By Topic

A Formal Approach to Designing Cryptographic Processors Based on GF(2^m) Arithmetic Circuits

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Homma, N. ; Dept. of Comput. & Math. Sci., Tohoku Univ., Sendai, Japan ; Saito, K. ; Aoki, T.

This paper proposes a formal approach to designing Galois-field (GF) arithmetic circuits, which are widely used in modern cryptographic processors. Our method describes GF arithmetic circuits in a hierarchical manner with high-level directed graphs associated with specific GFs and arithmetic functions. The proposed circuit description can be effectively verified by symbolic computations based on polynomial reduction using Grobner bases. The verified description is then translated into the equivalent hardware description language (HDL) codes, which are available for the conventional design flow. We first describe the proposed graph representation and present an example of the description and verification. The significant advantage of the proposed approach is demonstrated through experimental designs of parallel multipliers over GF(2m) for different word lengths and irreducible polynomials. The result shows that the proposed approach has a definite capability of formally verifying practical GF arithmetic circuits for which the conventional techniques fail. We also propose an application of this approach to cryptographic processor design. The target considered here is a 128-bit advanced encryption standard (AES) data path with a loop architecture. To the best of the authors' knowledge, this is the first verification of this type of practical AES data path. We present a detailed description of the AES data path and its verification. The proposed approach successfully verifies the AES data path description within 800 s.

Published in:

Information Forensics and Security, IEEE Transactions on  (Volume:7 ,  Issue: 1 )