標題: 具有可變係數之AES加解密器之矽智產設計與晶片實現
IP-based design and chip implementation of the AES coprocessor with configurable parameter
作者: 白宗堯
Tsung-Yao Pai
吳炳飛
Bing-Fei Wu
電控工程研究所
關鍵字: 密碼學;高級加密標準;可變係數;Cryptography;Rijndael;AES;configurable;parameterizable
公開日期: 2005
摘要: 在此篇論文中,我們提出了一個具有可變係數的AES (Configurable AES)加解密器,使得在不同的m(x)、c(x) 和affine transformation係數選擇之下,可產生多變的AES演算法,藉以進一步的提高系統的安全性。並由於我們所提出之硬體實現仍能具有高效能的表現,讓此構想可以跟到上網路傳輸速度的進步,運到用Gigabit的光纖與乙太網路安全晶片上。在規格上,除了可調變係數之外,並支援128, 192, 256-bit三種金鑰長度以及ECB, CBC兩種加密模式。對於加解密過程中所需之金鑰,我們也提出了一種可同步計算金鑰的電路,而不需使用額外的記憶體來儲存金鑰。此外,為了降低硬體成本和提升效率,我們採取Composite Field Arithmetic運算來實現演算法的核心S-Box部分,並將架構下的矩陣乘法運算合而為一以縮短運算時間。最後,以強調重複利用的矽智產方式 (IP-based)實現,並遵守AMBA AHB Slave傳輸協定,以助於未來在系統面的開發。在本論文的成果方面,此Configurable-AES加解密器以UMC 0.18μm CMOS製程實現,擁有約81K的gate counts,在最高處理速度下,對於128/192/256三種不同金鑰長度下,分別可達到3.2Gbps、2.67 Gbps和2.29 Gbps。
In this paper, we implement a configurable AES (C-AES) coprocessor, which supports all specified key lengths, such as 128, 192, and 256 bits, and both the ECB and CBC operation modes. The round keys for encryption and decryption are generated on the fly without any internal memory. Specifically, it provides the flexibility to change the parameters of each transformations, such as the irreducible polynomial, the affine matrix, the affine constant, and the row vector of the matrix used in MixColumns(). These parameters are online changeable, i.e., they are also the inputs of the circuit. For increasing the speed, an optimized combination is presented in the proposed architecture. By using basis conversion and composite field in SubBytes(), and pre-calculating the values of every power of xtime() of constants in MixColumns(), the matrix multiplications in SubBytes() and MixColumns() can be integrated into a new transformation to reduce the computation path. Furthermore, all arithmetic components are also reused for the encryption and the decryption data paths. The proposed design has been implemented using a UMC 0.18μm CMOS technology. The throughput is about 3.2Gbps for 128-bit keys, 2.67Gbps for 192-bit keys, and 2.29Gbps for 256-bit keys, respectively. The total gate count is about 81K. This work provides a customized AES cipher to let users change parameters; therefore, it can be utilized in the applications requiring customized security, .e.g., the virtual private networks (VPN).
URI: http://140.113.39.130/cdrfb3/record/nctu/#GT009312516
http://hdl.handle.net/11536/78196
Appears in Collections:Thesis