Extreme Pipelining Towards the Best Area-Performance Trade-Off in Hardware

This paper presents a novel framework for the automatic pipelining of AES S-boxes using composite field representations. The framework is capable of finding positions to insert flip-flops in an almost optimal way, resulting in S-boxes with an almost optimal critical path. Our novel method is using memetic algorithms and is shown to be fast, reliable and successful. We demonstrate our framework for composite field S-boxes using a polynomial and a normal basis, respectively. Our results prove that this method should be consulted when an optimal solution is of interest. Besides experimental results with the new memetic algorithms, we also discuss the ideal model of a circuit, which can be used when assessing the quality of the obtained solutions. We emphasize that this method can be used for any circuit of interest and not only for AES S-boxes.

[1]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[2]  Ingrid Verbauwhede,et al.  Area-throughput trade-offs for fully pipelined 30 to 70 Gbits/s AES processors , 2006, IEEE Transactions on Computers.

[3]  Johann Großschädl,et al.  Area, Delay, and Power Characteristics of Standard-Cell Implementations of the AES S-Box , 2006, J. Signal Process. Syst..

[4]  Ingrid Verbauwhede,et al.  A 21.54 Gbits/s fully pipelined AES processor on FPGA , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[5]  Akashi Satoh,et al.  An Optimized S-Box Circuit Architecture for Low Power AES Design , 2002, CHES.

[6]  Akashi Satoh,et al.  A 10 Gbps full-AES crypto design with a twisted-BDD S-Box architecture , 2002, Proceedings. IEEE International Conference on Computer Design: VLSI in Computers and Processors.

[7]  Ingrid Verbauwhede,et al.  A Systematic Evaluation of Compact Hardware Implementations for the Rijndael S-Box , 2005, CT-RSA.

[8]  Xin Yao,et al.  Optimization by Genetic Annealing , 1991 .

[9]  William Millan,et al.  Efficient Methods for Generating MARS-Like S-Boxes , 2000, FSE.

[10]  El-Ghazali Talbi,et al.  Metaheuristics - From Design to Implementation , 2009 .

[11]  Vincent Rijmen Efficient Implementation of the Rijndael S-box , 2000 .

[12]  Hans-Paul Schwefel,et al.  Evolution strategies – A comprehensive introduction , 2002, Natural Computing.

[13]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[14]  Charles E. Leiserson,et al.  Retiming synchronous circuitry , 1988, Algorithmica.

[15]  Robert K. Brayton,et al.  Retiming and Resynthesis: A Complexity Perspective , 2006, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[16]  Guido Bertoni,et al.  Efficient Software Implementation of AES on 32-Bit Platforms , 2002, CHES.

[17]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[18]  David Bol,et al.  Towards Green Cryptography: A Comparison of Lightweight Ciphers from the Energy Viewpoint , 2012, CHES.

[19]  Thomas Weise,et al.  Global Optimization Algorithms -- Theory and Application , 2009 .

[20]  Narendra V. Shenoy,et al.  Efficient Implementation Of Retiming , 1994, IEEE/ACM International Conference on Computer-Aided Design.

[21]  Joan Boyar,et al.  A New Combinational Logic Minimization Technique with Applications to Cryptology , 2010, SEA.

[22]  Kostas Papagiannopoulos,et al.  Confused by Confusion: Systematic Evaluation of DPA Resistance of Various S-boxes , 2014, INDOCRYPT.

[23]  Elisabeth Oswald,et al.  An ASIC Implementation of the AES SBoxes , 2002, CT-RSA.

[24]  Susan Stepney,et al.  Evolving Boolean Functions Satisfying Multiple Criteria , 2002, INDOCRYPT.

[25]  Nele Mentens,et al.  S-box Pipelining Using Genetic Algorithms for High-Throughput AES Implementations: How Fast Can We Go? , 2014, INDOCRYPT.

[26]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[27]  Akashi Satoh,et al.  A 10-Gbps full-AES crypto design with a twisted BDD S-Box architecture , 2004, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[28]  Deepa Yagain,et al.  A novel framework for retiming using evolutionary computation for high level synthesis of digital filters , 2015, Swarm Evol. Comput..

[29]  Andreas Münzner,et al.  Converting combinational circuits into pipelined data paths , 1991, 1991 IEEE International Conference on Computer-Aided Design Digest of Technical Papers.

[30]  A. E. Eiben,et al.  Introduction to Evolutionary Computing , 2003, Natural Computing Series.

[31]  Jean-Didier Legat,et al.  Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware: Improvements and Design Tradeoffs , 2003, CHES.

[32]  Ming-Bo Lin Introduction to VLSI Systems: A Logic, Circuit, and System Perspective , 2011 .

[33]  Joan Boyar,et al.  A Small Depth-16 Circuit for the AES S-Box , 2012, SEC.

[34]  Sachin S. Sapatnekar,et al.  Efficient retiming of large circuits , 1998, IEEE Trans. Very Large Scale Integr. Syst..