US20080031454A1 - High throughput AES architecture - Google Patents
High throughput AES architecture Download PDFInfo
- Publication number
- US20080031454A1 US20080031454A1 US11/786,191 US78619107A US2008031454A1 US 20080031454 A1 US20080031454 A1 US 20080031454A1 US 78619107 A US78619107 A US 78619107A US 2008031454 A1 US2008031454 A1 US 2008031454A1
- Authority
- US
- United States
- Prior art keywords
- aes
- circuit
- architecture
- parallel
- sub
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/125—Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
Definitions
- This invention relates to the field of encryption systems, and particularly to advanced encryption standard (AES) architectures.
- AES advanced encryption standard
- the advanced encryption standard is a new encryption standard which implements the Rijndael algorithm.
- the Rijndael algorithm accepts data blocks and key sizes of 128, 192, or 256 bits; the AES implementation is a symmetric block cipher with 128 bit data blocks and a key size that can be chosen from 128, 192, or 256 bits.
- the AES algorithm may be employed as an electronic code book (ECB) which receives plaintext (P) and produces an encrypted output (C).
- EBC electronic code book
- the algorithm may also be employed in one of several feedback modes of operation; such feedback modes include Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Output Feedback (OFB).
- CBC Cipher Block Chaining
- CFB Cipher Feedback
- OFB Output Feedback
- an implementation of the AES standard will have a high data rate.
- Several AES designs have been proposed to achieve a high data rate based on pipelined architectures. These work well when employing the AES algorithm as an ECB, with no feedback.
- the AES standard is most often used in the feedback modes of operation; in these modes, the output of the AES algorithm is fed back to the input. Unfortunately, this arrangement is incompatible with pipeline structures, due to the long latency of each pipeline path.
- An AES architecture is presented which overcomes the problems noted above. High throughput is achieved, even when the AES algorithm is employed with one of the feedback modes of operation.
- the present invention is a low latency, non-pipelined AES architecture. Hardware is provided for one encryption round, which is re-used as needed to complete the encryption process. This permits feedback modes to be used without adversely affecting AES throughput.
- the present architecture requires a maximum parallel encryption module, which is arranged to implement one round of the AES algorithm in one clock cycle. It also requires a maximum parallel key scheduling module, arranged to generate sub keys in one clock cycle in parallel with the encryption module.
- the encryption and key scheduling modules are preferably made from combinatorial logic blocks, replicated as necessary to achieve one round per clock cycle.
- a controller controls the operation of the encryption and key scheduling modules such that one round of the AES algorithm is completed per clock cycle.
- the controller is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs).
- FSMs finite state machines
- FIG. 1 is a diagram showing known implementations of various modes of operation used in combination with the AES algorithm.
- FIG. 2 is a block diagram of an AES architecture in accordance with the present invention.
- FIG. 3 is a block diagram of a maximum parallel encryption data path in accordance with the present invention.
- FIG. 4 a is a block diagram of a key scheduling architecture as might be used with an AES architecture in accordance with the present invention, which accommodates data block lengths of 128, 192 or 256 bits.
- FIG. 4 b is an alternative embodiment of a key scheduling architecture as might be used with an AES architecture in accordance with the present invention, which accommodates a data block length of 128 bits.
- FIG. 5 is a block diagram of a hierarchical distributed control scheme as might be used with an AES architecture in accordance with the present invention.
- FIGS. 6 a - 6 c illustrate the operation of the present AES architecture in a three different feedback modes of operation.
- FIG. 2 An AES architecture in accordance with the present invention is shown in FIG. 2 .
- the present architecture provides high throughput, even with feedback modes of operation.
- an encryption module 10 is made maximum parallel; i.e., all operations that can occur in parallel, do occur in parallel. This means that every bit of an N-bit data block is processed simultaneously through the encryption module. Thus, if the data block length N is chosen to be 256 bits, the encryption module receives and processes all 256 bits at once. Furthermore, the encryption module implements one round of the AES algorithm in one clock cycle.
- the key scheduling module 12 is also made maximum parallel, such that the sub-keys required by encryption module 10 are generated in one clock cycle, in parallel with the encryption module.
- Encryption module 10 and key scheduling module 12 are controlled via controller 14 .
- the controller is adapted to operate encryption module 10 and key scheduling module 12 to perform one round of the AES algorithm in one clock cycle.
- Controller 14 is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs), such as an input FSM 15 and an output FSM 16 which control the operation of an input buffer 17 and an output buffer 18 , respectively.
- FSMs finite state machines
- the controller preferably also communicates with the outside world via input commands and output status bits.
- the control scheme preferably also includes FSMs 19 and 20 , which control the operation of encryption module 10 and key scheduling module 12 , respectively, and may be internal or external to their respective modules.
- Controller 14 preferably also includes an FSM 22 ; the controller's implementation is discussed in more detail in relation to FIG. 5 , below.
- the key is provided to key scheduling module 12 either via the input port and encryption module, or (as shown in FIG. 2 ) via a separate port; in either case, the key is stored in a key register 26 .
- the system also includes a key entry buffer 27 which is controlled with its own FSM 28 .
- the present AES architecture provides low latency and high throughput, even when used with feedback modes of operation.
- the architecture also preferably includes asynchronous input and output buffers, which implement a full handshake.
- Asynchronous input buffer 17 loads X-bit data bytes to be encrypted (P), places them in parallel in an N-bit internal register 24 , and presents the N bits to the input of encryption module 10 simultaneously.
- asynchronous output buffer 18 receives the N-bit output from encryption module 10 and outputs encoded X-bit data bytes (C) to an output bus.
- This arrangement decouples the external I/O operations, i.e., the loading and unloading of data, from the internal operation of the encryption core (modules 10 and 12 ). This allows the input and output busses to be any width compared to the internal input and output registers.
- the encryption core can be used in an environment in which the number of pins is limited (e.g., an 8-bit bus or a serial link), as well as with high speed parallel busses (e.g., 64, 128 or 256 bits).
- the preferred asynchronous input and output buffers are that they enable a slow input and/or output to still be combined with fast internal operation, with the handshaking stretched over a large number of clock cycles to accommodate the slow interface.
- the module includes four different sub-modules: a substitution sub-module 30 , a shift row sub-module 32 , a mix column sub-module 34 , and a key addition sub-module 36 ; the functionality of each sub-module is defined in the AES standard.
- the sub-modules are preferably implemented with combinatorial logic and lookup tables, and the data path is made wide enough to accommodate the entire data block length of 128, 192, or 256 bits.
- the data path may be wider than that shown in FIG. 3 ; for example, the path would be twice as wide as that shown to accommodate a data block length of 256 bits.
- the incoming data bits are preferably divided into 8-bit bytes, each of which is used to address an S-box lookup table.
- Each S-box contains 256 8-bit entries.
- the same S-box is replicated 32 times for an expected data block length of 256 bits.
- the S-box is replicated 16 or 24 times for expected data block lengths of 128 or 192 bits, respectively.
- the 256 bits of incoming data are preferably divided into four 64 bit chunks, each of which is called a “row” and contains eight bytes. Byte-wise cyclic shifts are performed on each row, with the amount of shift determined by the block length through a lookup table, as defined in the AES standard.
- mix column sub-module 34 matrix multiplication is performed on the shifted bytes in accordance with the mix column definition specified in the AES standard, using combinatorial logic; four, six, or eight blocks are used for data block lengths of 128, 192, or 256 bits, respectively.
- key addition sub-module 36 exclusive-OR's the mix column output with the sub-keys received from key scheduling module 12 , as prescribed by the AES standard, to generate the encrypted output.
- Sub-module 36 uses 128, 192 or 256 exclusive-OR gates to produce an output of 128, 192 or 256 bits, respectively.
- Maximum parallel key scheduling module 12 has a data path wide enough to accommodate the maximum expected key length. Sub-keys are generated on the fly, in one clock cycle and in parallel with the encryption module. Key scheduling module 12 is arranged to accommodate the different key and block lengths allowed by the Rijndael algorithm or the AES standard, as necessary.
- the Rijndael algorithm allows block lengths and key lengths of 128, 192 and 256 bits, while the AES standard limits the block length to 128 bits.
- the key scheduling module 12 is arranged to accommodate the nine different key length and block length combinations, and operates as defined in the Rijndael algorithm. For the latter case, only three combinations must be accommodated, with operation of the key scheduling module defined in the AES standard.
- Key scheduling module 12 has to provide one N-bit roundkey per clock cycle to encryption module 10 .
- the roundkey is constructed out of k-bit sub-keys. When N is larger than k, multiple sub-keys are required within one clock cycle.
- the use of two key scheduling blocks 40 and 42 allow evaluation of two iterations of the key scheduling.
- the N-bit roundkey is assembled out of k-bit sub-keys P, C, and N, produced by the previous, current, and next key schedule iterations. Assembly of the roundkey is under the control of a key schedule controller 44 .
- Controller 44 also steers the pace of the key schedule iterations by selecting which sub-key is used as iterated key: when the P key is selected, the key schedule does not advance. When the C key is selected, one iteration per clock cycle is taken, and when the N sub-key is selected, two iterations are taken per clock cycle.
- a simplified key scheduling architecture may be used when only three key and block length combinations must be accommodated; such an architecture is shown in FIG. 4 b .
- only one key scheduling block 52 is required to produce the 128 bit roundkey required by the encryption module.
- controller 14 is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs); this avoids having the controller logic in the critical path, which might slow down the system.
- FSMs finite state machines
- FIG. 5 Such a control scheme is shown in FIG. 5 : main FSM 14 receives instructions from and provides status to the outside world, and decomposes the instructions into detailed micro instructions (M.I.) for the different local FSMs, such as input FSM 15 , encryption FSM 19 , key scheduling FSM 20 , and output FSM 18 .
- the local FSMs provide control signals (C.S.) to their respective modules, and provide status back to the main FSM.
- Each FSM preferably operates off of a single clock (CLK). This approach has the advantage that each of the FSMs can be kept small, and thus high speed.
- control scheme key scheduling module
- encryption module and encryption module shown above are merely exemplary. Other designs could be used to implement these functions in accordance with the definitions given in the AES standard, as long as the encryption and key scheduling modules are made maximum parallel, and the architecture can implement one round of the AES algorithm in one clock cycle.
- the present AES architecture can be used with one of the feedback modes of operation. This is illustrated in FIGS. 6 a - 6 c , which shows only circuitry immediately around encryption module 10 .
- the architecture is arranged to implement the electronic code book (ECB) mode of operation.
- EBC electronic code book
- FIG. 6 a the Cipher Block Chaining (CBC) feedback mode of operation is implemented between register 24 and encryption module 10 .
- FIG. 6 b the Output Feedback (OFB) mode of operation is illustrated, while in FIG. 6 c , the Cipher Feedback (CFB) feedback mode is shown.
- OFB Output Feedback
- CFB Cipher Feedback
- Other feedback modes may be accommodated in a similar fashion.
Abstract
An advanced encryption system (AES) architecture includes a maximum parallel encryption module which implements one round of the AES algorithm in one clock cycle, and a maximum parallel key scheduling module which generates sub-keys in one clock cycle in parallel with the encryption module, thereby permitting feedback modes of operation to be used without adversely affecting AES throughput. A controller controls the operation of the encryption and key scheduling modules such that one round is completed per clock cycle. The controller is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs). The architecture also preferably includes asynchronous input and output buffers.
Description
- 1. Field of the Invention
- This invention relates to the field of encryption systems, and particularly to advanced encryption standard (AES) architectures.
- 2. Description of the Related Art
- The advanced encryption standard (AES) is a new encryption standard which implements the Rijndael algorithm. The Rijndael algorithm accepts data blocks and key sizes of 128, 192, or 256 bits; the AES implementation is a symmetric block cipher with 128 bit data blocks and a key size that can be chosen from 128, 192, or 256 bits.
- Several possible implementation modes of the AES standard are shown in
FIG. 1 . The AES algorithm may be employed as an electronic code book (ECB) which receives plaintext (P) and produces an encrypted output (C). The algorithm may also be employed in one of several feedback modes of operation; such feedback modes include Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Output Feedback (OFB). - Ideally, an implementation of the AES standard will have a high data rate. Several AES designs have been proposed to achieve a high data rate based on pipelined architectures. These work well when employing the AES algorithm as an ECB, with no feedback. However, the AES standard is most often used in the feedback modes of operation; in these modes, the output of the AES algorithm is fed back to the input. Unfortunately, this arrangement is incompatible with pipeline structures, due to the long latency of each pipeline path.
- An AES architecture is presented which overcomes the problems noted above. High throughput is achieved, even when the AES algorithm is employed with one of the feedback modes of operation.
- The present invention is a low latency, non-pipelined AES architecture. Hardware is provided for one encryption round, which is re-used as needed to complete the encryption process. This permits feedback modes to be used without adversely affecting AES throughput.
- The present architecture requires a maximum parallel encryption module, which is arranged to implement one round of the AES algorithm in one clock cycle. It also requires a maximum parallel key scheduling module, arranged to generate sub keys in one clock cycle in parallel with the encryption module. The encryption and key scheduling modules are preferably made from combinatorial logic blocks, replicated as necessary to achieve one round per clock cycle.
- A controller controls the operation of the encryption and key scheduling modules such that one round of the AES algorithm is completed per clock cycle. The controller is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs).
- Further features and advantages of the invention will be apparent to those skilled in the art from the following detailed description, taken together with the accompanying drawings.
-
FIG. 1 is a diagram showing known implementations of various modes of operation used in combination with the AES algorithm. -
FIG. 2 is a block diagram of an AES architecture in accordance with the present invention. -
FIG. 3 is a block diagram of a maximum parallel encryption data path in accordance with the present invention. -
FIG. 4 a is a block diagram of a key scheduling architecture as might be used with an AES architecture in accordance with the present invention, which accommodates data block lengths of 128, 192 or 256 bits. -
FIG. 4 b is an alternative embodiment of a key scheduling architecture as might be used with an AES architecture in accordance with the present invention, which accommodates a data block length of 128 bits. -
FIG. 5 is a block diagram of a hierarchical distributed control scheme as might be used with an AES architecture in accordance with the present invention. -
FIGS. 6 a-6 c illustrate the operation of the present AES architecture in a three different feedback modes of operation. - An AES architecture in accordance with the present invention is shown in
FIG. 2 . When properly arranged, the present architecture provides high throughput, even with feedback modes of operation. At the heart of the architecture are anencryption module 10, akey scheduling module 12, and acontroller 14.Encryption module 10 is made maximum parallel; i.e., all operations that can occur in parallel, do occur in parallel. This means that every bit of an N-bit data block is processed simultaneously through the encryption module. Thus, if the data block length N is chosen to be 256 bits, the encryption module receives and processes all 256 bits at once. Furthermore, the encryption module implements one round of the AES algorithm in one clock cycle. - The
key scheduling module 12 is also made maximum parallel, such that the sub-keys required byencryption module 10 are generated in one clock cycle, in parallel with the encryption module. -
Encryption module 10 andkey scheduling module 12 are controlled viacontroller 14. The controller is adapted to operateencryption module 10 andkey scheduling module 12 to perform one round of the AES algorithm in one clock cycle.Controller 14 is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs), such as aninput FSM 15 and anoutput FSM 16 which control the operation of aninput buffer 17 and anoutput buffer 18, respectively. The controller preferably also communicates with the outside world via input commands and output status bits. The control scheme preferably also includesFSMs encryption module 10 andkey scheduling module 12, respectively, and may be internal or external to their respective modules.Controller 14 preferably also includes anFSM 22; the controller's implementation is discussed in more detail in relation toFIG. 5 , below. - The key is provided to
key scheduling module 12 either via the input port and encryption module, or (as shown inFIG. 2 ) via a separate port; in either case, the key is stored in akey register 26. When the key is provided via a separate port, the system also includes akey entry buffer 27 which is controlled with its own FSM 28. - When arranged as described above, the present AES architecture provides low latency and high throughput, even when used with feedback modes of operation.
- The architecture also preferably includes asynchronous input and output buffers, which implement a full handshake.
Asynchronous input buffer 17 loads X-bit data bytes to be encrypted (P), places them in parallel in an N-bitinternal register 24, and presents the N bits to the input ofencryption module 10 simultaneously. Similarly,asynchronous output buffer 18 receives the N-bit output fromencryption module 10 and outputs encoded X-bit data bytes (C) to an output bus. This arrangement decouples the external I/O operations, i.e., the loading and unloading of data, from the internal operation of the encryption core (modules 10 and 12). This allows the input and output busses to be any width compared to the internal input and output registers. Thus, the encryption core can be used in an environment in which the number of pins is limited (e.g., an 8-bit bus or a serial link), as well as with high speed parallel busses (e.g., 64, 128 or 256 bits). Another benefit afforded by the preferred asynchronous input and output buffers is that they enable a slow input and/or output to still be combined with fast internal operation, with the handshaking stretched over a large number of clock cycles to accommodate the slow interface. - One possible implementation for
encryption module 10 is shown inFIG. 3 . The module includes four different sub-modules: asubstitution sub-module 30, ashift row sub-module 32, a mix column sub-module 34, and akey addition sub-module 36; the functionality of each sub-module is defined in the AES standard. To achieve high throughput and low latency, the sub-modules are preferably implemented with combinatorial logic and lookup tables, and the data path is made wide enough to accommodate the entire data block length of 128, 192, or 256 bits. The data path may be wider than that shown inFIG. 3 ; for example, the path would be twice as wide as that shown to accommodate a data block length of 256 bits. - For
substitution sub-module 30, the incoming data bits are preferably divided into 8-bit bytes, each of which is used to address an S-box lookup table. Each S-box contains 256 8-bit entries. To provide maximum parallelism and to finish one round of encryption in one clock cycle, the same S-box is replicated 32 times for an expected data block length of 256 bits. The S-box is replicated 16 or 24 times for expected data block lengths of 128 or 192 bits, respectively. - For
shift row sub-module 32, the 256 bits of incoming data (assuming a maximum expected data block length of 256 bits) are preferably divided into four 64 bit chunks, each of which is called a “row” and contains eight bytes. Byte-wise cyclic shifts are performed on each row, with the amount of shift determined by the block length through a lookup table, as defined in the AES standard. - For mix column sub-module 34, matrix multiplication is performed on the shifted bytes in accordance with the mix column definition specified in the AES standard, using combinatorial logic; four, six, or eight blocks are used for data block lengths of 128, 192, or 256 bits, respectively.
- Finally, key addition sub-module 36 exclusive-OR's the mix column output with the sub-keys received from
key scheduling module 12, as prescribed by the AES standard, to generate the encrypted output. Sub-module 36 uses 128, 192 or 256 exclusive-OR gates to produce an output of 128, 192 or 256 bits, respectively. - Maximum parallel
key scheduling module 12 has a data path wide enough to accommodate the maximum expected key length. Sub-keys are generated on the fly, in one clock cycle and in parallel with the encryption module.Key scheduling module 12 is arranged to accommodate the different key and block lengths allowed by the Rijndael algorithm or the AES standard, as necessary. The Rijndael algorithm allows block lengths and key lengths of 128, 192 and 256 bits, while the AES standard limits the block length to 128 bits. For the former case, thekey scheduling module 12 is arranged to accommodate the nine different key length and block length combinations, and operates as defined in the Rijndael algorithm. For the latter case, only three combinations must be accommodated, with operation of the key scheduling module defined in the AES standard. - The present architecture can support a chosen combination of key-length k and data block length N, which may require differing numbers of key schedule iterations and round transformations. As noted above, one round transformation per clock cycle is required. Consequently, the speed of the key-scheduling process must be adapted as k and N change. Depending on the parameter values, it may be necessary to complete 0, 1 or 2 key scheduling iterations per clock cycle to keep up with 1 round transformation per clock cycle. For example, when 256 bit data blocks and 128 bit sub-keys (N=256, k=128), then 2 key schedule iterations are needed for each data block. Non-integral rates can also occur: for example, if N=128 and k=192, 1.5 key schedule iterations are required per data block.
- One key scheduling architecture capable of accommodating these combinations is shown in
FIG. 4 a.Key scheduling module 12 has to provide one N-bit roundkey per clock cycle toencryption module 10. The roundkey is constructed out of k-bit sub-keys. When N is larger than k, multiple sub-keys are required within one clock cycle. The use of two key scheduling blocks 40 and 42 allow evaluation of two iterations of the key scheduling. The N-bit roundkey is assembled out of k-bit sub-keys P, C, and N, produced by the previous, current, and next key schedule iterations. Assembly of the roundkey is under the control of akey schedule controller 44.Controller 44 also steers the pace of the key schedule iterations by selecting which sub-key is used as iterated key: when the P key is selected, the key schedule does not advance. When the C key is selected, one iteration per clock cycle is taken, and when the N sub-key is selected, two iterations are taken per clock cycle. - A simplified key scheduling architecture may be used when only three key and block length combinations must be accommodated; such an architecture is shown in
FIG. 4 b. Here, only onekey scheduling block 52 is required to produce the 128 bit roundkey required by the encryption module. - As noted above,
controller 14 is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs); this avoids having the controller logic in the critical path, which might slow down the system. Such a control scheme is shown inFIG. 5 :main FSM 14 receives instructions from and provides status to the outside world, and decomposes the instructions into detailed micro instructions (M.I.) for the different local FSMs, such asinput FSM 15,encryption FSM 19,key scheduling FSM 20, andoutput FSM 18. The local FSMs provide control signals (C.S.) to their respective modules, and provide status back to the main FSM. Each FSM preferably operates off of a single clock (CLK). This approach has the advantage that each of the FSMs can be kept small, and thus high speed. - Note that the implementations of the control scheme, key scheduling module, and encryption module shown above are merely exemplary. Other designs could be used to implement these functions in accordance with the definitions given in the AES standard, as long as the encryption and key scheduling modules are made maximum parallel, and the architecture can implement one round of the AES algorithm in one clock cycle.
- As noted above, the present AES architecture can be used with one of the feedback modes of operation. This is illustrated in
FIGS. 6 a-6 c, which shows only circuitry immediately aroundencryption module 10. InFIG. 2 , the architecture is arranged to implement the electronic code book (ECB) mode of operation. InFIG. 6 a, the Cipher Block Chaining (CBC) feedback mode of operation is implemented betweenregister 24 andencryption module 10. InFIG. 6 b, the Output Feedback (OFB) mode of operation is illustrated, while inFIG. 6 c, the Cipher Feedback (CFB) feedback mode is shown. Other feedback modes may be accommodated in a similar fashion. - While particular embodiments of the invention have been shown and described, numerous variations and alternate embodiments will occur to those skilled in the art. Accordingly, it is intended that the invention be limited only in terms of the appended claims.
Claims (21)
1.-24. (canceled)
25. An advanced encryption standard (AES) architecture which provides high throughput and low latency, comprising:
a parallel encryption circuit that receives a plurality of data bytes to be encrypted and implements one round of the AES algorithm in one clock cycle;
a parallel key scheduling circuit that generates sub-keys in one clock cycle in parallel with said parallel encryption module, said sub-keys provided to said parallel encryption module; and
a controller that controls the operation of said parallel encryption and key scheduling modules such that said AES architecture performs one round of the AES algorithm in one clock cycle;
wherein the parallel key scheduling circuit generates sub-keys and schedules operations in parallel with the maximum parallel encryption circuit, thereby permitting feedback used by the AES algorithm to increase parallelization of AES encryption.
26. The AES architecture of claim 25 , further comprising:
an asynchronous input buffer that receives data bytes to be encrypted, buffers a plurality of said data bytes in parallel, and provides parallel data bytes to said parallel encryption circuit; and
an asynchronous output buffer that receives an output of said parallel encryption circuit and outputs encrypted data bytes to an output bus.
27. The AES architecture of claim 26 , wherein said parallel encryption circuit comprises:
a substitution sub-circuit comprising substitution blocks which are replicated as needed to receive all of said parallel data bytes from said asynchronous input buffer simultaneously;
a shift row sub-circuit which receives the outputs of said substitution sub-circuit;
a mix column sub-circuit which receives the outputs of said shift row sub-circuit; and
a key addition sub-circuit that receives and combines the outputs of said mix column sub-circuit and said sub-keys from said parallel key scheduling circuit, and provides the results at an output, said output being the output of said parallel encryption circuit.
28. The AES architecture of claim 27 , wherein said parallel encryption and key scheduling circuits are implemented exclusively with combinatorial logic.
29. The AES architecture of claim 26 , wherein said controller is implemented with a hierarchical distributed control scheme comprising communicating finite state machines (FSMs), comprising:
a main FSM; and
local FSMs which are controlled by said main FSM, said local FSMs comprising:
a parallel encryption circuit FSM which controls said parallel encryption circuit;
a key scheduling circuit FSM which controls said key scheduling circuit;
an input buffer FSM which controls said asynchronous input buffer; and
an output buffer FSM which controls said asynchronous output buffer.
30. The AES architecture of claim 25 , wherein said controller is implemented with a hierarchical distributed control scheme comprising communicating finite state machines (FSMs).
31. The AES architecture of claim 25 , wherein said AES architecture implements a Rijndael algorithm with a data-blocks length of 128, 192 or 256 bits and a key-length of 128, 192 or 256 bits.
32. The AES architecture of claim 25 , wherein said AES architecture implements the AES standard with a data-block length of 128 bits and a key-length of 128, 192 or 256 bits.
33. The AES architecture of claim 25 , wherein said AES architecture implements an electronic code book (ECB) mode of operation.
34. The AES architecture of claim 25 , wherein said AES architecture implements a feedback mode of operation.
35. The AES architecture of claim 25 , comprising:
a parallel encryption circuit that receives the output of said asynchronous input buffer and implements one round of the AES algorithm in one clock cycle;
wherein said controller is a hierarchical distributed control scheme comprising communicating finite state machines (FSMs).
36. The AES architecture of claim 35 , wherein said parallel encryption circuit comprises:
a substitution sub-circuit comprising substitution blocks which are replicated as needed to receive all of said parallel data bytes from said asynchronous input buffer simultaneously;
a shift row sub-circuit which receives the outputs of said substitution sub-circuit;
a mix column sub-circuit which receives the 10 outputs of said shift row sub-circuit; and
a key addition sub-circuit that receives and combines the outputs of said mix column sub-circuit and said sub-keys from said parallel key scheduling circuit, and provides the results at an output, said output being the output of said parallel encryption circuit;
each of said parallel encryption module sub-circuits implemented exclusively with combinatorial logic.
37. The AES architecture of claim 35 , wherein said communicating FSMs comprise:
a main FSM; and
local FSMs which are controlled by said main FSM, said local FSMs comprising:
a parallel encryption circuit FSM which controls said parallel circuit module;
a key scheduling circuit FSM which controls said key scheduling circuit;
an input buffer FSM which controls said asynchronous input buffer; and
an output buffer FSM which controls said asynchronous output buffer.
38. The AES architecture of claim 35 , wherein said AES architecture implements a Rijndael algorithm with a data-blocks length of 128, 192 or 256 bits and a key-length of 128, 192 or 256 bits.
39. The AES architecture of claim 35 , wherein said AES architecture implements the AES standard with a data-block length of 128 bits and a key-length of 128, 192 or 256 bits.
40. The AES architecture of claim 35 , wherein said AES architecture implements the electronic code book (ECB) mode of operation.
41. The AES architecture of claim 35 , wherein said AES architecture implements a feedback mode of operation.
42. The AES architecture of claim 41 , wherein said AES architecture implements a Cipher Block Chaining (CBC) feedback mode of operation.
43. The AES architecture of claim 41 , wherein said AES architecture implements a Cipher Feedback (CFB) feedback mode of operation.
44. The AES architecture of claim 41 , wherein said AES architecture implements an Output Feedback (OFB) feedback mode of operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/786,191 US20080031454A1 (en) | 2002-04-24 | 2007-04-10 | High throughput AES architecture |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/132,788 US7221763B2 (en) | 2002-04-24 | 2002-04-24 | High throughput AES architecture |
US11/786,191 US20080031454A1 (en) | 2002-04-24 | 2007-04-10 | High throughput AES architecture |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/132,788 Continuation US7221763B2 (en) | 2002-04-24 | 2002-04-24 | High throughput AES architecture |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080031454A1 true US20080031454A1 (en) | 2008-02-07 |
Family
ID=29248839
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/132,788 Active 2024-08-09 US7221763B2 (en) | 2002-04-24 | 2002-04-24 | High throughput AES architecture |
US11/786,191 Abandoned US20080031454A1 (en) | 2002-04-24 | 2007-04-10 | High throughput AES architecture |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/132,788 Active 2024-08-09 US7221763B2 (en) | 2002-04-24 | 2002-04-24 | High throughput AES architecture |
Country Status (1)
Country | Link |
---|---|
US (2) | US7221763B2 (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040208318A1 (en) * | 2003-04-18 | 2004-10-21 | Via Technologies Inc. | Apparatus and method for providing user-generated key schedule in a microprocessor cryptographic engine |
US20040223610A1 (en) * | 2003-04-18 | 2004-11-11 | Via Technologies Inc. | Apparatus and method for performing transparent cipher block chaining mode cryptographic functions |
US20040228483A1 (en) * | 2003-04-18 | 2004-11-18 | Via Technologies Inc. | Apparatus and method for performing transparent cipher feedback mode cryptographic functions |
US20040228481A1 (en) * | 2003-04-18 | 2004-11-18 | Ip-First, Llc | Apparatus and method for performing transparent block cipher cryptographic functions |
US20040255129A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for employing configurable block cipher cryptographic algorithms |
US20040252842A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for providing configurable cryptographic block cipher round results |
US20040252841A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for enabling configurable data block size in a cryptographic engine |
US20040255130A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for providing configurable cryptographic key size |
US20050188216A1 (en) * | 2003-04-18 | 2005-08-25 | Via Technologies, Inc. | Apparatus and method for employing cyrptographic functions to generate a message digest |
US7529368B2 (en) | 2003-04-18 | 2009-05-05 | Via Technologies, Inc. | Apparatus and method for performing transparent output feedback mode cryptographic functions |
US7536560B2 (en) | 2003-04-18 | 2009-05-19 | Via Technologies, Inc. | Microprocessor apparatus and method for providing configurable cryptographic key size |
US20100023779A1 (en) * | 2006-12-15 | 2010-01-28 | Torai Atsushi | Cryptographic processing method and cryptographic processing apparatus |
US20100153747A1 (en) * | 2008-12-12 | 2010-06-17 | Micron Technology, Inc. | Parallel encryption/decryption |
US20100220863A1 (en) * | 2009-02-27 | 2010-09-02 | ATMELCorporation | Key Recovery Mechanism for Cryptographic Systems |
US7844053B2 (en) | 2003-04-18 | 2010-11-30 | Ip-First, Llc | Microprocessor apparatus and method for performing block cipher cryptographic functions |
RU2504911C1 (en) * | 2012-07-17 | 2014-01-20 | федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) | Method for iterative cryptographic transformation of data |
US8681974B1 (en) * | 2011-03-17 | 2014-03-25 | Altera Corporation | Array encryption core |
DE102014221831A1 (en) * | 2014-10-27 | 2016-04-28 | Siemens Aktiengesellschaft | Apparatus and method for generating random bits |
WO2017052980A1 (en) * | 2015-09-25 | 2017-03-30 | Intel Corporation | Multiple input cryptographic engine |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7257229B1 (en) * | 2002-06-07 | 2007-08-14 | Winbond Electronics Corporation | Apparatus and method for key scheduling |
JP2004088505A (en) * | 2002-08-27 | 2004-03-18 | Matsushita Electric Ind Co Ltd | Parallel stream encrypting/decrypting device, its method and parallel stream encrypting/decrypting program |
JP2004133087A (en) * | 2002-10-09 | 2004-04-30 | Sony Corp | Block encryption method and block encryption circuit |
US7392400B2 (en) * | 2003-04-18 | 2008-06-24 | Via Technologies, Inc. | Microprocessor apparatus and method for optimizing block cipher cryptographic functions |
US7321910B2 (en) * | 2003-04-18 | 2008-01-22 | Ip-First, Llc | Microprocessor apparatus and method for performing block cipher cryptographic functions |
WO2004112308A1 (en) * | 2003-06-12 | 2004-12-23 | Philips Intellectual Property & Standards Gmbh | Processor for encrypting and/or decrypting data and method of encrypting and/or decrypting data using such a processor |
EP1623420B1 (en) * | 2003-06-18 | 2015-11-11 | Panasonic Intellectual Property Management Co., Ltd. | Playback apparatus, playback method, and program for reproducing an encrypted virtual package |
US7885405B1 (en) * | 2004-06-04 | 2011-02-08 | GlobalFoundries, Inc. | Multi-gigabit per second concurrent encryption in block cipher modes |
US7602905B2 (en) * | 2004-09-01 | 2009-10-13 | Texas Instruments Incorporated | Processes, circuits, devices, and systems for encryption and decryption and other purposes, and processes of making |
US8677123B1 (en) | 2005-05-26 | 2014-03-18 | Trustwave Holdings, Inc. | Method for accelerating security and management operations on data segments |
US8233619B2 (en) * | 2006-06-07 | 2012-07-31 | Stmicroelectronics S.R.L. | Implementation of AES encryption circuitry with CCM |
US7831039B2 (en) * | 2006-06-07 | 2010-11-09 | Stmicroelectronics S.R.L. | AES encryption circuitry with CCM |
US7945719B2 (en) * | 2006-09-20 | 2011-05-17 | Intel Corporation | Controller link for manageability engine |
US8036377B1 (en) | 2006-12-12 | 2011-10-11 | Marvell International Ltd. | Method and apparatus of high speed encryption and decryption |
US7949130B2 (en) | 2006-12-28 | 2011-05-24 | Intel Corporation | Architecture and instruction set for implementing advanced encryption standard (AES) |
US8538012B2 (en) * | 2007-03-14 | 2013-09-17 | Intel Corporation | Performing AES encryption or decryption in multiple modes with a single instruction |
US8538015B2 (en) * | 2007-03-28 | 2013-09-17 | Intel Corporation | Flexible architecture and instruction for advanced encryption standard (AES) |
JP2008252299A (en) * | 2007-03-29 | 2008-10-16 | Hitachi Ltd | Encryption processing system and encryption processing method |
US8520845B2 (en) * | 2007-06-08 | 2013-08-27 | Intel Corporation | Method and apparatus for expansion key generation for block ciphers |
US8594322B2 (en) * | 2007-07-10 | 2013-11-26 | Stmicroelectronics S.R.L. | Encoding/decoding apparatus |
US8189792B2 (en) * | 2007-12-28 | 2012-05-29 | Intel Corporation | Method and apparatus for performing cryptographic operations |
US8509424B2 (en) * | 2009-11-15 | 2013-08-13 | Ante Deng | Fast key-changing hardware apparatus for AES block cipher |
US9544133B2 (en) * | 2009-12-26 | 2017-01-10 | Intel Corporation | On-the-fly key generation for encryption and decryption |
JP2016127405A (en) * | 2014-12-26 | 2016-07-11 | 株式会社Dnpハイパーテック | Encryption device |
US9773432B2 (en) | 2015-06-27 | 2017-09-26 | Intel Corporation | Lightweight cryptographic engine |
US10482543B2 (en) * | 2016-05-12 | 2019-11-19 | Kurt B. Schuh | Apparatus and method for validating transactional data |
US10341085B2 (en) * | 2016-09-06 | 2019-07-02 | Nxp B.V. | Software protection against differential fault analysis |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4514803A (en) * | 1982-04-26 | 1985-04-30 | International Business Machines Corporation | Methods for partitioning mainframe instruction sets to implement microprocessor based emulation thereof |
US6026490A (en) * | 1997-08-01 | 2000-02-15 | Motorola, Inc. | Configurable cryptographic processing engine and method |
US20010031050A1 (en) * | 2000-02-14 | 2001-10-18 | Lateca Computer Inc. N.V. | Key generator |
US20020108048A1 (en) * | 2000-12-13 | 2002-08-08 | Broadcom Corporation | Methods and apparatus for implementing a cryptography engine |
US20020131588A1 (en) * | 2001-01-17 | 2002-09-19 | Lg Electronics Inc. | Apparatus for encrypting/decrypting real-time input stream |
US20020191784A1 (en) * | 2001-06-08 | 2002-12-19 | Nhu-Ha Yup | Circuit and method for implementing the advanced encryption standard block cipher algorithm in a system having a plurality of channels |
US20030053623A1 (en) * | 2001-03-27 | 2003-03-20 | Mccanny John Vincent | Apparatus for selectably encrypting or decrypting data |
US20030068036A1 (en) * | 2001-10-10 | 2003-04-10 | Stmicroelectronics S.R.L. | Method and circuit for data encryption/decryption |
US6990594B2 (en) * | 2001-05-02 | 2006-01-24 | Portalplayer, Inc. | Dynamic power management of devices in computer system by selecting clock generator output based on a current state and programmable policies |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020048364A1 (en) * | 2000-08-24 | 2002-04-25 | Vdg, Inc. | Parallel block encryption method and modes for data confidentiality and integrity protection |
-
2002
- 2002-04-24 US US10/132,788 patent/US7221763B2/en active Active
-
2007
- 2007-04-10 US US11/786,191 patent/US20080031454A1/en not_active Abandoned
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4514803A (en) * | 1982-04-26 | 1985-04-30 | International Business Machines Corporation | Methods for partitioning mainframe instruction sets to implement microprocessor based emulation thereof |
US6026490A (en) * | 1997-08-01 | 2000-02-15 | Motorola, Inc. | Configurable cryptographic processing engine and method |
US20010031050A1 (en) * | 2000-02-14 | 2001-10-18 | Lateca Computer Inc. N.V. | Key generator |
US20020108048A1 (en) * | 2000-12-13 | 2002-08-08 | Broadcom Corporation | Methods and apparatus for implementing a cryptography engine |
US20020131588A1 (en) * | 2001-01-17 | 2002-09-19 | Lg Electronics Inc. | Apparatus for encrypting/decrypting real-time input stream |
US20030053623A1 (en) * | 2001-03-27 | 2003-03-20 | Mccanny John Vincent | Apparatus for selectably encrypting or decrypting data |
US6990594B2 (en) * | 2001-05-02 | 2006-01-24 | Portalplayer, Inc. | Dynamic power management of devices in computer system by selecting clock generator output based on a current state and programmable policies |
US20020191784A1 (en) * | 2001-06-08 | 2002-12-19 | Nhu-Ha Yup | Circuit and method for implementing the advanced encryption standard block cipher algorithm in a system having a plurality of channels |
US6937727B2 (en) * | 2001-06-08 | 2005-08-30 | Corrent Corporation | Circuit and method for implementing the advanced encryption standard block cipher algorithm in a system having a plurality of channels |
US20030068036A1 (en) * | 2001-10-10 | 2003-04-10 | Stmicroelectronics S.R.L. | Method and circuit for data encryption/decryption |
Cited By (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7542566B2 (en) | 2003-04-18 | 2009-06-02 | Ip-First, Llc | Apparatus and method for performing transparent cipher block chaining mode cryptographic functions |
US20040255130A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for providing configurable cryptographic key size |
US20040228483A1 (en) * | 2003-04-18 | 2004-11-18 | Via Technologies Inc. | Apparatus and method for performing transparent cipher feedback mode cryptographic functions |
US20040208318A1 (en) * | 2003-04-18 | 2004-10-21 | Via Technologies Inc. | Apparatus and method for providing user-generated key schedule in a microprocessor cryptographic engine |
US20040255129A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for employing configurable block cipher cryptographic algorithms |
US20040252842A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for providing configurable cryptographic block cipher round results |
US20040252841A1 (en) * | 2003-04-18 | 2004-12-16 | Via Technologies Inc. | Microprocessor apparatus and method for enabling configurable data block size in a cryptographic engine |
US8060755B2 (en) | 2003-04-18 | 2011-11-15 | Via Technologies, Inc | Apparatus and method for providing user-generated key schedule in a microprocessor cryptographic engine |
US20050188216A1 (en) * | 2003-04-18 | 2005-08-25 | Via Technologies, Inc. | Apparatus and method for employing cyrptographic functions to generate a message digest |
US7502943B2 (en) | 2003-04-18 | 2009-03-10 | Via Technologies, Inc. | Microprocessor apparatus and method for providing configurable cryptographic block cipher round results |
US7519833B2 (en) | 2003-04-18 | 2009-04-14 | Via Technologies, Inc. | Microprocessor apparatus and method for enabling configurable data block size in a cryptographic engine |
US7529368B2 (en) | 2003-04-18 | 2009-05-05 | Via Technologies, Inc. | Apparatus and method for performing transparent output feedback mode cryptographic functions |
US7529367B2 (en) | 2003-04-18 | 2009-05-05 | Via Technologies, Inc. | Apparatus and method for performing transparent cipher feedback mode cryptographic functions |
US7925891B2 (en) * | 2003-04-18 | 2011-04-12 | Via Technologies, Inc. | Apparatus and method for employing cryptographic functions to generate a message digest |
US7536560B2 (en) | 2003-04-18 | 2009-05-19 | Via Technologies, Inc. | Microprocessor apparatus and method for providing configurable cryptographic key size |
US7539876B2 (en) | 2003-04-18 | 2009-05-26 | Via Technologies, Inc. | Apparatus and method for generating a cryptographic key schedule in a microprocessor |
US20040228481A1 (en) * | 2003-04-18 | 2004-11-18 | Ip-First, Llc | Apparatus and method for performing transparent block cipher cryptographic functions |
US20040223610A1 (en) * | 2003-04-18 | 2004-11-11 | Via Technologies Inc. | Apparatus and method for performing transparent cipher block chaining mode cryptographic functions |
US7532722B2 (en) | 2003-04-18 | 2009-05-12 | Ip-First, Llc | Apparatus and method for performing transparent block cipher cryptographic functions |
US7900055B2 (en) | 2003-04-18 | 2011-03-01 | Via Technologies, Inc. | Microprocessor apparatus and method for employing configurable block cipher cryptographic algorithms |
US7844053B2 (en) | 2003-04-18 | 2010-11-30 | Ip-First, Llc | Microprocessor apparatus and method for performing block cipher cryptographic functions |
US20100023779A1 (en) * | 2006-12-15 | 2010-01-28 | Torai Atsushi | Cryptographic processing method and cryptographic processing apparatus |
US20100153747A1 (en) * | 2008-12-12 | 2010-06-17 | Micron Technology, Inc. | Parallel encryption/decryption |
US8355499B2 (en) | 2008-12-12 | 2013-01-15 | Micron Technology, Inc. | Parallel encryption/decryption |
US9065654B2 (en) | 2008-12-12 | 2015-06-23 | Micron Technology, Inc. | Parallel encryption/decryption |
US20100220863A1 (en) * | 2009-02-27 | 2010-09-02 | ATMELCorporation | Key Recovery Mechanism for Cryptographic Systems |
US8233620B2 (en) | 2009-02-27 | 2012-07-31 | Inside Secure | Key recovery mechanism for cryptographic systems |
US8681974B1 (en) * | 2011-03-17 | 2014-03-25 | Altera Corporation | Array encryption core |
US9172537B1 (en) | 2011-03-17 | 2015-10-27 | Altera Corporation | Array encryption core |
RU2504911C1 (en) * | 2012-07-17 | 2014-01-20 | федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) | Method for iterative cryptographic transformation of data |
DE102014221831A1 (en) * | 2014-10-27 | 2016-04-28 | Siemens Aktiengesellschaft | Apparatus and method for generating random bits |
WO2017052980A1 (en) * | 2015-09-25 | 2017-03-30 | Intel Corporation | Multiple input cryptographic engine |
US10204532B2 (en) | 2015-09-25 | 2019-02-12 | Intel Corporation | Multiple input cryptographic engine |
Also Published As
Publication number | Publication date |
---|---|
US7221763B2 (en) | 2007-05-22 |
US20030202658A1 (en) | 2003-10-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7221763B2 (en) | High throughput AES architecture | |
EP1215842B1 (en) | Methods and apparatus for implementing a cryptography engine | |
EP1215841B1 (en) | Methods and apparatus for implementing a cryptography engine | |
AU767323B2 (en) | Block encryption device using auxiliary conversion | |
US7158638B2 (en) | Encryption circuit | |
US8411853B2 (en) | Alternate galois field advanced encryption standard round | |
CA2292575C (en) | Device used to implement a block cipher | |
KR20050053379A (en) | Apparatus and method for performing AES Rijndael Algorithm | |
CN107800532B (en) | Low cost code accelerator | |
CN111563281B (en) | Processor supporting multiple encryption and decryption algorithms and implementation method thereof | |
Broscius et al. | Exploiting parallelism in hardware implementation of the DES | |
US7366300B2 (en) | Methods and apparatus for implementing a cryptography engine | |
Saarinen | A lightweight ISA extension for AES and SM4 | |
US20100257373A1 (en) | Cryptographic processor and ic card | |
US6732271B1 (en) | Method of deciphering ciphered data and apparatus for same | |
US20060171532A1 (en) | Encryption Processing Circuit | |
KR100390821B1 (en) | Encryption device using data encryption standard algorithm | |
Plos et al. | Compact hardware implementations of the block ciphers mCrypton, NOEKEON, and SEA | |
US7289524B2 (en) | Execution unit for a network processor | |
EP0932273B1 (en) | Executing permutations | |
US20030059044A1 (en) | Encryption apparatus | |
Heys | A tutorial on the implementation of block ciphers: software and hardware applications | |
Alam et al. | An area optimized reconfigurable encryptor for AES-Rijndael | |
WO2009034393A1 (en) | Aes-encryption apparatus and method | |
KR20060014420A (en) | Method and apparatus for a low memory hardware implementation of the key expansion function |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SILICON STORAGE TECHNOLOGY, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SST COMMUNICATIONS, CORP.;REEL/FRAME:019466/0168 Effective date: 20070619 |
|
AS | Assignment |
Owner name: MICROCHIP TECHNOLOGY INCORPORATED, ARIZONA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SILICON STORAGE TECHNOLOGY, INC.;REEL/FRAME:026213/0515 Effective date: 20110428 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |