Abstract
This article presents a hardware implementation of the SBoxes from the Advanced Encryption Standard (AES). The SBoxes substitute an 8-bit input for an 8-bit output and are based on arithmetic operations in the finite field GF(28). We show that a calculation of this function and its inverse can be done efficiently with combinational logic. This approach has advantages over a straight-forward implementation using read-only memories for table lookups. Most of the functionality is used for both encryption and decryption. The resulting circuit offers low transistor count, has low die-size, is convenient for pipelining, and can be realized easily within a semi-custom design methodology like a standard-cell design. Our standard cell implementation on a 0.6 μm CMOS process requires an area of only 0.108 mm2 and has delay below 15 ns which equals a maximum clock frequency of 70 MHz. These results were achieved without applying any speed optimization techniques like pipelining.
The work described originates from the European Commission funded Project Secure Terminal IC (SETIC) established under contract IST-2000-25167 resp. Crypto Module with USB Interface (USB_CRYPT) established under contract IST-2000-25169 in the Information Society Technologies (IST) Program.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
NIST, Advanced Encryption Standard (AES), FIPS PUBS 197, National Institute of Standards and Technology, November 2001.
A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Press, New York, 1997.
R. Lidl and H. Niederreiter, Introduction to finite fields and their applications, Cambridge University Press, Cambridge, 1986.
V. Rijmen, Efficient Implementation of the Rijndael SBox, http://www.esat.kuleuven.ac.be/~rijmen/rijndael/.
E. Soljanin, R. Urbanke, An Efficient Architecture for Implementation of a Multiplier and Inverter in GF(28), Lucent Technologies.
E. D. Mastrovito, VLSI Architectures for Computations in Galois Fields, PhD thesis, Linköping University, Linköping, Sweden, 1991.
C. Paar, Efficient VLSI Architectures for Bit Parallel Computation in Galois Fields, PhD thesis, Universität Essen, 1994.
J. B. Kuo, J. H. Lou, Low-Voltage VLSI Circuits, John Wiley, New York, Jan. 1999.
AMS, Memory Compiler for Diffusion Programmable ROM in 0.6 μm CMOS, http://www.amsint.com/databooks/.
A. Rudra, P. Dubey, C. Jutla, V. Kumar, J. Rao, P. Rohatgi, Efficient Rijndael Encryption Implementation with Composite Field Arithmetic, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, France, 2001, to be published in Springer LNCS.
I. Verbauwhede, H. Kuo, Architectural Optimization for a 1.82 Gbits/sec VLSI Implementation of the AES Rijndael Algorithm, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, France, 2001, to be published in Springer LNCS.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wolkerstorfer, J., Oswald, E., Lamberger, M. (2002). An ASIC Implementation of the AES SBoxes. In: Preneel, B. (eds) Topics in Cryptology — CT-RSA 2002. CT-RSA 2002. Lecture Notes in Computer Science, vol 2271. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45760-7_6
Download citation
DOI: https://doi.org/10.1007/3-540-45760-7_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43224-1
Online ISBN: 978-3-540-45760-2
eBook Packages: Springer Book Archive