1. Technical Field
The present invention embodiments pertain to data encoding or encryption. In particular, the present invention embodiments pertain to expansion of keys for data encryption by using logic modules and available clock cycles of a data encryption process or loop to enhance throughput and reduce space for a data encoder on a chip.
2. Discussion of Related Art
The Advanced Encryption Standard (AES) algorithm is a block cipher type of encoding that has been accepted as an encryption standard. AES includes a fixed data block size of 128 bits (e.g., or 16 bytes (128 bits/8 bits per byte)) and key sizes of 128, 192 or 256 bits, where the algorithm operates on an array of bytes arranged into four rows by four columns. A series of processing activities are repeated to form rounds of keyed transformations between input data and the resulting encoded or encrypted data. Specifically, each byte in the array is initially substituted with data from a look-up table, and the array rows are cyclically shifted left by an offset. The first row of the array remains unchanged, while an offset is applied to shift the bytes within the remaining array rows. The four bytes of each column are subsequently multiplied with a fixed polynomial or function, and a subkey for each round (derived from a main key) is combined by an XOR operation with the array (i.e., each byte of the array is combined with a corresponding byte of the subkey) to produce resulting data for the round. This process is repeated for subsequent rounds utilizing the resulting data from a previous round. In the event of a final round, the resulting data from the final round serves as the final encoded data.
In the AES algorithm, a key of 128, 192, or 256 bits is used to create an encrypted 128-bit cyphertext data packet from a 128-bit plaintext value. A set of operations is applied to the data for a number of rounds that is determined by the key length, where: 10 rounds are provided for a 128-bit key; 12 rounds are provided for a 192-bit key; and 14 rounds are provided for a 256-bit key. Each round applies unique key data to the intermediate data value determined for that round. In addition, the key data is applied to the plaintext input prior to the start of the encryption algorithm. Since the key length is substantially shorter than the total amount of unique key data that needs to be applied, the key data has to be expanded. This expansion produces 1408, 1664, or 1920 bits of unique key data for the 128, 192, or 256-bit key. The key expansion algorithm consists of byte rotation, byte substitution, and Galois multiplication by a round constant.
The expanded key is currently provided by either loading the pre-expanded key (computed offline) into the AES algorithm, or by expanding the key each time the AES algorithm is performed using dedicated key expansion logic. In both of these cases, the amount of digital logic needed to implement the AES algorithm is sub-optimal. In the case where a pre-expanded key is used, the data storage for the key increases dramatically from approximately seven and one-half to eleven times the number of storage elements required for a key expanded with each execution of the scheme. By way of example, a 128-bit key requires 1408 bits of an expanded key (i.e., eleven times the number of storage elements for the 128 bit key). Further, expansion of the key with each performance of the scheme requires additional logic resources to compute the expanded key.