High-speed VLSI architectures for the AES algorithm

This paper presents novel high-speed architectures for the hardware implementation of the Advanced Encryption Standard (AES) algorithm. Unlike previous works which rely on look-up tables to implement the SubBytes and InvSubBytes transformations of the AES algorithm, the proposed design employs combinational logic only. As a direct consequence, the unbreakable delay incurred by look-up tables in the conventional approaches is eliminated, and the advantage of subpipelining can be further explored. Furthermore, composite field arithmetic is employed to reduce the area requirements, and different implementations for the inversion in subfield GF(2/sup 4/) are compared. In addition, an efficient key expansion architecture suitable for the subpipelined round units is also presented. Using the proposed architecture, a fully subpipelined encryptor with 7 substages in each round unit can achieve a throughput of 21.56 Gbps on a Xilinx XCV1000 e-8 bg560 device in non-feedback modes, which is faster and is 79% more efficient in terms of equivalent throughput/slice than the fastest previous FPGA implementation known to date.     

AES算法的密码分析与快速实现

高级加密标准(AES)确定分组密码Rijndael为其算法,取代厂泛使用了20多年的数据加密标准(DES),该算法将在各行业各部门获得广泛的应用.文章以DES为参照对象,阐述了Rijndael算法的设计特色,介绍了AES在密码分析方面国内外已有的一些理论分析成果,描述了AES算法采用软件和硬件的快速实现方案.     

Area, Delay, and Power Characteristics of Standard-Cell Implementations of the AES S-Box

Cryptographic substitution boxes (S-boxes) are an integral part of modern block ciphers like the Advanced Encryption Standard (AES). There exists a rich literature devoted to the efficient implementation of cryptographic S-boxes, wherein hardware designs for FPGAs and standard cells received particular attention. In this paper we present a comprehensive study of different standard-cell implementations of the AES S-box with respect to timing (i.e. critical path), silicon area, power consumption, and combinations of these cost metrics. We examine implementations which exploit the mathematical properties of the AES S-box, constructions based on hardware look-up tables, and dedicated low-power solutions. Our results show that the timing, area, and power properties of the different S-box realizations can vary by up to almost an order of magnitude. In terms of area and area-delay product, the best choice are implementations which calculate the S-box output. On the other hand, the hardware look-up solutions are characterized by the shortest critical path. The dedicated low-power implementations do not only reduce power consumption by a large degree, but they also show good timing properties and offer the best power-delay and power-area product, respectively.     

高效Kasumi加密算法的软件设计与实现

Kasumi分组密码由MISTY1加密算法发展而来,为第三代移动通信系统（3G）无线网络提供完整性和保密性服务。目前,该算法已有多种高效硬件实现方法,却少有高效软件实现方法提出。这里提出一种基于包并行的高效软件设计与实现,并通过对FI子函数进行查表来优化加密过程,同时引入新的SSE转置指令实现快速密钥生成。实验结果表明这里的方法比协议实现要快4倍,并达到实际通信部署的要求。     

FPGA Implementation(s) of a Scalable Encryption Algorithm

SEA is a scalable encryption algorithm targeted for small embedded applications. It was initially designed for software implementations in controllers, smart cards, or processors. In this letter, we investigate its performances in field-programmable gate array (FPGA) devices. For this purpose, a loop architecture of the block cipher is presented. Beyond its low cost performances, a significant advantage of the proposed architecture is its full flexibility for any parameter of the scalable encryption algorithm, taking advantage of generic VHDL coding. The letter also carefully describes the implementation details allowing us to keep small area requirements. Finally, a comparative performance discussion of SEA with the advanced encryption standard Rijndael and (a cipher purposed for efficient FPGA implementations) is proposed. It illustrates the interest of platform/context-oriented block cipher design and, as far as SEA is concerned, its low area requirements and reasonable efficiency.     

On the security of multiple Huffman table based encryption

Recently, an encryption algorithm using multiple Huffman tables was proposed to protect multimedia content. Since the encryption operation can be efficiently implemented, its speed is several times faster than AES (Advanced Encryption Standard) or any known stream ciphers. In this paper, the security of this algorithm will be analyzed in detail. It is shown that the key is recovered with one ciphertext and the corresponding plaintext consisting of about 10 blocks of symbols by known-plaintext attack or with thousands of ciphertexts by ciphertext-only attack.     

Efficient FPGA implementation of bit-stream multipliers

A four-input adder structure for the FPGA implementation of a sigma-delta bit-stream multiplier is proposed. Conventional bit-stream multiplier implementations involve two-input adder circuits. It is shown that the four-input adder structure is more resource-efficient (over 40% hardware savings) and faster (over 20% higher clock frequency) when implemented using state-of-the-art FPGA architecture featuring six-input look-up tables     

基于网络安全的数据加密技术的研究

数据加密技术是实现网络安全的重要技术之一。本文讨论了目前主要的一些数据加密算法：DES，IDEA，RSA算法及高级加密标准(AES)的Rijndael算法。介绍加密算法在网络中的有关应用及数据加密技术的发展状况。     

Universal Test Sets for the Standard Encryption Algorithm

This paper describes the test sets that were devised at the US National Bureau of Standards (NBS) for hardware implementations of the standard encryption algorithm. These tests consist of a validation test set, which is being used at NBS to certify the correctness of vendors' implementations of the algorithm, and a maintenance test set, which can be used to ensure reliability in the operation of such encryption devices in the field. Each of these test sets is universal in the sense that the tests are independent of any particular hardware implementation of the algorithm, but depend only on the abstract definition of the encryption function itself.     

Efficient Implementations for AES Encryption and Decryption

This paper proposes two efficient architectures for hardware implementation of the Advanced Encryption Standard (AES) algorithm. The composite field arithmetic for implementing SubBytes (S-box) and InvSubBytes (Inverse S-box) transformations investigated by several authors is used as the basis for deriving the proposed architectures. The first architecture for encryption is based on optimized S-box followed by bit-wise implementation of MixColumns and AddRoundKey and optimized Inverse S-box followed by bit-wise implementation of InvMixColumns and AddMixRoundKey for decryption. The proposed S-box and Inverse S-box used in this architecture are designed as a cascade of three blocks. In the second proposed architecture, the block III of the proposed S-box is combined with the MixColumns and AddRoundKey transformations forming an integrated unit for encryption. An integrated unit for decryption combining the block III of the proposed InvSubBytes with InvMixColumns and AddMixRoundKey is formed on similar lines. The delays of the proposed architectures for VLSI implementation are found to be the shortest compared to the state-of-the-art implementations of AES operating in non-feedback mode. Iterative and fully unrolled sub-pipelined designs including key schedule are implemented using FPGA and ASIC. The proposed designs are efficient in terms of Kgates/Giga-bits per second ratio compared with few recent state-of-the-art ASIC (0.18-μm CMOS standard cell) based designs and throughput per area (TPA) for FPGA implementations.     

基于蚁群的云计算资源调度研究

针对云计算环境中资源调度的问题,提出了一种基于改进蚁群的云计算资源调度算法。在算法中添加了查找表,存储其他蚂蚁推荐的节点。当任务分类比较明确的时候,查找表的优点更加地突出。在信息素的计算中加入了成功率因子,成功率越高的节点被选中的概率就越大。本文使用Cloud Sim对算法进行了仿真,仿真结果表明提出的算法缩短了搜寻资源节点的时间,从而使任务可以更快地获得资源并执行,保证了任务能够按时完成。     

基于AES算法的WLAN安全机制分析

高级加密标准(AES)加密算法Rijndael采用对称的块加密技术,提供比WEP/TKIP中RC4算法更高的加密性能,它将成为取代WEP的新一代的加密技术,为无线网络带来更强大的安全防护.文章主要讲述了AES加密算法,在分支编码本(OCB)模式下的AES加密机制原理,AES算法在WLAN中的应用,以及现有的一些针对AES算法的攻击方法.     

Memory-free low-cost designs of advanced encryption standard using common subexpression elimination for subfunctions in transformations

In this paper, we propose area-efficient Advanced Encryption Standard (AES) processor designs by applying a new common-subexpression-elimination (CSE) algorithm to the subfunctions that realize the various transformations in AES encryption and decryption. The first category of subfunctions is derived by combining adjacent transformations in each AES round into a new transformation. The other category of subfunctions is from the integrated transformations in the AES encryption and decryption process with shared common operations. Then the proposed bit-level CSE algorithm reduces further the area cost of realizing the subfunctions by extracting the common factors in the bit-level expressions of these subfunctions. The separate area-reduction effects of combinations, integrations, and CSE optimization mentioned above are analyzed in order to examine the efficiency of each technique. Cell-based implementation results show that the proposed AES designs can achieve am area reduction rate of about 20% compared with Synopsys optimization results.     

LTE中的Rijndael算法研究

从外部结构和内部数学模型两个角度深入分析了LTE中的Rijndael算法,包括算法的核心迭代轮运算,给出了算法的流程图,用伪C代码实现其加密过程,并通过给出的代码完成了测试例的加密处理.     

FPGA Implementation(s) of a Scalable Encryption Algorithm

SEA is a scalable encryption algorithm targeted for small embedded applications. It was initially designed for software implementations in controllers, smart cards, or processors. In this letter, we investigate its performances in recent field-programmable gate array (FPGA) devices. For this purpose, a loop architecture of the block cipher is presented. Beyond its low cost performances, a significant advantage of the proposed architecture is its full flexibility for any parameter of the scalable encryption algorithm, taking advantage of generic VHDL coding. The letter also carefully describes the implementation details allowing us to keep small area requirements. Finally, a comparative performance discussion of SEA with the Advanced Encryption Standard Rijndael and ${tt ICEBERG}$ (a cipher purposed for efficient FPGA implementations) is proposed. It illustrates the interest of platform/context-oriented block cipher design and, as far as SEA is concerned, its low area requirements and reasonable efficiency.      

Three Scheduling Schemes for Amplify-and-Forward Relay Environments

This letter deals with the scheduling in basic amplify-and-forward relay environments, which are characterized by one source and two destinations. The scheduling strategy is required in order to decide which node will be used as a relay. The proposed schemes are the classical Round Robin, and a channel-based scheduling policy which requires a partial feedback from the channel. This scheme is implemented in a centralized and a distributed version. Simulations and analytical results show that the distributed algorithm outperforms the Round Robin and is 3 dB worse than the centralized algorithm, due to possible collisions or outage scheduling. This algorithm provides the best trade-off between performance and complexity and is attractive for practical implementations     

A new algorithm for N-dimensional Hilbert scanning

There have been many applications of the Hilbert curve, such as image processing, image compression, computer hologram, etc. The Hilbert curve is a one-to-one mapping between N-dimensional space and one-dimensional (l-D) space which preserves point neighborhoods as much as possible. There are several algorithms for N-dimensional Hilbert scanning, such as the Butz algorithm and the Quinqueton algorithm. The Butz algorithm is a mapping function using several bit operations such as shifting, exclusive OR, etc. On the other hand, the Quinqueton algorithm computes all addresses of this curve using recursive functions, but takes time to compute a one to-one mapping correspondence. Both algorithms are complex to compute and both are difficult to implement in hardware. In this paper, we propose a new, simple, nonrecursive algorithm for N-dimensional Hilbert scanning using look-up tables. The merit of our algorithm is that the computation is fast and the implementation is much easier than previous ones.     

网络安全中的密码技术研究及其应用

在研究两种典型的现代密码技术(3DES算法和RSA算法)的基础上,本文提出了将3DES和RSA复用进行数据加密的方案,从而使加密系统的整体性能得到提高.同时,还简要介绍了密码技术的相关概念,两种加密技术及其加密算法,最后说明了提出的加密算法的实现过程.     

The application of core functions to residue number systems

A theory of core functions is presented, and the application of this theory to the difficult residue number system (RNS) operations is described. Potential applications for special-purpose core-based RNS processors include adaptive array processing, Kalman filtering, fast-Fourier transforms, and image processing. The theoretical developments are motivated by the assumption that look-up tables are available with some limit on the number of addresses per table. The tables are used to implement both the modular and nonmodular operations. The restriction on the number of addresses per table, in turn, places a restriction on the largest permissible modulus, because the tables used to implement the modular operations will be addressed by a pair of residues. The contents of each look-up table may be precomputed by any method, as long as the limit on address space is respected and the number of bits per address is reasonable     

4.2 Gbit/s single-chip FPGA implementation of AES algorithm

A high performance encryptor/decryptor core of the advanced encryption standard (AES) is presented. The proposed architecture is implemented on a single-chip FPGA using a fully pipelined approach. The results obtained show that this design offers up to 25.06% less area and yields up to 27.23% higher throughput than the fastest AES FPGA implementations reported to date.