Master of Engineering Science
Electrical and Computer Engineering
The Advanced Encryption Standard (AES) is the most popular algorithm used in symmetric key cryptography. The eﬃcient computation of AES is essential for many computing platforms. The S-box is the only nonlinear transformation step of the AES algorithm. Eﬃcient implementation of the AES S-box is very crucial for AES hardware. The AES S-box could be implemented by using look-up table method or by using ﬁnite ﬁeld arithmetic. The ﬁnite ﬁeld arithmetic design approach to implement the AES S-box is superior in saving the hardware resources. The main objective of this thesis is to evaluate, compare and improve the hardware implementations of the forward, inverse and combined AES S-box in terms of area and/or delay. Both the composite ﬁeld GF((2^4)^2) and the tower ﬁeld GF(((2^2)^2)^2) are considered. Our ﬁrst improvement is the optimization of the input and output linear mappings of the S- box in order to design a more compact circuit. Our second improvement aims at modifying the architecture of the S-box to achieve a higher speed. We used multiplication of the S-box input by an 8-bit binary ﬁeld element to optimize the input and output transformation matrices of the S-box. A Matlab® search is then conducted to ﬁnd more compact linear mappings for the S-box. We also modified the fast S-box architecture, in addition to optimizing and searching the extended linear input mappings to improve the speed of Reyhani et al. fast S-box. The improved fast S-box, Fast 3, is the fastest and most eﬃcient (measured by area × delay) AES S-box available in the literature, up to our knowledge. We also improved the area and delay of the inversion circuit of the lightweight and fast S-boxes in , by slightly modifying the exponentiation block and designing a new subﬁeld inverter block. The improved inversion circuit leads to a more compact and a faster lightweight S-box and it yields a lower area fast S-box.
Moreover, we show that the “tech. XORs” concept proposed by Maximov et al.  to estimate the delay of the S-box is not accurate. We show how to use the logical eﬀort method  instead to estimate and compare the delay of previous and improved S-boxes, regardless of the CMOS technology library used for the implementation.
We veriﬁed all the codes at the RTL level using Mentor Graphics Modelsim®, by comparing against the legitimate S-box outputs. We synthesized the designs using STM 65nm CMOS standard cell library and we used VHDL coding as the design entry method to Synopsys Design Compiler®. The synthesis results conﬁrm the lower area and / or delay of the improved S-box designs and match our space and timing analyses.
Summary for Lay Audience
The Advanced Encryption Standard (AES) is the most popular algorithm used in symmetric key cryptography. The eﬃcient computation of AES is essential for many computing platforms. The S-box is the only nonlinear transformation step of the AES algorithm. Eﬃcient implementation of the AES S-box is very crucial for AES hardware. The AES S-box can be implemented eﬃciently in hardware using ﬁnite ﬁeld arithmetic. The S-box input mapping is a linear transformation matrix that is used to map all the bytes at the input of the S-box to a diﬀerent ﬁeld, where the S-box computations will be done more eﬃciently. The output mapping is the linear transformation matrix that combines the inverse isomorphic mapping used to re-map the computations back to the S-box original ﬁeld and the aﬃne transformation step of the S-box.
In this thesis, we evaluated, improved and compared several previous forward, inverse and combined AES S-boxes in terms of implementation area and/or critical path delay. We improved the implementation area of some S-boxes by optimizing the aforementioned input and output mappings. We improved other designs by modifying the architecture of the S-box to reduce the delay. Matlab® is used to search for the most compact linear mappings. We veriﬁed all the codes using Computer-Aided Design (CAD) tools and we used Very high speed integrated circuit Hardware Description Language (VHDL) coding as a design entry method to the CAD tool in order to obtain the simulation results. The simulation results confirm the improved performance of the proposed S-boxes and match our space and timing analyses.
Ashmawy, Doaa, "Performance Evaluation, Comparison and Improvement of the Hardware Implementations of the Advanced Encryption Standard S-box" (2020). Electronic Thesis and Dissertation Repository. 7179.