Implementation approaches for the Advanced Encryption Standard algorithm

This paper addresses various approaches for efficient hardware implementation of the Advanced Encryption Standard algorithm. The optimization methods can be divided into two classes: architectural optimization and algorithmic optimization. Architectural optimization exploits the strength of pipelining, loop unrolling and sub-pipelining. Speed is increased by processing multiple rounds simultaneously at the cost of increased area. Architectural optimization is not an effective solution infeed-back mode. Loop unrolling is the only architecture that can achieve a slight speedup with significantly increased area. In non-feedback mode, subpipelining can achieve maximum speedup and the best speed/area ratio. Algorithmic optimization exploits algorithmic strength inside each round unit. Various methods to reduce the critical path and area of each round unit are presented. Resource sharing issues between encryptor and decryptor are also discussed. They become important issues when both encryptor and decryptor need to be implemented in a small area.