Abstract
This paper presents a novel framework for the automatic pipelining of AES S-boxes using composite field representations. The framework is capable of finding positions to insert flip-flops in an almost optimal way, resulting in S-boxes with an almost optimal critical path. Our novel method is using memetic algorithms and is shown to be fast, reliable and successful. We demonstrate our framework for composite field S-boxes using a polynomial and a normal basis, respectively. Our results prove that this method should be consulted when an optimal solution is of interest. Besides experimental results with the new memetic algorithms, we also discuss the ideal model of a circuit, which can be used when assessing the quality of the obtained solutions. We emphasize that this method can be used for any circuit of interest and not only for AES S-boxes.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Batina, L., Jakobovic, D., Mentens, N., Picek, S., Piedra, A.D.L., Sisejkovic, D.: S-box pipelining using genetic algorithms for high-throughput AES implementations: how fast can we go?. In: Proceedings of the Progress in Cryptology - INDOCRYpPT 2014–15th International Conference on Cryptology in India, New Delhi, India, December 14–17, 2014, pp. 322–337 (2014)
Leiserson, C.E., Saxe, J.B.: Retiming synchronous circuitry. Algorithmica 6(1), 5–35 (1991)
Shenoy, N., Rudell, R.: Efficient implementation of retiming. In: Kuehlmann, A. (ed.) The Best of ICCAD, pp. 615–630. Springer, New York (2003)
Lin, M.B.: Introduction to VLSI Systems: A Logic, Circuit, and System Perspective. CRC Press, Boca Raton (2011)
Tillich, S., Feldhofer, M., Großschädl, J.: Area, delay, and power characteristics of standard-cell implementations of the AES S-box. In: Vassiliadis, S., Wong, S., Hämäläinen, T.D. (eds.) SAMOS 2006. LNCS, vol. 4017, pp. 457–466. Springer, Heidelberg (2006)
Corp., F.T.: Faraday Cell Library 0.13 \(\mu \)m Standard Cell (2004)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer-Verlag New York Inc, Secaucus (2002)
Morioka, S., Satoh, A.: A 10 GBPS full-aes crypto design with a twisted-BDD S-box architecture. In: Proceedings of 2002 IEEE International Conference on Computer Design: VLSI in Computers and Processors, pp. 98–103(2002)
Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A compact rijndael hardware architecture with S-box optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)
Morioka, S., Satoh, A.: An optimized S-box circuit architecture for low power aes design. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 172–186. Springer, Heidelberg (2003)
Rijmen, V.: Efficient Implementation of the Rijndael S-box
Canright, D.: A very compact S-box for AES. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 441–455. Springer, Heidelberg (2005)
Mentens, N., Batina, L., Preneel, B., Verbauwhede, I.: A systematic evaluation of compact hardware implementations for the rijndael S-box. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 323–333. Springer, Heidelberg (2005)
Paar, C.: Efficient VLSI architectures for bit parallel computation in Galios [Galois] fields. VDI-Verlag (1994)
Maheshwari, N., Sapatnekar, S.: Efficient retiming of large circuits. IEEE Trans. Very Large Scale Integr. VLSI Syst. 6(1), 74–83 (1998)
Münzer, A., Hemme, G.: Converting combinational circuits into pipelined data paths. In: 1991 IEEE International Conference on Computer-Aided Design, ICCAD 1991, Digest of Technical Papers, pp. 368–371, November 1991
Jiang, J.H., Brayton, R.: Retiming and resynthesis: a complexity perspective. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 25(12), 2674–2686 (2006)
Wolkerstorfer, J., Oswald, E., Lamberger, M.: An ASIC implementation of the AES SBoxes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 67–78. Springer, Heidelberg (2002)
Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: a very compact and a threshold implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011)
Bertoni, G., Breveglieri, L., Fragneto, P., Macchetti, M., Marchesin, S.: Efficient software implementation of AES on 32-bit platforms. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 159–171. Springer, Heidelberg (2003)
Hodjat, A., Verbauwhede, I.: Area-throughput trade-offs for fully pipelined 30 to 70 gbits/s AES processors. IEEE Trans. Comput. 55(4), 366–372 (2006)
Hodjat, A., Verbauwhede, I.: A 21.54 Gbits/s fully pipelined AES processor on FPGA. In: 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, FCCM 2004, pp. 308–309, April 2004
Boyar, J., Peralta, R.: A small depth-16 circuit for the AES S-box. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 287–298. Springer, Heidelberg (2012)
Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) SEA 2010. LNCS, vol. 6049, pp. 178–189. Springer, Heidelberg (2010)
Clark, J.A., Jacob, J.L., Stepney, S., Maitra, S., Millan, W.L.: Evolving boolean functions satisfying multiple criteria. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 246–259. Springer, Heidelberg (2002)
Burnett, L., Carter, G., Dawson, E., Millan, W.L.: Efficient methods for generating MARS-like S-boxes. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 300–314. Springer, Heidelberg (2001)
Picek, S., Papagiannopoulos, K., Ege, B., Batina, L., Jakobovic, D.: Confused by confusion: systematic evaluation of DPA resistance of various S-boxes. In: Proceedings of Progress in Cryptology - INDOCRYpPT 2014–15th International Conference on Cryptology in India, New Delhi, India, December 14–17, pp. 374–390 (2014)
Yagain, D., Vijayakrishna, A.: A novel framework for retiming using evolutionary computation for high level synthesis of digital filters. Swarm Evol. Comput. 20, 37–47 (2015)
Weise, T.: Global Optimization Algorithms - Theory and Application, 2 edn. Self-Published (2009). http://www.it-weise.de/
Talbi, E.G.: Metaheuristics: From Design to Implementation. Wiley Publishing, Hoboken (2009)
Eiben, A.E., Smith, J.E.: Introduction to Evolutionary Computing. Springer-Verlag, Heidelberg (2003)
Beyer, H.G., Schwefel, H.P.: Evolution Strategies a comprehensive introduction. Natural Comput. 1(1), 3–52 (2002)
Yao, X.: Optimization by genetic annealing. In: Proceedings of 2nd Australian Conference on Neural Networks, pp. 94–97 (1991)
Glover, F.W., Kochenberger, G.A. (eds.): Handbook of Metaheuristics. International Series in Operations Research & Management Science, vol. 114, 1st edn. Springer, Heideelberg (2003)
Standaert, F.-X., Rouvroy, G., Quisquater, J.-J., Legat, J.-D.: Efficient implementation of rijndael encryption in reconfigurable hardware: improvements and design tradeoffs. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 334–350. Springer, Heidelberg (2003)
Kerckhof, S., Durvaux, F., Hocquet, C., Bol, D., Standaert, F.-X.: Towards green cryptography: a comparison of lightweight ciphers from the energy viewpoint. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 390–407. Springer, Heidelberg (2012)
Acknowledgments
This work has been supported in part by the Croatian Science Foundation under the project IP-2014-09-4882. In addition, this work was supported in part by the Research Council KU Leuven (C16/15/058) and IOF project EDA-DSE (HB/13/020). D. Sijacic is supported by the Marie Curie-Sklodowska research fellowship, within the ECRYPT-NET framework.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Appendix
A Appendix
Here, we give an example of the results for our statistical tool for a circuit of interest.
1.1 AES S-box Polynomial Basis
In Fig. 3, we give a graphical representation of the AES S-box in polynomial basis. Blue lines depict internal nodes and red lines direct inputs.
Graphical representation of the S-box in polynomial basis(Color figure online).
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Picek, S. et al. (2016). Extreme Pipelining Towards the Best Area-Performance Trade-Off in Hardware. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds) Progress in Cryptology – AFRICACRYPT 2016. AFRICACRYPT 2016. Lecture Notes in Computer Science(), vol 9646. Springer, Cham. https://doi.org/10.1007/978-3-319-31517-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-31517-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31516-4
Online ISBN: 978-3-319-31517-1
eBook Packages: Computer ScienceComputer Science (R0)