Area-throughput trade-offs for fully pipelined 30 to 70 Gbits/s AES processors

TLDR: The area-throughput trade-off for an ASIC implementation of the advanced encryption standard (AES) is explored and the over 30 Gbits/s, fully pipelined AES processor operating in the counter mode of operation can be used for the encryption of data on optical links.

Abstract: This paper explores the area-throughput trade-off for an ASIC implementation of the advanced encryption standard (AES). Different pipelined implementations of the AES algorithm as well as the design decisions and the area optimizations that lead to a low area and high throughput AES encryption processor are presented. With loop unrolling and outer-round pipelining techniques, throughputs of 30 Gbits/s to 70 Gbits/s are achievable in a 0.18-/spl mu/m CMOS technology. Moreover, by pipelining the composite field implementation of the byte substitution phase of the AES algorithm (inner-round pipelining), the area consumption is reduced up to 35 percent. By designing an offline key scheduling unit for the AES processor the area cost is further reduced by 28 percent, which results in a total reduction of 48 percent while the same throughput is maintained. Therefore, the over 30 Gbits/s, fully pipelined AES processor operating in the counter mode of operation can be used for the encryption of data on optical links.

Figures

Fig. 5. The area-delay trade-off for the Sbox.

Fig. 8. (a) Block diagram of the processor with offline key scheduling unit. (b) The offline key scheduling datapath. (c) Encryption pipeline for the AES design with offline key scheduling.

Fig. 9. The throughput-area trade-off of the AES processor with offline key scheduling.

Fig. 1. AES in the counter mode of operation.

Fig. 2. Advanced Encryption Standard.

Fig. 4. Byte substitution architectures. (a) Sbox using LUT implementation. (b) Nonpipelined Sbox using GF operations. (c) Two-stage pipelined Sbox using GF operations. (d) Three-stage pipelined Sbox using GF operations.

Frequently asked questions

Q1. What are the contributions mentioned in the paper "Area-throughput trade-offs for fully pipelined 30 to 70 gbits/s aes processors" ?

This paper explores the area-throughput trade-off for an ASIC implementation of the Advanced Encryption Standard ( AES ). By designing an offline key scheduling unit for the AES processor the area cost is further reduced by 28 percent, which results in a total reduction of 48 percent while the same throughput is maintained. 

Q2. What is the area efficient AES architecture?

The area efficient AES architecture withthroughput rate of over 30 Gbits/s is used in the countermode of operation for the encryption of data streams inoptical networks. 

Q3. How many strings of 128-bit random numbers is generated?

Starting from a secure nonrepeating initial seed, a sequence of a maximum of 2128 strings of 128-bit random numbers is generated. 

Q4. What is the cost of the inner round pipelining?

The inner round pipelining of the AES algorithm reduces the area while the same throughput is maintained, but the cost is an increase in latency. 

Q5. How can the authors achieve the above throughput rate?

The architectures that are addressed in this paper can achieve the above throughput rate with a reduction up to 48 percent in the area cost compared to a straightforward pipelined design of the AES algorithm. 

Q6. How many cycles are there for the inner and outer round pipelined designs?

For the fully inner and outer round pipelined designs with three or four pipeline stages per round, the latencies are 31 and 41 cycles, respectively. 

Q7. What is the simplest way to achieve a throughput of 10 Gbits/s?

Published by the IEEE Computer Societytherefore, they can only provide a throughput rate of between 2 to 3 Gbits/s. Only reference [14] can achieve the throughput of 10 Gbps by implementing binary decision diagram (BDD) circuit architecture and TBoxes, which are the combination of Sboxes and the mix-column phase of the AES algorithm. 

Q8. How much area can an architecture with an offline key scheduling unit cost?

the architecture with four pipeline stages perround can cost up to 33 percent less area than the same-speed design with LUT Sbox implementation. 

Q9. How is the area reduced in the composite field implementation of the AES algorithm?

By using a pipelined design of the compositefield implementation of the byte substitution phase of theAES algorithm, the area is reduced up to 35 percent. 

Q10. What is the key scheduling unit for the AES algorithm?

In this approach, for every session key, first the offline key scheduling unit calculates the required round keys for every round and stores them inside the round key registers. 

Q11. What is the way to achieve a high throughput rate?

On the other hand, there are several implementations for FPGA that can achieve a throughput rate of 1 to 20 Gbits/s because they unroll the encryption rounds and use pipelining.