SLP Header

Design of High Speed and Low Area Masked AES Using Complexity Reduced Mix-Column Architecture

IJCSEC Front Page

In this paper, presents optimized mix column architecture to get less area and delay than the existing mix column. Because the proposed mix column architecture is reduced using Xtime unit. In the existing architecture, we are used complex mix-column in masked AES architecture. It consists of 8 multipliers and 11 adders. It consumes more area and power. In the proposed architecture, a novel mixcolumn is introduced to reduce the area and power than the existing method. The proposed mix-column consists of only 12 adders and 4 Xtime circuit. Instead of normal multiplier in the MixColumns, we are using Xtime unit to reduce the circuit complexity. The proposed 128bits AES Scheme provides high secure and less area. It is used for ATM, Net banking, Satellite Communication, Military applications.
Keywords:Advanced Encryption Standard, ATM, Mix- Column Transformation, Multipliers, X-time circuit.
This AES standard specifies the Rijndael algorithm, a symmetric block cipher that can process data blocks of 128 bits, using cipher keys with lengths of 128, 196, and 256 bits. Rijndael was designed to handle additional block sizes and key lengths; however they are not adopted usually. Throughout the remainder of this standard, the algorithm specified here in will be referred to as “the AES algorithm” [1]. The algorithm may be used with the three different key lengths indicated above, and therefore these different “flavours” may be referred to as “AES-128”, “AES-192”, and “AES-256”. This standard may be used by Federal departments and agencies when an agency determines that sensitive (unclassified) information requires cryptographic protection. Other FIPS-approved cryptographic algorithms may be used in addition to, or in lieu of, this standard. Federal agencies or departments that use cryptographic devices for protecting classified information can use those devices for protecting sensitive (unclassified) information in lieu of this standard [2]. In addition, this standard may be adopted and used by non-Federal Government organizations.
Such use is encouraged when it provides the desired security for commercial and private organizations. The algorithm specified in this standard may be implemented in software, firmware, hardware, or any combination thereof. The specific implementation may depend on several factors such as the application, the environment, the technology used, etc [4]. In advanced encryption standard a plain text is converted into cipher text. Cipher stands for a Series of transformations that converts a plaintext to cipher text using the Cipher Key. The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data. The (AES) algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called cipher text; decrypting the cipher text converts the data back into its original form, called plaintext. The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits [3].
The AES algorithm takes the Cipher Key, K, and performs a Key Expansion routine to generate a key schedule. The Key Expansion generates a total of Nb (Nr + 1) The algorithm requires an initial set of Nb words, and each of the Nr rounds requires Nb words of key data [5]. Key Expansion includes the following functions: (1)Root Word (2) Sub Word (3) Rcon [i/NK] The input and output for the AES algorithm each consist of sequences of 128 bits (digits with values of 0 or 1). These sequences will sometimes be referred to as blocks and the number of bits they contain will be referred to as their length. The Cipher Key for the AES algorithm is a sequence of 128, 192 or 256 bits.


  1. Advanced Encryption Standard (AES), FIPS-197, Nat. Inst. of Standards and Technol., 2001.
  2. P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Proc. CRYPTO, 1999, vol. LNCS 1666, pp. 388–397.
  3. L. Goubin and J. Patarin, “DES and differential power analysis (the ‘duplication’ method),” in Proc. CHES LNCS, 1999, vol. 1717, pp. 158–172.
  4. S. Messerges, “Securing the AES finalists against power analysis attacks,” in Proc. FSE LNCS, 2000, vol. 1978, pp. 150–164.
  5. K. Gaj and P. Chodowiec, “Fast implementation and fair comparison of the final candidates for advanced encryption standard using field programmable gate arrays,” in Proc. CT-RSA LNCS, 2001, vol. 2020, pp. 84–99.
  6. F. X. Standaert, G. Rouvroy, J. J. Quisquater, and J. D. Legat, “Efficient implementation of Rijndael encryption in reconfigurable hardware: Improvements and design tradeoffs,” (in German), in Proc. CHES LNCS, 2003, vol. 2779, pp. 334–350.
  7. G. P. Saggese, A.Mazzeo, N. Mazzocca, and A. G.M. Strollo, “An FPGAbased performance analysis of the unrolling, tiling, pipelining of the AES algorithm,” in Proc. FPL LNCS, Aveiro, Portugal, 2003, vol. 2778, pp. 292–302.
  8. M. McLoone and J. V. McCanny, “Rijndael FPGA implementations utilizing look-up tables,” in Proc. IEEE Workshop Signal Process. Syst., Antwerp, Belgium, 2001, pp. 349–360.
  9. V. Rijmen, “Efficient Implementation of the Rijndael SBox,” Dept. ESAT., Katholieke Universiteit Leuven, Leuven, Belgium, 2006. [Online].Available:
  10. A. Hodjat and I. Verbauwhede, “A 21.54 Gbits/s fully pipelined processor on FPGA,” in Proc. IEEE 12th Annu. Symp. Field-Programm. Custom Comput. Mach., 2004, pp. 308–309.
  11. S. Mangard, N. Pramstaller, and E. Oswald, “Successfully attacking masked AES hardware implementations,” in Proc. CHES LNCS, 2005, vol. 3659, pp. 157–171.
  12. E. Oswald, S. Mangard, N. Pramstaller, and V. Rijmen, “A side-channel analysis resistant description of the AES Sbox,” in Proc. FSE LNCS, Setubal, Potugal, 2005, vol. 3557, pp. 413–423.
  13. H. Kim, S. Hong, and J. Lim, “A fast and provably secure higher-order masking of AES S-box,” in Proc. CHES LNCS, Nara, Japan, 2011, vol. 6917, pp. 95–107.
  14. C. Carlet, L. Goubin, E. Prouff, M. Quisquater, and M. Rivain, “Higherorder masking schemes for S-boxes,” in Proc. FSE LNCS, 2012, vol. 7549, pp. 366–384.
  15. J. D. Goli´c, “Techniques for random masking in hardware,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 54, no. 2, pp. 291–300, Feb. 2007.
  16. D. Canright and L. Batina, “A very compact ‘perfectly masked’ S-box for AES,” in Proc. ACNS LNCS, 2008, vol. 5037, pp. 446–459
  17. S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards. New York: Spinger-Verlag, 2007.
  18. Z. Yuan, Y. Wang, J. Li, R. Li, and W. Zhao, “FPGA based optimization for masked AES implementation,” in Proc. IEEE 54th Int. MWSCAS, Seoul, Korea, 2011, pp.1– 4.
  19. M. Alam, S. Ghosh, M. J. Mohan, D. Mukhopadhyay, D. R. Chowdhury, and I. S. Gupta, “Effect of glitches against masked AES S-box implementation and countermeasure,” IET Inf. Security, vol. 3, no. 1, pp. 34–44, Feb. 2009.
  20. E. Trichina, T. Korkishko, and K. H. Lee, “Small size, low power, side channel-immune AES coprocessor: Design and synthesis results,” in Proc. AES LNCS, 2005, vol. 3373, pp. 113–127.
  21. S. K. Mathew, F. Sheikh, M. Kounavis, S. Gueron, A. Agarwal, S. K. Hsu, H. Kaul, M. A. Anders, and R. K. Krishnamurthy, “53 Gbps native GF(24)2 composite-field AES-encrypt/decrypt accelerator for content-protection in 45 nm high-performance m