Review of HW ARCH for AES in Wireless Sensor Network Zheming Jin @ CSCE715
Feb 23, 2016
Review of HW ARCH for AES in Wireless Sensor Network
Zheming Jin @ CSCE715
A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical
or environmental conditions, and to cooperatively pass their data through the network to a main location.
Node ◦ An embedded, highly resource-constrained, low
cost and low-power WSN device.
WSN and its node
Overview of AES algorithm
Existing low-cost and low-power AES hardware designs
Specialized processor architecture for AES implementations
Conclusion
Paper Organization
AES Algorithm (cont.)
AES Algorithm (Cont.)
AES Algorithm
Iterated architecture◦ Long latency◦ Low-resource
Hardware Design Choices
Pipelined/Loop-unrolled architecture◦ High speed◦ Large area◦ High power consumption◦ Feedback mode unfriendly
Hardware Design Choices
Enable low-resource implementation ◦ (e.g. multiplication and division)
Full-speed utilization in feedback mode
Width of AES data path reducible for lower area and power◦ 128 vs. 8
Focus of the paper
Iterated Architecture
Memory-based LUT vs. combinational logic
The amount of parallelism
Galois Field computation transferred to another arithmetic domain
Pre-computed vs. on-the-fly expansion
AES-specific tradeoffs
Mainly targeted at Field Programmable Gate Array (FPGA) technologies.
Major FPGA vendors: Xilinx & Altera
ASIC vs. FPGA
Hardware Implementation
FPGA Essential Component
Candidate Proposals (cont.)
Ref16A thorough study of AES data path implementation with different architectural choices
Ref18,19A folded design in which the datapath width can be decreased from 128 bits
Folding technique1) most compact & low-power2) increase latency
Direct comparison between Ref16 and Ref18,19 is not possible due to different implementations
Candidate Proposals (cont.)
Ref8 iterative ASIC designs with varying data path widths
Roundkey generated on-the-fly
The results still valuable though the cell counts are not the lowest.
But best area-throughput ratios of existing compact implementations.
Candidate Proposals (cont.)
Ref13 Use precomputed key expansion
Use dedicated memory block of FPGA to implement S-box as LUT
Proposal of states arrangement for efficient storage in memory components. It allows addressing logic for shiftRow operation.
Use equal amount of memory components but uses more efficiently.
Candidate Proposals (cont.)
Ref10 Roundkey generation shares S-boxes with main data path.
Use varying data widths for different phases of the algorithms
Support for CBC encryption mode
Older ASIC technology (.60 um) prevents absolute area comparisons.
Candidate Proposals (cont.)
Ref11 8-bit datapath for round oepration and on-the-fly key expansions.
One S-box implemented as combinational logic.
State and roundkey stored in 32x8 RAM.
Folding increases latency and decreases throughput.
Candidate Proposals (cont.)
Ref9 A 8-bit AES processor in FPGA.
Datapath includes S-Box and GF MAC.
The execution is controlled with a program stored in ROM.
Use RAM as a data memory
Fairly inefficient design !
Candidate Proposals (cont.)
Ref12Low throughput and high latencyLow clock frequency Old technology
Ref20A novel architecture based on the 8-bit permutation structure
Most efficient in area-throughput ratio
Parallel operations of 8-bit pieces
Maintain low hardware area and power consumption
Best approach for AES seems 8-bit designs (Ref 12, 20).◦ Lowest hardware area◦ Lowest power consumption
FPGA technologies currently not feasible solution for WSN node. High power consumption!
Suitability of Dedicated Hardware Implmentation
Dedicated Hardware of Reference 12
Dedicated Hardware of Reference 12
A performance-area trade-off between dedicated hardware implementation and general-purpose process.
Typically general purpose but tailored to support a specific application domain.
Still Low-cost and low consumption devices
Specialized Processor Architecture
Specialized Processor Architecture
Specialized Processor Architecture
Convey Computer
Highlights 4 Xilinx FPGAs or Application Engines (AE)
8 memory controllers
The host computer interface, or Application Engine Hub (AEH).
Efficient AES Execution in ASIP
Ref 22Use Xtensa configurable processor architectureExecution of AES is accelerated by using extension instruction for AES.Performance improved by several ten-folds
Ref 23Use 32-bit MIPS processor architectureUse fast LUT functionality for accelerating AES and RC4 algorithmLow power consumption
Efficient AES Execution in ASIP
Ref 24Use LEON-2 processor architecture prototyped in an FPGA1.43 encryption speedup and 30-40% reduction in code size
Ref 25A microcoded cryptogprocessor for DES, AES and ECC.Low frequency and throughput
Compared to dedicated AES hardware implementations◦ Significant larger hardware area◦ Higher power consumption◦ Programmability and/or reconfigurability
A 32-bit general-purpose processor with its special support for AES is a feasible solution
Suitability of Specialized Processor Implementation
Currently 8-bit dedicated hardware designs seem to be the most feasible solutions for WSN nodes.
Alternatively, compact special functional units can be used for extending the instruction sets of WSN node processors for efficient AES execution.
Design that meets the throughput requirements of WSN communication, hence achieving considerable power savings by decreasing the clock speed.
Conclusions
Questions and Thanks.