[Cryptech Core] Increasing AES core performance?

Joachim Strömbergson joachim at secworks.se
Fri Jun 23 06:18:50 UTC 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

I've been looking at the performance of the AES core. Right now there
are eight Sboxes in total - four for encipher and four for decipher. The
four encipher Sboxes are also used by the key expansion. The number of
S-boxes directly affects the number of cycles it takes to perform an
AES-round.

Doing some simple test implementations shows that the resources needed
for the Sboxes scales linearly with the number of Sboxes (as expected).
Simply put, one could increase the AES performance with a factor of four
with a 26% increase in slice LUTs. It should be something like 3800 in
total. (the total have uncertainties due to removal of MUXes etc and I
haven't measured them.)

One could also decide to go for 2x performance increase with 18%
increase. Other possibilities is to only increase encipher performance.
Or be funky and increase encipher and decipher operations with different
amounts.

The question is then if this is interesting to do? Is AES performance
relevant in the current Cryptech design and for the use cases it
supports? And are there headroom in the FPGA to fit the increase in core
size?

What cipher modes are used and supported by Cryptech today? Would we
need to increase both encipher and decipher operations?


- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJZTLLKAAoJEF3cfFQkIuyNByIQAJkx0Bm1Kyju1JdjpbWbZigN
pGBBVUF3+TNCGUKi2ocugkNAh38fMzd6fcRm7SU0/cN/p6EWjf3ZIFe+Ys0rwnku
trRkZACBUTMBEOYY4WpVhQASDHOaRH1txOav9JYIgWlhrKJpej1axMiJZmg56Y1P
mpSg1hSSt7SuLrWgA4RB08HTCR4dSchRSrykuqhu5YSFTTbBmfcZ/u0DssQLEjO0
JkoG1oPgNGGPgvUPcC2OvW/IwasNRIlDjjB9zj/vxgBtfM4h4zNICgXqsiYWGIOU
f09pfng9Evpv2Uv7uCzt6bYshT7VsddVDd9uudJtjwVqeTlogv+JPvd/P8jkpl9A
dGinmQmFrMrkuzKXB9VdWxwJoxvK5xR47gsDR0tSl7lrqNiduNjpMAIFwfLm9dLr
Adr/AQSUuK+eP+6Tf7ik/sTLtAkibHZgfesWKwGNc1YK26bvNdqFTvReKljAeGnI
4znZX5L8WDFEs2dOgtTI9+YESm/FYZDX6QqDvQqshYfmLzboR4g1ztNOba1TwJbd
8x8Di6F4ubipvWHqsZ/j/6/uMgwEGk/D8zNuq5iRr3H5P1TeqUI5NT+spGzbXETY
lzM81wDSGwPhjRT2LOLIQ3uo9mMYy4ahA3Sy8DFvykw/5sZmi9Nu8IPaD9rVwCeJ
RDyhBFiFNPxRbtFyZOTL
=0mY6
-----END PGP SIGNATURE-----


More information about the Core mailing list