This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Highly Regular and Scalable AES Hardware Architecture
April 2003 (vol. 52 no. 4)
pp. 483-491

Abstract—This article presents a highly regular and scalable AES hardware architecture, suited for full-custom as well as for semi-custom design flows. Contrary to other publications, a complete architecture (even including CBC mode) that is scalable in terms of throughput and in terms of the used key size is described. Similarities of encryption and decryption are utilized to provide a high level of performance using only a relatively small area (10,799 gate equivalents for the standard configuration). This performance is reached by balancing the combinational paths of the design. No other published AES hardware architecture provides similar balancing or a comparable regularity. Implementations of the fastest configuration of the architecture provide a throughput of 241 Mbits/sec on a 0.6 \mum CMOS process using standard cells.

[1] J. Daemen and V. Rijmen, The Design of Rijndael. Springer-Verlag, 2002.
[2] Nat'l Inst. of Standards and Tech nology, “Federal Information Processing Standard 197, The Advanced Encryption Standard (AES),” http://csrc.nist.gov/publications/fips/fips197 fips-197.pdf, 2001.
[3] Nat'l Inst. of Standards and Tech nology, “Federal Information Processing Standard 46-3, The Data Encryption Standard (DES),” http://csrc.nist.gov/publicationsfips/, 1999.
[4] A.J. Elbwirt, W. Yip, B. Chetwynd, and C. Paar, “An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists,” Proc. Third Advanced Encryption Standard Candidate Conf., pp. 13-27, 2000.
[5] K. Gaj and P. Chodowiec, “Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware,” Proc. Third Advanced Encryption Standard Candidate Conf., pp. 40-56, 2000.
[6] N. Weaver and J. Wawrzynek, “A Comparison of the AES Candidates Amenability to FPGA Implementation,” Proc. Third Advanced Encryption Standard Candidate Conf., pp. 28-39, 2000.
[7] B. Weeks, M. Bean, T. Rozylowicz, and C. Ficke, “Hardware Performance Simulations of Round 2 Advanced Encryption Standard Algorithms,” http://csrc.nist.gov/encryption/aes/round2 NSA-AESfinalreport.pdf, 2000.
[8] V. Fischer and M. Drutarovský, “Two Methods of Rijndael Implementation in Reconfigurable Hardware,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 77-92, 2001.
[9] H. Kuo and I. Verbauwhede, “Architectural Optimization for a 1.82Gbits/Sec VLSI Implementation of the AES Rijndael Algorithm,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 51-64, 2001.
[10] M. McLoone and J.V. McCanny, “High Performance Single-Chip FPGA Rijndael Algorithm Implementations,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 65-76, 2001.
[11] A. Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi, “Efficient Rijndael Encryption Implementation with Composite Field Arithmetic,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 171-184, 2001.
[12] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” Proc. Advances in Cryptology—ASIACRYPT 2001, pp. 239-254, 2001.
[13] P.C. Kocher, J. Jaffe, and B. Jun, “Differential Power Analysis,” Proc. Advances in Cryptology—CRYPTO 1999, pp. 388-397, 1999.
[14] K. Tiri, M. Akmal, and I. Verbauwhede, “A Dynamic and Differential CMOS Logic with Signal Independent Power Consumption to Withstand Differential Power Analysis on Smart Cards,” Proc. 28th European Solid-State Circuits Conf.—ESSCIRC 2002, 2002.
[15] Nat'l Inst. of Standards and Tech nology, “Special Publication 800-38A 2001 ED, Recommendation for Block Cipher Modes of Operation,” http://csrc.nist.gov/publications/nistpubs/ 800-38asp800-38a.pdf, 2001.
[16] V. Rijmen, “Efficient Implementation of the Rijndael SBox,” http://www.esat.kuleuven.ac.be/rijmen/rijndael sbox.pdf, 2000.
[17] J. Wolkerstorfer, E. Oswald, and M. Lamberger, “An ASIC implementation of the AES S-Boxes,” Topics in Cryptology—CT-RSA 2002, Proc. RSA Conf. 2002, Feb. 2002.
[18] J. Wolkerstorfer, “An ASIC Implementation of the AES-MixColumn Operation,” Proc. Austrochip 2001, Oct. 2001.

Index Terms:
Advanced Encryption Standard (AES), hardware architecture, IP module, VLSI, scalability, regularity.
Citation:
Stefan Mangard, Manfred Aigner, Sandra Dominikus, "A Highly Regular and Scalable AES Hardware Architecture," IEEE Transactions on Computers, vol. 52, no. 4, pp. 483-491, April 2003, doi:10.1109/TC.2003.1190589
Usage of this product signifies your acceptance of the Terms of Use.