DOC PREVIEW
MASON ECE 636 - 3-in-1 Hardware Implementation of the Rijndael Cipher

This preview shows page 1-2-3 out of 10 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

3-in-1 Hardware Implementation of the Rijndael CipherTim Grembowski5/4/01ABSTRACTHaving the capability to encrypt and decrypt messages using variable key sizes in a single hardwaredevice offers the user a range of security levels and versatility. Increasing privacy demands and desirefor low cost solutions will place more and more focus on these two attributes. This project comparesFPGA hardware implementations of the new AES cipher, Rijndael, incorporating a single key size (1-in-1),128 bits, and 3 key sizes (3-in-1), 128 bits, 192 bits, and 256 bits. Measurements such as throughput,cipher latency, key setup & latency, and area cost will all be used for the evaluation. As an additionalassessment, implementations for encryption will be done using the standard S box transformations, asoriginally proposed by the cipher creators, and the optimized (in software) transformation, T box. The fullscope of this project has not been completed at the time of this documentation, however, this paperserves as an introduction and status report to date.INTRODUCTIONTo perform the comparisons as stated above, three circuit implementations have been chosen. Figure 1describes the basic functions for the devices and lists the unique features for each circuit. Each circuitwould have encryption/decryption capabilities, internal key generation and storage, and transformationsimplemented via lookup tables. Circuit A, with single key size and S Box features, will be used as thereference cell. Circuit B would incorporate the 3-in-1 key sizes in its key scheduling unit. Lastly, Circuit Cwould replace the encryption unit transformations of Circuit B with the optimized T Box. Below are listedsome attributes that distinguish these 3 devices.The general operational view of the circuits is shown in Figure 2. A 32 bit I/O word size was chosen inthis project for two reasons: 1) to attempt to emulate realistic application criteria where limitations such asbus interface, power, total package I/O pin count, or package physical size would be dominate and, 2)because the nature of the Rijndael cipher lends itself to 32 bit words.Key and message words would be supplied to the unit and control inputs would be used to indicate whenthe first key word is sent and the size of the key and when message words would be sent. Controlsindicating encryption/decryption would also be used. The three components include:Key Generation Unit - accepts the key words, generates the necessary number of subkeys (in x32configuration), and stores them in the Key Ram.Encryption(ENC) /Decryption(DEC) Unit - accepts the message/cipher blocks and operates on them withthe use of the subkeys (in x128 configuration) stored in the Key Ram. The Shiftrow function dictates ax128 transformation and also, maximizes potential throughput.Key Ram - this would be implemented with dual port memory allowing for access for both units, giventhe two configurations. This, along with a segmented memory, one for key generation (A) and one forENC/DEC (B), allows for simultaneous key generation and ENC/DEC, maximizing the number of cyclesavailable for throughput.Control circuitry (not shown) for both major units would be required to direct data flow and track ofworking memory (A or B) .CIRCUIT IMPLEMENTATIONSA B CDESCRIPTION Single key / S-Table 3-in-1 / S-Table 3-in-1 / T-TableKEY SIZE, BYTES 16 16, 24, 32 16, 24, 32LOOKUP TABLES S S TENCRYPTION /DECRYPTIONY Y YINTERNAL KEYGENERATIONY Y YSUBKEY STORAGE Y Y YATTRIBUTESUSE Used as a reference Versatile VersatileSECURITY Key limited to 16bytesIncreased security Increased securityResource sharingoptionResource sharingoptionUnique ENC/DECtablesCOSTX8 tables *(4Kbytes)X8 tables *(4Kbytes)X32 – highest RAMrequirements *(16kBytes)KEY SCHEDULE No key setup time forencryptionPotential for KeyLatencyPotential for KeyLatencyTHROUGHPUT Combinatorial logicafter S-table lookupsCombinatorial logicafter S-table lookupsPotential increaseFigure 1Figure 2IMPLEMENTATION METHODSTools used to date for coding and simulation include AldecHDL and for subsequent synthesizing andimplementing, Xilinx Foundation tools. Test vectors used for initial logic verification were obtained fromthe AES proposal and from the FIPS test vector set, both available on the web. The overall plan is tocomplete implementations of the circuits and eventually program and testbench the hardware.KEY SCHEDULING CONFIGURATIONSThe following two Figures portray the differences between the single key (1-to-1) and three key (3-in-1)configurations. The extra hardware that was implemented is shown in green. In the 3-in-1, four extraregisters are used to temporarily store subkey words and are tapped and selected by the input controls.For key size = 256 bits, the transform alternates between full transformation and S Box only every fourthword, requiring an additional selection control.KEY UNITOPERATIONAL OVERVIEW32 BIT WORD OUTPUTMESSAGE WORD 3MESSAGE WORD 2MESSAGE WORD 1MESSAGE WORD 0KEY WORD 3KEY WORD 2KEY WORD 1KEY WORD 0ENC UNITKEYRAM A |TIMEINPUT CONTROLSMESSAGE 0 0KEY 128 0 1KEY 192 1 0KEY 256 1 1• 32 BIT WORD INPUT/OUTPUT• 4 WORDS TO ONE BLOCK• SUBKEYS STORED FOR MULTIPLE M BLOCKS• TWO KEY STORAGE AREAS1 WORKING / 1 GENERATIINGFigure 31-to-1 Core Key (Encryption) UnitFigure 43-in-1 Core Key (Encryption) UnitSK-431SK-4031SK-1031SK-2031SK-3000 01 10 110000031KEYIN00 SRAM DATA INPUTS 31SK-1TRANSFORMED0 ROTBYT 310 S-BOX 310 RCON 31S0S1SK-1KEYINPUTSSKSK• SK = SUBKEY• “-” = PREVIOUS SK• S0 & S1CONTROLLEDBY COUNTERSSKSK -X31SK-4031SK-1031SK-2031SK-3000 01 10 1131KEYIN0 SRAM DATA INPUTSSK-1TRANSFORMED RCONSK31SK-5031SK-631SK-731SK-8INPUTCNTRLSBOXROTBYTBY INPUTCNTRLSIMULATION RESULTSTo verify the two Core units shown above, test benches were generated in AldecHDL from the mentionedtest vectors. The results are shown below in Figures 5 and 6.Figure 51-in-1 Core Key SimulationFigure 51-in-1 Core Key Unit VerificationFigure 63-in-1 Core Key Unit VerificationROT BYTE1ST KEY WORD(SK-4)ROUND CONSTANT4TH KEY WORD TRANSFORMED(SK-1 TX)CURRENT SUBKEY(SK)SUBKEY FOR RND 14 WITH AN INITIAL KEY SIZEOF 256 BITSTest vector subkeys were available allowing for verification at each round. These two simulations showagreement with the test vectors.CORE KEY UNIT COMPARISONAlthough these Core Key Units do


View Full Document

MASON ECE 636 - 3-in-1 Hardware Implementation of the Rijndael Cipher

Documents in this Course
Load more
Download 3-in-1 Hardware Implementation of the Rijndael Cipher
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view 3-in-1 Hardware Implementation of the Rijndael Cipher and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view 3-in-1 Hardware Implementation of the Rijndael Cipher 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?