AES Datapath Optimization Strategies for Low-Power Low-Energy Multisecurity-Level Internet-of-Things Applications

Connected devices are getting attention because of the lack of security mechanisms in current Internet-of-Thing (IoT) products. The security can be enhanced by using standardized and proven-secure block ciphers as advanced encryption standard (AES) for data encryption and authentication. However, these security functions take a large amount of processing power and power/energy consumption. In this paper, we present our hardware optimization strategies for AES for high-speed ultralow-power ultralow-energy IoT applications with multiple levels of security. Our design supports multiple security levels through different key sizes, power and energy optimization for both datapath and key expansion. The estimated power results show that our implementation may achieve an energy per bit comparable with the lightweight standardized algorithm PRESENT of less than 1 pJ/b at 10 MHz at 0.6 V with throughput of 28 Mb/s in ST FDSOI 28-nm technology. In terms of security evaluation, our proposed datapath, 32-b key out of 128 b cannot be revealed by correlation power analysis attack using less than 20 000 traces.

[1]  Andrey Bogdanov,et al.  Exploring Energy Efficiency of Lightweight Block Ciphers , 2015, IACR Cryptol. ePrint Arch..

[2]  Massimo Alioto,et al.  AES architectures for minimum-energy operation and silicon demonstration in 65nm with lowest energy per encryption , 2015, 2015 IEEE International Symposium on Circuits and Systems (ISCAS).

[3]  Ingrid Verbauwhede,et al.  Single-Cycle Implementations of Block Ciphers , 2015, IACR Cryptol. ePrint Arch..

[4]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[5]  Iwata Tetsu,et al.  The 128-bit Blockcipher CLEFIA , 2007 .

[6]  Abdelmadjid Bouabdallah,et al.  M2M Security: Challenges and Solutions , 2016, IEEE Communications Surveys & Tutorials.

[7]  Sanu Mathew,et al.  340 mV–1.1 V, 289 Gbps/W, 2090-Gate NanoAES Hardware Accelerator With Area-Optimized Encrypt/Decrypt GF(2 4 ) 2 Polynomials in 22 nm Tri-Gate CMOS , 2015, IEEE Journal of Solid-State Circuits.

[8]  Hsie-Chia Chang,et al.  A 2.97 Gb/s DPA-resistant AES engine with self-generated random sequence , 2011, 2011 Proceedings of the ESSCIRC (ESSCIRC).

[9]  David Blaauw,et al.  A compact 446 Gbps/W AES accelerator for mobile SoC and IoT in 40nm , 2016, 2016 IEEE Symposium on VLSI Circuits (VLSI-Circuits).

[10]  Sanu Mathew,et al.  53Gbps native GF(24)2 composite-field AES-encrypt/decrypt accelerator for content-protection in 45nm high-performance microprocessors , 2010, 2010 Symposium on VLSI Circuits.

[11]  Guido Bertoni,et al.  Power-efficient ASIC synthesis of cryptographic sboxes , 2004, GLSVLSI '04.

[12]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[13]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[14]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[15]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[16]  D. Blayney,et al.  Challenges and solutions. , 2007, Journal of oncology practice.

[17]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.