Efficient Rijndael Encryption Implementation with Composite Field Arithmetic

Rudra, Atri; Dubey, Pradeep; Jutla, Charanjit S.; Kumar, Vijay; Rao, Josyula R.; Rohatgi, Pankaj

doi:10.1007/3-540-44709-1_16

Cited by 152 publications

(109 citation statements)

References 4 publications

(4 reference statements)

Supporting

Mentioning

109

Contrasting

Order By: Relevance

“…Adhering to the structure of the algorithm specification of [4] as in Figure 6(a), this design achieves a throughput of 1.82 Gbits/sec in 0.18 µm CMOS technology, where each S-box costs about 2200 gates. Since some operations over the composite field GF((2 4 ) 2 ) are more compact than over GF (2 8 ), an efficient Rijndael design in composite field arithmetic is proposed in [20]. A cryptographic core (i.e., essentially one round mainly consisting of 16 S-boxes and the MDS mapping layer) in [20] only costs about 4000 gates and a delay of 240 gate levels [21] is expected in theory.…”

Section: Efficient Rijndael Encryption Implementationsmentioning

confidence: 99%

Hardware Design and Analysis of Block Cipher Components

Xiao

Heys

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

This paper describes the efficient implementation of Maximum Distance Separable (MDS) mappings and Substitution-boxes (S-boxes) in gate-level hardware for application to Substitution-Permutation Network (SPN) block cipher design. Different implementations of parameterized MDS mappings and S-boxes are evaluated using gate count as the space complexity measure and gate levels traversed as the time complexity measure. On this basis, a method to optimize MDS codes for hardware is introduced by considering the complexity analysis of bit parallel multipliers. We also provide a general architecture to implement any invertible S-box which has low space and time complexities. As an example, two efficient implementations of Rijndael, the Advanced Encryption Standard (AES), are considered to examine the different tradeoffs between speed and time.

show abstract

Section: Efficient Rijndael Encryption Implementationsmentioning

confidence: 99%

Hardware Design and Analysis of Block Cipher Components

Xiao

Heys

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…-A common hardware technique to compute the AES S-box uses an isomorphism IF 2 8 → IF 2 2 4 and subsequently reduces the problem of inversion in the latter field to that of one in in the ground field; [13,14,7] are good examples of this. Using a similar technique in software when equipped with a byte-vector shuffle instruction and using a novel field element representation, Hamburg presents techniques for fast and constant-time software implementation of AES [10].…”

Section: Introductionmentioning

confidence: 99%

Secure and Fast Implementations of Two Involution Ciphers

Brumley

2012

Information Security Technology for Applications

View full text Add to dashboard Cite

Abstract. Anubis and Khazad are closely related involution block ciphers. Building on two recent AES software results, this work presents a number of constant-time software implementations of Anubis and Khazad for processors with a byte-vector shuffle instruction, such as those that support SSSE3. For Anubis, the first is serial in the sense that it employs only one cipher instance and is compatible with all standard block cipher modes. Efficiency is largely due to the S-box construction that is simple to realize using a byte shuffler. The equivalent for Khazad runs two parallel instances in counter mode. The second for each cipher is a parallel bit-slice implementation in counter mode.

show abstract

“…The proposed design suggested the use of Optimal Normal Basis for efficient inversion in GF (2 8 ). J. Wolkerstorfer [1] and A.Rudra [5] implemented the AES S-box by representing GF (2 8 ) as a quadratic extension of the GF(2 4 ) using polynomial basis. In this approach a byte in GF (2 8 ) is first decomposed into linear polynomial with coefficients in GF (2 4 ) and different arithmetic operations in GF(2 4 ) are computed using combinational logic.…”

Section: Introductionmentioning

confidence: 99%

A Compact S-Box Design for SMS4 Block Cipher

Abbasi

Afzal

2011

Lecture Notes in Electrical Engineering

View full text Add to dashboard Cite

Abstract. This paper proposes a compact design of SMS4 S-box using combinational logic which is suitable for the implementation in area constraint environments like smart cards. The inversion algorithm of the proposed S-box is based on composite field GF(((2 2 ) 2 ) 2 ) using normal basis at all levels. In our approach, we examined all possible normal basis combinations having trace equal to one at each subfield level. There are 16 such possible combinations with normal basis and we have compared the S-box designs based on each case in terms of logic gates it uses for implementation. The isomorphism mapping and inverse mapping bit matrices are fully optimized using greedy algorithm. We prove that our best case reduces the complexity upon the SMS4 S-box design with existing inversion algorithm based on polynomial basis by 15% XOR and 42% AND gates.

show abstract

Efficient Rijndael Encryption Implementation with Composite Field Arithmetic

Cited by 152 publications

References 4 publications

Hardware Design and Analysis of Block Cipher Components

Hardware Design and Analysis of Block Cipher Components

Secure and Fast Implementations of Two Involution Ciphers

A Compact S-Box Design for SMS4 Block Cipher

Contact Info

Product

Resources

About