Research On Optimization Design Method Of AES Implementation Based On Composite Field Arithmetic

Cryptography is the foundation of information security.Advanced Encryption Standard(AES)has been widely used in various fields of information security especially in the field of wireless sensor networks,radio frequency identification(RFID)and other resources limited applications.However,to implement the AES algorithm on the hardware platform which has low cost,low power and limited resources is a new challenge in circuit design.To overcome these limitations,AES optimization design method based on composite field arithmetic is studied in this thesis.Optimizations in the studies can be abstracted into three levels,include arithmetic-level,structural-level and systemic-level.Arithmetic-level optimization is comprised of delay control in common subexpression elimination(CSE)algorithm,optimal structure of multiplicative inverse over GF((2~4)~2)and common subexpressions(CSs)sharing among units in multiplicative inverse over GF(((2~2)~2)~2).At structural level,a novel hardware structure of round transformation is proposed based on merged matrices to reduce the area and delay.Based on above researches,a very compact AES-CCM* co-processor for ZigBee node chip is designed at systemic-level.The major contributions of this thesis are as follows.An efficient delay aware CSE(DACSE)is proposed based on theory of shortest path binary tree(SPBT)structure to eliminate the CSs under a delay constraint.Using SPBT structure,the study proves that elimination of CSs may cause the increase in critical path.A novel shortest path CSE(SPCSE)algorithm is developed to keep the path length of each output signal unchanged during CSs elimination process.On this basis,another novel DACSE algorithm is also developed.DACSE algorithm provides a trade-off between area and delay from smaller circuit area to shortest critical path.A shorter delay S-Box structure over GF((2~4)~2)is proposed for high speed AES circuit.The redundant AND gates in the multiplier and multiplier inverse over GF(2~4)is eliminated by using AND-XOR array structure.The influence of irreducible polynomial and bases on the complexities of hardware is studied and a mapping matrices generation algorithm is proposed which can generate the corresponding mapping matrices automatically according to given GF((2~4)~2)field.The DACSE algorithm is then combined with mapping matrices generation algorithm to eliminate the CSs in the mapping matrices.A short delay S-Box structure is constructed according to the optimal mapping matrices and the optimal multiplicative inverse structure.A compact GF(((2~2)~2)~2)S-Box structure is proposed based on group optimization scheme.For eliminating CSs among various operations over GF((2~2)~2)in the multiplier inverse over GF(((2~2)~2)~2),the logic expressions of each operation are derived.Furthermore,the expressions of multiplier over GF((2~2)~2)are converted to XOR-AND-XOR form.The operations over GF((2~2)~2)are grouped together and optimized in both combined and individual formations respectively.Minimal area and delay of GF(((2~2)~2)~2)S-Box is achieved using group optimization scheme.In order to further reduce the circuit area and delay of AES,a new round transformation function is proposed based on merged matrices.Constant coefficient multiplications of MixColumns operation are derived into matrix forms.The three units i.e.Composite-field-based S-box,ShiftRows and MixColumns are merged and optimized according to the expressions of round transform.The AES encryption / decryption multiplexing circuit is also designed based on the Time Division Multiplexing(TDM).The area in AES encryption / decryption multiplexing circuit is reduced by 28.12% compared with total area of AES encryption / decryption circuit and reduced by 46.06% compared with straight forward AES implementation.Finally,a very compact AES-CCM* co-processor for ZigBee node chip is designed.The AES-CCM* co-processor is implemented by single AES unit for all cryptographic operations of AES-CCM*,which include encryption,decryption and MAC operations,and HMAC operation in the key establishment protocol of symmetric-key.The proposed co-processor can reduce the resources consumed in ZigBee systems.