Paper 2016/595

A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption Datapaths --- Toward Efficient CBC-Mode Implementation

Rei Ueno, Sumio Morioka, Naofumi Homma, and Takafumi Aoki


This paper proposes a highly efficient AES hardware architecture that supports both encryption and decryption for the CBC mode. Some conventional AES architectures employ pipelining techniques to enhance the throughput and efficiency. However, such pipelined architectures are frequently unfit because many practical cryptographic applications work in the CBC mode, where block-wise parallelism is not available for encryption. In this paper, we present an efficient AES encryption/decryption hardware design suitable for such block-chaining modes. In particular, new operation-reordering and register-retiming techniques allow us to unify the inversion circuits for encryption and decryption (i.e., SubBytes and InvSubBytes) without any delay overhead. A new unification technique for linear mappings further reduces both the area and critical delay in total. Our design employs a common loop architecture and can therefore efficiently perform even in the CBC mode. We also present a shared key scheduling datapath that can work on-the-fly in the proposed architecture. To the best of our knowledge, the proposed architecture has the shortest critical path delay and the most efficient in terms of throughput per area among conventional AES encryption/decryption architectures with tower-field S-boxes. We evaluate the performance of the proposed and some conventional datapaths by logic synthesis results with the TSMC 65-nm standard-cell library and NanGate 45- and 15-nm open-cell libraries. As a result, we confirm that our proposed architecture achieves approximately 53--72% higher efficiency (i.e., a higher bps/GE) than any other conventional counterpart.

Available format(s)
Publication info
Published by the IACR in CHES 2016
AEShardware architecturesunified encryptiondecryption processorsCBC mode
Contact author(s)
ueno @ aoki ecei tohoku ac jp
2016-06-07: received
Short URL
Creative Commons Attribution


      author = {Rei Ueno and Sumio Morioka and Naofumi Homma and Takafumi Aoki},
      title = {A High Throughput/Gate {AES} Hardware Architecture by Compressing Encryption and Decryption Datapaths --- Toward Efficient {CBC}-Mode Implementation},
      howpublished = {Cryptology ePrint Archive, Paper 2016/595},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.