The Data Encryption Standard (DES) has been an encryption standard used by the United States federal government for many years. Recently, however, faster computers and better algorithms have caused concern that DES might easily be cracked; therefore, a more secure standard was desired.
The search for a replacement to DES started in January 1997 when the National Institute of Standards and Technology (NIST) announced that it was looking for an Advanced Encryption Standard. In October 2000, NIST announced their selection: the Rijndael algorithm developed by Joan Daemen and Vincent Rijmen of Belgium.
The Advanced Encryption Standard (AES) algorithm is a version of the Rijndael algorithm. The AES algorithm is a cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called ciphertext; decrypting the ciphertext converts the data back into its original form, called plaintext. The AES algorithm is capable of using cryptographic keys of 128, 192 and 256 bits to encrypt and decrypt data in blocks of 128 bits. The document Announcing the Advanced Encryption Standard (AES) published as the Federal Information Processing Standards Publication 197 on Nov. 26, 2001 is hereby incorporated by reference. The Rijndael proposal, AES Proposal: Rijndael, version 2, dated Mar. 9, 1999 is also hereby incorporated by reference.
Although the Rijndael algorithm is written in such a way that block length or key length can easily be extended in multiples of 32-bits (for example block sizes of 128, 192 or 256 bits), the AES algorithm only specifies a 128-bit block size and the key sizes given above. The AES algorithm is specifically designed for efficient implementation in hardware or software on a range of processors. Although software implementation of the AES algorithm is relatively easy, the processing time is slower. Thus, many high-speed implementations of the AES algorithm focus on a hardware design.
For example, many hardware implementations use pipelining and/or unrolling to speed up the processing of the algorithm. But, while pipelining and/or unrolling certain cryptographic algorithms makes for an easier-to-route, higher-performance hardware core with a small area, it often makes the interface timing very restrictive.
But, the input and output words of these previous methods need to interface to the hardware core within a fixed time. This inflexibility makes these hardware cores very difficult to use, and in some cases, results in a larger system than if discrete hardware cores for each individual encryption operation had been used.
Therefore, an improved hardware implementation of the AES algorithm is desired that has none of the inflexibility of these previous methods.