Aiming at protection of high speed data, field programmable gate array (FPGA)-based advanced encryption standard (AES) design is proposed here. Deep investigation into the logical operations of AES with regard to FPGA architectures leads to two efficient pipelining structures for the AES hardware implementation. The two design options allow users to make a trade-off among speed, resource usage and power consumption. In addition, a new key expansion scheme is proposed to address the potential issues of existing key expansion scheme used in AES. The proposed key expansion scheme with additional non-linear operations increases the complexity of cracking keys by up to 2^{(N − 1)} times for N-round AES. The proposed design is evaluated on various FPGA devices and is compared with several existing AES implementations. In terms of both throughput and throughput per slice, the proposed design can overcome most existing designs and achieves a throughput of 75.9 Gbps on a latest FPGA device. Two parallel implementations of the proposed design can meet the real-time encryption/decryption demand for 100 Gbps data rate. Furthermore, the proposed AES design is implemented on the Zynq xc7z020 FPGA platform, demonstrating its application to image encryption.

References

1. 1)
  - 5. Gaj, K., Chodowiec, P.: ‘FPGA and ASIC implementations of AES’. Cryptographic Engineering (Springer, 2009), pp. 235–294.
2. 2)
  - 15. Reddy, R.S.S.K., Praneeth, P.: ‘VLSI implementation of AES crypto processor for high throughput’, Int. J. Adv. Eng. Sci. Technol., 2011, 6, (1), pp. 22–26.
3. 3)
  - 21. Saberi, I., Shojaie, B., Salleh, M.: ‘Enhanced key expansion for AES-256 by using even–odd method’. Proc. Int. Conf. Research and Innovation in Information Systems, November 2011, pp. 1–5.
4. 4)
  - 13. Wang, Y., Ha, Y.: ‘FPGA-based 40.9-Gbits/s masked AES with area optimization for storage area network’, IEEE Trans. Circuits Syst. II: Express Briefs, 2013, 60, (1), pp. 36–40 (doi: 10.1109/TCSII.2012.2234891).
5. 5)
  - 17. Hodjat, A., Verbauwhede, I.: ‘Area-throughput trade-offs for fully pipelined 30 to 70 Gbits/s AES processors’, IEEE Trans. Comput., 2006, 55, (4), pp. 366–372 (doi: 10.1109/TC.2006.49).
6. 6)
  - 11. Hodjat, A., Verbauwhede, I.: ‘A 21.54 Gbits/s fully pipelined AES processor on FPGA’. IEEE Proc. Int. Symp. Field-Programmable Custom Computing Machines, April 2004, pp. 308–309.
7. 7)
  - 1. Tate, J., Beck, P., Ibarra, H.H., Kumaravel, S., Miklas, L.: ‘Introduction to storage area networks and system networking’. 2012[Online]. Available at: http://www.ibm.com/redbooks.
8. 8)
  - 10. Rais, M.H., Qasim, S.M.: ‘A novel FPGA implementation of AES-128 using reduced residue of prime numbers based S-Box’, Int. J. Comput. Sci. Netw. Secur., 2009, 9, (9), pp. 305–309.
9. 9)
  - 6. Liu, Q., Xu, Z., Yuan, Y.: ‘A 66.1 Gbps single-pipeline AES on FPGA’. Proc. Int. Conf. Field-Programmable Technology, December 2013, pp. 378–381.
10. 10)
  - 3. Henzen, L., Fichtner, W.: ‘FPGA parallel-pipelined AES-GCM core for 100G Ethernet applications’. Proc. ESSCIRC, September 2010, pp. 202–205.
11. 11)
  - 18. Mathew, S.K., Sheikh, F., Kounavis, M., et al: ‘53 Gbps native GF(24)2 composite-field AES-encrypt/decrypt accelerator for content-protection in 45 nm high-performance microprocessors’, IEEE J. Solid-State Circuits, 2011, 46, (4), pp. 767–776 (doi: 10.1109/JSSC.2011.2108131).
12. 12)
  - 9. Rais, M.H., Qasim, S.M.: ‘Efficient hardware realization of advanced encryption standard algorithm using Virtex-5 FPGA’, Int. J. Comput. Sci. Netw. Secur., 2009, 9, (9), pp. 59–63.
13. 13)
  - 20. Hu, L., Yuan, W., Yu, M.T., Chu, J.F., Liu, F.: ‘One-way property strategy and improvement of key generation algorithm of Rijndael’, J. JILIN Univ. (Eng. Technol. Edn.), 2009, 39, (1), pp. 137–142.
14. 14)
  - 19. Shi, K., Boland, D., Constantinides, G.: ‘Accuracy-performance tradeoffs on an FPGA through overclocking’. IEEE Proc. Int. Symp. Field-Programmable Custom Computing Machines, April 2013, pp. 29–36.
15. 15)
  - 16. Zhou, G., Michalik, H., Hinsenkamp, L.: ‘Efficient and high-throughput implementations of AES-GCM on FPGAs’. Proc. Int. Conf. Field-Programmable Technology, December 2007, pp. 185–192.
16. 16)
  - 7. Zhou, G., Michalik, H., Hinsenkamp, L.: ‘Improving throughput of AES-GCM with pipelined karatsuba multipliers on FPGAs’. Reconfigurable computing: architectures, tools and applications (Springer, Berlin/Heidelberg), ser. Lecture Notes in Computer Science, 2009, pp. 193–203.
17. 17)
  - 2. D'Ambrosia, J.: ‘40 Gigabit Ethernet and 100 gigabit Ethernet: the development of a flexible architecture [commentary]’, IEEE Commun. Mag., 2009, 47, (3), pp. S8–S14 (doi: 10.1109/MCOM.2009.4804384).
18. 18)
  - 14. Järvinen, K.U., Tommiska, M.T., Skyttä, J.O.: ‘A fully pipelined memoryless 17.8 Gbps AES-128 encryptor’. Proc. Int. Symp. Field Programmable Gate Arrays, ser. FPGA ‘03, New York, NY, USA, 2003, pp. 207–215.
19. 19)
  - 12. Good, T., Benaissa, M.: ‘AES on FPGA from the fastest to the smallest’. Cryptographic hardware and embedded systems (Springer, Berlin/Heidelberg), ser. Lecture Notes in Computer Science, 2005, pp. 427–440.
20. 20)
  - 22. Chen, T., Huo, W., Liu, Z.: ‘Design and efficient FPGA implementation of Ghash core for AES-GCM’. Proc. Int. Conf. Computational Intelligence and Software Engineering, December 2010, pp. 1–4.
21. 21)
  - 8. Hussain, U., Jamal, H.: ‘An efficient high throughput FPGA implementation of AES for multi-gigabit protocols’. Proc. Int. Conf. Frontiers of Information Technology, December 2012, pp. 215–218.
22. 22)
  - 4. National Institute of Standards and Technology (NIST), Information Technology Laboratory (ITL): ‘Advanced encryption standard (AES)’, in: Federal Information Processing Standards (FIPS) Publication 197, September 2001.

High throughput and secure advanced encryption standard on field programmable gate array with fine pipelining and enhanced key expansion

References

Related content