TY - JOUR
T1 - High Throughput/Gate AES Hardware Architectures Based on Datapath Compression
AU - Ueno, Rei
AU - Homma, Naofumi
AU - Morioka, Sumio
AU - Miura, Noriyuki
AU - Matsuda, Kohei
AU - Nagata, Makoto
AU - Bhasin, Shivam
AU - Mathieu, Yves
AU - Graba, Tarik
AU - Danger, Jean Luc
N1 - Funding Information:
This research has been supported by JSPS KAKENHI Grant No. 17H00729 and No. 19K21526, and JST PRESTO Grant No. JPMJPR18M3.
Publisher Copyright:
© 1968-2012 IEEE.
PY - 2020/4/1
Y1 - 2020/4/1
N2 - This article proposes highly efficient Advanced Encryption Standard (AES) hardware architectures that support encryption and both encryption and decryption. New operation-reordering and register-retiming techniques presented in this article allow us to unify the inversion circuits in SubBytes and InvSubBytes without any delay overhead. In addition, a new optimization technique for minimizing linear mappings, named multiplicative-offset, further enhances the hardware efficiency. We also present a shared key scheduling datapath that can work on-the-fly in the proposed architecture. To the best of our knowledge, the proposed architecture has the shortest critical path delay and is the most efficient in terms of throughput per area among conventional AES encryption/decryption and encryption architectures with tower-field S-boxes. The proposed round-based architecture can perform AES encryption where block-wise parallelism is unavailable (e.g., cipher block chaining (CBC) mode); thus, our techniques can be globally applied to any type of architecture including pipelined ones. We evaluated the performance of the proposed and some conventional datapaths by logic synthesis with the NanGate 45-nm open-cell library. As a result, we can confirm that our proposed architectures achieve approximately 51-64 percent higher efficiency (i.e., higher bps/GE) and lower power/energy consumption than the other conventional counterparts.
AB - This article proposes highly efficient Advanced Encryption Standard (AES) hardware architectures that support encryption and both encryption and decryption. New operation-reordering and register-retiming techniques presented in this article allow us to unify the inversion circuits in SubBytes and InvSubBytes without any delay overhead. In addition, a new optimization technique for minimizing linear mappings, named multiplicative-offset, further enhances the hardware efficiency. We also present a shared key scheduling datapath that can work on-the-fly in the proposed architecture. To the best of our knowledge, the proposed architecture has the shortest critical path delay and is the most efficient in terms of throughput per area among conventional AES encryption/decryption and encryption architectures with tower-field S-boxes. The proposed round-based architecture can perform AES encryption where block-wise parallelism is unavailable (e.g., cipher block chaining (CBC) mode); thus, our techniques can be globally applied to any type of architecture including pipelined ones. We evaluated the performance of the proposed and some conventional datapaths by logic synthesis with the NanGate 45-nm open-cell library. As a result, we can confirm that our proposed architectures achieve approximately 51-64 percent higher efficiency (i.e., higher bps/GE) and lower power/energy consumption than the other conventional counterparts.
KW - AES
KW - hardware architectures
KW - round-based encryption architecture
KW - unified encryption/decryption architecture
UR - http://www.scopus.com/inward/record.url?scp=85076273768&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85076273768&partnerID=8YFLogxK
U2 - 10.1109/TC.2019.2957355
DO - 10.1109/TC.2019.2957355
M3 - Article
AN - SCOPUS:85076273768
SN - 0018-9340
VL - 69
SP - 534
EP - 548
JO - IEEE Transactions on Computers
JF - IEEE Transactions on Computers
IS - 4
M1 - 8922779
ER -
