Hardware Implementation of AES Encryption Algorithm Based on FPGA
Huanqing Xu1, a, Yuming Zhang2, b and Jun Yang3, c 1,2,3School of Information Science and Engineering, Yunnan university, Kunming, China
[email protected], [email protected], [email protected]
Keywords: FPGA; AES encryption; Nios II; asymmetric encryption
Abstract: With the development of society, the information industry has attracted more and more attention by the state. Since the emergence of prism doors, it has made countries pay great attention to the direction of information security. The question about how to protect information security has become an increasingly concerned issue. This paper introduces a widely used algorithm based on FPGA of symmetric encryption algorithm AES, because its key has three kinds of length 128bit, 192bit, 256bit, which can guarantee its difficulty in the crack, so it is relatively safe, this design can include encryption path and decryption path, you can also shield the decryption path and only include the encrypted path to reduce the use of resources in order to apply to resources insufficiently when the data is encrypted. Besides, this article can also be used for the key and data transmission using 32bit bus, multi-clock transmission. Through the Jtag Uart module to achieve the computer and embedded system communication, you can use it in the IDE integrated environment to achieve the program window to debug and monitor.
1. Introduction
AES encryption and decryption has key length, anti-differential ability, which it is easy toachieve , Low cost, fast , which is to replace the traditional DES, 3DES encryption standards .On the other hand, Traditional software encryption method is to deal with slow, poor real-time , which is compared to the hardware encryption, it is easier to crack. The nios II which is processing system's peripheral configuration has great flexibility, which is depending on the user's specific needs and doing a variety of Peripherals upgrades, etc., rapid expansion, tailoring the corresponding IP CORE, thus it is ready to be a complete, powerful sopc system, not only can achieve flexible configuration, custom command, Remote hardware upgrades, etc., and the development cycle is Short, which it is not need to change the hardware layout design. Here the use of nios II processor is to achieve AES-based encryption and decryption system, AES algorithm is relative to some addition and multiplication, these addition and multiplication are defined in a specific field, which is characterized by the efficient use of hardware to achieve. The test data is used to encrypt and decrypt the system, the editor uses the random number generator to generate the key and the processed data is to increase the accuracy of the system test. The random number generator is designed by the editor according to the cellular automata theory Using FPGA independent design.
2. AES Algorithm Overview
AES algorithm includes encryption and decryption algorithm which is key expansion algorithm,because the AES algorithm is not completely symmetric, so encryption and decryption path has its own hardware. The encryption process consists of byte substitution transformations, row shift transformations, column mixed transformations, and round keys, and the resulting Nr rounds of the
93
Journal of Electronics and Information Science(2017) 2: 93-97 Clausius Scientific Press, Canada
algorithm, process is subkey whrequires anthe externaextension round. AEvariable wi
AES alg(a) to de(b) to g
function iscovers the
(c) Nr-substitution
(d) the lXOR funct
(e) Defi
3. FPGA-b
S-box tra decisive faster, logichip RAMreplacemenhas a reconconsumptiomodule usalso suitabmodule is s
where the similar to t
here is usedn extension al input encalgorithm tS operationith the follo
gorithm encefine a 128-
give a plaints the key whState variab1 iteration n, row shiftlast round otion, the resine State as
based AES
ransform, arole in the
ical resourcM unit, the en
nt table andnfigurable on, and it ing the mu
ble for the shown in Fi
last roundthe decryptid in the enkey to parti
cryption keyto generate ns are byte-bowing 4 * 4
F
cryption pro-bit intermetext to be dhich is geneble. of the Sta
t, and columof the cyclesults stored a cipher tex
Encryptio
also known security le
ce utilizationncryption pd to complefunction, Itis better re
ultiplicative S-box tranigure 2.
Fig. 2 K
d does not ion process
ncryption anicipate, but y and decrythe encryp
based, all thbyte matrix
,r cS
Fig.1 4 * 4
ocess text dediate state v
decrypted, aerated by th
ate variablemn mixing. Se will be miin the Statext and outpu
n and Decr
as byte tranevel of the an is higher,rocess acco
ete each an t improves esistant to dinverse and
sform mod
Key schedul
to do colus, except thand decryptithe order o
yption key iption and dhe variablesx expression
0 ,0 0 ,1 0 ,
1,0 1,1 1,2
2 ,0 2 ,1 2
3 ,0 3 ,1 3 ,
, ,
, ,
, ,
, ,
s s s
s s s
s s s
s s s
4 byte matri
escription isvariable Staassign it to he state and
e in the orState stores ixed with the; ut it.
ryption Sys
nsform, whialgorithm. I, we will re
ording to thequick operits securitydifferential d affine tra
dule (Inv Su
ling module
mn hybrid at the varioion algorith
of use is justis limited, tecryption k are used byn in Figure
,2 0 ,3
2 1,3
,2 2 ,3
2 3 ,3
,
,
,
,
s
s
s
s
ix expressio
s as followsate, which isState, call tkey extensi
rder of thethe encrypt
he cycle of o
stem Design
ich is the onIn order to eplace the te length of tration of they level and
attacks. wansformationub-byte). T
e logic circu
transformaous transformhm is the st the opposithe AES algkeys which y the approp1.
on
: s stored as athe round kion function
round keytion result aoperation fo
n
nly nonlineamake the l
table storedthe input dae bytes. Thapplication
we constructn of the finhe design o
uit diagram
ations. The rmations aresame, and ite. Since thgorithm reqare require
priate byte,
a byte matrikey XOR fun, and the o
y exclusiveafter each cyfor the cycle
ar operationlookup tabl
d in the FPGata to find R
he S-box in range, redu
t the follownite field. thof the key
encryptione used. Theeach roundhe length ofquires a keyed for each the middle
ix; unction, theoutput value
e OR, byteycle; e of the key
n that playse operationGA internalRAM in thethis designuces powerwing S-boxhe S-box isscheduling
n e d f y h e
e e
e
y
s n l e n r x s g
94
4. Simulat
In the pnetwork sethe securidemonstratsoftware pcompiled, system meEP2C35F6is based onand system
(a) S boFrom F
conversionfunction is
(b) line Here th
matrix trannot changeprocess is aspecific en
(c) coluThe sim
According correct.
tion Test an
revious chaecurity procity processtion. The hpart is testeintegrated a
eets the req672C6 chip.n chaotic ne
m performanox conversioFigure 3 S-bn of 63,42 correct, to
shift modulhe line shiftnspose, so thed , The seas follows,
ncryption mo
F
umn mixing mulation of
to the prin
nd Perform
apters, the bcessor modesor model hardware ped using thand simulatquirements . Below weeural netwonce analysison module box transfointo 2C, recomplete th
Fig. 3
le ft module tohe two rowcond unit band the decode is show
Fig.4 Line
module f the columnciple of Ch
mance Anal
background,el which is b
is simulatart of the he Nios II ted in the Qin terms owill be on
ork S-box m.
ormation simefer to the he byte repl
S box tra
o 4*4 byte s as a whole
begins to mcryption prown in Figure
e shift modu
mn mixing mhapter II, w
lysis
, theoreticalbased on FPted and teplatform isdevelopme
Quartus II aof timing a
the AES enmodule and
mulation diS-box conv
lacement op
ansformation
matrix as e unit, a tot
move forwarocess is revee 4.
ule simulatio
module in twe can see th
l basis and dPGA are exested, whics developedent environnd Modelsind functionncryption ansafe proces
iagram canversion tab
peration.
n simulation
input, in otal of four urd in turn. Tersed. The r
on diagram
the encrypthat the func
design methpounded in
ch is of td by using
nment. The im test softwn. Pin confnd decryptissor model
n be seen, 0le shows th
n chart
order to dispunits, you caThe conversrow shift mo
(encryption
tion mode iction simula
hod of the cn detail. In tthe process the DE2 security p
ware to verfiguration iion sub-modsystem sim
00 correspohat the S-b
splay convean see the firsion of the odule simul
n mode)
is shown ination of the
haos neuralhis chapter,sor systemboard. The
processor isrify that thes based ondule, which
mulation test
onds to thebox module
enience, theirst unit hasencryption
lation in the
n Figure 5.e module is
l ,
m e s e n h t
e e
e s n e
. s
95
5. Overall
From thresources, of storage of memoryfrequency related schhigher throcomprehenresource ut
Pr
ThisTraditio
(not impLiter
prLiter
pr
6. Conclus
This chdemonstratthe safety the improvother perfoachieve thhardware rvery good,and can be
Reference
[1] Imaña J L
Fig.
Comprehe
he comprehthe total nuis 483840. Ty, the systeof 93.64M
heme. It canough put afnsive perfortilization, it
rogram
s program onal solutioproved S borature [64] rogram rature [65] rogram
sion
hapter is simtion of the Aprocessor mved S-box, ormance in
he overall presource con, which effe
e widely use
es
L. Low-delay
5 Column
ensive Perf
hensive resumber of syThe systemem's hardw
MHz. Table n be seen tfter the intrrmance ratit can be wid
T
Hardw(
on ox)
mulation teAES modulmodel of th
the use ofndicators to platform pernsumption aectively imped in the fiel
y AES polyno
n Mixing M
formance A
sults on theystem chip l
m occupies 4ware resourc
1 shows ththat the schroduction oo Very goo
dely used in
Table 1 Dem
ware consumper number
5600 2800
1569
7890
est and pere of the enc
he chaotic nf nonlinear,
assess. Finrformance aand higher tproves the rld of securit
omial basis m
Module Simu
Analysis
e map, we logic unit 34988 (15%) ce utilizatio
he comparisheme still hof the chaotod, effectiven the field of
monstration
mption r)
Th
rformance acryption andneural netwo avalanchenally, throuanalysis. Ththroughput,resource utity encryptio
multiplier[J]. E
ulation Char
can find t3216, the nlogical unit
on is higheson of the thas less hardtic neural nely improvef security en
data examp
hroughput r(Mbps) 4590 1080
279
4980
analysis. Fid decryptionork are pres, differentia
ugh the comhe analysis, and the coilization raton.
Electronics L
rt (Encrypti
the use of umber of pts, 76 (16%er, the systetest data of dware resou
network impe the securincryption.
ple
rate P(
rstly, the sn system, thsented respeal approximmparison w
shows thamprehensive of the sec
Letters, 2016,
ion Mode)
the systempins is 475,
%) and 75776em's maximf this schemurce consumproved S-boity processo
Performance(Mbps/nume
0.819 0.385
0.177
0.631
simulation ahe improvedectively. Se
mation probwith other pat the schemve performacurity proce
52(11):930-9
m hardwarethe number6bits (16%)mum stableme with themption andox, and theor model of
e ratio eber)
and systemd S-box andecondly, forbability andprograms tome has lessance ratio isessor model
932.
e r ) e e d e f
m d r d o s s l
96
[2] Jankowski K, Laurent P. Packed AES-GCM Algorithm Suitable for AES/PCLMULQDQ Instructions[J]. IEEE Transactions on Computers, 2011, 60(1):135-138.
[3] Rahimunnisa K, Karthigaikumar P, Kirubavathy J, et al. A 0.13-µm implementation of 5 Gb/s and 3-mW folded parallel architecture for AES algorithm[J]. International Journal of Electronics, 2014, 101(2):182-193.
[4] Priya S S S, Karthigaikumar P, Sivamangai N M, et al. High Throughput AES Algorithm Using Parallel Subbytes and MixColumn[J]. Wireless Personal Communications, 2016:1-17.
[5] Cho J, Soekamtoputra S, Choi K, et al. Power dissipation and area comparison of 512-bit and 1024-bit key AES[J]. Computers & Mathematics with Applications, 2013, 65(9):1378-1383.
[6] Alzahrani A, Demara R F. Fast Online Diagnosis and Recovery of Reconfigurable Logic Fabrics using Design Disjunction [J]. IEEE Transactions on Computers, 2016, 65(10):1-1.
[7] Jun Y, Jun D, Na L, et al. FPGA-Based Design and Implementation of Reduced AES Algorithm[J]. IEEE, 2010, 2:67-70.
97