Abstract SYNTHESIS OF 128 BIT ADVANCED ENCRYPTION STANDARD ALGORITHM USING VHDL Paramveer Kaur, M.Tech (ECE) Student, siviapinu77@gmail.com; Parminder Singh Jassal, Assistant Professor, pammi_jassal@yahoo.co.in; Department of Electronics, Yadavindra College of Engineering, Talwandi Sabo (Pb)-India There are many encryption algorithms, but Advanced Encryption Standard (AES) 128 bit to be used in many applications for protecting sensitive information/data. Typical examples are high-throughput design and low-area design. The former AES algorithm emphasizes its throughput using pipeline pattern. Its biggest advantage is to improve the system throughput, but there is a clear disadvantage that is at the cost of on-chip resources. Generally, the embedded applications do not require very fast speed but have a very limited area and low power consumption. Due to the importance of the AES algorithm and the numerous applications that it has, our main concern AES encryption is based on an iterative round-looping architecture.which provide lowest area. Xilinx ISE tool to be used for Simulation and Synthesis. These embedded applications do not require very fast speed but have a very limited area. Xilinx ISE 13.2 (XCV6LX130t-3) tool is used for simulation and synthesis. Our AES encryption and decryption occupied 2,417 slices. Our design is working in frequency is of 50 MHZ. Key Words- Advanced Encryption Standard, Data Encryption Standard, National Institute for Standards and Technology, Integrated Software Environment (ISE), Field Programmable Gate Array. Introduction Figure 1. The Encryption Model The National Institute of Standards and Technology (NIST) have published the specifications of this encryption standard in the Federal Information Processing Standards (FIPS) Publication [14]. Any conventional symmetric cipher, such as AES, requires a single key for both encryption and decryption, which is independent of the plaintext and the cipher itself. It should be impractical to retrieve the plaintext solely based on the Cipher text and the encryption algorithm, without knowing the encryption key. Thus, the secrecy of the encryption key is of high importance in symmetric ciphers such as AES. Software implementation of encryption algorithms does not provide ultimate secrecy of the key since the operating system, on which the encryption software runs, is always vulnerable to attacks. Encryption is the transformation of data into a form that is as close to impossible as possible to read without the appropriate knowledge. Its purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form. Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both Encryption and decryption; for other mechanisms, the keys used for encryption and decryption is different. There are innumerous encryption algorithms that are now commonly used in computation, but the U.S. government has adopted the Advanced Encryption Standard (AES) to be used by Federal departments and agencies for protecting sensitive information. AES Standard The AES algorithm is a subset of the Rijndael algorithm. The AES algorithm uses a 128 bit block and three different key sizes 128, 196 and 256 bits, where Rijndael allows multiple block sizes 128, 196, and 256 bits and for each it also allows multiple key sizes, again 128, 196, and 256 bits. The AES algorithm is a symmetric key algorithm which means the same key is used to both encrypt and decrypt a message. Also, the cipher text produced by the AES algorithm is the same size as the plain text message. AES is significantly more secure than its predecessor. AES implementations can be divided into three main types depending on data-path width. The first type comes with 8-bits data path as aiming for low area architectures. The second type is the 32-bits data path architectures which process ISSN: 2321-2667 Volume 3, Issue 2, March 2014 27
each state array row or column together as targeting medium throughput applications. The last type of implementations is the 128-bits loop unrolled architectures. Most of the operations in the AES algorithm take place on bytes of data or on words of data 4 bytes long, which are represented in the field GF (2 8 ), called the Galois Field. These bytes are represented by the polynomial equation: b 7 x 7 + b 6 x 6 + b 5 x 5 + b 4 x 4 + b 3 x 3 + b 2 x 2 + b 1 x + b 0 (1) where bx {0,1}. For addition, the sum of two polynomials in GF (2 8 ) is just the addition of like coefficients modulo 2. (0 + 0) mod 2 = 0 (0 + 1) mod 2 = 1 (1 + 0) mod 2 = 1 (1 + 1) mod 2 = 0 This is the truth table for the XOR operation (). Thus all addition operations in GF (2 8 ) can be represented by the XOR operation. This is particularly well suited to computers as the XOR operation is much faster than basic addition. In the polynomial representation, multiplication in GF(2 8 ) corresponds with multiplication of polynomials modulo an Irreducible binary polynomial of degree 8. A polynomial is irreducible if it has no divisors other than 1 and itself. For Rijndael, this polynomial is called m(x). m(x) = x 8 + x 4 + x 3 + x + 1[14]. The AES Algorithm A. Encryption The AES algorithm composed of 10 rounds. After the initial secret key addition (roundkey (0)), the first 9 rounds are identical, with different the final round. Each of the first 9 rounds consists of 4 transformations: SubBytes, ShiftRows, MixColumns and Add Round Key. The final round excludes the MixColumns transformation. Four basic steps called layers are performed on the incoming data while doing the encryption process. They are: The ByteSub Transformation. The ShiftRow Transformation. The MixColumn Transformation. AddRoundKey. The above four operations together form a round that proceeds through the steps in chronological order B. Decryption These four steps used in the encryption are inverted in a straightforward decryption structure. Consequently the operations used in the decryption process are: pervious output b(64 to 95) then output b(32 to 64 ) comes out.. Roundkey (0 to 31) XOR with pervious output b(32 to 64) then output b(0 to 31) comes out, after combining all b outputs Figure 2. Encryption process keyout output comes out. ISSN: 2321-2667 Volume 3, Issue 2, March 2014 28 The InvShiftRow Transformation. The InvByteSub Transformation. Add RoundKey The InvMixColumn Transformation Iterative Round Looping AES The former AES algorithm focuses on its throughput using pipeline pattern. Its biggest advantage is to improve the system throughput, but there is a disadvantage that is at the cost of onchip resources. Generally, the embedded applications do not require very fast speed but have a very limited area and low power consumption. So AES encryption based on an iterative round-looping architecture is used. That is providing lowest area. The low-cost and moderate throughput practically suitable for security focused low resource applications. The hardware description code will be used to synthesize the iterative round-looping architecture of AES. Xilinx Integrated System Environment (ISE) 13.2 tool used for resource calculation. A. Key expansion Main part of AES is key expansion The AES algorithm takes the Cipher Key, K, and performs a Key Expansion routine to generate a key schedule. In key expansion three main operations are performed sub word, rot word, rcon and XOR operation. In our AES the 128 bit cipher key data given to roundkey, roundkey s lower 32 bit data divide into four 8 bits data, these 8 bits data given to shift rows, signal temp 0, temp 1, temp 2, temp 3 given to SBOX, then after SBOX data XOR with round keys (96 to 127) and Rcon, Rcon s values different for all 10 rounds, depend on round values count 0 to 9. Then output b(96 to 127) comes, this output XOR with round key(64 to 95) then output b(64 to 95) comes out. Round key (32 to 63) Xor with
the ShiftRows transformation, the bytes in the last three rows of the State are cyclical shifted over different numbers of bytes. In this operation, no changes are applied to the first row of State. A one-byte circular left shift operation is performed for the second row. Respectively, a two-byte and then a threebyte circular left shift operation are performed on the third and fourth row. After shift row operation the Mix Columns transformation operates on the State column-by-column, treating each column as a four-term polynomial. Figure 3. Key expansion B. Block Diagram of AES Encryption Our AES encryption is based on an iterative round-looping technique. In our AES we not store data after one round, data after one round gives immediately to next round by feedback. Feedback is performed by looping operation looping is performed until 9 round completed because 10 round is different than other 9 rounds, after 10 round we get encrypted data. This Iterative Round-Looping technique gives low area because no register is used to store data in between rounds. Initially in our AES encryption architecture plaintext XOR with key data. Then first round start, this data goes to first round s 20 Sbox which gives is a non-linear byte substitution that operates independently on each byte of the State using a substitution table. We already declared values of substitution table in our VHDL program. Then performed shift row operation. In Figure 4.Iterative Round-Looping of AES Encryption After mix column, coming data XOR with first key coming from key schedule, all 10 keys generate on fly, then we performed loop operation on one round until 9 round completed. ISSN: 2321-2667 Volume 3, Issue 2, March 2014 29
Tenth round is different than other 9 rounds this round not includes the mix column operation, so in tenth round data comes from Shift row transformation XOR with tenth key from key scheduling.after tenth round encryption data is comes. All Results are verified From Federal Information Processing Standards Publications (FIPS PUBS) are issued by the National Institute of Standards and Technology (NIST), 2000. C. AES Decryption Our AES decryption is based on an iterative round-looping technique. Similar to encryption,in AES decryption we not store data after one round, data after one round gives immediately to next round by feedback.feedback is performed by looping operation looping is performed until 9 round completed because 10 round is different than other 9 rounds, after 10 round we get encrypted data. This Iterative Round-Looping technique gives low area because no register is used to store data in between rounds. Similar to encryption, initially in our AES decryption input data XOR with key data, here input data is same Here differences come between encryption and decryption process.in decryption inverse shift row operation performed first than inverse sub byte operation. In decryption process when first round start, this data goes for inverse ShiftRows transformation, in shift row operation the bytes in the last three rows of the State are cyclical shifted over different numbers of bytes. In this operation, no changes are applied to the first row of State. A one-byte circular left shift operation is performed for the second row. Respectively, a two-byte and then a three-byte circular left shift operation are performed on the third and fourth row. After inverse shift row operation data goes to inverse Sub byte transformation, in this operation firstly data goes to 20 inverses Sbox which gives a non-linear byte substitution that operates independently on each byte of the State using an inverse substitution table. We already declared values of inverse substitution table in our VHDL program. Other difference between encryption and decryption comes out there, in encryption mix column operation performed first than add round key but in decryption inverse mix column operation performed after add round key. So in decryption data after sub byte operation data goes to add round key. After add round key operation the inverse Mix Columns transformation operation is performed which operates on the State column-by-column, treating each column as a four-term polynomial. After inverse mix column, we performed loop operation on one round until 9 round completed. Tenth round is different than other 9 rounds this round not includes the inv mix column operation, so in tenth round data comes after Shiftrow transformation and sub byte transformation XOR with tenth key from key scheduling.after tenth round decryption data is comes, this output data is same as we given in the input of encryption All Results are verified From Federal Information Processing Standards Publications (FIPS PUBS) are issued by the National Institute of Standards and Technology (NIST), 2000. Simulation & Synthesis Result Of AES The Encryption and Decryption process consists of a number of different transformations applied consecutively over the data block bits, in a fixed number of iterations, called rounds. The number of rounds depends on the length of the key used for the encryption process. For key length of 128 bits, the number of iteration required are10. (Nr = 10). The AES algorithm is synthesized using VHDL coding in Xilinx ISE design suit 13.2. Simulation and synthesize is done using Xilinx ISE 13.2. The basic AES is programmed and Simulated in XILINX Virtex 6 (XC6VLX130T) device. Input data, input keys and outputs are verified from Federal Information Processing Standards Publications (FIPS PUBS) issued by the National Institute of Standards and Technology (NIST), 2000. The AES-Rijndael algorithm is an iterative private key symmetric block cipher. The input and output for the AES algorithm are of 128 bits, hence Nb = Block length/32 = 4.The cipher key for the AES algorithm is a sequence of 128. An iterative method is used to minimize the hardware utilization. Encryption and Decryption process consists of a number of different transformations applied consecutively over the data block bits, in a fixed number of iterations, called rounds. Total number of rounds is 10, but looping is performed only for 9 rounds because 10 rounds is different than other 9 rounds, 10 round does not consist of mix column transformation in both Encryption and Decryption process. Encryption results Plaintext or data in- 00112233445566778899aabbccddeeff Key- 000102030405060708090a0b0c0d0e0f Data out- 69c4e0d86a7b0430d8cdb78070b4c55a B. Decryption results After encryption data given as input to decryption Detain- 69c4e0d86a7b0430d8cdb78070b4c55a Key- 13111d7fe3944a17f307a78b4d2b30c5 Data out- 00112233445566778899aabbccddeeff Result is verified From Federal Information Processing Standards Publications (FIPS PUBS) are issued by the National Institute of Standards and Technology (NIST). C. Synthesis Result of AES 128 bit Algorithm In our AES, top module of Encryption and Decryption is simulated for getting the estimation of source utilization. The design ISSN: 2321-2667 Volume 3, Issue 2, March 2014 30
frequency No. 0f Slices is simulated and synthesize in Xilinx ISE 13.2.with family vertex 6 (xcvlx130t-31156).as shown in fig.6.24 all signals are completely routed, no errors has been occurred. Our AES occupied 2,417 slices from available 20,000.this design occupied no slice register. Slice LUT occupied by this design are 8,831.Delay is of 20ns. Frequency achieve by this design is of 50 MHZ. Our AES Encryption is based on an iterative round-looping architecture.which provide lowest area. The low-cost implementation and low frequency practically suitable for security focused low resource applications. E. Slices comparison in the AES 12000 10992 10000 9406 9446 8000 6000 6279 4000 2000 2,699 2417 0 Techniques used Figure 6. Chart for Slices used in the AES Figure 5. Device Utilization Summary Report D. Comparison of AES Algorithm This chart shows the Slices used in the AES architecture. This shows that our AES encryption which is based on an iterative round-looping architecture provide lowest area. Our AES occupied 2,417 slices which is less than other techniques used previously. F. Frequency Comparison of AES Table 1.Comparison Table of AES algorithm 90 71 60 30 31.8 45 50 0 Pipelined Pipelined [22] [17] Iterative looping [12] Techniques used Our iterative looping Figure 7. Chart for Slices used in the AES This chart shows the frequency output in the AES architecture. This shows that our AES encryption which is based on an iterative round-looping architecture provide higher frequency than other iterative round-looping architecture. ISSN: 2321-2667 Volume 3, Issue 2, March 2014 31
Conclusion Our AES encryption is based on an iterative round-looping architecture.which provide lowest area. The low-cost and low frequency encryption practically suitable for security focused low resource applications. The popularity of the embedded applications such as smart card, wireless sensor network, RFID technology, etc. has been growing in these recent years. These embedded applications do not require very fast speed but have a very limited area. Xilinx ISE (integrated software environment) 13.2 (XCV6LX130t-3) tool to be used for simulation and synthesis. Our AES occupied 2,417 slices, delay is of 20 ns. This design achieve frequency is of 50 MHZ. Future Scope This work can be extended for the further work to increase speed of design with reduced area, which is used in embedded applications such as smart card, wireless sensor network, RFID technology, etc. In future one can find the techniques to reduce delay and increase speed of architecture with some other technique. References [1] Junfeng Chu and Mohammed Benaissa, Low area memory-free FPGA implementation of the AES algorithm,ieee, 2012. [2] Tuan Anh Pham, Mohammad S. Hasan and Hongnian Yu., Area and Power optimisation for AES encryption module implementation on FPGA, International Conference on Automation & Computing, Loughborough University, Leicestershire, UK, 8 September, 2012. [3] Hoang Trang and Nguyen Van Loi, An Efficient FPGA implementation of the Advanced Encryption Standard algorithm, IEEE 2012. [4] Debjani Basu, Dipak K Kole and Hafizur Rahaman, Implementation of AES algorithm in UART module for secured data transfer, IEEE International Conference on Advances in Computing and Communications,2012. [5] Hadi Samiee,Reza Ebrahimi Atani and Hamidreza Amindavar, A Novel Area-Throughput Optimized Architecture for the AES Algorithm, [6] Noura Benhadjyoussef, Wajih El hadj youssef, Mohsen Machhout and Rached Tourki, A compact 32-Bit AES design for embedded system,ieee International Conference on Design & Technology of Integrated Systems in Nanoscale Era, 2012. [7] Gurmail Singh and Rajesh Mehra, High Throughput AES Encryption Algorithm Implementation on FPGA, IJCTA Nov-Dec, 2011. [8] Shylashree.N, Nagarjun Bhat and V.Shridhar, FPGA Implementations of Advanced Encryption Standard a Survey,International Journal of Advances in Engineering & Technology, May,2012. [9] Yang Jun Ding Jun Li Na Guo Yixiong, FPGA-based design and implementation of reduced AES algorithm, Inter national Conference on Challenges in Environmental Science and Computer Engineering, 2010. [10] Subashri T, Arunachalam R, Gokul Vinoth Kumar B, Vaidehi V, Pipelining Architecture of AES Encryption and Key Generation with Search Based Memory,International journal of VLSI design & Communication Systems (VLSICS) Vol.1, No.4, December 2010. [11] Banraplang Jyrwa and Roy Paily, An area-throughput efficient FPGA implementation of block cipher AES algorithm, International conference on advances in computing control and telecommunication technologies, IEEE,2009. [12] Ahmed Rady,Ehab EL Sehely and A.M. EL Hennawy, Design and Implementation of area optimized AES algorithm on reconfigurable FPGA, IEEE ICM - December,2007. [13] Chi-Wu Huang, Chi-Jeng Chang, Mao-Yuan Lin and Hung-Yun Tai, Compact FPGA Implementation of 32-bits AES Algorithm Using Block RAM,IEEE, 2007. [14] Swinder Kaur and Prof. Renu Vig, Efficient Implementation of AES Algorithm in FPGA Device, International Conference on Computational Intelligence and Multimedia Applications, IEEE,2007. [15] Nalini C, Nagaraj, Dr. Anandmohan P.V, Poornaiah D.V and V.D.kulkarn, An FPGA Based Performance Analysis of Pipelining and Unrolling of AES Algorithm, IEEE,2006. [16] S. M. Yoo, D. Kotturib, D.W. Pana and J. Blizzard, An AES crypto chip using a high-speed parallel pipelined architecture, Microprocessors and Microsystems, pp.317 326, ELSEVIER,2005. [17] X. Zhang and K. K Parhi, High-speed VLSI Architecture for the AES Algorithm, IEEE Transactions on Very Large Scale Integration (VLSI) System., vol.12, no. 9, pp. 957 967, Sep. 2004. [18] Alireza Hodjat and Ingrid Verbauwhede, A 21.54 Gbits/s Fully Pipelined AES Processor on FPGA, IEEE 12th Annual Symposium on Field-Programmable Custom Computing Machines,,2004. [19] E Rodriguez-Henriquez, N.A. Saqib and A. Diaz-Pkrez, 4.2 Gbit/s single-chip FPGA implementation of AES algorithm, Vol. 39 No. 15, IEEE,2003. [20] K. Gaj and P. Chodowiec, Very Compact FPGA Implementation of the AES Algorithm, In the proceedings of CHES 2003, Lecture Notes in Computer Science, vol 2779, pp. 319-333, Springer-Verlag. [21] Francois-Xavier Standaert, Gael Rouvroy, Jean-Jacques Quisquater, and Jean-Didier Legat, Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware Improvements and Design Tradeoffs, pp. 334 350, IEEE,2003. [22] Adam J. Elbirt, W. Yip, B. Chetwynd, and C. Paar, An FPGA-Based Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists, Transactions on very large scale integration (VLSI) systems, vol. 9, no. 4, August, IEEE,2001. [23] MGre McLoone and John V McCanny, Rijandael FPGA implementation utilizing look-up TABLES, IEEE,2001. [24] Joan Daemen and Vincent Rijmen, "The Design of Rijndael: AES - The Advanced Encryption Standard, ISBN 3-540-42580-2, Springer, 2002. [25] National Institute of Standards and Technology, Federal Information Processing Standards Publication 197, 2001. ISSN: 2321-2667 Volume 3, Issue 2, March 2014 32