FPGA Techniques for the AES Operations

Most operations of the AES rounds have a mathematical definition behind them, such as the SubBytes, being a nonlinear function, and the MixColumns, being a matrix multiplication in GF(28) [ 7]. Some implementations even change the original mathematical definition for different purposes: speed, resource usage, side-channel protection, etc.; but, regardless of any change, the AES input-output pair has to be maintained [3, 17, 18, 26]. It is also possible to avoid the use of logic in the implementation of the mathematical definition, and simply replace it by equivalent input-output lookup tables [19]. In hardware, this led to two tendencies in implementing the AES operations: through a logical defined function or by addressable memory-based lookup tables.

Logic-based implementations, more common is ASIC designs, use a set of logic gates, placed and routed, to implement the mathematical function that defines a given operation. Typically, logic-based implementations require less resources, but result in slower designs.

Memory-based implementations store the pre-computed result of an operation into a memory-mapped lookup table. These results are then outputted depending on the input value. This type of implementation requires the existence of memory elements, typically resulting in faster designs. This approach is common in software- based implementations [1] but also on FPGAs that have embedded memory blocks [4, 5, 9, 20, 23].

In this section, an overview of the existing state of the art solutions focused on FPGA is presented. The following describes these solutions regarding the implementation of the ShiftRows, SubBytes, MixColumns operations and their respective inverses, for both logic and memory-based approaches. Given the simplicity of the AddRoundKey operation, and of its implementation, it will only be occasionally mentioned when particularly relevant for the resulting structure.

< Prev   CONTENTS   Source   Next >