Journal of Artificial Intelligence in Electrical Engineering, Vol. 3, No. 9, June 2014

# FPGA Can be Implemented Using Advanced Encryption Standard Algorithm

Shahin Shafei

Young Researchers and Elite Club, Mahabad Branch, Islamic Azad University, Mahabad, Iran **Email**:Shahin\_shafei@yahoo.com

#### ABSTRACT

This paper mainly focused on implementation of AES encryption and decryption standard AES-128. All the transformations of both Encryption and Decryption are simulated using an iterative design approach in order to minimize the hardware consumption. This method can make it a very low-complex architecture, especially in saving the hardware resource in implementing the AES InverseSub Bytes module and Inverse Mix columns module. As the S -box is implemented by look-up-table in this design, the chip area and power can still be optimized. The new Mix Column transformation improves the performance of the inverse cipher and also reduces the complexity of the system that supports the inverse cipher. As a result this transformation has relatively low relevant diffusion power .This allows for scaling of the architecture towards vulnerable portable and cost-sensitive communications devices in consumer and military applications.

KEYWORDS: AES, encryption, decryption, FPGA

#### 1. INTRODUCTION

The need of privacy has become a high priority for both government and civilians desiring protection from signal and data interception. Widespread use of personal communication devices has only increased demand for a level security for previously insecure communication by using the DES algorithm. For a long time, the Data Encryption Standard (DES) was considered as a standard for the symmetric key encryption. Data block and key length of DES algorithm has a only about 56 bits. The 56 bits of data block and the key is to be small and can easily break. For this reason, Shahin Shafei: FPGA Can be Implemented Using Advanced Encryption Standard Algorithm

in September 1997, the National Institute of Standards and Technology (NIST) promoted worldwide research into a replacement for DES, or the widely accepted Data Encryption Standard.

AES algorithm candidates of 15 members were announced in August 1998. Next all algorithms were subject to assessment process performed by various group of cryptographic researchers all over the world. NIST selected the 5 algorithm in August 2000 they are, RC6, Mars, Rijndeal, Serpent, and Two fish as the final competitors. On October 2, 2000, NIST announced that the Rijndeal algorithm was the winner. As per the Reijndeal data block and key size of multiple of 32 bits, with a minimum of 128 bits and maximum of 256 bits. As a result of breaking of the data block and key can be difficult [1]. Advanced Encryption Standard (AES) algorithm also known as Rijndeal [2].

AES has fixed data block size of 128 bits and key size of 128, 192 or 256 bits. AES minimize cost, focusing on efficiency reduced overall hardware complexity. By incorporating most of the algorithm complexity into the controller, components are reused and efficiency increased. A Verilog hardware implementation is also presented, utilizing a field programmable gate array (FPGA) as a prototyping platform. Thus, the design can be easily migrated to an ASIC implementation in an SoC [3]. This paper is organized as follows. Section deals with the introduction about the Cryptography algorithm generation. Section II deals with the AES algorithm. Section III

describes about the Implementation of AES algorithm.

Section IV shows the simulation results and the last Section V concludes the paper and followed by references.

## 2. AES ALGORITHM

AES algorithm is a symmetric block cipher that can encrypt and decrypt the information. Encryption can convert the original data in to unintelligible data is called cipher text. Decryption can convert the cipher text form in to original data, which is called plain text.

## A. AES Encryption

The AES algorithm (AES-128) operates on a 128 bit block of data size and 128 bit key size and executed N-1 loop times. A loop is called a round and the number of iterations of a loop N can be 10. The first and last rounds differ from other rounds in that there is an additional AddRound key transformation at the beginning of the first round and no Mix columns transformation is performed in the last round. AES encryption is given in Fig.1.

1) SubBytes Transformation: The SubBytes transformation is nonlinear а bvte substitution, operates on each of the state independently. The SubBytes bytes transformation is done by using S-box. Sbox is a pre calculated substitution table contains 256 numbers (from 0 t0 255) and their corresponding resulting value. More details of the calculating the S-box table refers to [4]. S-box table as shown inTable1.

Journal of Artificial Intelligence in Electrical Engineering, Vol. 3, No. 9, June 2014



Fig.1. AES encryption structure

Table.1 S-Box Table

|   |   | у  |    |    |    |    |      |    |                  |    |            |    |     |    |           |    |    |
|---|---|----|----|----|----|----|------|----|------------------|----|------------|----|-----|----|-----------|----|----|
|   |   | 1  | 1  | 2  | 3  | 4  | 5    | 6  | 1                | 8  | 9          | à  | Ъ   | ¢  | d         | ê  | f  |
|   | Q | 63 | 70 | 11 | 7b | 12 | 65   | ξţ | ćŚ               | 30 | 01         | 67 | Źb  | fe | ď         | έż | 76 |
|   | 1 | ¢8 | 82 | ¢ŝ | 78 | fa | - 59 | 47 | fØ               | ađ | d4         | 82 | af  | 90 | a4        | 72 | cÛ |
|   | 2 | b7 | fd | 93 | 26 | 36 | 3f   | f7 | 00               | 34 | a5         | e5 | fl  | 71 | <u>48</u> | 31 | 15 |
|   | 3 | 04 | eĩ | 23 | c3 | 18 | 96   | 45 | 9a               | 07 | 12         | 80 | e2  | è  | 27        | b2 | 75 |
|   | - | 05 | 83 | 2c | 1a | lb | 66   | Sa | $\delta_{i}^{0}$ | 52 | 3b         | ġ6 | 53  | 29 | 63        | 2f | 84 |
|   | 5 | 53 | đl | 00 | eđ | 20 | fe   | Ы  | 9                | 64 | è          | be | 39  | 41 | 4¢        | 58 | ef |
| x | 6 | 91 | eć | 53 | fb | 0  | 44   | 33 | 85               | 45 | <u>f</u> 9 | 02 | 7f  | 50 | 30        | Ħ  | 88 |
|   | 7 | 51 | a3 | 40 | 8f | 92 | 94   | 38 | fS               | be | b6         | da | 21  | 10 | ff        | f3 | d2 |
|   | ŝ | cđ | 0¢ | 13 | ec | 51 | 97   | 44 | 17               | ¢4 | a7         | 7e | 38  | 2  | 58        | 19 | 73 |
|   | 9 | 60 | 81 | 41 | de | 22 | 2a   | 90 | 88               | 46 | ¢8         | P8 | 14  | ĝ6 | 5e        | 05 | đð |
|   | â | el | 32 | 34 | 0a | 49 | 06   | 24 | 50               | c2 | d3         | 80 | 62  | 91 | 95        | ef | 79 |
|   | 5 | e7 | cŝ | 31 | 68 | 83 | -d5  | 4e | ŝ                | 60 | 56         | f4 | 62  | 65 | 78        | 38 | 08 |
|   | ¢ | ba | 78 | 25 | 2e | 10 | 86   | Ы  | ¢ś               | 68 | 6 <u>3</u> | 74 | lf  | 45 | bd        | 85 | 8a |
|   | d | 70 | Зe | Ы  | 66 | 48 | 03   | fś | 0e               | 61 | 35         | 57 | Ы   | 86 | cl        | 1d | 9e |
|   | ŧ | el | f8 | 98 | 11 | 69 | -69  | 8e | Ч                | 95 | le         | 87 | ø   | Ċŧ | 55        | 28 | đf |
|   | f | 8c | al | 89 | 69 | bf | 66   | 42 | 68               | 11 | 99         | 24 | ξį, | ЪØ | 54        | βģ | 16 |

2) Shift Rows Transformation: In Shift Rows transformation, the rows of the state are left shifted in a cyclic manner. Row 0 is not

shifted, Row 1 is shifted one byte to the left, Row 2 is shifted two bytes to the left and Row 3 is shifted three bytes to the left. Shahin Shafei: FPGA Can be Implemented Using Advanced Encryption Standard Algorithm

3) Mix Columns Transformation: In Mix Columns transformation, the columns of the state are considered as polynomials over GF (28) and multiplied by modulo x4 + 1 with a fixed polynomial c (x), given by: c (x) =  $\{03\} x3 + \{01\} x2 + \{01\} x + \{02\}$ .

4) AddRound Key Transformation: In the AddRound Key transformation, a Round Key is added to the State - resulted from the operation of the Mix Columns transformation - by a simple bitwise XOR operation. The Round Key of each round is derived from the main key using the Key algorithm Expansion [1]. The encryption/decryption algorithm needs eleven 128-bit Round Key, which are denoted Round Key [0].

#### **B. AES Decryption**

Decryption is a reverse of encryption, which inverse round transformations to compute out the original plaintext of an encrypted cipher-text in reverse order. The round transformation of decryption uses the functions AddRound Key, InvMix Columns, InvShift Rows, and InvSubBytes successively.

1) AddRound Key: AddRound Key is its own inverse function because the XOR function is its own inverse. The round keys have to be selected in reverse order. The description of the other transformations will be given as follows. 2) InvShift Rows Transformation: InvShift Rows exactly functions the same as Shift Rows, only in the opposite direction. The first row is not shifted, while the second, third and fourth rows are shifted right by one, two and three bytes respectively.

*3) InvSubBytes transformation*: The InvSubBytes transformation is done using a once-precalculated substitution table called InvS-box. That InvS-box table contains 256 numbers (from 0 to 255) and their corresponding values.

*4) Inv Mix Columns Transformation*: In the Inv Mix Columns transformation, the polynomials of degree less than 4 over

GF (28), which coefficients are the elements in the columns of the state, are multiplied modulo (x4 + 1) by a fixed Polynomial d (x) =  $\{0B\}$  x3 +  $\{0D\}$  x2 +  $\{09\}$  x +  $\{0E\}$ , where  $\{0B\}$ ,  $\{0D\}$ ;  $\{09\}$ ,  $\{0E\}$  denote hexadecimal values.

In the next section, a description of the proposed design based on FPGA implementation of AES encryption / decryption function is detailed.

# 3. FPGA IMPLEMENTATION OF AES ALGORITHM

Fig.2 shows the detailed design of AES core based on FPGA implementation, where the control signals are described in Table 2.

Journal of Artificial Intelligence in Electrical Engineering, Vol. 3, No. 9, June 2014



Fig.2. Block diagram of CELP & AES encoder

The total design has 390 pins. It requires the text in, text out and key which have a 128 bits length. And the Control signals used to control the proper operations of the core are clock (clk), reset in, write, direction, done and enable pins. The Key block loads keys

and combines with Key Round block to perform Key Expansion transformation, and generates proper Round keys under the control signals from the Controller block.

| Pin Name   | I / O Port | Pin Number (bit) | Pin Description                      |  |  |  |
|------------|------------|------------------|--------------------------------------|--|--|--|
| clk        | Ι          | 1                | Chip clock                           |  |  |  |
| Reset - in | Ι          | 1                | Clear all signals                    |  |  |  |
| Write      | Ι          | 1                | 1:write key and                      |  |  |  |
|            |            |                  | text-in                              |  |  |  |
| Direction  | Ι          | 1                | 1:Encryption                         |  |  |  |
|            |            |                  | 0:Decryption                         |  |  |  |
| Enable     | Ι          | 1                | 1:Enable AES core                    |  |  |  |
|            |            |                  | 0:Disable AES core                   |  |  |  |
| Key        | Ι          | 128              | Key data                             |  |  |  |
| Text-in    | Ι          | 128              | Plain text /                         |  |  |  |
|            |            |                  | Cipher text data                     |  |  |  |
| Done       | 0          | 1                | 1:Encryption/Decryption is completed |  |  |  |
| Text-out   | 0          | 128              | Plain text / cipher text data        |  |  |  |

Table2. Control Signals of Aes Core

Controller block takes write signal, direction signal, and enable signal from outside and generates all the control signals for the whole system. AES algorithm candidates of 15 members were announced in August 1998. Next all algorithms were subject to assessment process performed by various group of cryptographic researchers all over the world. NIST selected the 5 algorithm in August 2000 they are, RC6, Mars, Rijndeal, Serpent, and Twofish as the final competitors. On October 2, 2000, NIST Shahin Shafei: FPGA Can be Implemented Using Advanced Encryption Standard Algorithm

announced that the Rijndeal algorithm was the winner. As per the Reijndeal data block and key size of a multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits. The plain text (text\_in) and key is loaded only when the write signal makes a low-high-low transition (basically a pulse).

The process is going to complete when the done signal is pulsed after some clock cycles from the write signal goes low.

The "done" signal actives only in one clock cycle. Each round key as well as round is completed in one clock cycle. In this paper Advanced Encryption Standard (AES) algorithm is implemented, that can process with the data block of 128 bits and cipher key length of 128 bits. The usage of the 128 bit cipher keys to achieve higher security, because 128 bits cipher key is difficult to break. As a result of this we obtain a secure transmission of data in both encryption and decryption. While computing the existing AES, it takes more area, so we are going to implement the new algorithm for mix Column in AES flow. When we use a new mix column instead of existing one, we can obtain a less area compare to existing AES algorithm.

However, the round key is finished before the round is calculated by one clock cycle. Hence, combining with one clock cycle for registering the input, a total clock cycle need for processing 128-bit data is 13 clocks in encryption mode. In decryption, eleven round keys must be completed before the first round is calculated. Because the last round key is used in the first round process, it takes 25 clock cycles to complete. By using the above iterative looping approach, a minimal number of clock cycles required performing Encryption/decryption for each data block of 128-bit.

### 4. SIMULATION RESULTS

The design has been coded by Verilog HDL. All the results are synthesized and simulated based on the Quatus 9.0, the Model Sim -Altera 6.4a and EP20K400CB652C7 device. The results of simulating the encryption / decryption Algorithms from the ModelSim simulator are shown in Fig.3.

# 1. CONCLUSION

In this paper Advanced Encryption Standard (AES) algorithm is implemented, that can process with the data block of 128 bits and cipher key length of 128 bits. The usage of the 128 bit cipher keys to achieve higher security, because 128 bits cipher key is difficult to break. As a result of this we obtain a secure transmission of data in both encryption and decryption. While computing the existing AES, it takes more area, so we are going to implement the new algorithm for mix Column in AES flow. When we use a new mix column instead of existing one, we can obtain a less area compare to existing AES algorithm.

0023 2 X+K 🗅 🗄 . 100 pe 🛠 31 33 36 1 79 P 🔛 💓 Conten [ 11. ES 25 10 熟 1.8 **D** 45 FN. 25 22  $[\mathbf{u}_i]$ DC be 1.11 . and some 😯 🗕 📼 🖊 🖂 🕅

Journal of Artificial Intelligence in Electrical Engineering, Vol. 3, No. 9, June 2014

Fig.3. Timing simulation of AES decryption algorithms

#### REFERENCES

- [1]Daemen J., and Rijmen V, "The Design of Rijndael: AES-the Advanced Encryption Standard", Springer-Verlag, 2002
- [2]FIPS 197, "Advanced Encryption Standard (AES)", November 26, 2001.
- [3]Tessier, R., and Burleson, W., "Reconfigurable computing for digital signal processing: a survey", J.VLSI Signal Process, 2001, 28, (1-2), pp.7-27.
- [4]Ahmad, N.; Hasan, R.; Jubadi, W.M;
  "Design of AES S-Box using combinational logic optimization", IEEE Symposium on Industrial Electronics & Applications (ISIEA), pp. 696-699, 2010.