Please use this identifier to cite or link to this item: https://doi.org/10.1109/TCSII.2012.2234891
Title: FPGA-based 40.9-gbits/s masked AES with area optimization for storage area network
Authors: Wang, Y.
Ha, Y. 
Keywords: Advanced encryption standard (AES)
differential power analysis (DPA)
field programmable gate array (FPGA)
masking
storage area network (SAN)
Issue Date: 2013
Citation: Wang, Y., Ha, Y. (2013). FPGA-based 40.9-gbits/s masked AES with area optimization for storage area network. IEEE Transactions on Circuits and Systems II: Express Briefs 60 (1) : 36-40. ScholarBank@NUS Repository. https://doi.org/10.1109/TCSII.2012.2234891
Abstract: In order to protect 'data-at-rest' in storage area networks from the risk of differential power analysis attacks without degrading performance, a high-throughput masked advanced encryption standard (AES) engine is proposed. However, this engine usually adopts the unrolling technique which requires extremely large field programmable gate array (FPGA) resources. In this brief, we aim to optimize the area for a masked AES with an unrolled structure. We achieve this by mapping its operations from GF(28) to GF(2 4) as much as possible. We reduce the number of mapping [GF(2 8) to GF(24)] and inverse mapping [GF(24) to GF(28)] operations of the masked SubBytes step from ten to one. In order to be compatible, the masked MixColumns, masked AddRoundKey, and masked ShiftRows including the redundant masking values are carried over GF(2 4). We also use FPGA block RAM (BRAM) to further reduce hardware resources. Compared with a state-of-the-art design, our implementation reduces the overall area by 36.2% (20.5% is contributed by the main method, and 15.7% is contributed by the BRAM optimization). It achieves 40.9-Gbits/s at 4.5-Mbits/s/slice on the Xilinx XC6VLX240T platform. We have attacked the iterative version of this masked AES in hardware. Results show that none of the bytes can be guessed from the masked AES with the collected 10 000 power traces, but 14 out of 16 bytes can be guessed from the unprotected AES with the same number of traces. © 2004-2012 IEEE.
Source Title: IEEE Transactions on Circuits and Systems II: Express Briefs
URI: http://scholarbank.nus.edu.sg/handle/10635/82381
ISSN: 15497747
DOI: 10.1109/TCSII.2012.2234891
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

SCOPUSTM   
Citations

42
checked on Sep 22, 2018

WEB OF SCIENCETM
Citations

20
checked on Sep 12, 2018

Page view(s)

25
checked on Jul 6, 2018

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.