Next: The MixColumn transformation
Up: On the implementation of
Previous: The operation xtime
The formerly mentioned type of public-key coprocessor is actually useful to improve the performance
of the following transformations of the AES cipher:
-
MixColumn,
- inverse
MixColumn,
- KeyExpansion and
-
AddRoundKey.
Other transformations like the
ByteSub and
ShiftRow are performed inside the standard CPU and
therefore remain unchanged.
The reason of not using the coprocessor to accelerate these two last transformations is the following.
The fastest way of performing the
ByteSub transformation is by the use of a look-up table
(the so called S-Box) containing 256 8-bit values.
Because both of them, table indices and table contents are 8-bit values,
the 8-bit CPU is the most suitable unit to perform this table access.
Nevertheless, we advice the reader to carefully consult our section 5 on the physical security of the AES.
On the other hand, the
ShiftRow transformation can be embedded into the
ByteSub transformation
in such a way that there is no performance loss.
The next figure describes the execution parts executed in the CPU and the other ones executed
within the coprocessor:
Figure 3:
Execution of the AES transformations .
|
|
Subsections
Next: The MixColumn transformation
Up: On the implementation of
Previous: The operation xtime
Roger Fischlin
2002-09-25
![\includegraphics[width=1.0\linewidth]{AES_transformations}](img72.png)