網路已經成為人們日常生活中不可或缺的一環，藉著它人們可以互相傳遞私密訊息。為了確保被傳送訊息的安全性、完整性與認證傳送者之身份，資料加密與認證方法已經成為網路技術中一個相當重要的議題。為此， AES-CCM加解密演算法被提出並成為此種標準之ㄧ。本論文根據AES-CCM演算法提出一個高速、高吞吐量之硬體設計架構，並以加密安全程度為考量，完成三種不同版本之AES-CCM演算法之設計與硬體實現，其金鑰長度可以為128位元、192位元及256位元。
　　對於AES-CCM整體架構，我們平行化處理資料驗證與加密訊息兩個部分，並利用資源共享有效地節省硬體資源。為提高性能，在架構中採用雙AES模組。在AES演算法的實現中，使用伽羅瓦複合場運算以降低複雜度；在混合行步驟中，簡化矩陣公式以整合部分運算，達到減少邏輯運算的資源；在金鑰擴展功能使用混合模式的設計，以大幅地縮減資料處理時間，有效地提高整體設計之吞吐量。此外，我們詳細分析了管線化對於AES-CCM演算法中之反饋模式的加密特性之影響，提出了三種版本的設計：替換盒查表實現設計、邏輯運算取代替換盒設計及管線化邏輯運算取代替換盒設計。
　　完成之設計使用Xilinx Virtex7之xc7vx330t-3ffg1157元件實現與驗證。三種設計使用之LUT資源數量分別為48,460個、9,604個及8,871個，工作頻率為168 MHz、66 MHz及279 MHz，吞吐量為196 Mbps、134 Mbps及1,429 Mbps。最後，我們將效能最佳的第三版本以TSMC 0.18製程的ASIC實現與驗證，其工作頻率為83.3 MHz，晶片核心面積為1,249.26 μm × 1,248.96 μm，資料處理最高吞吐量為427 Mbps，消耗功率為35.3 mW。

　Networking has become an indispensable part of the daily life of people. With it, people can communicate with each other by sending private messages. To ensure confidentiality and intactness of the message and authenticate the sender, the message encryption and authentication method has become a crucial issue in networking technique. To facilitate this, the AES-CCM algorithm has been proposed and becomes one of such kinds of standards. In this thesis, we propose a high-speed, high-throughput hardware architecture for the AES-CCM authenticated encrypted algorithm. To improve the degree of encryption security, three different architectures are designed and implemented for the algorithm based on the improving performance. In all these designs, the length of secret keys can be 128 bits, 192 bits, or 256 bits.
　For the overall AES-CCM architecture, we parallelize both data verification and encryption parts and use the concept of resource sharing to effectively reduce hardware resources. To improve the performance, a dual AES architecture is used in the design. In AES algorithm realization, we adopt the Galois composite field to reduce the complexity of operation. In the Mix-Columns step, we simplify matrix formulae to integrate some operations and reduce the resources of logical operations. For the secret-key expansion, a mixed mode design is employed to greatly decrease the data processing time and effectively improve the throughput of the algorithm. In addition, we analyze the impact of pipeline on the feedback mode inherent in the AES-CCM algorithm in detail and propose three architectures: realization of the S-Box as a look up table, realization of the S-Box with unpipelined combinational logic, and implementation of the S-Box with pipelined combinational logic.
　The proposed three designs of the AES-CCM algorithm are verified with the Xilinx Virtex7 xc7vx330t-3ffg1157 device. The number of LUTs used are 48,460, 9,604, and 8,650 respectively. They can separately operate at frequencies of 168 MHz, 66 MHz, and 283 MHz and yield the max throughputs of 196 Mbps, 134 Mbps, and 1464 Mbps, respectively. The design with the best performance is implemented as an ASIC with the TSMC 0.18μm process. The resulting ASIC can operate at 83.3 MHz and achieve a high throughput of 427 Mbps. The core area of the chip is 1,249.26 μm × 1,248.96 μm. The power consumption of the chip is 35.3 mW.

[1] FIPS Publication 197, Advanced Encryption Standard (AES). U.S. DoC/NIST, November 2001.
[2] J. Ji, S. Jung, E. Jun, and J. Lim, “Efficient Sequential Architecture for the AES CCM Mode in the 802.16e Standard,” in Proceedings of the Second International Conference on Intelligent Networks and Intelligent Systems, pp. 253--256, China, November 2009.
[3] X. Jinwei, and R. Shijin, “Designing and Realization for AES-CCM Encryption
Protocol in WiMAX,” in Proceedings of the Conference on Communication Faculty, pp. 304--309, China, 2009.
[4] D.H. Bae, “An Efficient Design of CCMP for Robust Security Network,” LNCS 3935, Information Security and Cryptology ICISC, pp. 352--361, 2006.
[5] A. Aziz and N. Ikram, “An FPGA-based AES-CCM Crypto Core for IEEE 802.11i Architecture,” International Journal of Networks Security, vol. 5, no. 2, pp. 224--232, Pakistan, September 2007.
[6] T. Phan, V. Hoang and V. Dao, “An Efficient FPGA Implementation of AES-CCM Authenticated Encryption IP Core,” in Proceedings of the IEEE 2016 3rd National Foundation for Science and Technology Development Conference on Information and Computer Science (NICS), pp. 202--205, Danang, Vietnam, September 2016.
[7] K. Nguyen, L. Lanante, Y. Nagao, M. Kurosaki and H. Ochi, “Implementation of 2.6 Gbps Superhigh Speed AES-CCM Security Protocol for IEEE 802.11i,” in Proceedings of the IEEE International Symposium on Communications and Information Technologies (ISCIT), pp. 669--673, Surat Thani, Thailand, September 2013.
[8] NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality (CCM), U.S., May 2004.
[9] William Stallings, Cryptography and Network Security Principles and Practice, Seventh edition, Pearson, October 2016.
[10] Y. Huang, Y. Lin, K. Hung and K. Lin, “Efficient Implementation of AES IP,” in Proceedings of the IEEE Asia Pacific Conference on Circuits and Systems, pp. 1418--1421, Singapore, 2006.
[11] M. Curtin and J. Dolske, “A Brute Force Search of DES Keyspace,” draft, pp.1--13, September 1997.
[12] K. Gaj and P. Chodowiec, “Comparison of the Hardware Performance of the AES Candidates Using Reconfigurable Hardware,” in Proceedings of The Third Advanced Encryption Standard (AES3) Candidate Conference, pp. 1--15, New York, USA, April 2000.
[13] E. NC Mui, “Practical Implementation of Rijndael S-Box Using Combinational Logic,” unpublished draft.
[14] A. Chakib, “New Experimental results for AES-CCMP acceleration on Cyclone-П FPGA,” International Journal of Computer Science and Network Security, vol. 10, no. 4, pp. 1--6, KSA, April 2010.
[15] L.T. Emmanuel, R.H. Francisco, and D.P. Arturo, “An FPGA Implementation of CCM Mode Using AES,” LNCS 3935, Information Security and Cryptology ICISC, pp.322--334, 2006.
[16] D. V. Lan, N. A. Thai, H. V. Phuc, “A Low Area, Low Power 8-bit AES-CCM Authenticated Encryption Core in 180nm CMOS Process,” VNU Journal of Science: Comp. Science & Com. Eng, vol. 34, no. 1, pp. 30--37, Hanoi, Vietnam, 2018.
[17] Y. Mitsuyama, M. Kimura, T. Onoye, and I. Shirakawa, “Embedded Architecture of IEEE802.11i Cipher Algorithms,” in Proceedings of the 2004 IEEE International Symposium on Consumer Electronics, pp. 241--246, UK, 2004.
[18] M. Ossmann, “WEP: Dead Again, Part 1,” 2004.
https://web.archive.org/web/20060408114100/http://www.securityfocus.com/infocus/1814
[19] M. Ossmann, “WEP: Dead Again, Part 2,” 2005.
https://web.archive.org/web/20060408114130/http://www.securityfocus.com/infocus/1824
[20] R. Chaabouni, Break WEP Faster with Statistical Analysis, June 2006.
[21] 施忠宏，高效率的整合AES加密器與解密器之電路設計，碩士論文-國立交通大學電機資訊學院，電信學程研究所，2005年。
[22] 張祐菘，基於AXI4介面的管線是AES矽智財設計與驗證，碩士論文-國立台灣科技大學電子工程系，2019年。