Abstract: Cryptography is a method that has been developed to ensure the secrecy of messages and transfer data securely. Advanced Encryption Standard (AES) has been made as the first choice for many critical applications because of the high level of security and the fast hardware and software implementations, many of which are power and resource constrained and requires reliable and efficient hardware implementations. Naturally occurring and maliciously injected faults reduce the reliability of Advanced Encryption Standard (AES) and may leak confidential information. In this paper, a lightweight concurrent fault detection scheme for the AES is presented. In the proposed approach, the composite field S-box and inverse S-box are divided into blocks and the predicted parities of these blocks are obtained. For high speed applications, S-box implementation based on lookup tables is avoided. Instead, logic gate implementations based on composite fields are utilized. A compact architecture for the AES Mix-columns operation and its inverse is also presented. This parity-based fault detection scheme reaches the maximum fault coverage when compared to other methods of fault detection. The proposed fault detection technique for AES encryption and decryption has the least area and power consumption compared to their counterparts with similar fault detection capabilities. Index terms: AES, composite fields, parity prediction, fault detection, S-box.
This document proposes and evaluates several designs for implementing the AES encryption algorithm in hardware. It presents new composite field constructions for the AES S-box that improve on prior work in terms of implementation area and speed. It also introduces a novel fault-tolerant AES model that incorporates Hamming error correction codes to detect and correct single event upsets, making it suitable for use in space-based applications. The designs are implemented on an FPGA and evaluation shows improvements in area requirements, timing, and power consumption compared to previous implementations.
The Journal of MC Square Scientific Research is published by MC Square Publication on the monthly basis. It aims to publish original research papers devoted to wide areas in various disciplines of science and engineering and their applications in industry. This journal is basically devoted to interdisciplinary research in Science, Engineering and Technology, which can improve the technology being used in industry. The real-life problems involve multi-disciplinary knowledge, and thus strong inter-disciplinary approach is the need of the research.
This document provides a review of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP) over large finite fields using parallel Pollard's Rho methods. It first introduces ECDLP and its importance in elliptic curve cryptography. It then discusses how parallel Pollard's Rho algorithms can help solve ECDLP problems more efficiently by exploiting parallel architectures like CPU clusters. The document reviews related work on improving the Pollard's Rho method and prior successes in solving challenging ECDLP problems using parallel computing technologies. It emphasizes that continuously evaluating new attacks and improvements to existing attacks on ECDLP over large fields is important as elliptic curve cryptosystems are widely used.
This PPT is intended to provide a thorough coverage of verilog HDL concepts based on fundamental principles of digital design. This is the basic fundamental concept for the programming of the digital electronics.
This document discusses basic concepts in Verilog HDL including lexical conventions, data types, and system tasks and compiler directives. It covers topics such as keywords, operators, numbers, comments, nets, registers, vectors, integer/real/time data types, arrays, memories, parameters, and strings. Examples of system tasks like $display, $monitor, $stop, and $finish are provided along with examples of compiler directives like `define and `include.
The document discusses intermediate code generation in compilers. It describes how compilers take source code and convert it to an intermediate representation that is then converted to machine code. The intermediate code is machine independent, allowing portability. It can be optimized before generating target code. Common intermediate representations discussed include postfix notation, three-address code using quadruples or triples, and syntax trees.
The document discusses the C programming language. It notes that C is commonly used for embedded systems as it produces efficient code and is portable across processors. The history of C is described, including its origins in the late 1960s/early 1970s at Bell Labs as a system programming language derived from B and BCPL. Examples of Hello World and Euclid's algorithm in C are provided to illustrate basic C syntax and constructs. Key aspects of C like types, expressions, functions, and memory management are summarized.
Digital Circuit Verification Hardware Descriptive Language VerilogAbhiraj Bohra
This document discusses digital system design and digital circuit verification using hardware description languages like Verilog. It provides examples of using structural and dataflow modeling in Verilog to describe a 4-to-1 multiplexer and a 2-to-4 decoder. It also demonstrates writing a test bench to apply stimulus and observe the response of a combinational logic circuit during simulation.
This document proposes and evaluates several designs for implementing the AES encryption algorithm in hardware. It presents new composite field constructions for the AES S-box that improve on prior work in terms of implementation area and speed. It also introduces a novel fault-tolerant AES model that incorporates Hamming error correction codes to detect and correct single event upsets, making it suitable for use in space-based applications. The designs are implemented on an FPGA and evaluation shows improvements in area requirements, timing, and power consumption compared to previous implementations.
The Journal of MC Square Scientific Research is published by MC Square Publication on the monthly basis. It aims to publish original research papers devoted to wide areas in various disciplines of science and engineering and their applications in industry. This journal is basically devoted to interdisciplinary research in Science, Engineering and Technology, which can improve the technology being used in industry. The real-life problems involve multi-disciplinary knowledge, and thus strong inter-disciplinary approach is the need of the research.
This document provides a review of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP) over large finite fields using parallel Pollard's Rho methods. It first introduces ECDLP and its importance in elliptic curve cryptography. It then discusses how parallel Pollard's Rho algorithms can help solve ECDLP problems more efficiently by exploiting parallel architectures like CPU clusters. The document reviews related work on improving the Pollard's Rho method and prior successes in solving challenging ECDLP problems using parallel computing technologies. It emphasizes that continuously evaluating new attacks and improvements to existing attacks on ECDLP over large fields is important as elliptic curve cryptosystems are widely used.
This PPT is intended to provide a thorough coverage of verilog HDL concepts based on fundamental principles of digital design. This is the basic fundamental concept for the programming of the digital electronics.
This document discusses basic concepts in Verilog HDL including lexical conventions, data types, and system tasks and compiler directives. It covers topics such as keywords, operators, numbers, comments, nets, registers, vectors, integer/real/time data types, arrays, memories, parameters, and strings. Examples of system tasks like $display, $monitor, $stop, and $finish are provided along with examples of compiler directives like `define and `include.
The document discusses intermediate code generation in compilers. It describes how compilers take source code and convert it to an intermediate representation that is then converted to machine code. The intermediate code is machine independent, allowing portability. It can be optimized before generating target code. Common intermediate representations discussed include postfix notation, three-address code using quadruples or triples, and syntax trees.
The document discusses the C programming language. It notes that C is commonly used for embedded systems as it produces efficient code and is portable across processors. The history of C is described, including its origins in the late 1960s/early 1970s at Bell Labs as a system programming language derived from B and BCPL. Examples of Hello World and Euclid's algorithm in C are provided to illustrate basic C syntax and constructs. Key aspects of C like types, expressions, functions, and memory management are summarized.
Digital Circuit Verification Hardware Descriptive Language VerilogAbhiraj Bohra
This document discusses digital system design and digital circuit verification using hardware description languages like Verilog. It provides examples of using structural and dataflow modeling in Verilog to describe a 4-to-1 multiplexer and a 2-to-4 decoder. It also demonstrates writing a test bench to apply stimulus and observe the response of a combinational logic circuit during simulation.
Implementation and Comparison of Efficient 16-Bit SQRT CSLA Using Parity Pres...IJERA Editor
In Very Large Scale Integration (VLSI) outlines, Carry Select Adder (CSLA) is one of the quickest adder utilized as a part of numerous data processing processors to perform quick number crunching capacities. In this paper we proposed the design of SQRT CSLA using parity preserving reversible gate (P2RG). Reversible logic is emerging field in today VLSI design. In conventional circuits, the logic gates such as AND gate, OR gate is irreversible in nature and computing with irreversible logic results in energy dissipation. This problem can be circumvented by using reversible logic. In ideal condition, the reversible logic gate produces zero power dissipation. The proposed design is efficient in terms of delay as compare to irreversible SQRT CSLA. The simulation is done using Xilinx.
This document proposes and evaluates novel encoding and decoding algorithms for block turbo codes over Rayleigh fading channels. It describes block codes of different lengths and their error correction capabilities. Simulation results show that longer block codes provide higher gain and error correction compared to shorter codes, though complexity increases with length. When single block codes are used, error correction is lower, but using block turbo codes doubles the error correction capacity. Performance is evaluated for various block codes transmitting random data, voice signals, and images over additive white Gaussian noise channels. The proposed block turbo codes provide improved error correction compared to single block codes.
The document discusses constructing a directed acyclic graph (DAG) to represent the computation of values in a basic block of code. It describes how to build the DAG by processing each statement and creating nodes for operators and values. The DAG makes it possible to analyze the code block to optimize computations by removing duplicate subexpressions and determine which values are used inside and outside the block.
Verilog Tutorial - Verilog HDL Tutorial with ExamplesE2MATRIX
E2MATRIX Research Lab
Opp Phagwara Bus Stand, Backside Axis Bank,
Parmar Complex, Phagwara Punjab (India).
Contact : +91 9041262727
web: www.e2matrix.com -- email: support@e2matrix.com
Simulation tools typically accept full set of Verilog language constructs
Some language constructs and their use in a Verilog description make simulation efficient and are ignored by synthesis tools
Synthesis tools typically accept only a subset of the full Verilog language constructs
In this presentation, Verilog language constructs not supported in Synopsys FPGA Express are in red italics
There are other restrictions not detailed here, see [2].
The Module Concept
Basic design unit
Modules are:
Declared
Instantiated
Modules declarations cannot be nested
Power and Delay Analysis of Logic Circuits Using Reversible GatesRSIS International
This paper determines the propagation delay and on
chip power consumed by each basic and universal gates and
basic arithmetic functions designed using existing reversible
gates through VHDL. Hence a designer can choose the best
reversible gates to use for any logic circuit design. The paper
does a look up table analysis of truth tables of the reversible
gates to find the occurrence of the AND OR, NAND, NOR and
basic arithmetic functions, useful to build complex combinational
digital logic circuits.
The document discusses circuit partitioning and describes it as a graph partitioning problem that can be modeled as a hypergraph partitioning problem. It outlines the objectives and constraints of partitioning at different levels, including minimizing cut size and balancing partition sizes. Partitioning algorithms are classified based on whether they use an initial partitioning or construct partitions, whether they are deterministic or probabilistic, and common approaches like group migration and simulated annealing are described.
The document describes the design and simulation of basic logic gates and a 2-to-4 decoder using Verilog HDL. It includes the block diagrams, truth tables, and Verilog code for AND, OR, NAND, NOR, XOR, XNOR and NOT gates. Testbenches are provided to simulate and verify the gate designs. The 2-to-4 decoder section provides the block diagram, theory of operation, and Verilog code using dataflow, behavioral and structural modeling styles. A testbench is also included to simulate the 2-to-4 decoder design.
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
This document discusses the implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) using variable text message encryption methods. It begins with an abstract that outlines ECDSA, its advantages over other digital signature algorithms like smaller key size, and implementation of ECDSA over elliptic curves P-192 and P-256 with variable size text message, fixed size text message, and text based message encryption. It then provides details on elliptic curve cryptography, the elliptic curve discrete logarithm problem, finite fields, and domain parameters for ECDSA.
This topic-based on Compiler Design Subject, III B.Tech-CSE Students, Intermediate Code Generation is the 3rd module of compiler design subject, these topics totally related to the second subjective assignment of Academic Writing in Swayam online course.
Verilog HDL is used to model digital circuits at different levels of abstraction. There are several modeling styles in Verilog including structural, dataflow, behavioral, and mixed modeling. Structural modeling connects instances of modules through nets, dataflow uses continuous assignments, and behavioral describes algorithms without hardware details. Modules have interfaces with input, output, and inout ports that connect to external signals. Simulation verifies designs operate as required and uses the `timescale directive to specify time units for delays.
The document discusses intermediate code in compilers. It defines intermediate code as the interface between a compiler's front end and back end. Using an intermediate representation facilitates retargeting a compiler to different machines and applying machine-independent optimizations. The document then describes different types of intermediate code like triples, quadruples and SSA form. It provides details on three-address code including quadruples, triples and indirect triples. It also discusses addressing of array elements and provides an example of translating a C program to intermediate code.
This presentation of ROBO INDIA comprises all of the elements that must be known to learn the programming language C.
This ppt also explains all these topics in details.
We welcome all you views and queries. Please write us, we are found at-
website: http://roboindia.com
mail: info@roboindia.com
Design and minimization of reversible programmable logic arrays and its reali...Sajib Mitra
Reversible computing dissipates zero energy in terms of information loss at input and also it can detect error of circuit by keeping unique input-output mapping. In this paper, we have proposed a cost effective design of Reversible Programmable Logic Arrays (RPLAs) which is able to realize multi-output ESOP (Exclusive-OR Sum-Of-Product) functions by using a cost effective 3×3 reversible gate, called MG (MUX Gate). Also a new algorithm has been proposed for the calculation of critical path delay of reversible PLAs. The minimization processes consist of algorithms for ordering of output functions followed by the ordering of products. Five lower bounds on the numbers of gates, garbage and quantum costs of reversible PLAs are also proposed. Finally, we have compared the efficiency of proposed design with the existing one by providing benchmark functions analysis. The experimental results show that the proposed design outperforms the existing one in terms of numbers of gates, garbage, quantum costs and delay.
A SURVEY ON ELLIPTIC CURVE DIGITAL SIGNATURE ALGORITHM AND ITS VARIANTScsandit
The Elliptic Curve Digital Signature Algorithm (ECDSA) is an elliptic curve variant of the
Digital Signature Algorithm (DSA). It gives cryptographically strong digital signatures making
use of Elliptic curve discrete logarithmic problem. It uses arithmetic with much smaller
numbers 160/256 bits instead of 1024/2048 bits in RSA and DSA and provides the same level of
security. The ECDSA was accepted in 1999 as an ANSI standard, and was accepted in 2000 as
IEEE and NIST standards. It was also accepted in 1998 as an ISO standard. Many cryptologist
have studied security aspects of ECDSA and proposed different variants. In this paper, we
discuss a detailed analysis of the original ECDSA and all its available variants in terms of the
security level and execution time of all the phases. To the best of our knowledge, this is a unique
attempt to juxtapose and compare the ECDSA with all of its variants.
This document presents the design and implementation of an FPGA-based BCH decoder. It discusses BCH codes, which are binary error-correcting codes used in wireless communications. The implemented decoder is for a (15, 5, 3) BCH code, meaning it can correct up to 3 errors in a block of 15 bits. The decoder uses a serial input/output architecture and is implemented using VHDL on a FPGA device. It performs BCH decoding through syndrome calculation, running the Berlekamp-Massey algorithm to solve the key equation, and using Chien search to find error locations. The simulation result verifies correct decoding operation.
The document discusses intermediate code generation in compilers. It describes how compilers generate intermediate code representations after parsing source code. Intermediate representations allow separating the front-end and back-end of compilers, facilitating code optimization and retargeting compilers to different architectures. Common intermediate representations discussed include abstract syntax trees, postfix notation, static single assignment form, and three-address instructions. The document also provides examples of generating three-address code using syntax-directed translation.
This document summarizes an academic paper presented at the International Conference on Emerging Trends in Engineering and Management in 2014. The paper proposes a design and implementation of an elliptic curve scalar multiplier on a field programmable gate array (FPGA) using the Karatsuba algorithm. It aims to reduce hardware complexity by using a polynomial basis representation of finite fields and projective coordinate representation of elliptic curves. Key mathematical concepts like finite fields, point addition, and point doubling that are important to elliptic curve cryptography are also discussed at a high level.
Efficient Design of Reversible Sequential CircuitIOSR Journals
This document presents the design of efficient reversible sequential circuits. It proposes two new reversible logic gates called MG-1 and MG-2. Using these gates, new designs for reversible D latches and JK latches are presented. The proposed designs are more efficient than existing designs in terms of number of gates, garbage outputs, and delay. Comparisons show the proposed D latch uses one gate with one garbage output and unit delay, while existing designs require more gates and garbage outputs or higher delay. The proposed JK latch uses two gates with two garbage outputs and unit delay, outperforming existing designs.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
All optical single module phase encoded half-adder and halfsubtractor exploit...IOSR Journals
The development of all optical super fast arithmetic logic unit (ALU) is one of the most important
requirement for construction of super fast all optical processor. All optical half-adder and half-subtractor have
performed most of the essential functions of the arithmetic logic unit. Here in this paper the author has
proposed a scheme of single module for phase encoded simultaneous operation of half-addition and halfsubtraction
for the same input bits using four wave mixing (FWM) in semiconductor optical amplifier (SOA).
This type of single module for simultaneous operations using phase encoding based on the difference of phase
with the reference signal one through FWM in SOA will gives fast response to accomplish the demand of super
fast all optical processing
This document presents a study on the optimal design of a bi-layer perforated electromagnetic shield using an improved particle swarm optimization (IPSO) algorithm. The study formulates the problem of minimizing the effective mass of the shield while meeting a target shielding effectiveness. It describes using a bi-layer of copper and permalloy with air holes to reduce mass. The IPSO algorithm is applied to determine the optimum thickness of each layer to minimize the effective mass subject to achieving an acceptable shielding effectiveness level based on standards. Simulation results show the proposed IPSO method finds solutions that provide shielding effectiveness comparable to standard values.
Implementation and Comparison of Efficient 16-Bit SQRT CSLA Using Parity Pres...IJERA Editor
In Very Large Scale Integration (VLSI) outlines, Carry Select Adder (CSLA) is one of the quickest adder utilized as a part of numerous data processing processors to perform quick number crunching capacities. In this paper we proposed the design of SQRT CSLA using parity preserving reversible gate (P2RG). Reversible logic is emerging field in today VLSI design. In conventional circuits, the logic gates such as AND gate, OR gate is irreversible in nature and computing with irreversible logic results in energy dissipation. This problem can be circumvented by using reversible logic. In ideal condition, the reversible logic gate produces zero power dissipation. The proposed design is efficient in terms of delay as compare to irreversible SQRT CSLA. The simulation is done using Xilinx.
This document proposes and evaluates novel encoding and decoding algorithms for block turbo codes over Rayleigh fading channels. It describes block codes of different lengths and their error correction capabilities. Simulation results show that longer block codes provide higher gain and error correction compared to shorter codes, though complexity increases with length. When single block codes are used, error correction is lower, but using block turbo codes doubles the error correction capacity. Performance is evaluated for various block codes transmitting random data, voice signals, and images over additive white Gaussian noise channels. The proposed block turbo codes provide improved error correction compared to single block codes.
The document discusses constructing a directed acyclic graph (DAG) to represent the computation of values in a basic block of code. It describes how to build the DAG by processing each statement and creating nodes for operators and values. The DAG makes it possible to analyze the code block to optimize computations by removing duplicate subexpressions and determine which values are used inside and outside the block.
Verilog Tutorial - Verilog HDL Tutorial with ExamplesE2MATRIX
E2MATRIX Research Lab
Opp Phagwara Bus Stand, Backside Axis Bank,
Parmar Complex, Phagwara Punjab (India).
Contact : +91 9041262727
web: www.e2matrix.com -- email: support@e2matrix.com
Simulation tools typically accept full set of Verilog language constructs
Some language constructs and their use in a Verilog description make simulation efficient and are ignored by synthesis tools
Synthesis tools typically accept only a subset of the full Verilog language constructs
In this presentation, Verilog language constructs not supported in Synopsys FPGA Express are in red italics
There are other restrictions not detailed here, see [2].
The Module Concept
Basic design unit
Modules are:
Declared
Instantiated
Modules declarations cannot be nested
Power and Delay Analysis of Logic Circuits Using Reversible GatesRSIS International
This paper determines the propagation delay and on
chip power consumed by each basic and universal gates and
basic arithmetic functions designed using existing reversible
gates through VHDL. Hence a designer can choose the best
reversible gates to use for any logic circuit design. The paper
does a look up table analysis of truth tables of the reversible
gates to find the occurrence of the AND OR, NAND, NOR and
basic arithmetic functions, useful to build complex combinational
digital logic circuits.
The document discusses circuit partitioning and describes it as a graph partitioning problem that can be modeled as a hypergraph partitioning problem. It outlines the objectives and constraints of partitioning at different levels, including minimizing cut size and balancing partition sizes. Partitioning algorithms are classified based on whether they use an initial partitioning or construct partitions, whether they are deterministic or probabilistic, and common approaches like group migration and simulated annealing are described.
The document describes the design and simulation of basic logic gates and a 2-to-4 decoder using Verilog HDL. It includes the block diagrams, truth tables, and Verilog code for AND, OR, NAND, NOR, XOR, XNOR and NOT gates. Testbenches are provided to simulate and verify the gate designs. The 2-to-4 decoder section provides the block diagram, theory of operation, and Verilog code using dataflow, behavioral and structural modeling styles. A testbench is also included to simulate the 2-to-4 decoder design.
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
This document discusses the implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) using variable text message encryption methods. It begins with an abstract that outlines ECDSA, its advantages over other digital signature algorithms like smaller key size, and implementation of ECDSA over elliptic curves P-192 and P-256 with variable size text message, fixed size text message, and text based message encryption. It then provides details on elliptic curve cryptography, the elliptic curve discrete logarithm problem, finite fields, and domain parameters for ECDSA.
This topic-based on Compiler Design Subject, III B.Tech-CSE Students, Intermediate Code Generation is the 3rd module of compiler design subject, these topics totally related to the second subjective assignment of Academic Writing in Swayam online course.
Verilog HDL is used to model digital circuits at different levels of abstraction. There are several modeling styles in Verilog including structural, dataflow, behavioral, and mixed modeling. Structural modeling connects instances of modules through nets, dataflow uses continuous assignments, and behavioral describes algorithms without hardware details. Modules have interfaces with input, output, and inout ports that connect to external signals. Simulation verifies designs operate as required and uses the `timescale directive to specify time units for delays.
The document discusses intermediate code in compilers. It defines intermediate code as the interface between a compiler's front end and back end. Using an intermediate representation facilitates retargeting a compiler to different machines and applying machine-independent optimizations. The document then describes different types of intermediate code like triples, quadruples and SSA form. It provides details on three-address code including quadruples, triples and indirect triples. It also discusses addressing of array elements and provides an example of translating a C program to intermediate code.
This presentation of ROBO INDIA comprises all of the elements that must be known to learn the programming language C.
This ppt also explains all these topics in details.
We welcome all you views and queries. Please write us, we are found at-
website: http://roboindia.com
mail: info@roboindia.com
Design and minimization of reversible programmable logic arrays and its reali...Sajib Mitra
Reversible computing dissipates zero energy in terms of information loss at input and also it can detect error of circuit by keeping unique input-output mapping. In this paper, we have proposed a cost effective design of Reversible Programmable Logic Arrays (RPLAs) which is able to realize multi-output ESOP (Exclusive-OR Sum-Of-Product) functions by using a cost effective 3×3 reversible gate, called MG (MUX Gate). Also a new algorithm has been proposed for the calculation of critical path delay of reversible PLAs. The minimization processes consist of algorithms for ordering of output functions followed by the ordering of products. Five lower bounds on the numbers of gates, garbage and quantum costs of reversible PLAs are also proposed. Finally, we have compared the efficiency of proposed design with the existing one by providing benchmark functions analysis. The experimental results show that the proposed design outperforms the existing one in terms of numbers of gates, garbage, quantum costs and delay.
A SURVEY ON ELLIPTIC CURVE DIGITAL SIGNATURE ALGORITHM AND ITS VARIANTScsandit
The Elliptic Curve Digital Signature Algorithm (ECDSA) is an elliptic curve variant of the
Digital Signature Algorithm (DSA). It gives cryptographically strong digital signatures making
use of Elliptic curve discrete logarithmic problem. It uses arithmetic with much smaller
numbers 160/256 bits instead of 1024/2048 bits in RSA and DSA and provides the same level of
security. The ECDSA was accepted in 1999 as an ANSI standard, and was accepted in 2000 as
IEEE and NIST standards. It was also accepted in 1998 as an ISO standard. Many cryptologist
have studied security aspects of ECDSA and proposed different variants. In this paper, we
discuss a detailed analysis of the original ECDSA and all its available variants in terms of the
security level and execution time of all the phases. To the best of our knowledge, this is a unique
attempt to juxtapose and compare the ECDSA with all of its variants.
This document presents the design and implementation of an FPGA-based BCH decoder. It discusses BCH codes, which are binary error-correcting codes used in wireless communications. The implemented decoder is for a (15, 5, 3) BCH code, meaning it can correct up to 3 errors in a block of 15 bits. The decoder uses a serial input/output architecture and is implemented using VHDL on a FPGA device. It performs BCH decoding through syndrome calculation, running the Berlekamp-Massey algorithm to solve the key equation, and using Chien search to find error locations. The simulation result verifies correct decoding operation.
The document discusses intermediate code generation in compilers. It describes how compilers generate intermediate code representations after parsing source code. Intermediate representations allow separating the front-end and back-end of compilers, facilitating code optimization and retargeting compilers to different architectures. Common intermediate representations discussed include abstract syntax trees, postfix notation, static single assignment form, and three-address instructions. The document also provides examples of generating three-address code using syntax-directed translation.
This document summarizes an academic paper presented at the International Conference on Emerging Trends in Engineering and Management in 2014. The paper proposes a design and implementation of an elliptic curve scalar multiplier on a field programmable gate array (FPGA) using the Karatsuba algorithm. It aims to reduce hardware complexity by using a polynomial basis representation of finite fields and projective coordinate representation of elliptic curves. Key mathematical concepts like finite fields, point addition, and point doubling that are important to elliptic curve cryptography are also discussed at a high level.
Efficient Design of Reversible Sequential CircuitIOSR Journals
This document presents the design of efficient reversible sequential circuits. It proposes two new reversible logic gates called MG-1 and MG-2. Using these gates, new designs for reversible D latches and JK latches are presented. The proposed designs are more efficient than existing designs in terms of number of gates, garbage outputs, and delay. Comparisons show the proposed D latch uses one gate with one garbage output and unit delay, while existing designs require more gates and garbage outputs or higher delay. The proposed JK latch uses two gates with two garbage outputs and unit delay, outperforming existing designs.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
All optical single module phase encoded half-adder and halfsubtractor exploit...IOSR Journals
The development of all optical super fast arithmetic logic unit (ALU) is one of the most important
requirement for construction of super fast all optical processor. All optical half-adder and half-subtractor have
performed most of the essential functions of the arithmetic logic unit. Here in this paper the author has
proposed a scheme of single module for phase encoded simultaneous operation of half-addition and halfsubtraction
for the same input bits using four wave mixing (FWM) in semiconductor optical amplifier (SOA).
This type of single module for simultaneous operations using phase encoding based on the difference of phase
with the reference signal one through FWM in SOA will gives fast response to accomplish the demand of super
fast all optical processing
This document presents a study on the optimal design of a bi-layer perforated electromagnetic shield using an improved particle swarm optimization (IPSO) algorithm. The study formulates the problem of minimizing the effective mass of the shield while meeting a target shielding effectiveness. It describes using a bi-layer of copper and permalloy with air holes to reduce mass. The IPSO algorithm is applied to determine the optimum thickness of each layer to minimize the effective mass subject to achieving an acceptable shielding effectiveness level based on standards. Simulation results show the proposed IPSO method finds solutions that provide shielding effectiveness comparable to standard values.
Review and Performance Comparison of Distributed Wireless Reprogramming Proto...IOSR Journals
Abstract:A Reprogramming service should be efficient, reliable and secured in Wireless sensor network.
Wireless reprogramming for wireless sensor network emphasize over the process of changing or improving the
functionality of simulation or existing code. For challenging and on demand security purpose, secure and
distributed routing protocols such as SDRP and ISDRP were developed. This paper reviews and compares the
propagation delay for two reprogramming protocols, SDRP and ISDRP, which based on hierarchy of energies
in network. Both are based on identity-based cryptography. But in the improved protocol the keys are
distributed to the network as per the sorting and communication capabilities to improve the broadcast or
communication nature of the network. Moreover, ISDRP demonstrates the security concepts, which deals over
the key encryption properties using heap sort algorithm and the confidentiality parameter is enhanced by
changing the private key values after certain interval of time for cluster head in respect to different public keys.
The ISDRP shows high efficiency rate clearly with the throughput and propagation results by implementation in
practice over SRDP.
Keywords: identity-based cryptography,ISDRP, heapsort algorithm, Reprogramming, SDRP, Wireless sensor
network.
This document discusses techniques for measuring wear of bulk materials and advanced surface coatings. It begins by defining wear and explaining that wear occurs even in the hardest materials through mechanisms like plastic deformation and brittle fracture. It then discusses that wear testing is important for minimizing component failure in industries. Various wear testing techniques are described, including pin-on-disc testing where a stationary pin is pressed against a rotating disc under a load to simulate different wear modes. Other techniques involve characterizing coatings through hardness testing or evaluating coatings and materials in actual machining tests on equipment. Selecting the appropriate wear test depends on factors like the contact conditions and environment being simulated.
This document provides details on calculating various losses that occur in high voltage underground power cables, including dielectric losses, conductor losses, and sheath losses. It presents formulas to calculate voltage-dependent and current-dependent dielectric losses, as well as ohmic conductor losses and sheath eddy current and circulating current losses. The document also provides methods to calculate cable parameters like inductance, impedance, and mutual impedances between conductors and screen. It describes using these calculations and ETAP modeling to analyze losses in an existing 33kV cable network and determine that installing VAR compensators could reduce total daily power losses by approximately 2471 kW.
The document summarizes a study on the effect of adding nano titanium dioxide (TiO2) particles to a chitosan polymer matrix on the mechanical properties of the resulting nanocomposite. Chitosan films doped with various concentrations of nano TiO2, from 1% to 50%, were prepared by solution casting. The tensile strength, stiffness, and Young's modulus of the nanocomposites were then tested and compared to the neat chitosan film. The results showed that doping with 10% nano TiO2 increased the tensile strength over the neat film, but other concentrations generally decreased the mechanical properties compared to neat chitosan.
This document describes a web application that can automatically generate Entity Relationship (ER) diagrams. It takes entity, attribute, and relationship details as input from the user and outputs an ER diagram. The proposed system has a 3-module architecture: 1) it accepts input from the user, 2) generates the ER diagram automatically based on the input, and 3) stores the output diagram. Experimental results demonstrate how diagrams are generated at different levels of complexity based on filtering of the input details. The automated generation of ER diagrams using this web application makes the process easier for users compared to traditional manual tools.
Schedulability Analysis for a Combination of Non-Preemptive Strict Periodic T...IOSR Journals
This document discusses schedulability analysis for a combination of non-preemptive strict periodic tasks and preemptive sporadic tasks under fixed priority scheduling. It first reviews related work and defines the task models. It then presents a necessary and sufficient schedulability condition for non-preemptive strict periodic tasks and characterizes the transient and permanent phases of their schedule. Finally, it shows that the worst-case release times for sporadic tasks, from which their worst-case response times can be computed, occur only during the permanent phase of the strict periodic tasks.
This document summarizes a research paper on controlling a mobile robot using brain waves (EEG) detected by an electrode cap worn by the user. It discusses how EEG signals are analyzed to extract features related to different mental tasks. Machine learning classifiers are then used to translate the EEG features into commands to control the robot in real-time. The goal is to develop a system that can assist disabled people by controlling devices independently using only their brain activity.
The document describes a method for image fusion and optimization using stationary wavelet transform and particle swarm optimization. It summarizes that image fusion combines information from multiple images to extract relevant information. The proposed method uses stationary wavelet transform for image decomposition and particle swarm optimization to optimize the fused results. It applies stationary wavelet transform to source images to decompose them into wavelet coefficients. Particle swarm optimization is then used to optimize the transformed images. The inverse stationary wavelet transform is applied to the optimized coefficients to generate the fused image. The method is tested on various images and performance is evaluated using metrics like peak signal-to-noise ratio, entropy, mean square error and standard deviation.
This document summarizes the technical progress in speech recognition over the past few decades. It discusses the key components of a speech recognition system including speech analysis, feature extraction, language translation, and message understanding. The document also outlines the main challenges in speech recognition like variability in context, environmental conditions, speakers, and audio quality. Furthermore, it covers different types of speech recognition systems and their applications in various sectors such as education, medicine, transportation and more. The document concludes with an overview of the major approaches to speech recognition including acoustic-phonetic, pattern recognition, and artificial intelligence and discusses popular feature extraction methods used.
This document summarizes a survey on balancing network load using geographic hash tables. It discusses how geographic hash tables are used to store and retrieve data from nodes in a wireless network. Two approaches to balancing the network load are proposed: 1) An analytical approach that adds new nodes to servers when load exceeds thresholds. 2) A heuristic approach that moves data between nodes to prevent any single node from receiving too many requests. The approaches aim to extend network life by distributing load more evenly without changing underlying georouting protocols.
This document describes an experimental and numerical study of a steel bridge model through vibration testing. Sensors were used to measure vibrations from the model when excited by a moving car model. Data was acquired and analyzed using LabVIEW software to determine modal frequencies and mode shapes. A finite element model of the bridge was also created in ANSYS software and results were compared. The goal was to evaluate vibration properties of the bridge and test sensor technology for structural health monitoring.
This document discusses how cloud computing has influenced e-commerce businesses. It defines cloud computing and notes that it allows organizations to conduct business without developing their own IT infrastructure. E-commerce gives flexibility to sell products online without a physical storefront. There are five elements involved in e-commerce activities in cloud computing: customers, suppliers, banks, e-commerce companies, and cloud service providers. Cloud computing benefits e-commerce by making infrastructure and software accessible in a pay-as-you-go model, reducing costs and allowing businesses to focus on their core operations.
The document proposes a method for grouping files and allocating jobs using server scheduling to balance load. It involves splitting a server into multiple sub-servers. The performance of client machines is analyzed based on factors like processing speed, bandwidth, and memory usage. Jobs are then assigned to sub-servers based on these performance analyses, with the goal of completing all tasks quickly. Once tasks are complete, files are distributed to the respective client machines. The proposed method aims to reduce the workload on servers and improve response times compared to the existing system.
Ethnobotanical Euphorbian plants of North Maharashtra RegionIOSR Journals
Euphorbiaceae is among the large flowering plant families consisting of a wide variety of vegetative
forms. Some of which plants are of great importance, It is need to explore traditional medicinal knowledge of
plant materials belonging to various genera of Euphorbiaceae available in North Maharashtra State. Plants
have always been the source of food, medicine and other necessities of life since the origin of human being.
Plant containing ethnomedicinal properties have been known and used in some forms or other tribal
communities of Satpuda region. These tribal have their own system of Ethnomedicine for the treatment of
different ailments. In the course of survey useful Euphorbian plants of Satpuda, 34 medicinal plants belonging
to 18 genus is documented. This article reports their botanical identity, family name, local language name part
used preparations and doses, if any. It is observed that tribes of this region uses various Euphorbian plant in
the form of decoction, infusion, extract, paste, powder etc. Thus the knowledge area of this region with respect
to ethnomedicine would be useful for botanist, pharmacologist and phytochemist for further explorations. It is
concluded that the family is a good starting point for the search for plant-based medicines.
This document presents a new approach for human identification using sclera recognition. It begins with background on sclera and challenges with sclera recognition. It then describes the proposed methodology which includes sclera segmentation, feature extraction using Gabor filtering, and recognition using Bayesian classification. Experimental results show the false accept and reject rates for the approach. It concludes that sclera recognition is promising for human identification and can achieve accuracy comparable to iris recognition in visible light. The proposed approach uses Bayesian classification for recognition, which is more effective than previous matching score methods.
Auxin induced germination and plantlet regeneration via Rhizome section cultu...IOSR Journals
1) The study developed a protocol for propagating the vulnerable medicinal orchid Spiranthes sinensis using rhizome section culture.
2) Rhizome sections were cultured on different concentrations of growth hormones including IBA, IAA, NAA, GA3, and cytokinin.
3) IBA at 100 ppm and GA3 at 500 ppm favored good germination and bud formation from the rhizome sections, with 100% and 90% survival rates respectively. The plantlets grew to 0.6 cm and 1.0 cm in length respectively.
OSPCV: Off-line Signature Verification using Principal Component VariancesIOSR Journals
This document presents an offline signature verification system called OSPCV (Offline Signature Verification using Principal Component Variances) that analyzes two features - pixel density and center of gravity distance. It describes the related work in signature verification, the proposed OSPCV algorithm, and experimental results showing it provides a notable improvement over existing systems. The OSPCV system overcomes intra-signature and inter-signature variations to produce a better equal error rate for differentiating genuine versus forged signatures.
This document discusses cooperative spectrum sensing in cognitive radio networks to improve energy efficiency and throughput. It proposes deriving the optimal number of cooperating cognitive radios under two scenarios: 1) minimizing radios needed for a given detection performance to maximize energy efficiency, and 2) maximizing throughput by optimizing the reporting time given a detection constraint. Computer simulations show that an OR fusion rule outperforms AND in both scenarios using fewer radios.
This document summarizes a presentation on fault detection in the Advanced Encryption Standard (AES) algorithm. It begins with an introduction to AES, which is a symmetric key algorithm that operates on 128-bit blocks using 128, 192, or 256-bit keys. It then discusses related work on improving AES performance and fault detection. The proposed system describes the AES algorithm and its transformations in more detail. A fault detection scheme is proposed that calculates parities of blocks in the AES S-box and inverse S-box. Implementation results show the proposed scheme achieves high error coverage for single and multiple faults with low area and delay costs.
Arm recognition encryption by using aes algorithmeSAT Journals
Abstract To provide the security of the Military confidential data we use encryption algorithm which take over reward of superior encryption algorithm. The proposed implementation using encryption algorithm was implemented on ARM 7 to encrypt and decrypt the confidential data on data storage devices such as SD card or Pen drive. The main objective of proposed implementation is to provide protection for storage devices. The ARM and encryption algorithm protect the data accessibility, reliability and privacy successfully. Since (AES) Advanced Encryption Standard algorithm is widely used in an embedded system or fixed organization. These AES algorithms are used for proper designs in defense for security. Keywords: Plain text, Cipher text, Data security, AES, Embedded System.ARM, storage device.
A High Throughput CFA AES S-Box with Error Correction CapabilityIOSR Journals
The document describes a proposed method for implementing a fault tolerant Advanced Encryption Standard (AES) using a Hamming error correction code. AES operates by performing rounds of transformations on blocks of data, with the most complex step being the SubBytes transformation which involves calculating multiplicative inverses in GF(28). The proposed method uses composite field arithmetic to more efficiently calculate these inverses. It also applies a (12,8) Hamming error correction code to each byte before and after processing to detect and correct single bit errors caused by radiation events, improving reliability for satellite communications. The parity check bits for the Hamming code are precalculated and stored for the AES S-box lookup tables.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A design of a fast parallel pipelined implementation of aes advanced encrypti...ijcsit
The Advanced Encryption Standard (AES) algorithm is a symmetric block cipher which operates on a
sequence of blocks each consists of 128, 192 or 256 bits. Moreover, the cipher key for the AES algorithm is
a sequence of 128, 192 or 256 bits. AES algorithm has many sources of parallelism. In this paper, a design
of parallel AES on the multiprocessor platform is presented. While most of the previous designs either use
pipelined parallelization or take advantage of the Mix_Column parallelization, our design is based on
combining pipelining of rounds and parallelization of Mix_Column and Add_Round_Key transformations.
This model is divided into two levels: the first is pipelining different rounds, while the second is through
parallelization of both the Add_Round_Key and the Mix_Column transformations. Previous work proposed
for pipelining AES algorithm was based on using nine stages, while, we propose the use of eleven stages in
order to exploit the sources of parallelism in both initial and final round. This enhances the system
performance compared to previous designs. Using two-levels of parallelization benefits from the highly
independency of Add_Round_Key and Mix_Column/ Inv_Mix_Colum transformations. The analysis shows
that the parallel implementation of the AES achieves a better performance. The analysis shows that using
pipeline increases significantly the degree of improvement for both encryption and decryption by
approximately 95%. Moreover, parallelizing Add_Round_Key and Mix_Column/ Inv_Mix_Column
transformations increases the degree of improvement by approximately 98%. This leads to the conclusion
that the proposed design is scalable and is suitable for real-time applications
FPGA Implementation of A New Chien Search Block for Reed-Solomon Codes RS (25...IJERA Editor
The Reed-Solomon codes RS are widely used in communication systems, in particular forming part of the specification for the ETSI digital terrestrial television standard. In this paper a simple algorithm for error detection in the Chien Search block is proposed. This algorithm is based on a simple factorization of the error locator polynomial, which allows reducing the number of components required to implement the proposed algorithm on FPGA board. Consequently, it reduces the power consumption with a percentage which can reach 50 % compared to the basic RS decoder. First, we developed the design of Chien Search Block Second, we generated and simulated the hardware description language source code using Quartus software tools,finally we implemented the proposed algorithm of Chien search block for Reed-Solomon codesRS (255, 239) on FPGA board to show both the reduced hardware resources and low complexity compared to the basic algorithm.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Design and Implementation of Area Efficiency AES Algoritham with FPGA and ASIC,paperpublications3
Abstract: A public domain encryption standard is subject to continuous, vigilant, expert cryptanalysis. AES is a symmetric encryption algorithm processing data in block of 128 bits. Under the influence of a key, a 128-bit block is encrypted by transforming it in a unique way into a new block of the same size. To implement AES Rijndael algorithm on FPGA using Verilog and synthesis using Xilinx, Plain text of 128 bit data is considered for encryption using Rijndael algorithm utilizing key. This encryption method is versatile used for military applications. The same key is used for decryption to recover the original 128 bit plain text. For high speed applications, the Non LUT based implementation of AES S-box and inverse S-box is preferred. Development of physical design of AES-128 bit is done using cadence SoC encounter. Performance evaluation of the physical design with respect to area, power, and time has been done. The core consumes 10.11 mW of power for the core area of 330100.742 μm2.
Keywords: Encryption, Decryption Rijndael algorithm, FPGA implementation, Physical Design.
This document discusses a proposed design for secure military communications using AES encryption with Vedic mathematics, OFDM modulation, and QPSK. Specifically, it proposes using AES to encrypt data, applying Vedic math techniques to improve efficiency during the MixColumns step. The encrypted data would then be modulated using OFDM and QPSK to provide high throughput communication. Key aspects of the design include AES encryption/decryption, OFDM using QPSK and an IFFT/FFT, and applying Vedic math during AES encryption to reduce complexity and power consumption for military applications.
This document describes the implementation of the AES (Advanced Encryption Standard) algorithm using a fully pipelined design on an FPGA. It first provides background on the AES algorithm, including its key components and previous hardware implementations. It then details the proposed fully pipelined design, which implements each of AES's 10 rounds as separate pipeline stages to achieve high throughput. Key generation is also pipelined internally. Simulation results show the design achieves a throughput higher than previous reported implementations.
The document proposes modifications to the Advanced Encryption Standard (AES) algorithm to improve security. It describes encrypting the AES key using 1D logistic chaos equations, cross chaos equations, and a combination of both. These modified AES algorithms were tested on images and found to take slightly longer than standard AES but provide greater security since the key is further encrypted with chaotic processes. The dual variation using both 1D logistic and cross chaos encryption of the key was the most secure but also the slowest algorithm.
The document proposes modifications to the Advanced Encryption Standard (AES) algorithm by encrypting the encryption key using chaotic equations prior to encryption. Three variations are proposed: 1) using a 1-D logistic chaos equation to encrypt the key, 2) using a cross-chaos equation to encrypt the key, and 3) combining the 1-D logistic and cross-chaos equations to encrypt the key. The variations increase security but require more processing time compared to the standard AES algorithm. Analysis shows the dual variation using both chaotic equations provides the highest security despite a small increase in processing time.
Design and Implementation of Area Efficiency AES Algoritham with FPGA and ASICpaperpublications3
Abstract: A public domain encryption standard is subject to continuous, vigilant, expert cryptanalysis. AES is a symmetric encryption algorithm processing data in block of 128 bits. Under the influence of a key, a 128-bit block is encrypted by transforming it in a unique way into a new block of the same size. To implement AES Rijndael algorithm on FPGA using Verilog and synthesis using Xilinx, Plain text of 128 bit data is considered for encryption using Rijndael algorithm utilizing key. This encryption method is versatile used for military applications. The same key is used for decryption to recover the original 128 bit plain text. For high speed applications, the Non LUT based implementation of AES S-box and inverse S-box is preferred. Development of physical design of AES-128 bit is done using cadence SoC encounter. Performance evaluation of the physical design with respect to area, power, and time has been done. The core consumes 10.11 mW of power for the core area of 330100.742 μm2.
Implementation and Design of AES S-Box on FPGAIJRES Journal
The Advanced Encryption Standard can be programmed in software or built with pure hardware. However Field Programmable Gate Arrays (FPGAs) offer a quicker, more customizable solution. This research investigates the AES algorithm with regard to FPGA and the Very High Speed Integrated Circuit Hardware Description language (VHDL). Xilinx Design Suite 14.5 software is used for simulation and optimization of the synthesizable VHDL code. All the transformations of both Encryptions is simulated using an iterative design approach in order to minimize the hardware consumption. Virtex 6 Family devices are utilized for hardware evaluation. Advanced Encryption Standard (AES) is one of the most common symmetric encryption algorithms. The hardware complexity in AES is dominated by AES substitution box (S-box) which is considered as one of the most complicated and costly part of the system because it is the only non-linear structure. Theoretically, the design reduces the overall delay and efficiently for applications with high-speed performance. This approach is suitable for FPGA implementation in term of gate area. The hardware, total area and delay are presented.
This paper presents 16 software implementations of the Advanced Encryption Standard (AES) cipher mapped to a fine-grained many-core processor array. The implementations explore different levels of data and task parallelism. The smallest design uses 6 cores for offline key expansion and 8 cores for online expansion, while the largest uses 107 and 137 cores respectively. Compared to other software platforms, the designs achieve 3.5-15.6 times higher throughput per chip area and 8.2-18.1 times higher energy efficiency.
High throughput FPGA Implementation of Advanced Encryption Standard AlgorithmTELKOMNIKA JOURNAL
The growth of computer systems and electronic communications and transactions has meant that the need for effective security and reliability of data communication, processing and storage is more important than ever. In this context, cryptography is a high priority research area in engineering. The Advanced Encryption Standard (AES) is a symmetric-key criptographic algorithm for protecting sensitive information and is one of the most widely secure and used algorithm today. High-throughput, low power and compactness have always been topic of interest for implementing this type of algorithm. In this paper, we are interested on the development of high throughput architecture and implementation of AES algorithm, using the least amount of hardware possible. We have adopted a pipeline approach in order to reduce the critical path and achieve competitive performances in terms of throughput and efficiency. This approach is effectively tested on the AES S-Box substitution. The latter is a complex transformation and the key point to improve architecture performances. Considering the high delay and hardware required for this transformation, we proposed 7-stage pipelined S-box by using composite field in order to deal with the critical path and the occupied area resources. In addition, efficient AES key expansion architecture suitable for our proposed pipelined AES is presented. The implementation had been successfully done on Virtex-5 XC5VLX85 and Virtex-6 XC6VLX75T Field Programmable Gate Array (FPGA) devices using Xilinx ISE v14.7. Our AES design achieved a data encryption rate of 108.69 Gbps and used only 6361 slices ressource. Compared to the best previous work, this implementation improves data throughput by 5.6% and reduces the used slices to 77.69%.
VLSI ARCHITECTURE FOR NANO WIRE BASED ADVANCED ENCRYPTION STANDARD (AES) WITH...VLSICS Design
Advanced Encryption Standard (AES) Algorithm has been extensively applied in the present financial
applications. Sub-channel attacks are one of the main problems occurred n the AES Algorithm.
Asynchronous AES Architecture is one of the leading solutions of the sub-channel attacks due to its natural
properties. The AES architecture with the enhanced mix column to be proposed with reduced number of
transistor counts.. Then, the Verilog A modeling is used to evaluate the performance of the proposed AES
Architecture. Finally, the VLSI Implementations of the AES Processor is implemented with CMOS
technology 0.25 µm. By using the net list generations, the proposed AES Architecture is analyzed regarding
the VLSI design environment. The simulation results of the proposed structure are performed with the
minimum number of transistor counts as well as power utilizations. Moreover, the proposed CMOS
technology based AES Algorithm is integrated into the backend based chip technology.
VLSI Architecture for Nano Wire Based Advanced Encryption Standard (AES) with...VLSICS Design
Advanced Encryption Standard (AES) Algorithm has been extensively applied in the present financial applications. Sub-channel attacks are one of the main problems occurred n the AES Algorithm. Asynchronous AES Architecture is one of the leading solutions of the sub-channel attacks due to its natural properties. The AES architecture with the enhanced mix column to be proposed with reduced number of transistor counts.. Then, the Verilog A modeling is used to evaluate the performance of the proposed AES Architecture. Finally, the VLSI Implementations of the AES Processor is implemented with CMOS technology 0.25 µm. By using the net list generations, the proposed AES Architecture is analyzed regarding the VLSI design environment. The simulation results of the proposed structure are performed with the minimum number of transistor counts as well as power utilizations. Moreover, the proposed CMOS technology based AES Algorithm is integrated into the backend based chip technology.
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...zaidinvisible
This document summarizes a study that proposes enhancing the Advanced Encryption Standard (AES) algorithm by using an intelligent Blum-Blum-Shub (BBS) pseudo-random number generator to generate the initial encryption key. The AES algorithm is described along with its standard steps of sub-bytes, shift rows, mix columns, and add round key. Issues with the security of AES's public key are discussed. The study then introduces BBS and Iterated Local Search (ILS) metaheuristics and describes how combining them can generate strong cryptographic keys. An example is provided to demonstrate encrypting a message with the enhanced AES approach using an intelligent BBS-generated key. The study concludes the method increases encryption efficiency and
Aes cryptography algorithm based on intelligent blum blum-shub prn gszaidinvisible
This document summarizes a study that proposes enhancing the Advanced Encryption Standard (AES) algorithm by using an intelligent Blum-Blum-Shub (BBS) pseudo-random number generator to generate the initial encryption key. The AES algorithm is described along with its standard steps of sub-bytes, shift rows, mix columns, and add round key. Traditional BBS and an improved BBS that uses an iterated local search technique are also introduced. The proposed approach generates strong cryptographic keys using intelligent BBS to improve the security of the AES algorithm compared to using a standard key. Simulation results demonstrate encrypting a message with the enhanced AES algorithm using an intelligent BBS-generated key.
Similar to Fault Detection Technique for Compact AES Design (20)
This document provides a technical review of secure banking using RSA and AES encryption methodologies. It discusses how RSA and AES are commonly used encryption standards for secure data transmission between ATMs and bank servers. The document first provides background on ATM security measures and risks of attacks. It then reviews related work analyzing encryption techniques. The document proposes using a one-time password in addition to a PIN for ATM authentication. It concludes that implementing encryption standards like RSA and AES can make transactions more secure and build trust in online banking.
This document analyzes the performance of various modulation schemes for achieving energy efficient communication over fading channels in wireless sensor networks. It finds that for long transmission distances, low-order modulations like BPSK are optimal due to their lower SNR requirements. However, as transmission distance decreases, higher-order modulations like 16-QAM and 64-QAM become more optimal since they can transmit more bits per symbol, outweighing their higher SNR needs. Simulations show lifetime extensions up to 550% are possible in short-range networks by using higher-order modulations instead of just BPSK. The optimal modulation depends on transmission distance and balancing the energy used by electronic components versus power amplifiers.
This document provides a review of mobility management techniques in vehicular ad hoc networks (VANETs). It discusses three modes of communication in VANETs: vehicle-to-infrastructure (V2I), vehicle-to-vehicle (V2V), and hybrid vehicle (HV) communication. For each communication mode, different mobility management schemes are required due to their unique characteristics. The document also discusses mobility management challenges in VANETs and outlines some open research issues in improving mobility management for seamless communication in these dynamic networks.
This document provides a review of different techniques for segmenting brain MRI images to detect tumors. It compares the K-means and Fuzzy C-means clustering algorithms. K-means is an exclusive clustering algorithm that groups data points into distinct clusters, while Fuzzy C-means is an overlapping clustering algorithm that allows data points to belong to multiple clusters. The document finds that Fuzzy C-means requires more time for brain tumor detection compared to other methods like hierarchical clustering or K-means. It also reviews related work applying these clustering algorithms to segment brain MRI images.
1) The document simulates and compares the performance of AODV and DSDV routing protocols in a mobile ad hoc network under three conditions: when users are fixed, when users move towards the base station, and when users move away from the base station.
2) The results show that both protocols have higher packet delivery and lower packet loss when users are either fixed or moving towards the base station, since signal strength is better in those scenarios. Performance degrades when users move away from the base station due to weaker signals.
3) AODV generally has better performance than DSDV, with higher throughput and packet delivery rates observed across the different user mobility conditions.
This document describes the design and implementation of 4-bit QPSK and 256-bit QAM modulation techniques using MATLAB. It compares the two techniques based on SNR, BER, and efficiency. The key steps of implementing each technique in MATLAB are outlined, including generating random bits, modulation, adding noise, and measuring BER. Simulation results show scatter plots and eye diagrams of the modulated signals. A table compares the results, showing that 256-bit QAM provides better performance than 4-bit QPSK. The document concludes that QAM modulation is more effective for digital transmission systems.
The document proposes a hybrid technique using Anisotropic Scale Invariant Feature Transform (A-SIFT) and Robust Ensemble Support Vector Machine (RESVM) to accurately identify faces in images. A-SIFT improves upon traditional SIFT by applying anisotropic scaling to extract richer directional keypoints. Keypoints are processed with RESVM and hypothesis testing to increase accuracy above 95% by repeatedly reprocessing images until the threshold is met. The technique was tested on similar and different facial images and achieved better results than SIFT in retrieval time and reduced keypoints.
This document studies the effects of dielectric superstrate thickness on microstrip patch antenna parameters. Three types of probes-fed patch antennas (rectangular, circular, and square) were designed to operate at 2.4 GHz using Arlondiclad 880 substrate. The antennas were tested with and without an Arlondiclad 880 superstrate of varying thicknesses. It was found that adding a superstrate slightly degraded performance by lowering the resonant frequency and increasing return loss and VSWR, while decreasing bandwidth and gain. Specifically, increasing the superstrate thickness or dielectric constant resulted in greater changes to the antenna parameters.
This document describes a wireless environment monitoring system that utilizes soil energy as a sustainable power source for wireless sensors. The system uses a microbial fuel cell to generate electricity from the microbial activity in soil. Two microbial fuel cells were created using different soil types and various additives to produce different current and voltage outputs. An electronic circuit was designed on a printed circuit board with components like a microcontroller and ZigBee transceiver. Sensors for temperature and humidity were connected to the circuit to monitor the environment wirelessly. The system provides a low-cost way to power remote sensors without needing battery replacement and avoids the high costs of wiring a power source.
1) The document proposes a model for a frequency tunable inverted-F antenna that uses ferrite material.
2) The resonant frequency of the antenna can be significantly shifted from 2.41GHz to 3.15GHz, a 31% shift, by increasing the static magnetic field placed on the ferrite material.
3) Altering the permeability of the ferrite allows tuning of the antenna's resonant frequency without changing the physical dimensions, providing flexibility to operate over a wide frequency range.
This document summarizes a research paper that presents a speech enhancement method using stationary wavelet transform. The method first classifies speech into voiced, unvoiced, and silence regions based on short-time energy. It then applies different thresholding techniques to the wavelet coefficients of each region - modified hard thresholding for voiced speech, semi-soft thresholding for unvoiced speech, and setting coefficients to zero for silence. Experimental results using speech from the TIMIT database corrupted with white Gaussian noise at various SNR levels show improved performance over other popular denoising methods.
This document reviews the design of an energy-optimized wireless sensor node that encrypts data for transmission. It discusses how sensing schemes that group nodes into clusters and transmit aggregated data can reduce energy consumption compared to individual node transmissions. The proposed node design calculates the minimum transmission power needed based on received signal strength and uses a periodic sleep/wake cycle to optimize energy when not sensing or transmitting. It aims to encrypt data at both the node and network level to further optimize energy usage for wireless communication.
This document discusses group consumption modes. It analyzes factors that impact group consumption, including external environmental factors like technological developments enabling new forms of online and offline interactions, as well as internal motivational factors at both the group and individual level. The document then proposes that group consumption modes can be divided into four types based on two dimensions: vertical (group relationship intensity) and horizontal (consumption action period). These four types are instrument-oriented, information-oriented, enjoyment-oriented, and relationship-oriented consumption modes. Finally, the document notes that consumption modes are dynamic and can evolve over time.
The document summarizes a study of different microstrip patch antenna configurations with slotted ground planes. Three antenna designs were proposed and their performance evaluated through simulation: a conventional square patch, an elliptical patch, and a star-shaped patch. All antennas were mounted on an FR4 substrate. The effects of adding different slot patterns to the ground plane on resonance frequency, bandwidth, gain and efficiency were analyzed parametrically. Key findings were that reshaping the patch and adding slots increased bandwidth and shifted resonance frequency. The elliptical and star patches in particular performed better than the conventional design. Three antenna configurations were selected for fabrication and measurement based on the simulations: a conventional patch with a slot under the patch, an elliptical patch with slots
1) The document describes a study conducted to improve call drop rates in a GSM network through RF optimization.
2) Drive testing was performed before and after optimization using TEMS software to record network parameters like RxLevel, RxQuality, and events.
3) Analysis found call drops were occurring due to issues like handover failures between sectors, interference from adjacent channels, and overshooting due to antenna tilt.
4) Corrective actions taken included defining neighbors between sectors, adjusting frequencies to reduce interference, and lowering the mechanical tilt of an antenna.
5) Post-optimization drive testing showed improvements in RxLevel, RxQuality, and a reduction in dropped calls.
This document describes the design of an intelligent autonomous wheeled robot that uses RF transmission for communication. The robot has two modes - automatic mode where it can make its own decisions, and user control mode where a user can control it remotely. It is designed using a microcontroller and can perform tasks like object recognition using computer vision and color detection in MATLAB, as well as wall painting using pneumatic systems. The robot's movement is controlled by DC motors and it uses sensors like ultrasonic sensors and gas sensors to navigate autonomously. RF transmission allows communication between the robot and a remote control unit. The overall aim is to develop a low-cost robotic system for industrial applications like material handling.
This document reviews cryptography techniques to secure the Ad-hoc On-Demand Distance Vector (AODV) routing protocol in mobile ad-hoc networks. It discusses various types of attacks on AODV like impersonation, denial of service, eavesdropping, black hole attacks, wormhole attacks, and Sybil attacks. It then proposes using the RC6 cryptography algorithm to secure AODV by encrypting data packets and detecting and removing malicious nodes launching black hole attacks. Simulation results show that after applying RC6, the packet delivery ratio and throughput of AODV increase while delay decreases, improving the security and performance of the network under attack.
The document describes a proposed modification to the conventional Booth multiplier that aims to increase its speed by applying concepts from Vedic mathematics. Specifically, it utilizes the Urdhva Tiryakbhyam formula to generate all partial products concurrently rather than sequentially. The proposed 8x8 bit multiplier was coded in VHDL, simulated, and found to have a path delay 44.35% lower than a conventional Booth multiplier, demonstrating its potential for higher speed.
This document discusses image deblurring techniques. It begins by introducing image restoration and focusing on image deblurring. It then discusses challenges with image deblurring being an ill-posed problem. It reviews existing approaches to screen image deconvolution including estimating point spread functions and iteratively estimating blur kernels and sharp images. The document also discusses handling spatially variant blur and summarizes the relationship between the proposed method and previous work for different blur types. It proposes using color filters in the aperture to exploit parallax cues for segmentation and blur estimation. Finally, it proposes moving the image sensor circularly during exposure to prevent high frequency attenuation from motion blur.
This document describes modeling an adaptive controller for an aircraft roll control system using PID, fuzzy-PID, and genetic algorithm. It begins by introducing the aircraft roll control system and motivation for developing an adaptive controller to minimize errors from noisy analog sensor signals. It then provides the mathematical model of aircraft roll dynamics and describes modeling the real-time flight control system in MATLAB/Simulink. The document evaluates PID, fuzzy-PID, and PID-GA (genetic algorithm) controllers for aircraft roll control and finds that the PID-GA controller delivers the best performance.
Microbial interaction
Microorganisms interacts with each other and can be physically associated with another organisms in a variety of ways.
One organism can be located on the surface of another organism as an ectobiont or located within another organism as endobiont.
Microbial interaction may be positive such as mutualism, proto-cooperation, commensalism or may be negative such as parasitism, predation or competition
Types of microbial interaction
Positive interaction: mutualism, proto-cooperation, commensalism
Negative interaction: Ammensalism (antagonism), parasitism, predation, competition
I. Mutualism:
It is defined as the relationship in which each organism in interaction gets benefits from association. It is an obligatory relationship in which mutualist and host are metabolically dependent on each other.
Mutualistic relationship is very specific where one member of association cannot be replaced by another species.
Mutualism require close physical contact between interacting organisms.
Relationship of mutualism allows organisms to exist in habitat that could not occupied by either species alone.
Mutualistic relationship between organisms allows them to act as a single organism.
Examples of mutualism:
i. Lichens:
Lichens are excellent example of mutualism.
They are the association of specific fungi and certain genus of algae. In lichen, fungal partner is called mycobiont and algal partner is called
II. Syntrophism:
It is an association in which the growth of one organism either depends on or improved by the substrate provided by another organism.
In syntrophism both organism in association gets benefits.
Compound A
Utilized by population 1
Compound B
Utilized by population 2
Compound C
utilized by both Population 1+2
Products
In this theoretical example of syntrophism, population 1 is able to utilize and metabolize compound A, forming compound B but cannot metabolize beyond compound B without co-operation of population 2. Population 2is unable to utilize compound A but it can metabolize compound B forming compound C. Then both population 1 and 2 are able to carry out metabolic reaction which leads to formation of end product that neither population could produce alone.
Examples of syntrophism:
i. Methanogenic ecosystem in sludge digester
Methane produced by methanogenic bacteria depends upon interspecies hydrogen transfer by other fermentative bacteria.
Anaerobic fermentative bacteria generate CO2 and H2 utilizing carbohydrates which is then utilized by methanogenic bacteria (Methanobacter) to produce methane.
ii. Lactobacillus arobinosus and Enterococcus faecalis:
In the minimal media, Lactobacillus arobinosus and Enterococcus faecalis are able to grow together but not alone.
The synergistic relationship between E. faecalis and L. arobinosus occurs in which E. faecalis require folic acid
Mechanisms and Applications of Antiviral Neutralizing Antibodies - Creative B...Creative-Biolabs
Neutralizing antibodies, pivotal in immune defense, specifically bind and inhibit viral pathogens, thereby playing a crucial role in protecting against and mitigating infectious diseases. In this slide, we will introduce what antibodies and neutralizing antibodies are, the production and regulation of neutralizing antibodies, their mechanisms of action, classification and applications, as well as the challenges they face.
Describing and Interpreting an Immersive Learning Case with the Immersion Cub...Leonel Morgado
Current descriptions of immersive learning cases are often difficult or impossible to compare. This is due to a myriad of different options on what details to include, which aspects are relevant, and on the descriptive approaches employed. Also, these aspects often combine very specific details with more general guidelines or indicate intents and rationales without clarifying their implementation. In this paper we provide a method to describe immersive learning cases that is structured to enable comparisons, yet flexible enough to allow researchers and practitioners to decide which aspects to include. This method leverages a taxonomy that classifies educational aspects at three levels (uses, practices, and strategies) and then utilizes two frameworks, the Immersive Learning Brain and the Immersion Cube, to enable a structured description and interpretation of immersive learning cases. The method is then demonstrated on a published immersive learning case on training for wind turbine maintenance using virtual reality. Applying the method results in a structured artifact, the Immersive Learning Case Sheet, that tags the case with its proximal uses, practices, and strategies, and refines the free text case description to ensure that matching details are included. This contribution is thus a case description method in support of future comparative research of immersive learning cases. We then discuss how the resulting description and interpretation can be leveraged to change immersion learning cases, by enriching them (considering low-effort changes or additions) or innovating (exploring more challenging avenues of transformation). The method holds significant promise to support better-grounded research in immersive learning.
(June 12, 2024) Webinar: Development of PET theranostics targeting the molecu...Scintica Instrumentation
Targeting Hsp90 and its pathogen Orthologs with Tethered Inhibitors as a Diagnostic and Therapeutic Strategy for cancer and infectious diseases with Dr. Timothy Haystead.
TOPIC OF DISCUSSION: CENTRIFUGATION SLIDESHARE.pptxshubhijain836
Centrifugation is a powerful technique used in laboratories to separate components of a heterogeneous mixture based on their density. This process utilizes centrifugal force to rapidly spin samples, causing denser particles to migrate outward more quickly than lighter ones. As a result, distinct layers form within the sample tube, allowing for easy isolation and purification of target substances.
Signatures of wave erosion in Titan’s coastsSérgio Sacani
The shorelines of Titan’s hydrocarbon seas trace flooded erosional landforms such as river valleys; however, it isunclear whether coastal erosion has subsequently altered these shorelines. Spacecraft observations and theo-retical models suggest that wind may cause waves to form on Titan’s seas, potentially driving coastal erosion,but the observational evidence of waves is indirect, and the processes affecting shoreline evolution on Titanremain unknown. No widely accepted framework exists for using shoreline morphology to quantitatively dis-cern coastal erosion mechanisms, even on Earth, where the dominant mechanisms are known. We combinelandscape evolution models with measurements of shoreline shape on Earth to characterize how differentcoastal erosion mechanisms affect shoreline morphology. Applying this framework to Titan, we find that theshorelines of Titan’s seas are most consistent with flooded landscapes that subsequently have been eroded bywaves, rather than a uniform erosional process or no coastal erosion, particularly if wave growth saturates atfetch lengths of tens of kilometers.
Discovery of An Apparent Red, High-Velocity Type Ia Supernova at 𝐳 = 2.9 wi...Sérgio Sacani
We present the JWST discovery of SN 2023adsy, a transient object located in a host galaxy JADES-GS
+
53.13485
−
27.82088
with a host spectroscopic redshift of
2.903
±
0.007
. The transient was identified in deep James Webb Space Telescope (JWST)/NIRCam imaging from the JWST Advanced Deep Extragalactic Survey (JADES) program. Photometric and spectroscopic followup with NIRCam and NIRSpec, respectively, confirm the redshift and yield UV-NIR light-curve, NIR color, and spectroscopic information all consistent with a Type Ia classification. Despite its classification as a likely SN Ia, SN 2023adsy is both fairly red (
�
(
�
−
�
)
∼
0.9
) despite a host galaxy with low-extinction and has a high Ca II velocity (
19
,
000
±
2
,
000
km/s) compared to the general population of SNe Ia. While these characteristics are consistent with some Ca-rich SNe Ia, particularly SN 2016hnk, SN 2023adsy is intrinsically brighter than the low-
�
Ca-rich population. Although such an object is too red for any low-
�
cosmological sample, we apply a fiducial standardization approach to SN 2023adsy and find that the SN 2023adsy luminosity distance measurement is in excellent agreement (
≲
1
�
) with
Λ
CDM. Therefore unlike low-
�
Ca-rich SNe Ia, SN 2023adsy is standardizable and gives no indication that SN Ia standardized luminosities change significantly with redshift. A larger sample of distant SNe Ia is required to determine if SN Ia population characteristics at high-
�
truly diverge from their low-
�
counterparts, and to confirm that standardized luminosities nevertheless remain constant with redshift.
Clinical periodontology and implant dentistry 2003.pdf
Fault Detection Technique for Compact AES Design
1. IOSR Journal of Applied Chemistry (IOSR-JAC)
e-ISSN: 2278-5736.Volume 4, Issue 5 (May. – Jun. 2013), PP 15-24
www.iosrjournals.org
www.iosrjournals.org 15 | Page
Fault Detection Technique for Compact AES Design
Nahala Basheer1 ,
Ms. Nisha Lali R2 ,
Mr. Rajeev S K3
PG Scholar, ECE Department, Younus College of Engineering and TechnologyKerala
Asst. Professor ECE Department Younus College of Engineering and Technology Kerala
Head of the Department ECE Department Younus College of Engineering and Technology Kerala
Abstract: Cryptography is a method that has been developed to ensure the secrecy of messages and transfer data
securely. Advanced Encryption Standard (AES) has been made as the first choice for many critical applications
because of the high level of security and the fast hardware and software implementations, many of which are
power and resource constrained and requires reliable and efficient hardware implementations. Naturally
occurring and maliciously injected faults reduce the reliability of Advanced Encryption Standard (AES) and may
leak confidential information. In this paper, a lightweight concurrent fault detection scheme for the AES is
presented. In the proposed approach, the composite field S-box and inverse S-box are divided into blocks and the
predicted parities of these blocks are obtained. For high speed applications, S-box implementation based on
lookup tables is avoided. Instead, logic gate implementations based on composite fields are utilized. A compact
architecture for the AES Mix-columns operation and its inverse is also presented. This parity-based fault
detection scheme reaches the maximum fault coverage when compared to other methods of fault detection. The
proposed fault detection technique for AES encryption and decryption has the least area and power consumption
compared to their counterparts with similar fault detection capabilities.
Index terms: AES, composite fields, parity prediction, fault detection, S-box.
I. INTRODUCTION
The Advanced Encryption Standard (AES) has been accepted by NIST [1] as the symmetric key
standard as a replacement for the previous standards because of its good characteristics in terms of security, cost,
and efficient implementations for encryption and decryption of blocks of data. In encryption, under the influence
of a key, a 128-bit block is encrypted by transforming it in a unique way into a new block of the same size. AES
is symmetric since the same key is used for encryption and the reverse transformation, decryption. The only
secret necessary to keep for security is the key. AES may be configured to use different key-lengths, the standard
defines 3 lengths and the resulting algorithms are named AES-128, AES-192 and AES-256 respectively to
indicate the length in bits of the key. After 10 rounds, the cipher text is generated where each encryption round
(except for the final round) consists of four transformations. The four transformations of round of encryption are
explained below.
The 128 bits of input (and output) of each transformation are considered as a four by four matrix, called
state, whose entries are eight bits. Except for the last round, the first transformation in each round is the bytes
substitution, called SubBytes, which is implemented by 16 S-boxes. Shift-Rows is the second transformation in
which the four bytes of the last three rows of the input state are cyclically shifted. The third transformation is
Mixcolumns in which the columns are considered as polynomials over GF(28
) and multiplied by a fixed
polynomial. The final transformation is AddRoundKey in which a roundkey is added to the input by 128 two-
input XOR gates.
Among the transformations in the AES, the S-boxes in the encryption and the inverse S-boxes in the
decryption are alone nonlinear. Fault detection in the AES hardware implementation is important in order to
make the standard robust to the internal and malicious faults. There exists various fault detection schemes for the
AES hardware implementation. For fault detection of the encryption or decryption in AES redundant units may
be used [12], [14], where algorithm-level, round-level and operation-level concurrent error detection for the AES
is used. A number of fault detection schemes based on the error detecting codes, also exists. For high
performance AES implementations, using ROMs may not be preferable. The proposed fault detection approach
is applied to the composite field AES encryption and decryption. There exist a number of fault detection
approaches which are specific to composite field S-boxes and inverse S-boxes. In the scheme of [13], the fault
detection of the multiplicative inversion of the S-box is considered. In [12], predicted parities have been used for
the multiplicative inversion of a specific S-box using composite field and polynomial basis. Furthermore, the
transformation matrices are also considered. In [12] and [6], the composite field S-boxes and inverse S-boxes
(using polynomial basis) have been divided into sub-blocks and parity predictions are used for their fault
detection.
2. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 16 | Page
In the schemes proposed in [15] and [22], all the search space of composite fields is considered for
presenting optimum lightweight fault detection schemes. The scheme presented in [8] is for all the
transformations in the AES encryption/decryption independent of the ways these transformations are
implemented. Moreover, the scheme presented in [7] uses double-data-rate computation for counteracting the
fault attacks. Additionally, a fault detection scheme based on the Hamming and Reed-Solomon codes for
protecting the storage elements within the AES is proposed in [11]. It is also noted that, for the logic elements,
the scheme in [2] and the use of the partial duplication of the most vulnerable elements are proposed in [11].
Fig. 1. The S-box (the inverse S-box) using composite fields and polynomial basis and their fault detection blocks.
Fig. 2. The S-box (the inverse S-box) using composite fields and normal basis and their fault detection blocks.
All the S-boxes (respectively the inverse S-boxes) occupy much of the total AES encryption
(respectively decryption) area and their power consumption is around three fourths of that of the entire AES [16].
LUTs can be utilized for the AES S-boxes and inverse S-boxes in hardware implementation. This work involves
low-area implementation of the AES encryption and decryption using composite fields.
The contributions of this paper are as follows.
The S-box and the inverse S-box has been designed to obtain low power and low area.
An alternative lightweight design for both forward and inverse mixcolumns operation required in the AES
hardware implementation is also presented.
A low-cost parity-based fault detection scheme for the S-box and the inverse S-box using composite fields is
presented, for increasing the error coverage. The predicted parities of the five blocks of the S-box and the
inverse S-box are obtained (three predicted parities for the multiplicative inversion and two for the
transformation and affine matrices).
The actual parity is obtained from the blocks using XOR gates. The predicted parity is compared with the
actual parity. The error gets indicated using the error indication flag.
The proposed fault detection scheme is simulated and maximum error coverage is obtained compared to
existing methods. It is shown that the power and area of the proposed technique is least compared to the
schemes that have the same fault detection capabilities.
II. S-BOX AND INVERSE S-BOX IN COMPOSITE FIELDS
In this section, the S-box and the inverse S-box operations and their composite-field realizations are
described. The S-box and the Inverse S-box are nonlinear operations which take 8-bit inputs and generate 8-bit
outputs. In the S-box, the irreducible polynomial of P(x) = x8
+ x4
+ x3
+ x +1 is used to construct the binary
field GF(28
). Let 𝑋 = 𝑥7
𝑖=0 iαi
∈ 𝐺𝐹(28
) and 𝑌 = 𝑦7
𝑖=0 iαi
∈ 𝐺𝐹(28
) be the input and the output of the S-box,
respectively, where α is a root of P(x), i.e. P(α)=0. Then, the S-box consists of the multiplicative inversion, i.e.,
X-1
∈ GF(28
), followed by an affine transformation. Moreover, let Y-1
∈ GF(28
) and X-1
∈ GF(28
) be the input and
3. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 17 | Page
the output of the Inverse S-box, respectively. Then, the Inverse S-box consists of an inverse affine transformation
followed by the multiplicative inversion.
The composite fields can be represented using normal basis or polynomial basis. The S-box and inverse S-
box for the polynomial and normal bases are shown in Figs. 1 and 2, respectively. For the S-box using
polynomial basis (respectively normal basis), the transformation matrix ψ (respectively ψ') transforms a field
element X in the binary field GF(28
) to the corresponding representation in the composite fields GF(28
) / GF(24
).
It is noted that the result of X= ηh u+ ηl is obtained using the irreducible polynomial u2
+ τu + υ for
polynomial basis method in Fig.1 and X= η'h u16
+ η'lu is obtained using the irreducible polynomial u2
+ τ'u
+ υ for normal basis method in Fig.2.
The multiplicative inversion in Fig.1 consists of composite field multiplications, additions and an
inversion in the sub-field GF(24
) over GF(2) / x4
+ x + 1.The decomposition can be further applied to represent
GF(24
) as a linear polynomial over GF(22
) and then GF(2) using the irreducible polynomial υ2
+Ωυ+υ and
w2
+w+1, respectively. As a result, it is understood that the implementation of the multiplicative inversion can be
performed using the field represented by GF((24
)2
) or the field represented by GF(((22
)2
)2
). For normal basis, the
decomposition is performed using the irreducible polynomials of υ2
+ Ω'υ + υ' and w2
+ w + 1, respectively.
For calculating the multiplicative inversion, the most efficient choice is to let Ω = τ = 1 (Ω' = τ' = 1) in the
above irreducible polynomials. Then, the multiplicative inversion of the S-box using polynomial basis and
normal basis are respectively,
( ηh u + ηl )-1
= [(( ηh+ ηl ) + ηh
2
υ )-1
ηh] u
+ (( ηh+ ηl ) + ηh
2
υ )-1
( ηh+ ηl ) (1)
( η'h u16
+ η'l u )-1
= [( η'h η'l + (η'h
2
+ ƞ'l
2
) υ')-1
) η'h] u16
+ [( η'h η'l + (η'h
2
+ ƞ'l
2
) υ')-1
) η'l] u (2)
It is noted that one can replace ƞ(ƞ') with σ(σ') to obtain (1) and (2) for the inverse S-box.
III. MIX COLUMN IMPLEMENTATION USING POLYNOMIALS
The forward mix column transformation (in encryption process), called mix columns, operates on each
column individually. Each byte of a column is mapped into a new value that is a function of all four bytes in that
column. The transformation can be defined by the following matrix multiplication on State.
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
𝑠0,0 s0,1 𝑠0,2 𝑠0.3
𝑠1.0 𝑠1,1 𝑠1,2 𝑠1,3
𝑠2,0 𝑠2,1 𝑠2,2 𝑠2,3
𝑠3,0 𝑠3,1 𝑠3,2 𝑠3,3
=
𝑠′0,0 s′0,1 𝑠′0,2 𝑠′0.3
𝑠′1.0 𝑠′1,1 𝑠′1,2 𝑠′1,3
𝑠′2,0 𝑠′2,1 𝑠′2,2 𝑠′2,3
𝑠′3,0 𝑠′3,1 𝑠′3,2 𝑠′3,3
Each element in the product matrix is the sum of products of elements of one row and one column. In
this case, the individual additions and multiplications are performed in GF (28
). The mix columns
transformation on a single column j (0≤ j≤ 3) of State can be expressed as
𝑠′0, 𝑗 = 2 ∗ 𝑠0, 𝑗 ⊕ 3 ∗ 𝑠1, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ 𝑠3, 𝑗
𝑠′1, 𝑗 = 𝑠0, 𝑗 ⊕ 2 ∗ 𝑠1, 𝑗 ⊕(3*𝑠2, 𝑗) ⊕ 𝑠3,
𝑠′2, 𝑗 = 𝑠0, 𝑗 ⊕ 𝑠1, 𝑗 ⊕ 2 ∗ 𝑠2, 𝑗 ⊕ 3 ∗ 𝑠3, 𝑗
𝑠′3, 𝑗 = 3 ∗ 𝑠0, 𝑗 ⊕ 𝑠1, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ (2 ∗ 𝑠3, 𝑗) (3)
As mix columns only requires multiplication by {02} and {03}, which, as we have seen, involved
simple shifts, conditional XORs, and XORs. This can be implemented in a more efficient way that eliminates the
shifts and conditional XORs. Equation Set (3) shows the equations for the mix columns transformation on a
single column. Using the identity
{03} ・ x = ({02} ・ x) x, we can rewrite equation Set (3) as follows:
𝑇𝑚𝑝 = 𝑠0, 𝑗 ⊕ 𝑠1, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ 𝑠3, 𝑗
𝑠′
0, 𝑗 = 𝑠0, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ [ 2 ∗ 𝑠0, 𝑗 ⊕ 𝑠1, 𝑗 ]
𝑠′
1, 𝑗 = 𝑠1, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ [ 2 ∗ 𝑠1, 𝑗 ⊕ 𝑠2, 𝑗 ]
𝑠′
2, 𝑗 = 𝑠2, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ [ 2 ∗ 𝑠2, 𝑗 ⊕ 𝑠3, 𝑗 ]
𝑠′
3, 𝑗 = 𝑠3, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ [ 2 ∗ 𝑠3, 𝑗 ⊕ 𝑠0, 𝑗 ] (4)
Multiplication by 02 equivalents to multiply by x [2]. The gate count of this implementation (using
combinational circuits only) is as shown in fig.(4) is as follows: 8 XORs to calculate ( s0,j ⊕ s1,j) in equation
(4.1), so 32 XORs are required for the same calculations in equations 4.
Additional 8 XORs are needed to calculate Tmp. 3 XORs are required to calculate 2*(s0,j s1,j) in equation (4.1)
so we need 12 XORs for the same calculations in equations 4. Finally we need an 8 XORs (with 3 inputs) OR 16
XORs (with 2 inputs) to calculate (s’0,j) in equation (4.1), so we need 32 XORs (with 3 inputs) OR 64 XORs
(with 2 inputs) to calculate equations 4. Finally we can implement Forward mix columns transformation using
4. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 18 | Page
32+8+12+64 = 116 XORs with 2 inputs, OR (52 XORs with 2 inputs + 32 XORs with 3 inputs with total 84
XORs).
Fig. 3. Forward mix columns operation
Additional 8 XORs are needed to calculate Tmp. 3 XORs are required to calculate 2*(s0,j s1,j) in equation
(4.1) so we need 12 XORs for the same calculations in equations 4. Finally we need an 8 XORs (with 3 inputs)
OR 16 XORs (with 2 inputs) to calculate (s’0,j) in equation (4.1), so we need 32 XORs (with 3 inputs) OR 64
XORs (with 2 inputs) to calculate equations 4. Finally we can implement Forward mix columns transformation
using 32+8+12+64 = 116 XORs with 2 inputs, OR (52 XORs with 2 inputs + 32 XORs with 3 inputs with total
84 XORs).
In fig. 3, the block labeled Mul by (2) means multiply its input by 2 using the implementation shown in [2].
Each arrow represent 8 bits and each block such as s’1,j represent 8 wires holds values of s’1,j. The inverse mix
column transformation (in decryption process), called InvMix Columns, is defined by the following matrix
multiplication:
0𝐸 0𝐵 0𝐷 09
09 0𝐸 0𝐵 0𝐷
0𝐷 09 0𝐸 0𝐵
0𝐵 0𝐷 09 0𝐸
𝑠0,0 s0,1 𝑠0,2 𝑠0.3
𝑠1.0 𝑠1,1 𝑠1,2 𝑠1,3
𝑠2,0 𝑠2,1 𝑠2,2 𝑠2,3
𝑠3,0 𝑠3,1 𝑠3,2 𝑠3,3
=
𝑠′0,0 s′0,1 𝑠′0,2 𝑠′0.3
𝑠′1.0 𝑠′1,1 𝑠′1,2 𝑠′1,3
𝑠′2,0 𝑠′2,1 𝑠′2,2 𝑠′2,3
𝑠′3,0 𝑠′3,1 𝑠′3,2 𝑠′3,3
Each element in the product matrix is the sum of products of elements of one row and one column. In this case,
the individual additions and multiplications are performed in GF (28
). The mix Columns transformation on a
single column j (0≤ j≤ 3) of State can be expressed as:-
𝑠′
0, 𝑗 = 0𝐸 ∗ 𝑠0, 𝑗 ⊕ 0𝐵 ∗ 𝑠1, 𝑗 ⊕ 0𝐷 ∗ 𝑠2, 𝑗 ⊕ (09 ∗ 𝑠3, 𝑗)
𝑠′
1, 𝑗 = 09 ∗ 𝑠0, 𝑗 ⊕ 0𝐸 ∗ 𝑠1, 𝑗 ⊕ 0𝐵 ∗ 𝑠2, 𝑗 ⊕ (0𝐷 ∗ 𝑠3, 𝑗)
𝑠′
2, 𝑗 = 0𝐷 ∗ 𝑠0, 𝑗 ⊕ 09 ∗ 𝑠1, 𝑗 ⊕ 0𝐸 ∗ 𝑠2, 𝑗 ⊕ (0𝐵 ∗ 𝑠3, 𝑗)
𝑠′
3, 𝑗 = 0𝐵 ∗ 𝑠0, 𝑗 ⊕ 0𝐷 ∗ 𝑠1, 𝑗 ⊕ 09 ∗ 𝑠2, 𝑗 ⊕ (0𝐸 ∗ 𝑠3, 𝑗) (5)
Equation set (5) is formulated to simplify its hardware implementation as follows:
𝑇𝑚𝑝 = 09 ∗ (𝑠0, 𝐽 ⊕ 𝑠1, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ 𝑠3, 𝑗)
𝑠′
0, 𝑗 = 𝑠0, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ 2 ∗ 𝑠0, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ [2 ∗ 𝑠0,j ⊕ 𝑠1, 𝑗 ]
𝑠′
1, 𝑗 = 𝑠1, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ 2 ∗ 𝑠1, 𝑗 ⊕ 𝑠3, 𝑗 ⊕ [2 ∗ 𝑠1,j ⊕ 𝑠2, 𝑗 ]
𝑠′
2, 𝑗 = 𝑠2, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ 2 ∗ 𝑠0, 𝑗 ⊕ 𝑠2, 𝑗 ⊕ [2 ∗ 𝑠2,j ⊕ 𝑠3, 𝑗 ]
𝑠′
3, 𝑗 = 𝑠3, 𝑗 ⊕ 𝑇𝑚𝑝 ⊕ 2 ∗ 𝑠1, 𝑗 ⊕ 𝑠3, 𝑗 ⊕ [2 ∗ 𝑠3,j ⊕ 𝑠0, 𝑗 (6)
As shown in fig. (4) the gate count of this implementation (using combinational circuits only) is as
follows: We need 8 XORs to calculate ( s0,j⊕s1,j ) in equation (6.1), so 32 XORs are required for equations set
6. We need 3 XORs to calculate 2*( s0,j⊕s1,j ) in equation (6.1), so 12 XORs are required for the same
calculations in equations 6. Additional 8 XORs are required to calculate ( s0,j⊕s2,j ) in equation (6.1), so we
need 16 XORs for the same calculations in equations 6.
We need 16 XORs for the same calculations in equations 6. We need additional 3 XORs to calculate
2*(s0,j⊕s2,j) in equation (6.1), so 6 XORs are required for the same calculations in equations 6. We need
additional 3 XORs to calculate 2*(2*(s0,j⊕ s2,j)) in equation (6.1) so 6 XORs are required for the same
calculations in equations 6. We need additional 3 XORs to calculate 2*(2*(2*( s0,j⊕s2,j ))) in equation (6.1), so
6 XORs are required for the same calculations in equations 6. Additional 8 XORs are required to calculate
5. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 19 | Page
09*(s0,j⊕ s2,j), 8 XORs to calculate 09*(s1,j⊕ s3,j), and 8 XORs to calculate Tmp. Finally we need 24 XORs
to calculate s'0,j in equation (6.1), and 96 XORs for the same calculations in equations 6. Implementing inverse
mix columns transformation uses 32+12+16+6+6+6+16+8+96 = 198 XOR. Implementing forward and inverse
mix columns transformation uses 116 +198 = 314 XOR gates.
Fig. 4. Inverse mix columns operation
IV. FAULT DETECTION SCHEMES
The S-box and the inverse S-box structures are divided into five blocks as shown in Fig.1 and 2 to
obtain the low-overhead parities. In these figures, the modulo-2 additions, consisting of 4 XOR gates, are shown
by two concentric circles with a plus inside. Furthermore, the multiplications in GF (24
) are shown by rectangles
with crosses inside. Let bi be the output of block i denoted by dots in Fig.1 and 2 for S-box. The outputs of the
five blocks for S-box using polynomial basis in Fig.1 are represented as b1 = ηh+ ηl , b2 = γ, b3 =θ, b4 = σ and
b5 = Y. Similarly, for Fig.2 b1 = η'h+ η'l , b2 = γ', b3 =θ', b4 = σ' and b5 = Y. One can replace ƞ(ƞ') with σ(σ') and
X with Y for the inverse S-box. In the following, the least overhead parity are denoted by Ṕb1 - Ṕb5 in Figs. 1 and
2.
A. The S-Box and the Inverse S-Box using Polynomial Basis
The implementation complexities of different blocks of the S-box and the Inverse S-box and those for
their predicted parities are dependent on the choice of the coefficients υ ε GF(24
) and υ ε GF(22
) in the
irreducible polynomials u2
+ u + υ and v2
+ v + υ used for the composite fields. The goal in the following
is to find υ ε GF(24
) and υ ε GF(22
) for the composite fields GF(((22
)2
)2
) and υ ε GF(24) for the composite fields
GF((24
)2
) so that the area complexity of the entire fault detection implementations becomes optimum. According
to [19], 16 the possible combinations for υ ε GF(24
) and υ ε GF(22
) exist. Moreover, for the composite fields
GF((24
)2
), the possible choices for υ making the polynomial x2
+ x + υ irreducible has been exhaustively
searched and found.
The blocks are explained below:
Blocks 1 and 5: Based on the possible values of υ and φ in GF(((22
)2
)2
) ( υ in GF((24
)2
) ), the transformation
matrices in Fig. 1 in blocks 1 and 5 of the S-box and the inverse S-box can be constructed using the algorithm
presented in [21]. Using an exhaustive search, eight base elements in GF(((22
)2
)2
)
( or GF((24
)2
) ) to which eight base elements of GF(28
) are mapped, are found to construct the transformation
matrix.
In [22], the Hamming weights, i.e., the number of nonzero elements, of the transformation matrices for the
case φ= {10}2 and different values of υ in GF(((22
)2
)2
) are obtained. It is noted that in [21], instead of considering
the Hamming weights, sub expression sharing is suggested for obtaining the low-complexity implementations for
6. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 20 | Page
the S-box. Here, we have also considered these transformation matrices for φ= {11}2 as well as the
transformation matrices for the inverse S-box for different values of υ and φ and have derived their area and
delay complexities. Moreover, the gate count and the critical path delay for blocks 1 and 5 and their predicted
parities, i.e., Ṕb1 and Ṕb5, of the S-box and the inverse S-box in have been obtained.
Blocks 2 and 4: As shown in Fig. 1, block 2 of the S-box and the inverse S-box consists of a multiplication, an
addition, a squaring and a multiplication by constant υ in GF((24
)2
) .The following lemma is presented for
deriving the predicted parity of the multiplication in GF((24
)2
), using which the predicted parities of blocks 2 and
4 in Fig. 1 are obtained.
Lemma 1: Let λ = ( λ3,λ2,λ1,λ0 ) and δ = ( δ3,δ2,δ1,δ0) be the inputs of the multiplier in GF((22
)2
). The predicted
parities of the result of the multiplication of λ and δ in GF((22
)2
) for φ= {10}2 and φ= {11}2 are as follows,
respectively
Ṕπ = λ3( δ3+δ2+δ0 )+ λ2( δ3+δ2+δ0 )+ λ1( δ2+δ0 )+
λ0( δ3+ δ0 +δ2+δ0) if φ= {10}2 (7)
Ṕπ = λ3( δ3 +δ0 )+ λ2( δ2+δ1+δ0 )+ λ1( δ2+δ0 )+
λ0( δ3+ δ0 +δ2+δ0) if φ= {11}2 (8)
The predicted parity of block 2 of the S-box and the inverse S-box, i.e., Ṕ in Fig.1, depends on the
choice of the coefficients υ ε GF ((22
)2
) and υ ε GF(22
) []. Using Lemma 1, we have derived the complexity of
the predicted parity of block 2 for these coefficients. Furthermore, for block 4 in Fig.1, which consists of two
multiplications in GF ((22
)2
), one can also use Lemma 1 to derive the predicted parity. For block 2 of the S-box
(respectively the inverse S-box) over GF((24
)2
) in Fig. 1, only the multiplication by constant is affected for
different values of υs. For this block, we have exhaustively searched for and obtained the optimum
implementation for different values of υs. Moreover, block 4 in Fig. 1 is independent of the value of υ. Therefore,
the complexity of the predicted parity for this block is the same for all possible υs.
Block 3: We present the following theorem for block 3 of the
S-box and the inverse S-box over GF((22
)2
) in Fig. 1.
Theorem 1: Let γ = (γ3,γ2,γ1,γ0) be the input and θ=(θ3,θ2,θ1,θ0 ) be the output of an inverter in GF((22
)2
). The
predicted parities of the result of the inversion in GF((22
)2
), i.e., Ṕb3 , for φ= {10}2 and φ= {11}2 are as follows,
respectively
Ṕθ= (͞γ2˅γ1)γ0+(γ1+γ0)γ3 if φ= {10}2 (9)
Ṕθ= (γ2 γ1˅ γ0)+ γ3 γ1 if φ= {10}2 (10)
Where, ˅ represents OR operation. It is noted that the inversion in GF(24
) [] in Fig. 1 is independent of the value
of υ. Therefore, the complexity of the predicted parity for this block is the same for any possible υs.
B. The S-Box and the Inverse S-Box Using Normal Basis
The optimum fault detection S-box using normal basis in Fig. 2 is derived. Here an exhaustive search
for finding the optimum predicted parities based on the choice of the coefficients υ' ε GF(24
) and υ' ε GF(22
)
and for the five blocks of the inverse S-box using normal basis. We have exhaustively searched for the least
overhead transformation matrices and their parity predictions combined for the inverse S-box and have derived
the total complexity for the predicted parities of blocks 1 and 5, i.e., Ṕb1 and Ṕb5, and the delays associated with
them. These are used to obtain the optimum S-box inverse S-box and its parity predictions in this section. It is
also noted that as shown in Fig. 2, blocks 2, 3, and 4 of the S-box and the inverse S-box are the same. Therefore,
considering [15], the predicted parities of these blocks can be obtained for the inverse S-box.
C. Optimum parity prediction techniques
i. For polynomial basis:
Considering the discussions presented for different combinations of υ and φ for polynomial basis, the
following optimum parity prediction technique is presented.
The fault detection S-Box using composite fields GF(((22
)2
)2
) has the least area complexity for φ = {11}2 and υ=
{1010}2. For this optimum S-Box (PB1), the following predicted parities for the five blocks in Fig.1 are as given
below:
Ṕb1= x0
Ṕb2 = ƞ3(ƞ͞ 7+ƞ4)+ƞ2(ƞ͞ 7+ Pƞh)+ƞ1( ƞ6+ƞ4)+ƞ0 P͞ ƞh+ƞ6+ƞ7
7. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 21 | Page
Ṕb3=(γ2γ1˅γ0)+γ1γ3
Ṕb4 =ƞ3(θ3+θ0)+ƞ2(PΘ+θ3)+ƞ1(θ2+θ0)+ƞ0PΘ
Ṕb5 =σ7+σ5+σ3+σ2+σ0
where, Ṕƞh=ƞ7+ƞ6+ƞ5+ƞ4 and ṔΘ =θ3+θ2+θ1+θ0. Additionally, among all the possible values for using composite
fields GF ((24
)2
), υ= {1010}2 yields to the least complexity architecture for the optimum S-box (PB2),
respectively. Then, for the S-box we have:
Ṕb1= x7+x0
Ṕb2 = ƞ3ƞ4+ƞ2(ƞ5+ƞ4)+ƞ1(P͞ ƞh+ƞ7)+ƞ0 P͞ ƞh+ Pƞh +ƞ4
Ṕb3=͞γ3γ2͞γ0+γ0(͞γ1˅(͞γ͞͞2͞+͞γ3))
Ṕb4 =ƞ3θ0+ƞ2(θ1+θ0)+ƞ1(PΘ+θ3)+ƞ0PΘ
Ṕb5 =σ4+σ3+σ2+σ1+σ0
Furthermore, for the inverse S-box the following method is used. For the inverse S-box using composite field
GF(((22
)2
)2
), choosing φ = {11}2 and υ = {1011}2 and for the one using composite field GF((24
)2
) having υ =
{1001}2 yields to the lowest area complexity architecture. It is noted that blocks 3 and 4 have the same predicted
parities as the S-box by swapping ƞ and σ. For other blocks of the optimum inverse S-box (PB1) we have:
Ṕb1= ͞x0
Ṕb2 = σ3(͞σ7+σ4)+σ2(͞σ7+ Pƞh)+σ1(σ6+σ4)+σ0 P͞ ƞh+σ6+σ7
Ṕb3=(γ2γ1˅γ0)+γ1γ3
Ṕb4 =ƞ3(θ3+θ0)+ƞ2(PΘ+θ3)+ƞ1(θ2+θ0)+ƞ0PΘ
Ṕb5 =ƞ7+ƞ5+ƞ3+ƞ2+ƞ0
Additionally, for the optimum inverse S-box (PB2) we have:
Ṕb1=͞x7͞+͞x0
Ṕb2 = σ3σ4+σ2(σ5+σ4)+σ1(P͞ ƞh+σ7)+σ0 P͞ ƞh+ Pƞh +σ4
Ṕb3=͞γ3γ2͞γ0+γ0(͞γ1˅(͞γ͞͞2͞+͞γ3))
Ṕb4 =ƞ3θ0+ƞ2(θ1+θ0)+ƞ1(PΘ+θ3)+ƞ0PΘ
Ṕb5 = ƞ0
ii. For normal basis:
For different combinations of υ' and φ' for normal basis, for the S-box and the inverse S-box, φ' = {10}2
and υ' = {0001}2 have the least area for the operations and their fault detection circuits combined. The following
is the predicted parities for the S-box:
Ṕb1= x7+x5
Ṕb2 = (ƞ'7˅ƞ'3)+(ƞ'6˅ƞ'2)+(ƞ'4˅ ƞ'0)+ƞ'5ƞ'1
Ṕb3= ͞γ͞'2͞γ͞'0(γ'3+ γ'1)+ γ'3 γ'1(γ'2+ γ'0)
Ṕb4 = (ƞ'7+ƞ'3) θ'3+(ƞ'6+ƞ'2) θ'2+(ƞ'5+ƞ'1) θ'1+(ƞ'4+ƞ'0) θ'0
Ṕb5 =σ'7+σ'5+σ'4+σ'3+σ'2
Moreover, for the inverse S-box, Ṕb2 - Ṕb4 are the same as those for the S-box by swapping ƞ' and σ'. For
the other blocks, the predicted parities are given as: Ṕb1= y7+y6+ y2+y1 and Ṕb5 =ƞ'7+ƞ'5+ƞ'4+ƞ'3+ƞ'2.
It is noted that the area overhead of the proposed scheme for the optimum structures consists of those
of the optimum parity predictions. In addition, 23 XORs for the actual parities (3 XORs for adding the coordinates
of each of ƞ'h+ƞ'l, γ' and θ' and 7 XORs each for those of ζ' and Y ) are utilized. Moreover, the delay overhead of
the predicted parities of five blocks can overlap the delays for the implementations of five blocks in Figs. 1 and
2. The only delay overhead for this scheme is the delay of the actual parity of block 5, which is 3TX, where TX, is
the delay of an XOR gate.
D. Error indication
In order to develop a fault detection structure, the predicted parity can be compared with the actual
parity in order to obtain the error indication flag of the corresponding block . By ORing five indication flags of
five blocks, the error indication of the entire S-box is obtained [15].
V. SIMULATION RESULTS
8. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 22 | Page
First the S-box and the inverse S-box using composite fields is constructed for low area and low power
dissipation. Also the time delay is reduced compared to other techniques. Here S-Box and inverse S-Box are
constructed using both polynomial and normal basis. Then, single Struck-At-Faults have been introduced to the
S-box and the Inverse S-box and the corresponding output simulation is obtained. After that the circuit is tested
for multiple Struck-At-Faults. If exactly one bit error appears at the output of the S-box (respectively inverse S-
box), the presented fault detection scheme is able to detect it and the error coverage is about 100%. This is
because in this case, the error indication flag of the corresponding block alarms the error. However, due to the
technological constraints, single stuck-at error may not be applicable for an attacker to gain more information
[23]. Thus, multiple bits will actually be flipped and hence multiple stuck-at errors are also considered in this
paper covering both natural faults and fault attacks [23].
Here a lightweight Mixcolumns is also implemented using logic gates. The total number of gates
required for implementing mix columns operation in the proposed design is 116+198 =314 XOR gates[],[]. Since
our design is implemented using combinational circuits only, each resultant mix column takes a single clock
cycle. The proposed mix column implementation takes four clock cycles compared to 28 clock cycles in [4]. The
circuit for both AES encryption and decryption is designed. Xilinx ISE 8.1 and ModelSim are the simulation
tools used here. The target device is XC2S600E. Finally, the error coverage has been calculated from the
obtained results. The design is also simulated for power, delay and area calculations. From the simulation result
the following is inferred.
TABLE I
COMPARISON OF LUTS AND SLICES
Operation Architecture No. of 4-input
LUTs
No. of
slices
S-Box
LUT 250 158
PB 87 31
NB 83 31
Inverse
S-Box
LUT 250 158
PB 84 31
NB 73 31
A. Low area and Low power
From the synthesis report, the number of LUTs and slices needed to design the S-box and the Inverse S-
box is calculated. Table I gives the comparison of the number of LUTs and slices used for the design of S-box
and Inverse S-box using various techniques. From the Table I the number of LUTs and Slices used for S-box
and Inverse S-box using composite fields is less when compared to S-box based on LUTs .
Table II illustrates the comparison results based on simulation in terms of power.
TABLE II
COMPARISON OF POWER
Operation Architecture Power
(mW)
S-Box
LUT 56
PB 34
NB 34
Inverse
S-Box
LUT 56
PB 34
NB 34
B. Fault detection
The proposed architecture for the S-box and Inverse S-box is able to find all the single Struck-At faults.
Faults are injected randomly on the input and output nodes of the logic gates. In the case of multiple Struck-At
faults in S-box, also the faults have been identified. We have performed error simulations for the S-boxes and the
inverse S-boxes using the optimum composite field obtained in the previous section to confirm our above
theoretical computation. In our simulations, we use stuck-at error model at the outputs of the five blocks forcing
one or multiple nodes to be stuck at logic one (for stuck-at one) or zero (for stuck-at zero) independent of the
error-free values. We use Fibonacci implementation of the LFSRs for injecting random multiple errors, where,
the numbers, the locations and the types of the errors are randomly chosen. In this regard, the maximum
sequence length polynomial for the feedback is selected. The injected errors are transient, i.e., they last for one
clock cycle. However, the results would be the same if permanent errors are considered. The results of the error
simulation [] is shown in Table III. It is noted that in these tables, the optimum polynomial basis (PB) and
9. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 23 | Page
normal basis (NB) are presented. As shown in the table, using five parity bits of the five blocks, the error
coverage for random faults reaches 97% which is the same as our theoretical computation in this section. This
error coverage will be increased if the outputs of more than one S-box (respectively inverse S-box) of the AES
implementation are erroneous. In this case, the errors detected in any of 16 S-boxes (respectively inverse S-
boxes) contribute to the total error coverage. Thus, error coverage of very close to 100% is achieved.
The optimum S-box and inverse S-box using normal basis have the least hardware complexity with the
fault detection scheme. Moreover, the optimum structures using composite fields and polynomial basis have the
least post place and route timing overhead among other schemes. It is noted that using sub-pipelining for the
presented fault detection scheme in this paper, one can reach much faster hardware implementations of the
composite field fault detection structures. The AES encryption and decryption presented here using composite
fields and forward mix columns method has least area compared to its counterparts.
TABLE III
ERROR SIMULATION RESULTS
Operation Architecture Error coverage
S-Box
(Inverse S-Box)
PB 97.008
NB 97.003
VI. CONCLUSION
In this paper, low power AES encryption and decryption has been designed. Parity based fault detection
scheme for the low power S-box and the Inverse S-box are presented in order to find the faults in the hardware
implementation of the S-box and the Inverse S-box. Instead of using the look-up table approach for the
implementation of the S-box and its parity prediction, the composite field arithmetic with logical gates is used.
Simulation results show that very high error coverage for the presented scheme is obtained when compared to
other fault detection schemes like those based on LUTs and redundant units. Also low power and low area is
achieved when compared to previous methods. An alternative lightweight design for both forward and inverse
mix columns operation required also included in the AES hardware implementation. The comparisons indicate
that the proposed mix-column design have less complexity than previous relevant work in gate size and no. of
clock cycles.
Acknowledgment
The authors would like to thank the management, and Faculty Members of Department of Electronics and
Communication Engineering, Younus College of Engineering and Technology, Kollam, Kerala for many
insightful discussions and the facilities extended for completing the task.
REFERENCES
[1] Mehran Mozaffari-Kermani and Arash Reyhani-Masoleh, “A lightweight High-Performance Fault Detection Scheme for the
Advanced Encryption Standard Using Composite Fields” IEEE Trans. On Very Large Scale Integration (VLSI) Syestems, vol. 19, no.
1, pp. 85–591,January 2011.
[2] National Institute of Standards and Technologies, Announcing the Advanced Encryption Standard (AES) FIPS 197, Nov. 2001.
[3] R. Karri, K. Wu, P. Mishra, and K. Yongkook, “Fault-based side-channel cryptanalysis tolerant Rijndael symmetric block cipher
architecture,” in Proc. DFT, Oct. 2001, pp. 418–426..
[4] R. Karri, K. Wu, P. Mishra, and Y. Kim, “Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric
blockciphers,” IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst., vol. 21, no. 12, pp. 1509–1517, Dec. 2002.
[5] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “Error analysis and detection procedures for a hardware implementation
of the advanced encryption standard,” IEEE Trans. Computers, vol. 52, no. 4, pp. 492–505, Apr. 2003.
[6] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri and V. Piuri, “A parity code based fault detection for an implementation of the
advanced encryption standard,” Proc. of IEEE Int’l S mp., Defect and Fault Toler n e in VLSI S stems (DFT ’02), pp. 51-59, Nov.
2002.
[7] M. Mozaffari Kermani, “Fault Detection Schemes for High Performance VLSI Implementations of the Advanced Encryption
Standard,” M.E.Sc. Thesis, Department of Electrical and Computer Engineering, The University of Western Ontario, London,Ontario,
Canada, April 2007.
[8] M. Mozaffari-Kermani and A. Reyhani-Masoleh, “Concurrent Structure-Independent Fault Detection Schemes for the Advanced
Encryption Standard,” IEEE Trans. Computers, vol. 59, no. 5, pp. 608-622, May 2010.
[9] C. H. Yen and B. F.Wu, “Simple error detection methods for hardware implementation of advanced encryption standard,” IEEE
Trans. Computers, vol. 55, no. 6, pp. 720–731, Jun. 2006.
[10] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “A parity code based fault detection for an implementation of the
advanced encryption standard,” in Proc. DFT, Nov. 2002, pp. 51–59.
[11] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “Error analysis and detection procedures for a hardware implementation
of the advanced encryption standard,” IEEE Trans. Computers, vol. 52, no. 4, pp. 492–505, Apr. 2003.
[12] C. Moratelli, F. Ghellar, E. Cota, and M. Lubaszewski, “A fault-tolerant DFA-resistant AES core,” in Proc. ISCAS, 2008, pp. 244–
247.
[13] M. Mozaffari-Kermani and A. Reyhani-Masoleh, “Parity-based fault detection architecture of S-box for advanced encryption
standard,” in Proc. DFT, Oct. 2006, pp. 572–580.
10. Fault Detection Technique for Compact AES Design
www.iosrjournals.org 24 | Page
[14] S.-Y. Wu and H.-T. Yen, “On the S-box architectures with concurrent error detection for the advanced encryption standard,” IEICE
Trans. Fundam. Electron., Commun. Comput. Sci., vol. E89-A, no. 10, pp. 2583–2588, Oct. 2006.
[15] R. Karri, K. Wu, P. Mishra, and K. Yongkook, “Fault-based Side-Channel Cryptanalysis Tolerant Rijndael Symmetric Block Cipher
Architecture,” ro . IEEE Int’l Symp. Defect and Fault Toler n e in VLSI S stems (DFT ’01), pp. 418-426, Oct.2001
[16] M. Mozaffari-Kermani and A. Reyhani-Masoleh, “A lightweight concurrent fault detection scheme for the AES S-boxes using normal
basis,” in Proc. CHES, Aug. 2008, pp. 113–129.
[17] D. Canright, “A very compact S-box for AES,” in Proc. CHES, Aug. 2005, pp. 441–455.
[18] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A compact Rijndael hardware architecture with S-box optimization,” in Proc.
ASIACRYPT, Dec. 2001, pp. 239–254.
[19] J.Wolkerstorfer, E. Oswald, and M. Lamberger, “An ASIC implementation of the AES SBoxes,” in Proc. CT-RSA, 2002, pp. 67–78.
[20] V. Rijmen, Dept. ESAT, Katholieke Universiteit Leuven, Leuven, Belgium, Efficient Implementation of the Rijndael S-Box, 2000.
[21] X. Zhang and K. K. Parhi, “High-speed VLSI architectures for the AES algorithm,” IEEE Trans. Very Large Scale Integr. (VLSI)
Syst., vol. VLSI-12, no. 9, pp. 957–967, Sep. 2004.
[22] X. Zhang and K. K. Parhi, “On the optimum constructions of composite field for the AES algorithm,” IEEE Trans. Circuits Syst. II,
Exp. Briefs, vol. 53, no. 10, pp. 1153–1157, Oct. 2006.
[23] N. Mentens, L. Batina, B. Preneel, and I. Verbauwhede, “A systematic evaluation of compact hardware implementations for the
RijndaelS-box,” in Proc. CT-RSA, Feb. 2005, pp. 323–333.
[24] L. Breveglieri, I. Koren, and P. Maistri, “An operation-centered approach to fault detection in symmetric cryptography ciphers,” IEEE
Trans. Computers, vol. C-56, no. 5, pp. 534–540, May 2007.
[25] Xilinx [Online]. Available: http://www.xilinx.com/