipher key (n = the size of the encryption key) The rcon value i is set to 1 Until we have enough bytes of expanded key. It can be seen that the first Nk words of the expanded key are filled with the Cipher Key. Round Number 1 2 3 4 5 6 7 8 9 10 Rcon Rcon(1) Rcon(2) Rcon(3) Rcon(4) Rcon(5) Rcon(6) Rcon(7) Rcon(8) Rcon(9) Rcon(10) Table 2. w[i-Nk].final-yearproject.com Sub Word (4 bytes) The Key Schedule uses the same S-Box substitution as the main algorithm body.www. we do the following to generate four bytes    • • we use a temporary 4-byte word called t we assign the previous 4 bytes to t we perform the key schedule core on t. Rcon[i]. w[i]. and the word Nk positions earlier. This step applies the S-box value substitution as described in SubBytes function to each of the 4 bytes in the argument. with i as Rcon value 33 . this varies depending on the key size) 1. Every following word. For words in positions that are a multiple of Nk. a transformation is applied to w[i-1] prior to the XOR. The S-Box is present in the Appendix-1 for the reference. Rcon Basically this function returns a 4 byte value based on the following table. followed by an XOR with a round constant.finalyearthesis. we do the following to generate n more bytes of expanded key (please note once again that "n" is used here.com | www.5 Rcon Table Value 01000000 02000000 04000000 08000000 10000000 20000000 40000000 80000000 1B000000 36000000 The result of the SubWords should be XORed with the above mentioned Rcon values with respect to the corresponding round number. is equal to the XOR of the previous word.

the predefined values which used for the 34 . for n=16. we generate: 4 + 3*4 bytes = 16 bytes per iteration. InvMixColumns (state XOR Round Key) = InvMixColumns (state) XOR InvMixColumns (Round Key) The above equation represents the basic difference in the process of the AES Encryption and Decryption algorithm.1 AES INVERSE CIPHER FUNCTIONS The AES Inverse Cipher Function has the same set of transformations as in the encryption but in the inverse form.finalyearthesis. 2.final-yearproject. that is.www. we do the following x times to generate the next x*4 bytes of the expandedKey (x = 3 for n=16)   we assign the previous 4-byte word to t we XOR t with the 4-byte word n bytes before in the expandedKey (where n is once 16 bytes) Hence.6. The encrypted data will be decrypted and the original plain message will be achieved as the output of the decryption block.com   we increment i we XOR t with the 4-byte word n bytes before in the expandedKey (where n is once 16 bytes) 2. The individual transformations used in the Inverse Cipher were listed as follows. 2.com | www.6 DECRYPTION The cipher text of 128 bits and the same key of 128 bits will be given as the input to the decryption block. The Cipher transformations can be inverted and then implemented in reverse order to produce a straightforward Inverse Cipher for the AES algorithm.  InvShiftRows  InvSubBytes  InvMixColumns  AddRoundKey Here also 10 rounds will be carried out and the only difference in the decryption block with respect to the algorithm flow is that the result of the KeyExpansion of each round will also be given to the MixCoulmns operation after which the AddRoundKey transformation should be carried out.

6.Nb) bytes. These values can be referred in the S-Box present in the Appendix-1.1 InvSubBytes Transformation InvSubBytes is the inverse of the byte substitution transformation. where the shift value shift(r.2 InvShiftRows Transformation The InvShiftRows is the inverse of the ShiftRows transformation.com each transformation will be different.www. 2. This would result in S1.6.1 = {53}.1. r = 0. is not shifted. The bottom three rows are cyclically shifted by Nb .final-yearproject.7 InvShiftRows Operation of the State The illustration figure will gives the clear view on this InvShiftRows transformation. if S1. For example. the InvShiftRows transformation proceeds as follows. The inverse S-Box is present in the Appendix-1 for the reference.Nb) depends on the row number.1. The bytes in the last three rows of the State are cyclically shifted over different numbers of bytes (offsets).1.shift(r.3 InvMixColumns Transformation 35 .6. Figure 2. In this section we can discuss about each transformations in detail.com | www. The transformation of this process will be carried out in the similar way as in the SubBytes in the encryption such as the substitution value would be determined by the intersection of the row and the column. The first row.finalyearthesis. in which the inverse S-Box is applied to each byte of the State. Specifically. then the substitution value would be determined by the intersection of the row with index ‘5’ and the column with index ‘3’. 2. 2.1 having a value of {50}.

com The InvMixColumns is the inverse of the MixColumns transformation. As a result of this multiplication. Similarly the forward cipher transformations were combined together to form a Round and combining all the 10 Rounds will constitute a complete AES Encryption and Decryption algorithm.4 Inverse of the AddRoundKey Transformation The Inverse of the AddRoundKey is similar to the AddRoundKey in the encryption process. The predefined 4X4 matrix value and the first column of the InvShiftRows state are represented as follows.6.finalyearthesis. for the multiplication. 2. Thus the 4X4 matrix will be obtained which will be given as the input to the next transformation. the only thing left to do is putting it all together in one inversed main algorithm. 2. Each element in the resultant matrix of MixColumns and resultant matrix of KeyExpansion will be XORed and the resultant matrix of AddRoundKey will be given as the input to the next round.com | www.1. 36 . InvMixColumns operates on the State considering column-by-column.7 SUMMARY • Basic Terminologies and the Parameters used in this Algorithm have been discussed at the earlier section.final-yearproject. the four bytes in a column are replaced by the following. Hence all the inverse cipher transformations were discussed above and finally.www.

www.final-yearproject.com | www.finalyearthesis.com


Basic introduction and description on the AES Algorithm and its Top Level Block Diagram was discussed. Discussed on AES Encryption Process which includes AES Cipher Functions and its transformation procedure. Steps involved in the Key Expansion process were given. AES Decryption Process which includes AES Inverse Cipher Functions was explained.


37

www.final-yearproject.com | www.finalyearthesis.com

AES ALGORITHM IMPLEMENTATION

3.1 INTRODUCTION
The AES is a block cipher. This means that the number of bytes that it encrypts is fixed. AES can currently encrypt blocks of 16 bytes at a time; no other block sizes are presently a part of the AES standard. If the bytes being encrypted are larger than the specified block then AES is executed concurrently. This also means that AES has to encrypt a minimum of 16 bytes. If the plain text is smaller than 16 bytes then it must be padded. Simply said the block is a reference to the bytes that are processed by the algorithm. The current condition of the block will be defined by the State. That is the block of bytes that are currently being worked on. The state starts off being equal to the block, however it changes as each round of the algorithms executes. Plainly we can say that this is the block in progress. The Advanced Encryption Standard Algorithm which includes both Encryption and Decryption are implemented using VHDL and their functionality will be verified in the ModelSim Tool with proper test cases.

3.2 IMPLEMENTATION REQUIREMENTS
During the implementation, there are different parameters are required which are discussed as follows. Input Data Length Requirements An implementation of the AES algorithm should have the input data (Plain Text) length of 128 bits which acts as the primary input to the both Encryption and Decryption block. Key Length Requirements In this AES implementation the input key chosen to be as 128 bits from the various key lengths available. This also acts as the primary input to the both Encryption and Decryption block. Keying Restrictions No weak or semi-weak keys have been identified for the AES algorithm and there is no restriction on key selection.
38

www.final-yearproject.com | www.finalyearthesis.com

Parameterization of Block Size and Round Number Here since the input data and the input key lengths are 128 bits, the block size will be of Nb = 4 and the Round Number will be of Nr = 10. The Round Number will be taken with respect to the AES Algorithm Standard.

3.3 NOTATION AND CONVENTIONS
The different notations and conventions were used in this implementation of AES Algorithm. HEX Hexadecimal defines a notation of numbers in base 16. This simply means that the highest number that can be represented in a single digit is 15, rather than the usual 9 in the decimal (base 10) system. Hence all the values were represented in the Hexadecimal number system. Inputs and Outputs The input and output for the AES algorithm each consist of sequences of 128 bits (digits with values of 0 or 1). These sequences will sometimes be referred to as blocks and the number of bits they contain will be referred to as their length. The Cipher Key for the AES algorithm is a sequence of 128 bits. Other input and output lengths are not permitted by this standard. The bits within such sequences will be numbered starting at zero and ending at one less than the sequence length (block length or key length). The number i attached to a bit is known as its index and will be in one of the ranges 0 ≤ i < 128 depending on the block length and key length (specified above). Bytes The basic unit for processing in the AES algorithm is a byte, a sequence of eight bits treated as a single entity. The input, output and Cipher Key bit sequences are processed as arrays of bytes that are formed by dividing these sequences into groups of eight contiguous bits to form arrays of bytes. For an input, output or Cipher Key denoted by a, the bytes in the resulting array will be referenced using one of the two forms, “an” or a[n], where n will be in one of the following ranges.
 Key length = 128 bits, 0 ≤ n < 16  Block length = 128 bits, 0 ≤ n < 16

39

www.final-yearproject.com | www.finalyearthesis.com

State Internally, the AES algorithm’s operations are performed on a twodimensional array of bytes called the State. The State consists of four rows of bytes, each containing Nb bytes, where Nb is the block length divided by 32. In the State array denoted by the symbol s, each individual byte has two indices, with its row number r in the range 0 ≤ r < 4 and its column number c in the range 0 ≤ c < Nb. This allows an individual byte of the State to be referred to as either sr,c or s[r,c]. For this standard, Nb =4, i.e., 0 ≤ c < 4. At the start of the Cipher and Inverse Cipher, the input (the array of bytes in0, in1, … in15) will be copied into the State array. The Cipher or Inverse Cipher operations are then conducted on this State array, after which its final value is copied to the output will be the array of bytes out0, out1, … out15.

Figure 3.1 State Array Input and Output Hence, at the beginning of the Cipher or Inverse Cipher, the input array, in, is copied to the State array according to the scheme: s[r, c] = in[r + 4c] array out as follows: out[r + 4c] = s[r, c] State as an Array of Columns The four bytes in each column of the State array form 32-bit words, where the row number r provides an index for the four bytes within each word. The state can hence be interpreted as a one-dimensional array of 32 bit words (columns), w0...w3, where the column number c provides an index into this array. Hence the State can be considered as an array of four words, as follows: w0 = s0,0 s1,0 s2,0 s3,0
40

for 0 ≤ r < 4 and 0 ≤ c < Nb,

And at the end of the Cipher and Inverse Cipher, the State is copied to the output for 0 ≤ r < 4 and 0 ≤ c < Nb.

w2 = s0,2 s1,2 s2,2 s3,2

denoted by a(x) ⊗ b(x).1 s3.4 MATHEMATICAL PRELIMINARIES All bytes in the AES algorithm are interpreted as finite field elements that can be added and multiplied.www.com | www. The addition is performed with the XOR operation (denoted by ⊕). but these operations are different from those used for numbers.1 s1.1 w3 = s0. matrix multiplication has to be performed. XOR operation has performed.finalyearthesis.final-yearproject. two hexadecimal numbers have been taken and the addition. The multiplication of the above matrix can be performed in the following manner.3 3.3 s2. {57} ⊕ {83} = {d4} Multiplication The modular product of a(x) and b(x). is given by d(x) which are given as follow. that is.1 s2.com w1 = s0. The matrix of 4X4 is taken and is multiplied with the single column.3 s1. 41 .3 s3. that is. Addition The addition of two elements in a finite field is achieved by “adding” the coefficients for the corresponding powers in the polynomials for the two elements. For example.

the specification and the architecture must be identified.finalyearthesis. Then the RTL 42 .www. Figure 3.com 3. Based on this survey.5 GENERAL IMPLEMENTATION FLOW The generalized implementation flow diagram of the project is represented as follows.final-yearproject.com | www.2 General Implementation Flow Diagram Initially the market research should be carried out which covers the previous version of the design and the current requirements on the design.

6 IMPLEMENTATION The project deals with both the Encryption and Decryption algorithm and its operation. from which different RoundKeys can be derived. the constraints can be given in order to optimize the design. 3. • • The given input data and key will be converted to a State and Word for the further transformation.www. The functional verification should meet the intended architecture and should pass all the test cases. that is. Once the functional verification is clear. For accessing the State. the RTL model will be taken to the synthesis process. Once the mapping is done.finalyearthesis. whose size is 128 bits into a larger key.com | www. KeyExpansion • The implementation of AES with the Cipher Key expansion. the gates were placed and routed.final-yearproject. that is to enlarge our input cipher key. that is. 4X4 array. Three operations will be carried out in the synthesis process such as  Translate  Map  Place and Route The developed RTL model will be translated to the mathematical equation format which will be in the understandable format of the tool. it should be simulated and verified for all the cases. Once the RTL modeling is done. system is either in encryption or decryption. 43 . two loops have been used with the naming convention of ‘i’ and ‘j’. Finally the BIT MAP file will be generated that has the design information in the binary format which will be dumped in the FPGA board. So a signal “Enc_Dec” is declared which will represents the operation of the system.com modeling should be carried out in VHDL with respect to the identified architecture. RTL Modeling • The implementation of the encryption and decryption should be differentiated and the system must know which one it should perform. mapped to the hardware. Before these processes. These translated equations will be then mapped to the library that is.

• The implementation of Rcon is done with respect to the counter.www. we need to apply several operations a number of times. on which Rcon depends. it is known already that Rotate takes a word (a 4byte array) and rotates it 8 bit to the left. The parameters are the 4-byte word and the iteration counter. 44 . AES Encryption • To implement the AES encryption algorithm. Additionally.com • The S-Box values can either be calculated on-the-fly to save memory or the pre-calculated values can be stored in an array. As you can see in the pretty big list in the theory about the Rijndael Key Expansion.com | www. Since 8 bit correspond to one byte and the array type is character (whose size is one byte). it's only a table-lookup that returns the value in the array whose index is specified as a parameter of the function. rotating 8 bit to the left corresponds to shifting cyclically the array values one to the left. which is. • From the theoretical part. we proceed exactly the same way as for the key expansion. The counter is set with respect to round number and the Rcon value will be calculated by performing the multiplication operation between the input value and constant value. Hence this KeyExpansion will be calculated and each 16 bytes will be given to each Round.final-yearproject. In the implementation of the 2 S-Boxes.finalyearthesis. that is. The functions take as parameter a state. KeyExpansion function basically needs only two things: o o Input cipher key Output expanded key • All the operations should be applied one after the other on the 4-byte word which does the complete operation. as already explained. one for the encryption and one for the decryption whose values will store the values in an array. a rectangular 4x4 array of bytes. instead of accessing the values immediately from the program. There are 2 S-Boxes. • The Key Expansion is where it all comes together. it got wrap a little function around which makes for a more readable code and would allow us to add additional code later on. depending on they key size. we first implement the basic helper functions and then move up to the main loop.

Please note that we use our expanded key backwards. shiftRow does nothing but to shift a 4-byte array by the given offset. while addRoundKey stays the same. • Finally. the only difference is the multiplication matrix is different. all we have to do is put it all together. the only thing left to do is putting it all together in one inversed main algorithm. Here simply XOR each byte of the key to the respective byte of the state • The MixColumns implementation was carried out by first one would generate a column and then call mixColumn. 45 . AES Decryption • For the AES Decryption. one AES round is the one which has to apply all four operations on the state consecutively.finalyearthesis.com | www. Our parameters are the input plaintext. the key of size keySize and the output. encrypt the state using our main AES body and finally un-map the state again in the correct order in order to get the 16 byte output ciphertext. which would then apply the matrix multiplication. they are nearly identical to their encryption except that the rotation this time is to the right and that we use the inversed S-Box for the substitution.final-yearproject. • This is the part that involves the roundKey was generated during each iteration. As for the inversed mixColumns operation. we calculate the number of rounds based on they keySize and then the expandedKeySize based on the number of rounds. expand the key using our key schedule. Then we have to map the 16 byte input plaintext in the correct order to the 4x4 byte state (as explained above). • As you can see. the key schedule stays the same. First.com • The shiftRows function iterates over all the rows and then call shiftRow with the correct offset. the ExpandedKey and the number of rounds as parameters and then call the operations one after the other. shiftRows and mixColumns. starting with the last 16 bytes and then moving towards the start.www. • As you can see in the theory. • Finally. the only operations we need to implement are the inversed subBytes. All we have to do is take the state.

46 .com | www. The functional verification was carried out for all the test cases and hence the RTL modeling is taken to the synthesis process using the Xilinx tool. • • • General implementation flow of the design were represented and explained in order to understand the proper flow. Synthesis Process • The synthesis process will be carried out by giving the RTL model as the input to the tool. a separate module was used since it doesn’t have the MixColumns operation. From first round to ninth round the same module can be instantiated and for the last round.finalyearthesis.7 SUMMARY • The implementation requirement which includes the primary input and primary output of the design and the proper notation and conventions were discussed.com • The separate modules were written for the Last Round and other Rounds.final-yearproject. the design has been implemented.www. Implementation details have been discussed which includes implementation style of each process. 3. This RTL modeling requires Virtex-2 board for the implementation. • Hence the Virtex-2 board is selected and the whole process flow will be carried out in the Xilinx tool and finally the BIT FILE is generated which is used for dumping on the board. Finally the synthesis process was discussed which gives that in which FPGA family.

std_logic_unsigned. function BITS2STATE(INPUT:std_logic_vector(0 to 127)) return STATE_TYPE. type EXP_KEY_TYPE is array (0 to (11*NB)-1.std_logic_1164. type STATE_TYPE is array (0 to NB-1.com | www. function SUBWORD(KEYWORD : WORD. function BITS2KEY(INPUT:std_logic_vector(0 to 127)) return KEY_TYPE.ENC_DEC:std_logic) return EXP_KEY_TYPE. function MIXCOL(INPUT_VEC:STATE_TYPE.ROUND_NUM:integer) return STATE_TYPE.final-yearproject.0 to NB-1) of integer range 0 to 15. function KEY_EXP(KEY_IN:KEY_TYPE.finalyearthesis. package AES_PACK_128 is constant NB : integer := 4.ROUNDKEY:STATE_TYPE) return STATE_TYPE.ENC_DEC:std_logic) return WORD. type XARRAY is array (0 to 7 ) of BYTE.0 to NB-1) of BYTE.0 to 15) of BYTE.all. function DOT(IN1.0 to NB-1) of BYTE. 47 .ENC_DEC:std_logic) return STATE_TYPE.www.ENC_DEC:std_logic)return STATE_TYPE.ENC_DEC:std_logic) return STATE_TYPE. use ieee.CODING -================================================================= ============= -- -- -============================ --PACKAGE OF FUNCTIONS REQUIRED FOR AES ALGORITHM -================================================================= ============= -library ieee.1 ADVANCED ENCRYPTION STANDARD type ROW_COL_TYPE is array (0 to NB-1.0 to NB-1) of BYTE. type KEY_TYPE is array (0 to 3. function STATE2BITS(INPUT:STATE_TYPE) return std_logic_vector. function WORD2STATE(INPUT:EXP_KEY_TYPE. function XTIME(INPUT:BYTE) return BYTE. 4.com 4.all. NK:integer. function ADDROUNDKEY(INPUT_VEC. function SHIFTROWS(INPUT_VEC:STATE_TYPE.IN2:BYTE) return BYTE. type S_TYPE is array (0 to 15. subtype BYTE is std_logic_vector(7 downto 0). type WORD is array (0 to NB-1) of BYTE. function ROTWORD(KEYWORD : WORD) return WORD. use ieee. end AES_PACK_128. function SUBBYTES(INPUT_VEC:STATE_TYPE.

("01111011").{IN1}.com | www.com package body AES_PACK_128 is -. variable OUTPUT:BYTE. ("00101011"). -.{IN1}.0 -- 48 .{IN1}. end if.final-yearproject. -. ("01110111"). ("11110010"). ("11010111").{20} X(6) := XTIME(X(5)). -.{IN1}. ("11000101"). -.{40} X(7) := XTIME(X(6)).{IN1}.************** **************** -FUNCTION FOR --m(x) = {01}{1b} DOT MULTIPLICATION function DOT(IN1. -. -. variable OUTPUT : BYTE.{10} X(5) := XTIME(X(4)). ("10101011").{08} X(4) := XTIME(X(3)). ("11111110"). begin if (INPUT(7)= '1') then OUTPUT := (INPUT(6 downto 0) & '0') xor MX. else OUTPUT := (INPUT(6 downto 0) & '0').{80} OUTPUT := (others =>'0'). -.************** **************** -FUNCTION FOR MULTIPLY BY {02} MOD {01}{1b} function XTIME(INPUT:BYTE) return BYTE is constant MX:BYTE := "00011011". ("01110110")).{04} X(3) := XTIME(X(2)).ENC_DEC:std_logic)return STATE_TYPE is -0 1 2 3 4 5 6 7 8 9 a b c d e f constant S_BOX : S_TYPE :=((("01100011"). ("01100111"). end DOT. ("01101011"). -. -.IN2:BYTE) return BYTE is variable X : XARRAY.{01} X(1) := XTIME(X(0)). ("00110000").{IN1}. ("01111100").{02} X(2) := XTIME(X(1)). -************ FUNCTION CALCULATION ************* -FOR SUBBYTE / INVERSE SUBBYTES function SUBBYTES(INPUT_VEC:STATE_TYPE.finalyearthesis. end loop.{IN1}. return OUTPUT. -. return OUTPUT. ("01101111"). end XTIME.Initialize OUTPUT Accumulator to zero. -.{IN1}.www. begin X(0) := IN1. ("00000001"). for i in 7 downto 0 loop if(IN2(i) = '1') then OUTPUT := OUTPUT xor X(i). end if.

("00110010"). ("00110110").a -(("11100111"). ("11101011"). ("00010010"). ("01110001"). ("01101110"). ("01010110"). ("01001100").4 -(("01010011"). ("01100101"). ("00010100"). ("10101101"). ("01111101"). ("01000110"). ("10101001"). ("00011001"). ("00100001"). ("10100000"). ("10000001"). ("11010010")). ("01011100"). ("11110111").b -(("10111010"). ("00110111"). ("11111100"). ("00010000"). ("01000100"). -. ("10101010"). ("10000011"). ("11011011")). ("11100101"). ("00101110"). ("01010000"). ("10011010"). ("10001000"). ("11100100"). ("11001100"). -. ("00101001"). ("00010111"). ("01011111"). ("01001101"). ("01110010"). ("10110100"). ("10000010"). ("00111000"). ("10010000"). ("11010101"). ("00010101")). -. ("11111001"). ("10011100"). -.com (("11001010"). ("01011001"). ("11111011"). ("10010010"). ("11110100"). ("10010110"). ("00001010"). ("01011010"). ("01011101"). ("10100011"). ("11010100"). ("01101100"). ("10110001"). ("00011100"). ("11000010"). ("01001110"). ("00111111"). ("01110101")). ("01101101"). ("00011010").finalyearthesis. ("11100010"). ("00100101"). ("11110001"). ("00111011"). ("00110011"). ("10100010"). ("00000111"). ("10000100")). ("01000000"). ("01000111"). ("11111111"). ("11010110"). ("10011101"). ("01111010"). ("10100100"). ("10101111"). ("10111000"). ("01111111"). ("10010001"). ("00110001"). ("11000110"). ("01001001"). ("01011000"). 49 . ("01010010"). ("11011110"). ("10010011"). ("10000000"). ("01110011")).com | www. ("11101000"). -. ("00100010"). ("11101111"). ("01111110"). ("11011010"). ("00000101"). ("01011011"). ("10101000")).8 -(("01100000"). ("10100101"). ("11110011"). ("11111010"). ("10000101"). ("00011000"). ("11101010").2 -(("00000100"). ("11101110"). ("00100100"). ("11101100").9 -(("11100000"). ("00001100"). -. ("11001000"). -. ("01111001")). ("11110000"). -. ("00101100"). ("00001011"). ("10010101"). ("00011011").6 -(("01010001"). ("00111101"). ("00000110"). ("01011110"). ("00111001").3 -(("00001001"). ("10110011"). -. ("11010001"). ("11011000"). ("10100110"). -. ("11011101"). ("00100011"). ("10001111"). ("11001001"). ("11001111")). ("00100111").7 -(("11001101"). ("10010111"). ("11110101"). ("00101010"). ("01100010"). ("11000011"). ("00000010"). ("01100100"). ("01110100"). ("11010011"). ("11100011"). ("11111101"). ("10110110"). ("00100000"). ("10011111").www. ("01000101"). ("11000111"). ("01101010"). ("00111100"). ("10001101"). ("00011111"). ("10101110"). ("11011100"). ("01000011"). ("01001010"). ("01001111"). ("11001011"). -. ("10110010").1 -(("10110111"). ("11000100"). ("00001000")). ("00100110"). ("11101101"). ("10101100"). ("01111000"). ("00101111"). ("10100111"). ("10111100"). ("10111110").5 -(("11010000").final-yearproject. ("00010011"). ("00110100"). ("00111010"). ("11000000")). ("00000000").

("10100010"). ("11100011").3 -(("01110010"). ("00101110").f --0 1 2 3 4 5 6 7 8 9 a b c d e f constant INV_S_BOX : S_TYPE :=((("01010010"). ("11110110"). ("10111000"). ("11110110"). ("00111101"). ("01001000"). ("11111010"). ("10010100"). ("00000000"). ("10001100"). ("01000110"). ("10010010")). ("01001001"). -. -. ("10001010")). -. ("10111111"). ("01000000"). ("00100011"). ("00001111"). ("00001110").d -(("11100001"). ("11100100"). ("00101000"). ("11111000"). ("10100101").com ("01001011"). ("11100110"). ("01001110")). ("10000110"). ("00001010"). ("10011000"). ("11110111"). ("11011000"). ("00111000"). ("10110110"). ("00110010"). ("11111101"). ("10101011"). ("11010100"). ("10111001"). ("10111011"). ("11010011"). ("11010111"). ("01100001"). ("10011011"). ("11011110"). ("01000100"). ("00000101"). ("11101101"). ("11101110").5 -(("10010000"). ("11110011"). ("01000001"). ("00110000"). ("10011001"). ("10010100"). ("00001011"). ("01000010"). ("01111011"). -. ("10111111"). ("10100111"). ("00010101"). ("00100100"). ("00110101"). -.4 -(("01101100"). ("01100110"). ("10010101"). ("10001011"). ("01101000"). ("10110000"). ("11111000"). ("01110000"). ("10000111"). ("10001011"). ("11010001"). ("11000010").www.1 -(("01010100"). ("10100110"). ("00001101"). ("11011001"). ("01101101"). ("10110101").2 -(("00001000"). ("10001110"). ("00101111"). ("11000100"). ("11011001"). ("10000010"). ("01100101"). -. ("10110011"). ("11111011")). ("00111001"). ("11001100"). ("00101101"). ("01001000"). ("10011000"). ("10000111"). ("00100101")).finalyearthesis. ("00010110"). ("01011011"). ("01101010"). ("00000011"). ("10000110"). ("01010111"). -. ("01000010"). ("11010101"). ("01110110"). ("01010101"). ("10011110")). ("11111111"). -. ("01101001"). ("10111001"). ("11001011")). ("00001001"). -. ("11101001"). ("00101000"). ("00010001"). ("01011100"). ("10100001"). ("00111110").6 -- 50 . ("10111101"). ("01010100"). ("11000011"). ("10011101"). ("10110010"). ("01011000"). ("11001110"). ("01010000"). ("10001101"). ("10011011"). -. ("10011110"). ("11101001"). ("10100001"). ("10000100")). ("00011101"). ("01010111"). ("10001110"). ("01100110"). ("11011010"). ("00110110").final-yearproject. ("11000001"). ("01000011"). ("11011111")).com | www.e -(("10001100"). ("00000110")). -.c -(("01110000"). ("10100100"). ("00110100"). ("10000001"). ("10100011"). ("00011110").0 -(("01111100"). ("00010110"))). ("01011110"). ("10001001"). ("01011101"). ("10111100"). ("01101000"). ("01000101"). ("01100100"). ("01001100").

com | www. -. ("10111101"). ("00011100").j):= conv_integer(INPUT_VEC(i. ("10111011"). ("01111101"))). ("11101011"). ("00000111").c -(("01100000"). ("01101110")). -. ("00110001"). ("11100010"). ("10110111"). ("01101011")). ("00001100"). ("10101110"). ("11111001"). ("10001000"). ("11011011").8 -(("10010110"). ("01110101"). ("10110100"). ("10010011").a -(("11111100"). ("10001010"). ("10011010"). ("10001001"). ("00101001"). ("11100111"). ("11010110"). ("01111110"). COL(i. ("01010110"). ("00110101"). ("11100001"). ("01110011")).7 -(("00111010"). ("01011001"). ("00001101"). ("10111010"). ("10101101"). ("11000000"). ("10110001").j)(7 downto 4)). variable ROW : ROW_COL_TYPE. variable OUTPUT : STATE_TYPE. ("00100010"). ("11111110"). ("10101000"). ("11001111"). ("11110100")). ("10011111"). ("01000001"). ("11000101"). ("10010111"). ("00100000"). ("00011010"). ("00101011"). ("00011101"). ("00111110"). ("00011000"). ("11011111"). ("01001111"). ("10000000"). ("01100010").e -(("00010111"). ("01111000"). end loop. ("10101111"). ("01011010"). ("11011100"). ("01010101"). ("11110101").9 -(("01000111"). begin for i in 0 to 3 loop for j in 0 to 3 loop ROW(i. ("10000101"). ("00001110"). ("00111011"). ("00011110"). ("11101000").final-yearproject. ("10101001"). ("11000111"). ("00111100"). ("11110001").www. ("00100001"). ("00010011"). ("10011100"). ("11000110"). ("01100011"). ("11101010"). ("11001000"). ("01001010"). ("10111110"). ("00110011"). ("11100110"). -. ("11001010"). ("11101100"). ("01100111"). ("00101100"). ("11001101"). for i in 0 to 3 loop for j in 0 to 3 loop 51 .finalyearthesis. ("01110001"). ("00111111"). ("00010010"). ("00010000"). ("11110000"). ("00011001").b -(("00011111"). ("11000001"). -. ("00101101"). ("10101100"). ("01101111"). ("11010010"). ("00100110"). ("10110000"). ("01101001"). ("01111001"). ("11100000").d -(("10100000"). ("11100101"). ("10001111"). ("11001110"). ("11101111")). ("00101010"). -. ("11011101"). ("01001011").j)(3 downto 0)). -. ("01110100"). ("11110010"). ("00000011"). ("00011011")). -. -. variable COL : ROW_COL_TYPE. ("10110101"). ("01010001"). ("10000011"). ("01100001")). ("01110111"). -. ("00000100"). ("00110111"). ("01111111"). ("00000001"). ("00010001"). ("00100111"). ("11001001"). ("01010011"). ("01111010"). ("10011001"). ("00000010"). end loop. ("00001111"). ("00010100").com (("11010000"). ("01011111")). ("10010001"). ("10101010"). ("01001101").f -constant C_ENC : BYTE :="01100011".j):= conv_integer(INPUT_VEC(i.

COL(i.www. end SHIFTROWS. end SUBBYTES.0) := INPUT_VEC(i.final-yearproject. variable COL: integer range 0 to 3.j). else COL := j+k-NB. return OUTPUT. begin if (ENC_DEC = '1') then MUXOUT := A. OUT_VEC(k. variable MUXOUT : WORD. end loop. end loop.j) := INV_S_BOX(ROW(i.0).Here 'i' is Column end loop.("00000011")).j)). begin for i in 0 to 3 loop OUT_VEC(i. -.j)). else COL := NB-j+k.************** FUNCTION FOR SHIFTING / INVERSE SHIFTING OF ROWS ************** -function SHIFTROWS(INPUT_VEC:STATE_TYPE.com | www. else if (k-j>=0) then COL := k-j. -. return OUT_VEC. end if.COL(i.("00001001"). for j in 1 to 3 loop for k in 0 to 3 loop if (ENC_DEC = '1') then if (j+k<=NB-1) then COL := j+k.j). end loop.************** FUNCTION FOR MIXING / INVERSE MIXING OF COLUMNS *************** -function MIXCOL(INPUT_VEC:STATE_TYPE.com if (ENC_DEC = '1') then OUTPUT(i. variable OUT_VEC: STATE_TYPE. end if.j) := INPUT_VEC(COL. -. end if.("00001011")).finalyearthesis. else 52 .ENC_DEC:std_logic) return STATE_TYPE is variable OUT_VEC:STATE_TYPE.ENC_DEC:std_logic) return STATE_TYPE is constant A : WORD := (("00000010").("00000001").j) := S_BOX(ROW(i. ("00000001"). ("00001101"). constant A_INV : WORD := (("00001110"). else OUTPUT(i.j). end if. end loop.

INPUT_VEC(i.final-yearproject.0)) xor DOT(MUXOUT(0).3)).j) xor ROUNDKEY(i.2) := DOT(MUXOUT(2).INPUT_VEC(i. begin for i in 0 to 3 loop for j in 0 to 3 loop IN_STATE(i. return OUT_VEC.3) := DOT(MUXOUT(3).3)). 53 .1)) xor DOT(MUXOUT(3).2)) xor DOT(MUXOUT(0).1)) xor DOT(MUXOUT(1).j).2)) xor DOT(MUXOUT(2).INPUT_VEC(i.INPUT_VEC(i.finalyearthesis. end loop. end if.************** **************** -FUNCTION FOR WORD return ROTATION function ROTWORD(KEYWORD : WORD) return WORD is variable OUT_KEY : WORD. -.j) := KEYWORD(i).INPUT_VEC(i.INPUT_VEC(i. OUT_VEC(i. OUT_KEY(3) := KEYWORD(0).0) := DOT(MUXOUT(0). end loop.3)).ROUNDKEY:STATE_TYPE) STATE_TYPE is variable OUT_VEC:STATE_TYPE.2)) xor DOT(MUXOUT(1). variable IN_STATE : STATE_TYPE. for i in 0 to 3 loop OUT_VEC(i.INPUT_VEC(i. end loop. end MIXCOL. begin OUT_KEY(0) := KEYWORD(1). OUT_KEY(2) := KEYWORD(3). return OUT_VEC.************** **************** -FUNCTION FOR SUB WORD function SUBWORD(KEYWORD : WORD.INPUT_VEC(i. OUT_VEC(i. OUT_VEC(i. begin for i in 0 to 3 loop for j in 0 to 3 loop OUT_VEC(i.2)) xor DOT(MUXOUT(3).1) := DOT(MUXOUT(1).com MUXOUT := A_INV. return OUT_KEY.j) := INPUT_VEC(i.INPUT_VEC(i. end ADDROUNDKEY.0)) xor DOT(MUXOUT(1). end ROTWORD. -.0)) xor DOT(MUXOUT(2).INPUT_VEC(i.INPUT_VEC(i.1)) xor DOT(MUXOUT(0).1)) xor DOT(MUXOUT(2).INPUT_VEC(i.com | www. end loop.INPUT_VEC(i. -.************** **************** -FUNCTION FOR ADDING ROUND KEYS function ADDROUNDKEY(INPUT_VEC.0)) xor DOT(MUXOUT(3).INPUT_VEC(i.ENC_DEC:std_logic) return WORD is variable OUT_KEY : WORD. OUT_KEY(1) := KEYWORD(2). variable OUT_STATE : STATE_TYPE.www.3)).INPUT_VEC(i.INPUT_VEC(i.

finalyearthesis. NK:integer . end loop.www. else return DEC_KEY. end loop. if ((c mod 4) = 0) then TEMP1 := SUBWORD(ROTWORD(TEMP1).r).ENC_DEC). end loop. end SUBWORD. end loop. for c in 0 to 3 loop -. end KEY_EXP.ENC_DEC:std_logic) return EXP_KEY_TYPE is constant NR : integer :=10 .final-yearproject.row DEC_KEY(NB*(NR-i)+c. -. -. for r in 0 to 3 loop ENC_KEY(c. end if.column for r in 0 to 3 loop -. end loop.r):= (ENC_KEY((c-4). end loop. for i in 0 to 10 loop for c in 0 to 3 loop -. variable ENC_KEY : EXP_KEY_TYPE. for i in 0 to 3 loop OUT_KEY(i) := OUT_STATE(i. end loop. DEC_KEY := (others =>(others =>(others =>'0'))).'1').0). OUT_STATE := SUBBYTES(IN_STATE.row ENC_KEY(c. constant RCON : BYTE := "00000001". variable TEMP2 : BYTE. TEMP2 := XTIME(TEMP2). if (ENC_DEC = '1') then return ENC_KEY. variable TEMP1 : WORD. end if. variable DEC_KEY : EXP_KEY_TYPE.************** **************** -FUNCTION FOR KEY EXPANSION function KEY_EXP(KEY_IN:KEY_TYPE. return OUT_KEY. TEMP2 := RCON. TEMP1(0) := TEMP1(0) xor TEMP2. end loop.com | www.column for r in 0 to 3 loop -.r).r) xor TEMP1(r)).com end loop. begin ENC_KEY := (others =>(others =>(others =>'0'))). end loop.r) := KEY_IN(c. for c in 4 to 43 loop for r in 0 to 3 loop TEMP1(r) := ENC_KEY((c-1).************ ************* -FUNCTION FOR WORD TO STATE CONVERSION 54 .r) := ENC_KEY(NB*i+c.r).

return OUTPUT. end loop. begin for i in 0 to 3 loop for j in 0 to 3 loop for k in 7 downto 0 loop OUTPUT(i * NB * 8 + j * 8 + k):= INPUT(i.j)(7-k). end BITS2STATE. end WORD2STATE. end loop.************ ************* -- FUNCTION FOR STATE TO BITS CONVERSION function STATE2BITS(INPUT:STATE_TYPE) return std_logic_vector is variable OUTPUT : std_logic_vector(0 to 127).j)(7-k) := INPUT(i * NB * 8 + j * 8 + k).************ *************** -return FUNCTION FOR BITS TO KEY CONVERSION return function BITS2KEY(INPUT:std_logic_vector(0 to 127)) KEY_TYPE is variable OUTPUT : KEY_TYPE.j) := INPUT(ROUND_NUM*NB+i.www. end loop. end loop. end loop.com | www. end loop.final-yearproject. begin for i in 0 to 3 loop for j in 0 to 3 loop OUTPUT(i. end loop.com function WORD2STATE(INPUT:EXP_KEY_TYPE.finalyearthesis. begin for i in 0 to 3 loop for j in 0 to 3 loop for k in 7 downto 0 loop OUTPUT(i. 55 . return OUTPUT.j)(7-k) := INPUT(i * NB * 8 + j * 8 + k). end loop. -. end loop.************ ************* -- FUNCTION FOR BITS TO STATE CONVERSION return function BITS2STATE(INPUT:std_logic_vector(0 to 127)) STATE_TYPE is variable OUTPUT : STATE_TYPE. -. end BITS2KEY. -. begin for i in 0 to 3 loop for j in 0 to 3 loop for k in 7 downto 0 loop OUTPUT(i.j).ROUND_NUM:integer) STATE_TYPE is variable OUTPUT : STATE_TYPE. end loop. return OUTPUT.

-################################################################# ###############-- 56 .www. end STATE2BITS.final-yearproject. return OUTPUT.com | www.com end loop. end AES_PACK_128.finalyearthesis.

use work.OUTPUT OF SUBBYTES -variable S_ROW : STATE_TYPE. -THE SAME ENTITY IS USED FOR BOTH ENCRYPTION AND DECRYPTION SINCE -THE EQUIVALENT INVERSE CIPHER ALGORITHM IS USED IN THIS DESIGN.RESET) variable S_BOX : STATE_TYPE.ENC_DEC) begin if(ENC_DEC ='1') then INT_KEY <= ROUND_KEY. DIN_VALID : in std_logic.2 ENTITY FOR AES ENCRYPTION / DECRYPTION ROUND. else INT_KEY <= MIXCOL(ROUND_KEY. ENC_DEC : in std_logic. begin process(ROUND_KEY. entity AES_ROUND_128 is port (OUTPUT : out STATE_TYPE.final-yearproject.finalyearthesis. elsif(CLK'event and CLK = '1') then 57 . use ieee. CLK : in std_logic. M_COL := (others =>(others =>(others => '0'))).all. RESET : in std_logic). -.ENC_DEC).com | www. OUTPUT <= (others =>(others =>(others => '0'))).AES_PACK_128.OUTPUT OF MIXCOL -begin if (RESET = '1') then S_BOX := (others =>(others =>(others => '0'))). -================================================================= ============= -library ieee. end AES_ROUND_128.com --- ============================ 4. end if. use ieee. -. end process. process(CLK. DOUT_VALID: out std_logic.std_logic_unsigned. DOUT_VALID <= '0'.OUTPUT OF SHIFTROWS -variable M_COL : STATE_TYPE. architecture BEHAV of AES_ROUND_128 is signal INT_KEY : STATE_TYPE.std_logic_1164. -. INPUT : in STATE_TYPE. ---THIS ENTITY IS USED TO DESCRIBE THE FUNCTIONALITY OF ONE INDIVIDUAL -ROUND OF AES ALGORITHM. S_ROW := (others =>(others =>(others => '0'))).all. ROUND_KEY : in STATE_TYPE.www.all.

com if(DIN_VALID = '1') then S_BOX := SUBBYTES(INPUT. S_ROW := SHIFTROWS(S_BOX.ENC_DEC).www.ENC_DEC).final-yearproject. end process. end if. M_COL := MIXCOL(S_ROW. end if.finalyearthesis.com | www. 58 .ENC_DEC).INT_KEY). end BEHAV. OUTPUT <= ADDROUNDKEY(M_COL. DOUT_VALID <= DIN_VALID.

DOUT_VALID <= DIN_VALID. -================================================================= ============= -library ieee. use ieee.all. OUTPUT <= (others =>(others =>(others => '0'))).ENC_DEC). ENC_DEC : in std_logic. entity AES_LAST_ROUND_128 is port (OUTPUT : out STATE_TYPE. DIN_VALID : in std_logic. ROUND_KEY : in STATE_TYPE.ENC_DEC).www.AES_PACK_128. DOUT_VALID: out std_logic.std_logic_1164.com | www. 59 . AES ENCRYPTION / --THIS ENTITY IS USED TO DESCRIBE THE FUNCTIONALITY OF THE LAST -ROUND OF AES ALGORITHM. OUTPUT <= ADDROUNDKEY(S_ROW. elsif(CLK'event and CLK = '1') then if(DIN_VALID = '1') then S_BOX := SUBBYTES(INPUT. CLK : in std_logic. use ieee. variable S_ROW : STATE_TYPE.all. begin if (RESET = '1') then S_BOX := (others =>(others =>(others => '0'))).RESET) variable S_BOX : STATE_TYPE. end process. -THE SAME ENTITY IS USED FOR BOTH ENCRYPTION AND DECRYPTION SINCE -THE EQUIVALENT INVERSE CIPHER ALGORITHM IS USED IN THIS DESIGN. S_ROW := (others =>(others =>(others => '0'))). RESET : in std_logic). end if. use work. end AES_LAST_ROUND_128.com ============================ ---4.ROUND_KEY).std_logic_unsigned.all. end if.final-yearproject. S_ROW := SHIFTROWS(S_BOX. DOUT_VALID <= '0'. INPUT : in STATE_TYPE. end BEHAV.3 ENTITY FOR LAST DECRYPTION ROUND.finalyearthesis. architecture BEHAV of AES_LAST_ROUND_128 is begin process(CLK.

4 MAIN ENTITY FOR AES ALGORITHM(USING 128 BITS KEY).4.VALID DATA -CE : in std_logic.www. 60 . -.FOLLOWING SIGNALS ARE FOR OUTPUT OF INDIVIDUAL ROUNDS -signal ROUND_00 : STATE_TYPE. -. use ieee. -.std_logic_unsigned.VHD -3:AES_LAST_ROUND_128. signal ROUND_01 : STATE_TYPE.all.com --- ============================ -. --THIS PROJECT REQUIRES THE FOLLOWING FILES:-1:AES_128.finalyearthesis.VHD -5:TEST_AES_128. -OUTPUT DATA -DOUT_VALID : out std_logic. signal ROUND_04 : STATE_TYPE. -.RESET -end AES_128. -. signal ROUND_05 : STATE_TYPE. use ieee.AES_PACK_128. use work.KEY VALID -DIN_VALID : in std_logic.std_logic_1164. -. -CHIP ENABLE -CLK : in std_logic. architecture BEHAV of AES_128 is constant ZERO_STATE :=(others=>(others=>(others=>'0'))). signal ROUND_02 : STATE_TYPE.PIN FOR VALID OUTPUT -KEY : in std_logic_vector(0 to 127).VHD -4:AES_PACK_128.128 BIT KEY -DATA_IN : in std_logic_vector(0 to 127). entity AES_128 is port(DATA_OUT : out std_logic_vector(0 to 127).VHD(MAIN ENTITY) -2:AES_ROUND_128. : STATE_TYPE signal KEY_IN : std_logic_vector(0 to 127).all.com | www.all. -CLOCK -RESET : in std_logic). -SELECTS ENCRYPTION OR DECRYPTION -ENC_DEC : in std_logic.final-yearproject.VHD(TEST BENCH) -================================================================= ============= -library ieee. -.INPUT DATA -K_EN : in std_logic. signal ROUND_03 : STATE_TYPE.

std_logic.www. component AES_LAST_ROUND_128 -AES_LAST_ROUND -port (OUTPUT : out STATE_TYPE. : STATE_TYPE. ARE FOR KEYS OF INDIVIDUAL ROUNDS -: STATE_TYPE. ROUND_KEY : in STATE_TYPE. : STATE_TYPE. : STATE_TYPE. std_logic. : integer := 4. INPUT : in STATE_TYPE. ENC_DEC : in std_logic. : STATE_TYPE.COMPONENT DECLARATION FOR AES_ROUND -port (OUTPUT : out STATE_TYPE. end component. CLK : in std_logic. std_logic.finalyearthesis. DOUT_VALID: out std_logic.final-yearproject. std_logic. std_logic. : STATE_TYPE. DIN_VALID : in std_logic. : STATE_TYPE. end component.FOLLOWING SIGNALS -signal DOUT_VALID_00 signal DOUT_VALID_01 signal DOUT_VALID_02 signal DOUT_VALID_03 signal DOUT_VALID_04 signal DOUT_VALID_05 signal DOUT_VALID_06 signal DOUT_VALID_07 signal DOUT_VALID_08 signal DOUT_VALID_09 signal EXP_KEY constant NK : STATE_TYPE. std_logic. ROUND_KEY : in STATE_TYPE. std_logic. ENC_DEC : in std_logic. : STATE_TYPE.NUMBER OF COLUMNS -- : EXP_KEY_TYPE. DOUT_VALID: out std_logic. CLK : in std_logic. RESET : in std_logic). component AES_ROUND_128 -. : STATE_TYPE. -. : STATE_TYPE. : STATE_TYPE. ARE USED AS DOUT VALID OF INDIVIDUAL ROUNDS : : : : : : : : : : std_logic. : STATE_TYPE. std_logic.FOLLOWING SIGNALS signal KEY_00 signal KEY_01 signal KEY_02 signal KEY_03 signal KEY_04 signal KEY_05 signal KEY_06 signal KEY_07 signal KEY_08 signal KEY_09 signal KEY_LST -. : STATE_TYPE. : STATE_TYPE. DIN_VALID : in std_logic.com signal ROUND_06 signal ROUND_07 signal ROUND_08 signal ROUND_09 signal DOUT_LST -.com | www. std_logic. INPUT : in STATE_TYPE. begin COMPONENT DECLARATION FOR 61 . RESET : in std_logic). : STATE_TYPE.

CLK=>CLK.final-yearproject. INPUT=>ROUND_03. DOUT_VALID=>DOUT_VALID_02. ENC_DEC=>ENC_DEC.THE FOLLOWING ARE THE NINE INSTANTIATIONS FOR AES_ROUND(i. ENC_DEC=>ENC_DEC. RESET=>RESET). a06: AES_ROUND_128 port map(OUTPUT=>ROUND_06. INPUT=>ROUND_00. CLK=>CLK. a05: AES_ROUND_128 port map(OUTPUT=>ROUND_05. DIN_VALID=>DOUT_VALID_03. ENC_DEC=>ENC_DEC. CLK=>CLK. DOUT_VALID=>DOUT_VALID_04. INPUT=>ROUND_02. RESET=>RESET). INPUT=>ROUND_01. RESET=>RESET). ENC_DEC=>ENC_DEC. ENC_DEC=>ENC_DEC.com -. CLK=>CLK.e from a01 to a09) -a01: AES_ROUND_128 port map(OUTPUT=>ROUND_01. DIN_VALID=>DOUT_VALID_00. DOUT_VALID=>DOUT_VALID_05. INPUT=>ROUND_05. a02: AES_ROUND_128 port map(OUTPUT=>ROUND_02. INPUT=>ROUND_04. ROUND_KEY=>KEY_04. RESET=>RESET). ROUND_KEY=>KEY_02. RESET=>RESET).finalyearthesis. 62 .com | www. ROUND_KEY=>KEY_06. a04: AES_ROUND_128 port map(OUTPUT=>ROUND_04.www. DIN_VALID=>DOUT_VALID_04. ROUND_KEY=>KEY_03. DOUT_VALID=>DOUT_VALID_03. DOUT_VALID=>DOUT_VALID_06. a03: AES_ROUND_128 port map(OUTPUT=>ROUND_03. CLK=>CLK. DOUT_VALID=>DOUT_VALID_01. DIN_VALID=>DOUT_VALID_05. ROUND_KEY=>KEY_01. ROUND_KEY=>KEY_05. DIN_VALID=>DOUT_VALID_01. DIN_VALID=>DOUT_VALID_02.

EXP_KEY <= KEY_EXP(BITS2KEY(KEY_IN). a08: AES_ROUND_128 port map(OUTPUT=>ROUND_08.6).finalyearthesis. ROUND_KEY=>KEY_08. ENC_DEC=>ENC_DEC.com | www.NK. CLK=>CLK. KEY_07 <= WORD2STATE(EXP_KEY. RESET=>RESET).www.9). ROUND_KEY=>KEY_07. a07: AES_ROUND_128 port map(OUTPUT=>ROUND_07.8). KEY_09 <= WORD2STATE(EXP_KEY. -. KEY_06 <= WORD2STATE(EXP_KEY. KEY_08 <= WORD2STATE(EXP_KEY. RESET=>RESET).final-yearproject. RESET=>RESET). DIN_VALID=>DOUT_VALID_07.THIS LAST INSTANTIATION IS FOR AES_LAST_ROUND -alast: AES_LAST_ROUND_128 port map(OUTPUT=>DOUT_LST.5).1). ROUND_KEY=>KEY_LST. ENC_DEC=>ENC_DEC. DOUT_VALID=>DOUT_VALID_09. KEY_01 <= WORD2STATE(EXP_KEY.ENC_DEC). KEY_05 <= WORD2STATE(EXP_KEY. KEY_03 <= WORD2STATE(EXP_KEY.FOLLOWING STATEMENTS ARE USED FOR CALCULATING INDIVIDUAL ROUND KEYS -KEY_00 <= WORD2STATE(EXP_KEY. RESET=>RESET). RESET=>RESET).3).4). DIN_VALID=>DOUT_VALID_08. -. KEY_04 <= WORD2STATE(EXP_KEY.7). DOUT_VALID=>DOUT_VALID_08. DOUT_VALID=>DOUT_VALID_07.com ENC_DEC=>ENC_DEC. CLK=>CLK. DOUT_VALID=>DOUT_VALID.10). 63 . KEY_02 <= WORD2STATE(EXP_KEY. CLK=>CLK. DIN_VALID=>DOUT_VALID_09. CLK=>CLK.0). CLK=>CLK. INPUT=>ROUND_09. DIN_VALID=>DOUT_VALID_06. ROUND_KEY=>KEY_09.2). INPUT=>ROUND_06. ENC_DEC=>ENC_DEC. a09: AES_ROUND_128 port map(OUTPUT=>ROUND_09. INPUT=>ROUND_07. ENC_DEC=>ENC_DEC. KEY_LST <= WORD2STATE(EXP_KEY. INPUT=>ROUND_08.

j).finalyearthesis. begin if (RESET ='1') then ROUND_00 <= ZERO_STATE. DOUT_VALID_00 <= '0'.com | www. end loop. DOUT_VALID_00 <= DIN_VALID. for i in 0 to NB-1 loop for j in 0 to NB-1 loop ROUND_00(i. initial_round:process(CLK. end if. elsif (CLK'event and CLK='1') then if(K_EN = '1' and CE = '1') then KEY_IN <= KEY.com DATA_OUT <= STATE2BITS(DOUT_LST). end if. KEY_IN <= (others=>'0').final-yearproject. DATA := (others =>(others=> (others=>'0'))). end loop.RESET) variable DATA : STATE_TYPE.www.j) <= DATA(i. elsif (DIN_VALID = '1' and CE = '1') then DATA := BITS2STATE(DATA_IN(0 to 127)). end process initial_round. -################################################################# ###############-- 64 .j) xor KEY_00(i. end BEHAV.

std_logic_unsigned. => KEY. KEY => KEY. signal CLK : std_logic:='0'.final-yearproject. K_EN => K_EN. 65 . CLK : in std_logic. entity TEST_AES_NEW_128 is end TEST_AES_NEW_128. signal DOUT_VALID_0. signal DATA_IN : std_logic_vector(0 to 127).std_logic_1164. DOUT_VALID => DOUT_VALID_1. DOUT_VALID : out std_logic.DOUT_VALID_1 : std_logic. begin a0 : AES_128 port map (DATA_OUT DOUT_VALID KEY DATA_IN K_EN DIN_VALID ENC_DEC CE CLK RESET => DATA_OUT_0. use ieee. => DIN_VALID. => RESET ).com 4.finalyearthesis. signal KEY : std_logic_vector(0 to 127). signal CE : std_logic. signal RESET : std_logic. RESET : in std_logic). K_EN : in std_logic. signal ENC_DEC : std_logic. signal DIN_VALID : std_logic. KEY : in std_logic_vector(0 to 127). end component.com | www. use ieee. ENC_DEC : in std_logic. component AES_128 port(DATA_OUT : out std_logic_vector(0 to 127).DATA_OUT_1 : std_logic_vector(0 to 127). DIN_VALID : in std_logic.AES_PACK_128.www.all. => K_EN. DATA_IN => DATA_OUT_0. => ENC_DEC. => CLK. => DOUT_VALID_0.all. a1 : AES_128 port map (DATA_OUT => DATA_OUT_1. DATA_IN : in std_logic_vector(0 to 127). AES ENCRYPTION / architecture BEHAV of TEST_AES_NEW_128 is signal DATA_OUT_0. => CE. CE : in std_logic.5 ENTITY FOR TESTING DECRYPTION ROUND ***-library ieee. => DATA_IN. signal K_EN : std_logic.all. use work.

Second Set of Inputs DATA_IN <=(X"00112233445566778899aabbccddeeff"). ENC_DEC <='1'.Run the design for 500 ns 66 . CE <='1'.finalyearthesis. K_EN <='0'. ENC_DEC <='1'. DIN_VALID <='1'. DIN_VALID <='0'. => CE.final-yearproject. K_EN <='0'. wait for 230 ns. DATA_IN <=(others=>'0'). KEY <=(others=>'0'). DIN_VALID <='0'. -. DIN_VALID <='1'. RESET <='0'. KEY <=(others=>'0'). wait for 10 ns. CLK <= not CLK after 5 ns. K_EN <='1'. KEY <=(others=>'0'). wait for 10 ns. DIN_VALID <='0'. CE <='1'. ENC_DEC <='1'. => '0'. CE <='1'. variable DATA_IN_B : bit_vector(0 to 127). wait for 10 ns. -. KEY <=(X"000102030405060708090a0b0c0d0e0f"). ENC_DEC <='1'. KEY <=(X"2b7e151628aed2a6abf7158809cf4f3c"). CE <='1'. begin RESET<='1'. wait for 230 ns. K_EN <='0'. K_EN <='0'.com DIN_VALID ENC_DEC CE CLK RESET => DOUT_VALID_0. => RESET ). process variable KEY_IN_B : bit_vector(0 to 127). -.First Set of Inputs DATA_IN <=(X"3243f6a8885a308d313198a2e0370734"). => CLK. RESET<='1'. K_EN <='0'. RESET<='1'. wait for 10 ns. ENC_DEC <='1'.com | www. K_EN <='1'.www. RESET <='0'. CE <='1'. wait for 100 ns.

finalyearthesis.final-yearproject.com end process.com | www. end BEHAV. 67 .www.

Now this chapter deals with the simulation and synthesis results of the implemented AES algorithm. This proves that the modeled design works properly as per the algorithm. The simulated waveforms for the various cases have been discussed in this section. which were taken from the reference.com RESULTS AND DISCUSSION 5. CASE-1: 68 . and will make the operations of algorithm to perform.com | www. The Appropriate test cases have been identified in order to test this modeled AES Encryption and Decryption algorithm.final-yearproject.finalyearthesis. This developed test bench will automatically force the inputs. Based on the identified values as the reference the plain text and the key of 128 bits will be given as the input to the design and the obtained cipher text should match the reference result.2 SIMULATION RESULTS The test bench is developed in order to test the modeled design.1 INTRODUCTION The AES Encryption and Decryption algorithm and the implementation were discussed in the previous chapters. Once the functional verification is done. 5. Here Modelsim tool is used in order to simulate the design and checks the functionality of the design. the design will be taken to the Xilinx tool for Synthesis process and the netlist generation.www.

“din_valid” and “k_en” signals will go high. So when the proper inputs were given as the input to the system.www. When this “enc_dec” is set to high.final-yearproject. 128 bits. 69 . The reset signal is active high.com Figure 5. These signals represents that the valid data and the proper key is given to the system. Once the reset signal is set to low.1 Simulation Result of AES Encryption and Decryption for Set-1 Inputs This case deals with the both encryption and decryption for first set of plain text and a key of 128 bits. that is.finalyearthesis. There is signal “enc_dec” which represents that the system is in which operation either in encryption or decryption. the encryption process will be carried out with the given inputs and when this signal is set to low. chip enable (ce) and reset (rst). Encryption Here the first sets of inputs are taken from the reference as follows.com | www. The basic and common inputs for both encryption and decryption stage were clock (clk). when the reset signal is set to high. the system will be in reset state and hence all the values will be ‘0’. that is. the system will start its process. The two inputs named as “data_in” and “key_in” which takes the given plain text and the key. the cipher text for the given set of inputs is obtained as follows. Input = 32 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34 Cipher Key = 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c The above inputs were represented in the hexadecimal format which contains 16 bytes. Hence the output of the encryption process. the decryption process will be carried out. that is.

com Cipher Text = 39 25 84 1d 02 dc 09 fb dc 11 85 97 19 6a 0b 32 Decryption The above cipher text.com | www. Input = 39 25 84 1d 02 dc 09 fb dc 11 85 97 19 6a 0b 32 Cipher Key = 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c Here the “din_valid” signal will goes high only after the encryption process. Final Output = 32 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34 Thus the simulation result which is shown in the figure 4. the same operation as the case-1 will be carried out with other different sets of inputs.www.finalyearthesis.1 gives the clear view on the AES operation which was explained above. that is.2.2 Simulation Result of AES Encryption and Decryption for Set-2 Inputs Here the inputs such as plain text and the key for the encryption process were given as follows. CASE-2: In this case. Figure 5. encrypted data will be given as the input to the decryption stage and the same key should be provided. that is. Plain Text = 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff Key = 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 70 .final-yearproject. Here also both encryption and decryption process were clearly represented in the simulation waveform shown in the figure 5. the same plain text which is given as the input to the encryption stage will be achieved. Hence the decryption process will be carried out and the final output.

com | www.final-yearproject. shifting and mixing of columns.com The signals shown in the waveform were represents the same operation as explained in the case-1. Final Output = 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff Hence this represents that the developed AES Encryption and Decryption Algorithm works with different set of inputs.www. Figure 5. As discussed in the previous chapter.3 Simulation Result of Encryption with Internal Operation for Set-1 Inputs The AES Encryption algorithm internally performs the operation such as substitution. the operation of each process will be carried out and hence the output calculated values 71 . Cipher Text = 69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a The above encrypted data in turn will be given as the input to the decryption stage with the same key which produces the as plain text as the final output.finalyearthesis.3. CASE-3: This case deals with the internal operation of the AES Encryption process and its results at each stage which has been clearly represented in the simulation waveform shown in the figure 5. Hence the plain text and key were given as inputs to the encryption stage and the cipher text will be obtained as output which is represented as follows.

CASE-4: The internal operations involved during the decryption side were clearly shown in the figure 5.com | www. the same operations will be carried out with the evaluated values. Hence at the last round. In above waveform.finalyearthesis. The key will be given as the inverse of the generated one from the encryption process. In the waveform round-1 and round-2 were shown in which its internal operation and their results are shown clearly. that is. Similarly for all the rounds.final-yearproject. The cipher text generated from encryption will be given as input to the decryption block and the same kind of operation as in the encryption process will be carried out with the different pre-defined values. 72 .4. So each round. Hence the output of the round will be taken as the input for the next round.com will be seen clearly in the above waveform.www. all the internal operations will be carried out and finally the MixColumn value and the key input of each round will be XORed. all the internal operation of round-1 and round-2 were shown. round-10 the final values will be evaluated and the cipher text will be given out.

com Figure 5. The operation as explained in the case-3 and case-4 were same as here.finalyearthesis. CASE-5: This case deals with the internal operations involved in the both encryption and decryption with other set of inputs. the only difference is that the input set is modified. that is.com | www. Here we 73 .4 Simulation Result of Decryption with Internal Operation for Set-1 Inputs Finally the last round without MixColumn operation will be carried out in order to produce the final output. plain text.final-yearproject.www.

www.com are checking the operations are carried out properly with different inputs and the obtained outputs were matches with the reference values.5 Simulation Result of Encryption with Internal Operation for Set-2 Inputs 74 .final-yearproject. Figure 5.com | www.6 shows that the internal operations carried out in the AES Decryption process.finalyearthesis. The waveform clearly represents the output values of the each stage which were fed as input to the next process. Hence the figure 4.5 shows the internal operation of the AES Encryption process and the figure 4.

com | www.6 Simulation Result of Decryption with Internal Operation for Set-2 Inputs CASE-6: In this case.www. the first set of inputs is taken and the whole 10 rounds have been carried out. 75 .com Figure 5.finalyearthesis.final-yearproject.

Thus the data at the every round output will be acting as the input to the next round.www.9 and figure 4.7 Simulation Result of Encryption for Set-1 Inputs Figure 4.7 clearly represents all the rounds and inputs and outputs of each round.com Figure 5.final-yearproject.com | www. 76 .10 for the both encryption and decryption process.finalyearthesis. the inputs and outputs of each round for the other set of inputs were clearly represented in the figure 4.8 Simulation Result of Decryption for Set-1 Inputs Case-7: In this case. These values can be cross verified with the reference values. Figure 5.

77 .www.com Figure 5.com | www.finalyearthesis.final-yearproject.9 Simulation Result of Encryption for Set-2 Inputs Figure 5.10 Simulation Result of Decryption for Set-2 Inputs Thus the simulation result of the AES algorithm for both encryption and decryption were discussed above in different cases.

schematic or Boolean expression. Issues in FPGA technology are complexity of logic element. The initial design entry of may be VHDL.3 INTRODUCTION TO FPGA FPGA stands for Field Programmable Gate Array which has the array of logic module.com | www.3.finalyearthesis. FPGA based computers. clock support. logic emulation. FPGA can be configured by end user to implement specific circuitry. This process includes following:  Translate  Map  Place and Route 5. I /O module and routing tracks (programmable interconnect). It is Volatile and main advantage of using SRAM programming technology is re-configurability. design of an AES Encryption and Decryption Algorithm is made using VHDL is synthesized on FPGA family through XILINX ISE Tool. FPGA can be programmed mainly on SRAM (Static Random Access Memory). 78 .  Design Entry  Logic Optimization  Technology Mapping  Placement  Routing  Programming Unit  Configured FPGA Above shows the basic steps involved in implementation. IO support and interconnections (Routing).1 FPGA FLOW The basic implementation of design on FPGA has the following steps.com 5. ASIC and ASSP. Main applications are DSP. Speed is up to 100 MHz but at present speed is in GHz. The optimization of the Boolean expression will be carried out by considering area or speed.final-yearproject.www. In this work.

This AES algorithm design can be implemented on FPGA (Field Programmable Gate Array) family of Virtex-2. many different devices were available in the Xilinx ISE tool. During placement the algorithms are used to place each block in FPGA array. Here area and delay optimization will be taken place.com Figure 5. Assigning the FPGA wire segments. flip-flops and MUX. the transformation of optimized Boolean expression to FPGA logic blocks. In order to implement this AES design the device named as “XC2V8000” has been chosen and the package as “FF1517” with the device speed as “-5”.com | www. RTL Schematic The RTL (Register Transfer Logic) can be viewed as black box after synthesize of design is made. 79 . In synthesis process. Here in this Virtex-2 family. It shows the inputs and outputs of the system. The design of AES Encryption and Decryption Algorithm is synthesized and its results are analyzed as follows. the RTL model will be converted to the gate level netlist mapped to a specific technology library.www.11 Logic Block In technology mapping. The configuration of final chip is made in programming unit.final-yearproject. that is said to be as Slices. By double-clicking on the diagram we can see gates. to establish connections among FPGA blocks through routing.4 SYNTHESIS RESULT The developed AES Encryption and Decryption Algorithm are simulated and verified their functionality. Once the functional verification is done. the RTL model is taken to the synthesis process using the Xilinx ISE tool. 5. which are programmable.finalyearthesis.

com | www. Device utilization summary: This device utilization includes the following.final-yearproject.12 shows the top level block diagram that contains the primary inputs and outputs of the design.12 RTL Schematic The above figure 5.finalyearthesis.www.com IN P U T S O U TP U T S Figure 5. • • • Logic Utilization Logic Distribution Total Gate count for the Design 80 .

716ns (Maximum Frequency: 18. details regarding time period and frequency is shown are approximate while synthesize. Hence as the result of the synthesis process.840ns Maximum combinational path delay: No path found In timing summery. After place and routing is over. 81 .finalyearthesis. we get the exact timing summery.719 ns.103ns Maximum output required time after clock: 4. The RTL model is implemented using the Xilinx tool in Virtex-2 and their synthesis results are discussed with the help of generated reports. Hence the maximum operating frequency of this synthesized design is given as 18.970 MHz and the minimum period as 52.5 SUMMARY • • • The developed AES algorithm is modeled and is simulated using the Modelsim tool.com | www. The simulation results are discussed by considering different cases.final-yearproject. OFFSET IN is the minimum input arrival time before clock and OFFSET OUT is maximum output required time after clock. the device utilization in the used device and package is shown above.970MHz) Minimum input arrival time before clock: 20.com The device utilization summery is shown above in which its gives the details of number of devices used from the available devices and also represented in %.www. Timing Summary: Speed Grade: -5 Minimum period: 52. 5.

This work on the AES Encryption and Decryption Algorithm of 128 bits can be extended in the future in the following ways. This switch will be used to switch the system of key lengths to either of 128 bits.com CONCLUSION AND FUTURE SCOPE 6. Successful implementation of AES algorithm. Given the same input key and data (plaintext or ciphertext) any implementation that produces the same output (ciphertext or plaintext) as the algorithm specified in this standard is an acceptable implementation of the AES. the concept of instantiation and arrays plays a major part in implementation. make to know one of the encryption and decryption standard available in market and it helps to explore the path to implement such an algorithm using VHDL. The original message is taken to 10 round operations which produces the ciphertext. • Also this work can be extended by developing a switch. This will be handling all the three key lengths and the required process can be carried out by with respect to the switch. This resultant encrypted data is fed as the input to the decryption and 10 rounds operations were carried out and hence the same plain text is achieved. This is a 128-bit Key dependent algorithm which has control over the 128-bit input data or plaintext.1 CONCLUSION Firstly. 6.com | www.finalyearthesis. 82 .2 FUTURE SCOPE In recent days. the work can be extended by increasing the key length which increases both the security level to high and also the difficulties in hacking level.final-yearproject. AES (Advanced Encryption Standard) is used which has increased level of security. 192 bits and 256 bits. The simulation results have been verified for the different appropriate test cases. • As this algorithm supports the key length of 192 bits and 256 bits. Mainly. understanding the concept of cryptology and flow of AES algorithm is done.www. Finally the developed model is taken to the Xilinx tool and done the implementation using the FPGA family of Virtex-2 board.

com APPENDIX-1 STANDARD TABLES FOR AES ALGORITHM Key-Block-Round Combinations S-Box: Substitution Values used in Encryption Process Matrix Value used in MixColumn Operation in Encryption Process 83 .final-yearproject.com | www.finalyearthesis.www.

com S-Box: Substitution Values used in Decryption Process Matrix Value used in MixColumn Operation in Decryption Process 84 .final-yearproject.com | www.www.finalyearthesis.

technology/.com/cryptography.nist.final-yearproject.finalyearthesis. 2.gov/CryptoToolkit.gladman.plus. 85 . 3.B.www.Gladman’s AES related home page http://fp.BIBILOGRAPHY 1.nist.com 7.AES page available via http://www.com | www.Computer Security Objects Register (CSOR): http://csrc.gov/csor/.

Sign up to vote on this title
UsefulNot useful