WO2004056036A1 - A small hardware implementation of the subbyte function of rijndael - Google Patents
A small hardware implementation of the subbyte function of rijndael Download PDFInfo
- Publication number
- WO2004056036A1 WO2004056036A1 PCT/IB2003/005508 IB0305508W WO2004056036A1 WO 2004056036 A1 WO2004056036 A1 WO 2004056036A1 IB 0305508 W IB0305508 W IB 0305508W WO 2004056036 A1 WO2004056036 A1 WO 2004056036A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- byteout
- int
- affine
- assign
- transformation
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/122—Hardware reduction or efficient architectures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/125—Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations
Definitions
- the current state of the art provides for hardware implementations where the inverse cipher can only partially re-use the circuitry that implements the cipher.
- a very small (gate size) and high data- rate are desirable.
- the AES/Rijndael uses the aff ⁇ ne transformation and its inverse along with other transformations to decrypt (decipher) and encrypt (encipher) information. Encryption converts data to an unintelligible form called cipher text; decrypting the ciphertext converts the data back into its original form, called plaintext.
- the input and output for the AES/Rijndael algorithm each consist of sequences of 128 bits (each having a value of 0 or 1). These sequences are commonly be referred to as blocks and the number of bits they contain are referred to as their length ("FIPS 197", NIST, p. 7).
- the basic unit for processing in the AES/Rijndael algorithm is a byte, a sequence of eight bits treated as a single entity with most significant bit (MSB) on the left.
- MSB most significant bit
- the AES/Rijndael algorithm's operations are performed on a two dimensional array of bytes called the State.
- the State consists of four rows of bytes, each containing Nb bytes, where Nb is the block length divided by 32 ("FIPS 197", NIST, p. 9).
- the input - the array of bytes ino, inl, ... inl5 is copied into the State array as illustrated in FIG 1.
- the Cipher or Inverse Cipher operations are then conducted on each byte in this State array, after which its final values are copied to the output ⁇ the array of bytes outo, outi, ... outis.
- the addition of two elements in a finite field is achieved by "adding" the coefficients for the corresponding powers in the polynomials for the two elements.
- the addition is performed with the boolean exclusive XOR operation ("FIPS 197",NIST,p 10).
- the binary notation for adding two bytes is:
- a diagonal matrix with each diagonal element equal to 1 is called an identity matrix.
- the affine transformation element of the S-box can be expressed as ("FIPS 197",NIST,pl6):
- the preferred embodiment of the present invention employs a read-only memory (ROM) for the multiplicative inverse and a reduced combinational logic implementation for the affine transformation.
- ROM read-only memory
- This implementation is very low in gate count with a very comparable maximum delay path.
- FIG. 4 illustrates the netlist of the Affine-All combinational logic.
- the circuit implementing both the affine and inverse affine transforms comprises a Multiplicative Inverse ROM and the logic that represents both transforms is as follows with p as the "load pattern" and v as the "load vector". For example, here is what equation seven of the affine matrix becomes:
- a preferred embodiment of the ROM or Lookup table contains the values shown in FIG. 3, in hexadecimal format.
- FIG. 4 The net list of the Affine-All combinational logic of a preferred embodiment is shown in FIG. 4.
- the code for an implementation is included as Appendix A.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Compression, Expansion, Code Conversion, And Decoders (AREA)
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2003302946A AU2003302946A1 (en) | 2002-12-13 | 2003-11-28 | A small hardware implementation of the subbyte function of rijndael |
JP2005502466A JP2006510067A (en) | 2002-12-13 | 2003-11-28 | Realization of small hardware for line doll sub-byte functions |
US10/538,556 US7873161B2 (en) | 2002-12-13 | 2003-11-28 | Small hardware implementation of the subbyte function of rijndael |
EP03813221A EP1573956A1 (en) | 2002-12-13 | 2003-11-28 | A small hardware implementation of the subbyte function of rijndael |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US43336502P | 2002-12-13 | 2002-12-13 | |
US60/433,365 | 2002-12-13 | ||
US47352703P | 2003-05-27 | 2003-05-27 | |
US60/473,527 | 2003-05-27 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004056036A1 true WO2004056036A1 (en) | 2004-07-01 |
Family
ID=32600143
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2003/005508 WO2004056036A1 (en) | 2002-12-13 | 2003-11-28 | A small hardware implementation of the subbyte function of rijndael |
Country Status (6)
Country | Link |
---|---|
US (1) | US7873161B2 (en) |
EP (1) | EP1573956A1 (en) |
JP (1) | JP2006510067A (en) |
KR (1) | KR20050092698A (en) |
AU (1) | AU2003302946A1 (en) |
WO (1) | WO2004056036A1 (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050053379A (en) * | 2003-12-01 | 2005-06-08 | 삼성전자주식회사 | Apparatus and method for performing AES Rijndael Algorithm |
US7783037B1 (en) * | 2004-09-20 | 2010-08-24 | Globalfoundries Inc. | Multi-gigabit per second computing of the rijndael inverse cipher |
US7801299B2 (en) | 2006-09-22 | 2010-09-21 | Intel Corporation | Techniques for merging tables |
US8422668B1 (en) | 2006-12-15 | 2013-04-16 | Spansion Llc | Table lookup operation on masked data |
KR100969961B1 (en) * | 2007-12-20 | 2010-07-15 | 한국전자통신연구원 | Substitution apparatus of block code aria and method thereof |
TWI416347B (en) | 2009-06-22 | 2013-11-21 | Realtek Semiconductor Corp | Method and processing circuit for dealing with galois field computation |
KR101601684B1 (en) * | 2011-05-18 | 2016-03-09 | 한국전자통신연구원 | Method for implementing symmetric key encryption algorithm against power analysis attacks |
IL235729A (en) * | 2014-11-17 | 2017-06-29 | Kaluzhny Uri | Secure storage device and method |
US10158485B2 (en) | 2015-09-24 | 2018-12-18 | Intel Corporation | Double affine mapped S-box hardware accelerator |
US9910792B2 (en) * | 2016-04-11 | 2018-03-06 | Intel Corporation | Composite field scaled affine transforms-based hardware accelerator |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003010919A1 (en) * | 2001-07-26 | 2003-02-06 | Infineon Technologies Ag | Method and device for executing a byte substitution operation of the aes algorithm according to rijndael |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5091942A (en) * | 1990-07-23 | 1992-02-25 | Ericsson Ge Mobile Communications Holding, Inc. | Authentication system for digital cellular communications |
CN1193537C (en) * | 2000-07-04 | 2005-03-16 | 皇家菲利浦电子有限公司 | Substitution-box for symmetric-key ciphers |
US6937727B2 (en) * | 2001-06-08 | 2005-08-30 | Corrent Corporation | Circuit and method for implementing the advanced encryption standard block cipher algorithm in a system having a plurality of channels |
JP3851115B2 (en) * | 2001-06-28 | 2006-11-29 | 富士通株式会社 | Cryptographic circuit |
US7508937B2 (en) * | 2001-12-18 | 2009-03-24 | Analog Devices, Inc. | Programmable data encryption engine for advanced encryption standard algorithm |
JP4328487B2 (en) * | 2002-01-28 | 2009-09-09 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Combination circuit, encryption circuit, generation method thereof, and program |
US20030198345A1 (en) * | 2002-04-15 | 2003-10-23 | Van Buer Darrel J. | Method and apparatus for high speed implementation of data encryption and decryption utilizing, e.g. Rijndael or its subset AES, or other encryption/decryption algorithms having similar key expansion data flow |
-
2003
- 2003-11-28 US US10/538,556 patent/US7873161B2/en not_active Expired - Fee Related
- 2003-11-28 WO PCT/IB2003/005508 patent/WO2004056036A1/en active Application Filing
- 2003-11-28 KR KR1020057010593A patent/KR20050092698A/en not_active Application Discontinuation
- 2003-11-28 JP JP2005502466A patent/JP2006510067A/en not_active Withdrawn
- 2003-11-28 AU AU2003302946A patent/AU2003302946A1/en not_active Abandoned
- 2003-11-28 EP EP03813221A patent/EP1573956A1/en not_active Withdrawn
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003010919A1 (en) * | 2001-07-26 | 2003-02-06 | Infineon Technologies Ag | Method and device for executing a byte substitution operation of the aes algorithm according to rijndael |
Non-Patent Citations (1)
Title |
---|
DAEMEN J ET AL: "AES PROPOSAL: RIJNDAEL", AES PROPOSAL, 3 September 1999 (1999-09-03), pages 1 - 45, XP001060386 * |
Also Published As
Publication number | Publication date |
---|---|
AU2003302946A1 (en) | 2004-07-09 |
KR20050092698A (en) | 2005-09-22 |
US20060109981A1 (en) | 2006-05-25 |
EP1573956A1 (en) | 2005-09-14 |
US7873161B2 (en) | 2011-01-18 |
JP2006510067A (en) | 2006-03-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
McLoone et al. | High performance single-chip FPGA Rijndael algorithm implementations | |
US10148426B2 (en) | Method and apparatus for efficiently implementing the advanced encryption standard | |
US7532721B2 (en) | Implementation of a switch-box using a subfield method | |
EP1271839B1 (en) | AES Encryption circuit | |
US8452006B2 (en) | Cryptographic processing using a processor | |
Karthigaikumar et al. | Simulation of image encryption using AES algorithm | |
US20060177052A1 (en) | S-box encryption in block cipher implementations | |
Sahoo et al. | An optimized S-box for advanced encryption standard (AES) design | |
WO2008154130A1 (en) | System and a method for securing information | |
KR20050078271A (en) | Hardware cryptographic engine and method improving power consumption and operation speed | |
US7873161B2 (en) | Small hardware implementation of the subbyte function of rijndael | |
Arrag et al. | Design and Implementation A different Architectures of mixcolumn in FPGA | |
Coron | A new DPA countermeasure based on permutation tables | |
US20060198524A1 (en) | Hardware implementation of the mixcolumn/invmiscolumn functions | |
Jyrwa et al. | An area-throughput efficient FPGA implementation of the block cipher AES algorithm | |
WO2023192772A2 (en) | A reconfigurable architecture for improvement and optimization of advanced encryption standard | |
US20190171583A1 (en) | Apparatus and Method for Memory Address Encryption | |
EP1629626B1 (en) | Method and apparatus for a low memory hardware implementation of the key expansion function | |
James et al. | An Optimized Parallel Mix column and Sub bytes’ design in Lightweight Advanced Encryption Standard | |
US20040071287A1 (en) | Encryption circuit arrangement and method therefor | |
McLoone et al. | System-on-chip architectures and implementations for private-key data encryption | |
Zhang | 3 Efficient VLSI Architectures for the Advanced Encryption Standard Algorithm | |
Rijmen et al. | 6 CryptographicAlgorithms | |
Lakshmi et al. | A Compact Hardware Design and Implementation on FPGA Based Hybrid of AES and Keccak SHA3-512 for Enhancing Data Security | |
Sheeba et al. | Area efficient cryptographic ciphers for resource constrained devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2003813221 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020057010593 Country of ref document: KR Ref document number: 2005502466 Country of ref document: JP |
|
ENP | Entry into the national phase |
Ref document number: 2006109981 Country of ref document: US Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10538556 Country of ref document: US Ref document number: 20038A58372 Country of ref document: CN |
|
WWP | Wipo information: published in national office |
Ref document number: 2003813221 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1020057010593 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 10538556 Country of ref document: US |