TY - GEN
T1 - Highly efficient GF(28) inversion circuit based on redundant GF arithmetic and its application to AES design
AU - Ueno, Rei
AU - Homma, Naofumi
AU - Sugawara, Yukihiro
AU - Nogami, Yasuyuki
AU - Aoki, Takafumi
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2015.
PY - 2015
Y1 - 2015
N2 - This paper proposes a compact and efficient GF(28) inversion circuit design based on a combination of non-redundant and redundant Galois Field (GF) arithmetic. The proposed design utilizes redundant GF representations, called Polynomial Ring Representation (PRR) and Redundantly Represented Basis (RRB), to implement GF(28) inversion using a tower field GF((24)2). In addition to the redundant representations, we introduce a specific normal basis that makes it possible to map the former components for the 16th and 17th powers of input onto logic gates in an efficient manner. The latter components for GF(24) inversion and GF(24) multiplication are then implemented by PRR and RRB, respectively. The flexibility of the redundant representations provides efficient mappings from/to the GF(28). This paper also evaluates the efficacy of the proposed circuit by means of gate counts and logic synthesis with a 65 nm CMOS standard cell library and comparisons with conventional circuits, including those with tower fields GF(((22)2)2). Consequently, we show that the proposed circuit achieves approximately 40% higher efficiency in terms of area-time product than the conventional best GF(((22)2)2) circuit excluding isomorphic mappings. We also demonstrate that the proposed circuit achieves the best efficiency (i. e., area-time product) for an AES encryption S-Box circuit including isomorphic mappings.
AB - This paper proposes a compact and efficient GF(28) inversion circuit design based on a combination of non-redundant and redundant Galois Field (GF) arithmetic. The proposed design utilizes redundant GF representations, called Polynomial Ring Representation (PRR) and Redundantly Represented Basis (RRB), to implement GF(28) inversion using a tower field GF((24)2). In addition to the redundant representations, we introduce a specific normal basis that makes it possible to map the former components for the 16th and 17th powers of input onto logic gates in an efficient manner. The latter components for GF(24) inversion and GF(24) multiplication are then implemented by PRR and RRB, respectively. The flexibility of the redundant representations provides efficient mappings from/to the GF(28). This paper also evaluates the efficacy of the proposed circuit by means of gate counts and logic synthesis with a 65 nm CMOS standard cell library and comparisons with conventional circuits, including those with tower fields GF(((22)2)2). Consequently, we show that the proposed circuit achieves approximately 40% higher efficiency in terms of area-time product than the conventional best GF(((22)2)2) circuit excluding isomorphic mappings. We also demonstrate that the proposed circuit achieves the best efficiency (i. e., area-time product) for an AES encryption S-Box circuit including isomorphic mappings.
KW - AES
KW - Compact hardware implementation
KW - GF(2) inversion
KW - S-Box
UR - http://www.scopus.com/inward/record.url?scp=84946032319&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84946032319&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-48324-4_4
DO - 10.1007/978-3-662-48324-4_4
M3 - Conference contribution
AN - SCOPUS:84946032319
SN - 9783662483237
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 63
EP - 80
BT - Cryptographic Hardware and Embedded Systems - 17th International Workshop, CHES 2015, Proceedings
A2 - Güneysu, Tim
A2 - Handschuh, Helena
PB - Springer Verlag
T2 - International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2015
Y2 - 13 September 2015 through 16 September 2015
ER -