Review of HW ARCH for AES in Wireless Sensor Network

Review of HW ARCH for AES in Wireless Sensor Network

Zheming Jin @ CSCE715

A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical

or environmental conditions, and to cooperatively pass their data through the network to a main location.

Node ◦ An embedded, highly resource-constrained, low

cost and low-power WSN device.

WSN and its node

Overview of AES algorithm

Existing low-cost and low-power AES hardware designs

Specialized processor architecture for AES implementations

Conclusion

Paper Organization

AES Algorithm (cont.)

AES Algorithm (Cont.)

AES Algorithm

Iterated architecture◦ Long latency◦ Low-resource

Hardware Design Choices

Pipelined/Loop-unrolled architecture◦ High speed◦ Large area◦ High power consumption◦ Feedback mode unfriendly

Hardware Design Choices

Enable low-resource implementation ◦ (e.g. multiplication and division)

Full-speed utilization in feedback mode

Width of AES data path reducible for lower area and power◦ 128 vs. 8

Focus of the paper

Iterated Architecture

Memory-based LUT vs. combinational logic

The amount of parallelism

Galois Field computation transferred to another arithmetic domain

Pre-computed vs. on-the-fly expansion

AES-specific tradeoffs

Mainly targeted at Field Programmable Gate Array (FPGA) technologies.

Major FPGA vendors: Xilinx & Altera

ASIC vs. FPGA

Hardware Implementation

FPGA Essential Component

Candidate Proposals (cont.)

Ref16A thorough study of AES data path implementation with different architectural choices

Ref18,19A folded design in which the datapath width can be decreased from 128 bits

Folding technique1) most compact & low-power2) increase latency

Direct comparison between Ref16 and Ref18,19 is not possible due to different implementations


Ref8 iterative ASIC designs with varying data path widths

Roundkey generated on-the-fly

The results still valuable though the cell counts are not the lowest.

But best area-throughput ratios of existing compact implementations.


Ref13 Use precomputed key expansion

Use dedicated memory block of FPGA to implement S-box as LUT

Proposal of states arrangement for efficient storage in memory components. It allows addressing logic for shiftRow operation.

Use equal amount of memory components but uses more efficiently.


Ref10 Roundkey generation shares S-boxes with main data path.

Use varying data widths for different phases of the algorithms

Support for CBC encryption mode

Older ASIC technology (.60 um) prevents absolute area comparisons.


Ref11 8-bit datapath for round oepration and on-the-fly key expansions.

One S-box implemented as combinational logic.

State and roundkey stored in 32x8 RAM.

Folding increases latency and decreases throughput.


Ref9 A 8-bit AES processor in FPGA.

Datapath includes S-Box and GF MAC.

The execution is controlled with a program stored in ROM.

Use RAM as a data memory

Fairly inefficient design !


Ref12Low throughput and high latencyLow clock frequency Old technology

Ref20A novel architecture based on the 8-bit permutation structure

Most efficient in area-throughput ratio

Parallel operations of 8-bit pieces

Maintain low hardware area and power consumption

Best approach for AES seems 8-bit designs (Ref 12, 20).◦ Lowest hardware area◦ Lowest power consumption

FPGA technologies currently not feasible solution for WSN node. High power consumption!

Suitability of Dedicated Hardware Implmentation

Dedicated Hardware of Reference 12

Dedicated Hardware of Reference 12

A performance-area trade-off between dedicated hardware implementation and general-purpose process.

Typically general purpose but tailored to support a specific application domain.

Still Low-cost and low consumption devices

Specialized Processor Architecture



Convey Computer

Highlights 4 Xilinx FPGAs or Application Engines (AE)

8 memory controllers

The host computer interface, or Application Engine Hub (AEH).

Efficient AES Execution in ASIP

Ref 22Use Xtensa configurable processor architectureExecution of AES is accelerated by using extension instruction for AES.Performance improved by several ten-folds

Ref 23Use 32-bit MIPS processor architectureUse fast LUT functionality for accelerating AES and RC4 algorithmLow power consumption

Efficient AES Execution in ASIP

Ref 24Use LEON-2 processor architecture prototyped in an FPGA1.43 encryption speedup and 30-40% reduction in code size

Ref 25A microcoded cryptogprocessor for DES, AES and ECC.Low frequency and throughput

Compared to dedicated AES hardware implementations◦ Significant larger hardware area◦ Higher power consumption◦ Programmability and/or reconfigurability

A 32-bit general-purpose processor with its special support for AES is a feasible solution

Suitability of Specialized Processor Implementation

Currently 8-bit dedicated hardware designs seem to be the most feasible solutions for WSN nodes.

Alternatively, compact special functional units can be used for extending the instruction sets of WSN node processors for efficient AES execution.

Design that meets the throughput requirements of WSN communication, hence achieving considerable power savings by decreasing the clock speed.

Conclusions

Questions and Thanks.

Review of HW ARCH for AES in Wireless Sensor Network

Documents