Proc. of the Intl. Conf.
on Recent Trends In Computing and Communication Engineering -- RTCCE 2013
Copyright © Institute of Research Engineers and Doctors. All rights reserved.
ISBN: 978-981-07-6184-4 doi:10.3850/ 978-981-07-6184-4_37
VHDL Implementation of AES-128
Richa Sharma, Purnima Gehlot, S. R. Biradar
Abstract-Security has become an increasingly
important feature with the growth of electronic
communication. The Symmetric in which the same key
value is used in both the encryption and decryption
calculations are becoming more popular. The AES
algorithm is capable of using cryptographic keys of
128, 192, and 256 bits to encrypt and decrypt data in
blocks of 128 bits. This standard is based on the
Rijndael algorithm. In this project our main concern is
to implement all modules of this algorithm on
hardware.This methodology uses VHDL
implementation of all the modules in terms of Delay
and Frequency.
Key Words- Cryptography , Secret key AES, Rijndael,
FPGA, VHDL.
I. Introduction
Nowadays cryptography has a main role in
embedded systems design. As the number of devices
and applications which send and receive data are
increasing rapidly, the data transfer rates are
becoming higher. In many applications, this data
requires a secured connection which is usually
achieved by cryptography. Cryptography is divided
in two categories first is symmetric key
cryptography (sender and receiver shares the same
key) and the second one is asymmetric key
cryptography (sender and receiver shares different
keys). Here we are concerned about symmetric key
cryptography due to its use in military application,
embedded system design, financial and legal files,
medical reports, and bank services via Internet,
telephone conversations, and e-commerce
transactions etc. Many symmetric key cryptographic
algorithms were proposed, such as the Data
Encryption Standard (DES), the Elliptic Curve
Cryptography (ECC), the Advanced Encryption
Standard (AES) and other algorithms[1]. Here the
hardware implementation of AES algorithm is
presented to increase the data transfer speed.
Richa Sharma, Purnima Gehlot (M.Tech VLSI Design)
MITS University, Lakshmangarh
INDIA
e-mail: [email protected]
Dr. S.R. Biradar (Professsor)
MITS University, Lakshmangarh
INDIA
e-mail:
[email protected]
128
173
II. The AES Algorithm
A. Background of Algorithm
The National Institute of Standards and Technology
(NIST) has initiated a process to develop a Federal
information Processing Standard (FIPS) for the
Advanced Encryption Standard (AES),specifying an
Advanced Encryption Algorithm to replace the Data
Encryption standard (DES) the Expired in 1998. The
Rijndael Algorithm was chosen since it had the best
overall scores in security, performance, efficiency,
implementation ability and flexibility[2].
B. Basic of Algorithm
The Rijndael algorithm is a symmetric block cipher
that can process data blocks of 128 bits through the
use of cipher keys with lengths of 128, 192, and 256
bits..The AES algorithm as Rijndael is also a
symmetric block cipher that can encrypt (encipher)
and decrypt (decipher) information [1]. Encryption
converts data to an unintelligible form called cipher-
text. Decryption of the cipher-text converts the data
back into its original form, which is called plaintext.
The number of rounds is depends upon the key
length as described in TableI [3].
C. Encryption and Decryption in
AES
The Basic AES Encryption and Decryption
structure with various steps is Shown in FIGURE
I.This block diagram is generic for AES
specifications. It consists of a number of different
transformations applied consecutively over the data
block bits, in a fixed number of iterations, called
rounds [2]. The number of rounds depends on the
length of the key used for the encryption process.
The Advanced Encryption Standard can be
programmed in software or built with pure
hardware[5].
TABLEI. KEY BLOCK ROUND COMBINATION
Block Size (Nb words) = 4
Bit Mode Key Length Number of
(Nk words) Rounds (Nr)
4 10
192 6 12
256 8 14
 Proc. of the Intl. Conf. on Recent Trends In Computing and Communication Engineering -- RTCCE 2013
Copyright © Institute of Research Engineers and Doctors. All rights reserved.
ISBN: 978-981-07-6184-4 doi:10.3850/ 978-981-07-6184-4_37

The hardware implementation of the Rijndael two approaches for S-box design. Design a
algorithm can provide either high performance or multiplicative inversion and affine transformation
low cost for specific applications. At backbone separately or Construct a logic circuit defining the
communication channels or heavily loaded servers it input and output of the S-box function [8].
is not possible to lose processing speed, which drops
the efficiency of the overall system while running S0,0 S0,1 S0,2 S0,3 S’0,0 S’0,1 S’0,2 S’0,3
cryptography algorithms in software [5]. On the
S1,0 S1,1 S1,2 S1,3 S’1,0 S’1,1 S’1,2 S’1,3
other hand, in the performance comparison between
software and hardware implementation the priority S2,0 S2,1 S2,2 S2,3 S’2,0 S’2,1 S’2,2 S’2,3
is to evaluate which system provides higher
S’3,0 S’3,1 S’3,2 S’3,3
security. Hardware’s inflexibility eliminates S3,0 S3,1 S3,2 S3,3
possibility for the external changes to the system,
and this result in a high quality physical security
when compared with software implementations. . A FIGURE II: Application of S-box to the Each Byte
low cost and small design can be used in smart card of the State.
applications, which allows a wide range of
equipment to operate securely.
Cipher Text(128 Bits)
Plain Text(128 Bits)
RoundKey(Nr)
RoundKey(0)
Inv Shift Row
Sub Bytes
Inv Sub byte For i= nr-1 to 1
Shift Rows For i=1 to nr-1
AddRoundKey
Mix Column
Inv Mix Column
RoundKey(i)
RoundKey(i)

Sub Bytes
Inv Shift Rows Final Round
Final Round
Shift Rows
Inv Sub Byte
RoundKey(Nr)
RoundKey(0)
Cipher Text(128 Bits)
Plain Text(128 Bits)
(a)
FIGURE I: AES Algorithm (b)

(a) Encryption structure. (b) Equivalent Decryption structure.

III. Transformations in AES B. Shift Rows Transformation

A. Sub Byte Transformation
The bytes substitution transformation is a non-linear
substitution of bytes that operates independently on
each byte of the State using a substitution table (S-
box)[2].The sub byte transform is shown in FIGURE
II. In AES hardware implementation, S-box design
contributes a major role in optimization. There are
174
In the Shift Rows transformation the bytes in the last
three rows of the State are cyclically shifted over
different numbers of bytes (offsets). The first row, r
=0, is not shifted, while the second, third and fourth
rows cyclically shift one byte, two bytes and three
bytes to the left, respectively[3].The Shift row
transform is shown in FIGURE III.
 Proc. of the Intl. Conf. on Recent Trends In Computing and Communication Engineering -- RTCCE 2013
Copyright © Institute of Research Engineers and Doctors. All rights reserved.
ISBN: 978-981-07-6184-4 doi:10.3850/ 978-981-07-6184-4_37

steps. The first Add Round Key step is applied

before starting the encryption and decryption
S0,0 S0,1 S0,2 S0,3 S0,0 S0,1 S0,2 S0,3 iterations, where in the encryption process the first
128 bits of the input key the whole key in case of
S1,0 S1,1 S1,2 S1,3 S1,1 S1,2 S1,3 S1,0 using key size of 128 bits are added to the original
data block as shown in FIGURE V. This round key
S2,0 S2,1 S2,2 S2,3 S2,2 S2,3 S2,0 S2,1
is called the initial round key [4]. It is implemented
in hardware as a simple exclusive-or operation of the
S3,0 S3,1 S3,2 S3,3 S3,3 S3,0 S3,1 S3,2
128 bit data and key.

FIGURE III: Shift Row transformation

To implement the Shift Row Function on hardware Data

we have basically two main approaches. Designing Out
it by using barrel Shifter or it can be implemented Key
by using Look up Table [8].
XOR

C. Mix Columns Transformation

This transformation is based on Galois Field
multiplication. Each byte of a column is replaced
with another value that is a function of all four bytes
in the given column. The Mix Columns
transformation is performed on the State column-by-
column [5].The mix column implementation is
shown in FIGURE IV. Each column is considered as
a four-term polynomial over GF(28) and multiplied
by a(x) modulo x4 + 1, Where
a(x) = {03}x3 + {01}x2 + {01}x + {02}.
FIGURE V: Hardware Implementation of Add
Round Key
2) Key Expansion
The key expansion term is used to describe the
operation of generating all Round Keys from the
original input key. The initial round key will be the
original key in case of encryption and the last group
of the generated key expansion keys in case of
decryption[6]. The whole operation is shown in
FIGURE VI.

S0,0 Left shift by 1

S-BOX
S1,0 Left shift by 1
K0,0 K0,1 K0,2 K0,3 RCON
S2,0
K1,0 K1,1 K1,2 K1,3
S3,0 K2,0 K2,1 K2,2 K2,3
K3,0 K3,1 K3,2 K3,3

S'0,0

FIGURE IV: Mix Column Transformation in

Matrix Form
K’0,0 K’0,1 K’0,2 K’0,3
D.Add Round Key and Key K’1,0 K’1,1 K’1,2 K’1,3
Expansion Unit
K’2,0 K’2,1 K’2,2 K’2,3
1) Add Round Key
K’3,0 K’3,1 K’3,2 K’3,3
Add Round Key step is applied one extra time
comparing to the other encryption and decryption
175 FIGURE VI: Implementation of Key Expansion
 Proc. of the Intl. Conf. on Recent Trends In Computing and Communication Engineering -- RTCCE 2013
Copyright © Institute of Research Engineers and Doctors. All rights reserved.
ISBN: 978-981-07-6184-4 doi:10.3850/ 978-981-07-6184-4_37

IV. Simulations and Results Future Work

VHDL is used as the hardware description language As in this whole work we are trying to reduce the
because of the flexibility to exchange among delay by applying different techniques so need to
environments. The software used for this work is work to minimize more delay as well as to
Xilinx 6.1i and the waveforms are simulated with implement the algorithm in Different applications as
the help of model sim simulator. This is used for in Bluetooth, cloud computing etc.
writing, debugging, simulating and checking the
performance results using the simulation tools
available on Xilinx 6.1i. The delay is calculated with References
three different Device families [3]. The delay have
been generated as result is shown in TABLE II. As [1] Xinmiao Zhang and Keshab K. Parhi “Implementation
different Delay calculations by virtex 2. The Approaches for the Advanced Encryption Standard Algorithm”
IEEE 2002.
interface and RTL for Encryption and Decryption is [2] Hui QIN, Tsutomu SASAO, Yukihiro IGUCHI “An FPGA
shown in FIGURE VII. Design of AES Encryption Circuit with 128-bit Keys”
GLSVLSI’05, ACM 2005
[3]Chih-Peng Fanand and Jun-Kui Hwang “FPGA
TABLE II. Delay and Frequency of Different Implementations Of High Throughput Sequential And Fully
Modules Pipelined AES Algorithm” International journal of Electrical
Engineering, vol.15, no.6, pp. 447-455, 2008.
Modules Delay (ns) Frequency [4] Mehran Mozaffari-Kermani and Arash Reyhani-Masoleh
“Efficient and High Performance Parallel Hardware
(MHz) Architecture for the AES-GCM” IEEE Transactions On
Sub Byte 10.69 93.54 Computers, vol.61, no. 8, August 2012.
[5] Saambhavi Baskaran and Pachamuthu Rajalakshmi “Hardware
Software Co-Design of AES on FPGA” ICACCI ’12,ACM
Shift Rows 7.158 139.70 August 2012.
[6] Ashwini M. Deshpande, Mangesh S. Deshpande and Devendra
N. Kayatanavar “FPGA Implementation of AES Encryption
Mix Column 8.168 122.428 and Decryption” International Conference on Control,
Automation, Communication and Energy conservation -2009
[7] X. Zhang and K. K. Parhi, “High-speed VLSI architectures for
Key 13.475 74.211 the AES algorithm,”IEEE Transactions on Very Large Scale
Expansion Integration Systems, vol.12, issue 9, pp.95 967, Sep. 2004.
[8] Jin Gong ,Wenyi Liu, Huixin Zhang “Multiple Lookup Table-
Based AES Encryption Algorithm Implementation” Elseveir-
Plaintext/Ciphertext 2012 vol.25 pg no.842 – 847.
128-bit Clk1 Encryption/
Decryption Output
En=1 or 0 128-Bit
128-Bit Key Ms. Richa Sharma has completed her B.E in
Round Input Electronics and communication from
RCEW, Jaipur (Raj) and Pursuing her
M.Tech in VLSI Design from MITS,
Clk2 Key Schedule Lakshmangarh,India.Her research interest
Secret Key Generation includes network security and privacy.
128/192/256

Ms. Purnima Gehlot has completed her B.E.

FIGURE VII: RTL for Encryption and Decryption in Electronics and communication from
MIT, Ujjain (M.P), and Pursuing her M.Tech
in VLSI Design from MITS,
Lakshmangarh,India. Her research interest
includes network security and privacy.
Conclusion
As the cryptography is playing the major role in
today’s world. So the frequency is the main concern Mr. S.R. Biradar is a Professor in the
department of Computer Science and
so that the time period can be minimized. Here in Engineering, MITS, Lakshmangarh, India. He
this report we have explained about the basics of received his B.E,M.Tech and Ph.D degrees in
AES algorithm and the implementation of its Computer Science and Engineering from
modules by using VHDL. Here the simulations are Karnataka University, MAHE Manipal and
Jadavpur Universityrespectively. His research
performed with different device families. The interest includes Mobile Ad-hoc networking,
software we have used is Xilinx6.1i and the advanced wireless communication.
waveforms are simulated with model sim simulator.

176