Secure and Efficient Implementation of Symmetric Encryption Schemes using FPGAs

  • François-Xavier Standaert


Due to its potential to greatly accelerate a wide variety of applications, reconfigurable computing has gained importance in the industrial development of digital signal processing systems. This chapter discusses how the particular properties of field programmable gate arrays (FPGAs) can be exploited for the secure and efficient implementation of symmetric cryptographic algorithms and protocols.

Reconfigurable computing intends to fill the gap between hardware and software, achieving potentially much higher performance than software, while maintaining a higher level of flexibility than hardware. Reconfigurable devices such as FPGAs contain arrays of computational elements whose functionality is determined through multiple programmable configuration bits. These elements, sometimes known as logic blocks, are connected using a set of routing resources that are also programmable. As a consequence, the realization of FPGA designs can be performed at the user site. Synthesis and...


Smart Card Block Cipher Advanced Encryption Standard Logic Block Digital Right Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    D. Agrawal, B. Archambeault, J. Rao, and P. Rohatgi. The EM Side-Channel(s), in the proceedings of CHES 2002, LNCS, vol. 2523, pp. 29–45, Redwood City, California, USA, August 2002.Google Scholar
  2. 2.
    R. Anderson and M. Kuhn. Tamper Resistance – a Cautionary Note, in the proceedings of the USENIX 1996, pp. 1–11, Oakland, USA, November 1996.Google Scholar
  3. 3.
    P. Barreto and V. Rijmen. The KHAZAD Legacy-Level Block Cipher, available from:
  4. 4.
    J. L. Beuchat. Modular multiplication for FPGA implementation of the IDEA block cipher, Research Report, num 2002-32, ENS Lyon, September 2002.Google Scholar
  5. 5.
    D. Boneh, R. DeMillo, and R. Lipton. On the Importance of Checking Cryptographic Protocols for Faults, in the proceedings of Eurocrypt 1997, LNCS, vol. 1233, pp. 37–51, Konstanz, Germany, May 1997.Google Scholar
  6. 6.
    L. Bossuet, G. Gogniat, and W. Burleston. Dynamically Configurable Security for SRAM FPGA Bitsreams, in the proceedings of IPDPS 2004, pp. 146–158, Los Alamitos, CA, USA, April 2004.Google Scholar
  7. 7.
    P. Bulens, K. Kallach, F.-X. Standaert, and J.-J. Quisquater. FPGA Implementation of eSTREAM Phase-2 Focus Candidates with Hardware Profile, in the proceedings of SASC 2007, Bochum, Germany, February 2007.Google Scholar
  8. 8.
    V. Maingot, J. B. Ferron, G. Canivet, and R. Leveugle. Fault attacks on SRAM-based FPGAs, USEIT Security Workshop, Toulouse, France, July 2007.Google Scholar
  9. 9.
    S. Chari, J. Rao, and P. Rohatgi. Template Attacks, in the proceedings of CHES 2002, LNCS, vol. 2523, pp. 13–28, Redwood City, CA, USA, August 2002.Google Scholar
  10. 10.
    K. Compton and S. Hauck. Reconfigurable computing: A survey of systems and software. ACM Computing Surveys, v. 34(2): 171–210, June 2002.CrossRefGoogle Scholar
  11. 11.
    S. Drimer. FPGA design security bibliography webpage, \(\sim\)sd410/fpgasec/
  12. 12.
    S. Drimer. FPGA Bitstream Authentication: Why and How, in the proceedings of ARC 2007, LNCS, vol. 4419, pp. 73–84, Rio de Janeiro, Brazil, March 2007.Google Scholar
  13. 13.
    I. Gonzales and F. J. Gomez-Arribas. Ciphering algorithms in microBlaze-based embedded systems. IEE Proceedings, Computers and Digital Technologies, 153(2): 87–92, March 2006.CrossRefGoogle Scholar
  14. 14.
    T. Good and M. Benaissa. AES on FPGA: From the Fastest to the Smallest, in the proceedings of CHES 2005, LNCS, vol. 3659, pp. 427–440, Edinburgh, UK, September 2005.Google Scholar
  15. 15.
    K. Jarvinen, M. Tommiska, and J. Skytta. Comparative survey of high-performance cryptographic algorithm implementations on FPGAs. IEE Proceedings, 152(1): 3–12, October 2005.Google Scholar
  16. 16.
    T. Kean. Cryptographic Rights Management of FPGA IP Cores, in the proceedings of FPGA 2002, pp. 113–118, Monterey, CA, USA, February 2002.Google Scholar
  17. 17.
    P. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis, in the proceedings of Crypto 1999, LNCS, vol. 1666, pp. 398–412, Santa-Barbara, USA, August 1999.Google Scholar
  18. 18.
    P. Lysaght, B. Blodget, J. Young, and B. Bridgford. Enhanced Architectures, Design Methodologies And CAD Tools For Dynamic Reconfiguration of Xilinx FPGAs, in the proceedings of FPL 2006, Madrid, Spain, September 2006.Google Scholar
  19. 19.
    T. G. Malkin, F.-X. Standaert, and M. Yung. A Comparative Cost/Security Analysis of Fault Attack Countermeasures, in the proceedings of FDTC 2005, LNCS, vol. 4236, pp. 159–172, Edinburgh, Scotland, September 2005.Google Scholar
  20. 20.
    E. Peeters, F.-X. Standaert, N. Donckers, and J.-J. Quisquater. Improved Higher-Order Side-Channel Attacks With FPGA Experiments, in the proceedings of CHES 2005, LNCS, vol. 3659, pp. 309–323, Edinburgh, Scotland, September 2005.Google Scholar
  21. 21.
    Jan M. Rabaey. Digital Integrated Circuits, Prentice Hall International, 1996.Google Scholar
  22. 22.
    F. Rodriguez, N. A. Saqib, A. D. Perez, and Ç. K. Koç. Cryptographic Algorithms on Reconfigurable Hardware, Springer, 2006.Google Scholar
  23. 23.
    G. Rouvroy, F.-X. Standaert, J.-J. Quisquater, and J.-D. Legat. Design Strategies and Modified Descriptions to Optimize Cipher FPGA Implementations: Fast and Compact Results for DES and Triple-DES, in the proceedings of FPL 2003, LNCS, vol. 2778, pp. 181–193, Lisbon, Portugal, September 2003.Google Scholar
  24. 24.
    G. Rouvroy, F.-X. Standaert, J.-J. Quisquater, and J.-D. Legat. Compact and Efficient Encryption/Decryption Module for FPGA Implementation of the AES Rijndael Very Well Suited for Small Embedded Applications, in the proceedings of ITCC 2004, Las Vegas, USA, April 2004.Google Scholar
  25. 25.
    G. Rouvroy, F.-X. Standaert, F. Lefebvre, and J.-J. Quisquater. Reconfigurable Hardware Solutions for the Digital Rights Management of Digital Cinema, in the proceedings of DRM 2004, pp. 40–53, Washington DC, USA, October 2004.Google Scholar
  26. 26.
    L. Shang, A. Kaviani, and K. Bathala. Dynamic Power Consumption in Virtex-2 FPGA Family, in the proceedings of FPGA 2002, pp. 157–164, Monterey, California, USA, February 2002.Google Scholar
  27. 27.
    E. Simpson and P. Schaumont. Offline Hardware/Software Authentication for Reconfigurable Platforms, in the proceedings of CHES 2006, LNCS, vol. 4249, pp. 311–323, Yokohama, Japan, October 2006.Google Scholar
  28. 28.
    F.-X. Standaert, G. Rouvroy, J.-D. Legat, and J.-J. Quisquater. Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware: Improvements and Design Tradeoffs, in the proceedings of CHES 2003, LNCS, vol. 2779, pp. 334–350, Cologne, Germany, September 2003.Google Scholar
  29. 29.
    F.-X. Standaert, S. B. Ors, and B. Preneel. Power Analysis of an FPGA Implementation of Rijndael: Is Pipelining a DPA Countermeasure?, in the proceedings of CHES 2004, LNCS, vol. 3156, pp. 30–44, Cambridge, MA, USA, August 2004.Google Scholar
  30. 30.
    F.-X. Standaert, E. Peeters, G. Rouvroy, and J.-J. Quisquater. An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays, in the Proceedings of the IEEE, 94(2):383–394, February 2006.CrossRefGoogle Scholar
  31. 31.
    F.-X. Standaert, E. Peeters, F. Macé, and J.-J. Quisquater. Updates on the Security of FPGAs Against Power Analysis Attacks, in the proceedings of ARC 2006, LNCS, vol. 3985, pp. 335–346, Delft, The Netherlands, March 2006.Google Scholar
  32. 32.
    F.-X. Standaert, G. Rouvroy, and J.-J. Quisquater. FPGA Implementations of the DES and Triple-DES Masked Against Power Analysis Attacks, in the proceedings of FPL 2006, Madrid, Spain, August 2006.Google Scholar
  33. 33.
    F.-X. Standaert, T. G. Malkin, and M. Yung. A formal practice-oriented model for the analysis of side-channel attacks, Cryptology ePrint Archive, Report 2006/139, 2006, available from
  34. 34.
    K. Tiri and I. Verbauwheder. Synthesis of Secure FPGA Implementations, in the proceedings of the International Workshop on Logic and Synthesis (IWLS 2004), pp. 224–231, June 2004.Google Scholar
  35. 35.
    P. Tuyls, G. J. Schrijen, B. Skoric, J. van Geloven, N. Verhaegh, and R. Wolters. Read-Proof Hardware from Protective Coatings, in the proceedings of CHES 2006, LNCS, vol. 4249, pp. 369–383, Yokohama, Japan, October 2006.Google Scholar
  36. 36.
    T. Wollinger, J. Guarjardo, and C. Paar. Security on FPGAs: State of the art implementations and attacks. ACM Transactions in Embedded Computing Systems, 3(3):534–574, August 2004.CrossRefGoogle Scholar
  37. 37.
    Xilinx. Virtex, Virtex-E, Virtex-II, Virte-II Pro, Virtex-4, Virtex-5 Field programmable gate arrays data sheets,
  38. 38.
    Xilinx. Xilinx FPGA identification friend of foe copy protection with 1-Wire SHA-1 secure memories, Application Note 3826,

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  1. 1.UCL Crypto GroupUSA

Personalised recommendations