Abstract
This paper discusses the question of optimizing AES hardware designs, by using the composite field representation GF(24)2 of the field GF(28), that underlies the definition of AES. Here, GF(24)2 is the field extension of the ground field GF(28) with an extension polynomial of the form x2+αx+β, where α and β are elements of field GF(24). Previous designs with such representations used α = 1, which seemingly leads to some obvious savings. By contrast, we seek the optimal designs amongall the possibilities. Our designs are based on mapping the input, output, round keys, and the AES operations to and from any one of the 2880 possible representations of (28) as (24)2. For each representation, we also explore three options for the affine/invaffine constants, resulting in a total of 8640 possible designs. We identify the smallest area representations for AES encryption-only, decryption-only, and for unified encryption-decryption. Surprisingly, the optimal representations in each case are different from each other. In addition, we identify six distinct representations that are optimal, based on operating-mode and AES pipeline depth. Among other results, we show here a set of high-bandwidth 16-byte AES datapaths with the extension polynomials of the form x2+αx+β where α ≠ 1, showing that the a-priori obvious choice of using α = 1, does not necessarily lead to the best result. We provide the full details of all the designs possibilities, together with their respective area, based on 22nm CMOS implementation.
Original language | English |
---|---|
Title of host publication | Proceedings - 2016 IEEE 23rd Symposium on Computer Arithmetic, ARITH 2016 |
Editors | Javier Hormigo, Nathalie Revol, Paolo Montuschi, Stuart Oberman, Michael Schulte |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 112-117 |
Number of pages | 6 |
ISBN (Electronic) | 9781509016150 |
DOIs | |
State | Published - 7 Sep 2016 |
Event | 23rd IEEE Symposium on Computer Arithmetic, ARITH 2016 - Santa Clara, United States Duration: 10 Jul 2016 → 13 Jul 2016 |
Publication series
Name | Proceedings - Symposium on Computer Arithmetic |
---|---|
Volume | 2016-September |
Conference
Conference | 23rd IEEE Symposium on Computer Arithmetic, ARITH 2016 |
---|---|
Country/Territory | United States |
City | Santa Clara |
Period | 10/07/16 → 13/07/16 |
Bibliographical note
Publisher Copyright:© 2016 IEEE.
Keywords
- AES
- Advanced Encryption Standard
- Area-efficient Hardware accelerator
- Memory encryption engines
- optimal GF(2) composite-field representation
ASJC Scopus subject areas
- Hardware and Architecture
- Software
- Theoretical Computer Science