Design of High Speed and Low Area Masked AES Using Complexity Reduced Mix-Column Architecture

Full Text Download |
Abstract
In this paper, presents optimized mix column
architecture to get less area and delay than the existing mix
column. Because the proposed mix column architecture is
reduced using Xtime unit. In the existing architecture, we
are used complex mix-column in masked AES architecture.
It consists of 8 multipliers and 11 adders. It consumes more
area and power. In the proposed architecture, a novel mixcolumn
is introduced to reduce the area and power than the
existing method. The proposed mix-column consists of only
12 adders and 4 Xtime circuit. Instead of normal multiplier
in the MixColumns, we are using Xtime unit to reduce the
circuit complexity. The proposed 128bits AES Scheme
provides high secure and less area. It is used for ATM, Net
banking, Satellite Communication, Military applications.
Keywords:Advanced Encryption Standard, ATM, Mix-
Column Transformation, Multipliers, X-time circuit.
I.Introduction
This AES standard specifies the Rijndael algorithm, a
symmetric block cipher that can process data blocks of 128
bits, using cipher keys with lengths of 128, 196, and 256
bits. Rijndael was designed to handle additional block sizes
and key lengths; however they are not adopted usually.
Throughout the remainder of this standard, the algorithm
specified here in will be referred to as “the AES algorithm”
[1]. The algorithm may be used with the three different key
lengths indicated above, and therefore these different
“flavours” may be referred to as “AES-128”, “AES-192”,
and “AES-256”. This standard may be used by Federal
departments and agencies when an agency determines that
sensitive (unclassified) information requires cryptographic
protection. Other FIPS-approved cryptographic algorithms
may be used in addition to, or in lieu of, this standard.
Federal agencies or departments that use cryptographic
devices for protecting classified information can use those
devices for protecting sensitive (unclassified) information
in lieu of this standard [2]. In addition, this standard may be
adopted and used by non-Federal Government
organizations.
Such use is encouraged when it provides the desired security
for commercial and private organizations. The algorithm
specified in this standard may be implemented in software,
firmware, hardware, or any combination thereof. The
specific implementation may depend on several factors such
as the application, the environment, the technology used, etc
[4]. In advanced encryption standard a plain text is
converted into cipher text. Cipher stands for a Series of
transformations that converts a plaintext to cipher text using
the Cipher Key. The Advanced Encryption Standard (AES)
specifies a FIPS-approved cryptographic algorithm that can
be used to protect electronic data. The (AES) algorithm is a
symmetric block cipher that can encrypt (encipher) and
decrypt (decipher) information. Encryption converts data to
an unintelligible form called cipher text; decrypting the
cipher text converts the data back into its original form,
called plaintext. The AES algorithm is capable of using
cryptographic keys of 128, 192, and 256 bits to encrypt and
decrypt data in blocks of 128 bits [3].
The AES algorithm takes the Cipher Key, K, and
performs a Key Expansion routine to generate a key
schedule. The Key Expansion generates a total of Nb (Nr +
1) The algorithm requires an initial set of Nb words, and
each of the Nr rounds requires Nb words of key data [5].
Key Expansion includes the following functions:
(1)Root Word (2) Sub Word (3) Rcon [i/NK]
The input and output for the AES algorithm each
consist of sequences of 128 bits (digits with values of 0 or
1). These sequences will sometimes be referred to as blocks
and the number of bits they contain will be referred to as
their length. The Cipher Key for the AES algorithm is a
sequence of 128, 192 or 256 bits.
References:
- Advanced Encryption Standard (AES), FIPS-197, Nat. Inst. of Standards and Technol., 2001.
- P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Proc. CRYPTO, 1999, vol. LNCS 1666, pp. 388–397.
- L. Goubin and J. Patarin, “DES and differential power analysis (the ‘duplication’ method),” in Proc. CHES LNCS, 1999, vol. 1717, pp. 158–172.
- S. Messerges, “Securing the AES finalists against power analysis attacks,” in Proc. FSE LNCS, 2000, vol. 1978, pp. 150–164.
- K. Gaj and P. Chodowiec, “Fast implementation and fair comparison of the final candidates for advanced encryption standard using field programmable gate arrays,” in Proc. CT-RSA LNCS, 2001, vol. 2020, pp. 84–99.
- F. X. Standaert, G. Rouvroy, J. J. Quisquater, and J. D. Legat, “Efficient implementation of Rijndael encryption in reconfigurable hardware: Improvements and design tradeoffs,” (in German), in Proc. CHES LNCS, 2003, vol. 2779, pp. 334–350.
- G. P. Saggese, A.Mazzeo, N. Mazzocca, and A. G.M. Strollo, “An FPGAbased performance analysis of the unrolling, tiling, pipelining of the AES algorithm,” in Proc. FPL LNCS, Aveiro, Portugal, 2003, vol. 2778, pp. 292–302.
- M. McLoone and J. V. McCanny, “Rijndael FPGA implementations utilizing look-up tables,” in Proc. IEEE Workshop Signal Process. Syst., Antwerp, Belgium, 2001, pp. 349–360.
- V. Rijmen, “Efficient Implementation of the Rijndael SBox,” Dept. ESAT., Katholieke Universiteit Leuven, Leuven, Belgium, 2006. [Online].Available: http://www.networkdls.com/Articles/sbox.pdf
- A. Hodjat and I. Verbauwhede, “A 21.54 Gbits/s fully pipelined processor on FPGA,” in Proc. IEEE 12th Annu. Symp. Field-Programm. Custom Comput. Mach., 2004, pp. 308–309.
- S. Mangard, N. Pramstaller, and E. Oswald, “Successfully attacking masked AES hardware implementations,” in Proc. CHES LNCS, 2005, vol. 3659, pp. 157–171.
- E. Oswald, S. Mangard, N. Pramstaller, and V. Rijmen, “A side-channel analysis resistant description of the AES Sbox,” in Proc. FSE LNCS, Setubal, Potugal, 2005, vol. 3557, pp. 413–423.
- H. Kim, S. Hong, and J. Lim, “A fast and provably secure higher-order masking of AES S-box,” in Proc. CHES LNCS, Nara, Japan, 2011, vol. 6917, pp. 95–107.
- C. Carlet, L. Goubin, E. Prouff, M. Quisquater, and M. Rivain, “Higherorder masking schemes for S-boxes,” in Proc. FSE LNCS, 2012, vol. 7549, pp. 366–384.
- J. D. Goli´c, “Techniques for random masking in hardware,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 54, no. 2, pp. 291–300, Feb. 2007.
- D. Canright and L. Batina, “A very compact ‘perfectly masked’ S-box for AES,” in Proc. ACNS LNCS, 2008, vol. 5037, pp. 446–459
- S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards. New York: Spinger-Verlag, 2007.
- Z. Yuan, Y. Wang, J. Li, R. Li, and W. Zhao, “FPGA based optimization for masked AES implementation,” in Proc. IEEE 54th Int. MWSCAS, Seoul, Korea, 2011, pp.1– 4.
- M. Alam, S. Ghosh, M. J. Mohan, D. Mukhopadhyay, D. R. Chowdhury, and I. S. Gupta, “Effect of glitches against masked AES S-box implementation and countermeasure,” IET Inf. Security, vol. 3, no. 1, pp. 34–44, Feb. 2009.
- E. Trichina, T. Korkishko, and K. H. Lee, “Small size, low power, side channel-immune AES coprocessor: Design and synthesis results,” in Proc. AES LNCS, 2005, vol. 3373, pp. 113–127.
- S. K. Mathew, F. Sheikh, M. Kounavis, S. Gueron, A. Agarwal, S. K. Hsu, H. Kaul, M. A. Anders, and R. K. Krishnamurthy, “53 Gbps native GF(24)2 composite-field AES-encrypt/decrypt accelerator for content-protection in 45 nm high-performance m