LOGIN   :::   RECOVER PASS   :::   GET ACCOUNT    
Browse
  • Projects
  • Code (CVS)
  • Forums
  • News
  • Articles
  • Polls
    •  
    OpenCores
  • FAQ
  • CVS HowTo
  • Mission
  • Media
  • Tools
  • Advertise
  • Mirrors
  • Logos
  • Contact us
  • Job Opportunity

    •  
    Tools
  • Search
      
  • Download Cores (CVSGet)
    •  
    More
  • Wishbone
  • Perlilog
  • EDA tools
  • OpenTech CD
    •  
    Navigation: All forums > Cores > Message List > Message Post

    Message

    Reply | Reply all
    Date Prev | Date Next | Thread Prev | Thread Next Date Index | Thread Index

    From: joachim.strombergson@I...
    Date: Wed, 27 Aug 2003 11:14:01 +0200
    Subject: Re: [oc] Encryption algorithms map to hardware
    Top

    Aloha!

Quoting Rudolf Usselmann <rudi@a...>:
> Hmm, unless you can find a mathematical relationship between
> the input and output, which will be more efficient than a look
> up table (ROM), there is no advantage in implementing it any
> other way.
> Since this function has to be small and fast, it seems that
> the ROM implementation is the cleanest way in doing the S-BOX.

Actually, for Rijndael (AES) the SBOXes can be efficently described. See:
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/sbox.pdf

Kasumi (the 3GPP block cipher) is even better, in the specification the 
sboxes are given both as tables and as minterms. Works like a charm in a FPGA.

I have recently supervised a Master's Thesis where we implemented a scaleable
version of AES-256 (from lowly tens of Mbit/s to 20+ Gbit/s). From this
experience I can say that the SBOXes are not what will be problematic, it's the
key schedule implementation. Also for physical implementation, the 2D-structure
of AES will affect your routing. Othwerwise AES is a nice algorithm to implement
in HW. Lots of trad-offs and opportunities for smart design.

What you *don't* want to do is to take the NSA VHDL code and push-button
compile. It works but you will end up with a humongous design. You really need
to do some thinking before doing the HW-description.

No matter how you do it, AES will not be a small design. Fast yes, small no. If
HW-resources are scarce, I recmommed using 3DES och implement something like
Blowfish in HW.


Good luck!
-- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
VP, Research & Development
----------------------------------------------------------------------
InformAsic AB / Hugo Grauers gata 5B / SE-411 33 GÖTEBORG / Sweden
Tel: +46 31 68 54 90  Fax: +46 31 68 54 91  Mobile: +46 733 75 97 02
E-mail: joachim.strombergson@i...  Home: www.informasic.com
----------------------------------------------------------------------

    ReferenceAuthor
    AW: [oc] Encryption algorithms map to hardwareThilo Jeremias
    Re: [oc] Encryption algorithms map to hardwareErez Birenzwig
    Re: [oc] Encryption algorithms map to hardwareRudolf Usselmann

    Follow upAuthor
    Re: [oc] Encryption algorithms map to hardwareErez Birenzwig
     
    Copyright (c) 1999 OPENCORES.ORG. All rights reserved.