Rijndael FPGA Implementations Utilising Look-Up Tables.

Queen's University Belfast, Béal Feirste, Northern Ireland, United Kingdom
Journal of VLSI Signal Processing (Impact Factor: 0.73). 07/2003; 34(3):261-275. DOI: 10.1023/A:1023252403567
Source: DBLP


This paper presents single-chip FPGA Rijndael algorithm implementations of the Advanced Encryption Standard (AES) algorithm, Rijndael. In particular, the designs utilise look-up tables to implement the entire Rijndael Round function. A comparison is provided between these designs and similar existing implementations. Hardware implementations of encryption algorithms prove much faster than equivalent software implementations and since there is a need to perform encryption on data in real time, speed is very important. In particular, Field Programmable Gate Arrays (FPGAs) are well suited to encryption implementations due to their flexibility and an architecture, which can be exploited to accommodate typical encryption transformations. In this paper, a Look-Up Table (LUT) methodology is introduced where complex and slow operations are replaced by simple LUTs. A LUT-based fully pipelined Rijndael implementation is described which has a pre-placement performance of 12 Gbits/sec, which is a factor 1.2 times faster than an alternative design in which look-up tables are utilised to implement only one of the Round function transformations, and 6 times faster than other previous single-chip implementations. Iterative Rijndael implementations based on the Look-Up-Table design approach are also discussed and prove faster than typical iterative implementations.

17 Reads
  • Source
    • "Unrolling, tiling, and pipelining structures for the AES were discussed in [7]. McLoone and McCanny's method achieved a throughput of 12Gbits/s using Look Up Table (LUT) based SubBytes [8]. Another approach [9] aimed at on-the-fly generation of SubBytes was first proposed by Rijmen, one of the creators of the AES. "
    [Show abstract] [Hide abstract]
    ABSTRACT: The key issue to improve the performance for secure large-scale Storage Area Network (SAN) applications lies in the speed of its encryption/decryption module. Software-based encryption/decryption cannot meet throughput requirements. To solve this problem, we propose a FPGA-based XTS-AES encryption/decryption to suit the needs for secure SAN applications with high throughput requirements. Besides throughput, area optimization is also considered in this proposed design. First, we reuse the same AES encryption to produce the tweak value and unify the operations of AES encryption/decryption in XTS-AES encryption/decryption. Second, we transfer the computations of AES encryption/decryption from GF(28) to GF(24)2, which enables us move the map and the inverse map functions outside the AES round. Third, we propose to support the SubBytes and the inverse SubBytes by the same hardware component. Finally, pipelined registers have been inserted into the proposed unrolled architecture for XTS-AES encryption/decryption. The experiments show that the proposed design achieves 36.2 Gbits/s throughput using 6784 slices on XC6VLX240T FPGA.
    Full-text · Article · Apr 2015
  • Source
    • "Note in this context that other authors already proposed the use the T-Table method for AES also on FPGAs [6], [26], [15], [5]. However in contrast to these designs, our approach maps the complete AES data path onto embedded elements contained in Virtex-5 FPGAs. "
    [Show abstract] [Hide abstract]
    ABSTRACT: This work presents a unique design approach to implement standardized symmetric and asymmetric cryptosys-tems on modern FPGA devices. While most other FPGA implementations optimize cryptosystems on an algorithmic level for being optimally placed in the generic logic, our primary goal is to shift as many cryptographic operations as possible into specific hard cores that have become available on modern reconfigurable devices. Such dedicated functions provide, for example, large blocks of memory or accelerated arithmetic functions for digital signal processing applications. Using these dedicated function, we present specific design approaches that enable a performance for the symmetric AES block cipher (FIPS 197) of up to 55 GBit/s and a throughput of more than 30.000 scalar multiplications per second for asymmetric Elliptic Curve Cryptography over NIST's P-224 prime (FIPS 186-3).
    Full-text · Article · Apr 2012
  • Source
    • "The most innocent idea is to store the truth table as LUT in a dedicated SRAM structure rightaway. While this approach is efficient and popular with FPGA-based AES implementations [8], there exist much better alternatives in the occurrence of mask-programmed ASICs. 2. The second option makes use of logic synthesis to turn the same truth table into a random logic network (in essence the 8-bit SubBytes function can be expressed as a 8bit-input 8bit- output boolean function). "
    [Show abstract] [Hide abstract]
    ABSTRACT: We present a balanced 2 Gb/s en-/decryption ASIC realization of the AES algorithm that supports all standard operation modes and key lengths. Rather than optimizing only for throughput, special care is taken to balance the more involved decryption path with that of the encryption path using a number of high-level architectural and register transfer level optimizations. The fabricated en-/decryption core requires an active area of only 3.56 mm2 (less than 120,000 gate equivalents) in a modest 0.25 µm CMOS technology.
    Full-text · Conference Paper · Jan 2004
Show more