In order to improve the data throughput of the advanced encryption standard (AES) IP core while reducing the hardware resource consumption and finally achieving a tradeoff between speed and area, a mixed pipeline ar...In order to improve the data throughput of the advanced encryption standard (AES) IP core while reducing the hardware resource consumption and finally achieving a tradeoff between speed and area, a mixed pipeline architecture and reconfigurable technology for the design and implementation of the AES IP core is proposed. The encryption and decryption processes of the AES algorithm are achieved in the same process within the mixed pipeline structure. According to the finite field characterizations, the Sbox in the AES algorithm is optimized. ShiftRow and MixColumn, which are the main components in AES round transformation, are optimized with the reconfigurable technology. The design is implemented on the Xilinx Virtex2p xc2vp20-7 field programmable gate array (FPGA) device. It can achieve a data throughput above 2.58 Gbit/s, and it only requires 3 233 slices. Compared with other related designs of AES IP cores on the same device, the proposed design can achieve a tradeoff between speed and area, and obtain satisfactory results in both data throughput and hardware resource consumption.展开更多
The famous Square attacks against the Rijndael algorithm have taken advantage of the change of the balance of some bytes. Further study shows that the change of activity always happens before the change of balance, wh...The famous Square attacks against the Rijndael algorithm have taken advantage of the change of the balance of some bytes. Further study shows that the change of activity always happens before the change of balance, which builds the foundation for a new activity attack presented in this paper. In the activity attack, the round in which the activity changes is executed in an equivalent form to avoid the obstructive restriction of the subkeys of that round.The existence of the birthday paradox guarantees much fewer plaintexts necessary for activity attacks comparing with that for corresponding Square attacks. But no benefit may result from the new attacks performed independently because the activity attacks guess four instead of one key byte once. Only when both the balance property and the activity property are exploited at the same time can much better performance be obtained. The better performance in the simulation shows that the consuming time and chosen plaintexts necessary are both reduced to one tenth of those of the corresponding Square attacks. So the activity attacks could be viewed as an efficient supplement to the Square attacks.展开更多
文摘In order to improve the data throughput of the advanced encryption standard (AES) IP core while reducing the hardware resource consumption and finally achieving a tradeoff between speed and area, a mixed pipeline architecture and reconfigurable technology for the design and implementation of the AES IP core is proposed. The encryption and decryption processes of the AES algorithm are achieved in the same process within the mixed pipeline structure. According to the finite field characterizations, the Sbox in the AES algorithm is optimized. ShiftRow and MixColumn, which are the main components in AES round transformation, are optimized with the reconfigurable technology. The design is implemented on the Xilinx Virtex2p xc2vp20-7 field programmable gate array (FPGA) device. It can achieve a data throughput above 2.58 Gbit/s, and it only requires 3 233 slices. Compared with other related designs of AES IP cores on the same device, the proposed design can achieve a tradeoff between speed and area, and obtain satisfactory results in both data throughput and hardware resource consumption.
基金the National 973 Project(G1999035803)National 863 Grand Project(2002AA143021)and the National Cryptography Development Funds for the Tenth Five-year Project
文摘The famous Square attacks against the Rijndael algorithm have taken advantage of the change of the balance of some bytes. Further study shows that the change of activity always happens before the change of balance, which builds the foundation for a new activity attack presented in this paper. In the activity attack, the round in which the activity changes is executed in an equivalent form to avoid the obstructive restriction of the subkeys of that round.The existence of the birthday paradox guarantees much fewer plaintexts necessary for activity attacks comparing with that for corresponding Square attacks. But no benefit may result from the new attacks performed independently because the activity attacks guess four instead of one key byte once. Only when both the balance property and the activity property are exploited at the same time can much better performance be obtained. The better performance in the simulation shows that the consuming time and chosen plaintexts necessary are both reduced to one tenth of those of the corresponding Square attacks. So the activity attacks could be viewed as an efficient supplement to the Square attacks.
