論文中提出了一個低成本架構的AES加解密晶片，並且金鑰擴展單元為較省面積的即時運算架構，且能夠依使用者來選擇金鑰的長度，分別為128位元、192位元以及256位元。且依據AES演算法實現出來的加解密晶片輸入的每一筆資料為128位元。為了能夠有效節省面積，在資料路徑的部分我們使用長度為32位元的架構。因此，每一筆128位元長度的資料配合一筆完整的金鑰，計算每一回合需要4個時脈週期方能完成。更進一步的達到節省面積，我們在回合運算單元中，改進了兩個部分：在位元組替代轉換中，使用混合場運算來有效的降低演算法複雜度，進而減低硬體面積；混合行轉換中，將演算法簡化之後，再找出相同的運算子來達到電路共享，因此也能有效節省面積，而相較於傳統的AES架構，最大可節省將近一半的邏輯閘數量。
AES加解密軟智產已經分別在Xilinx的Vertex 5系列FPGA(xc5vlx110t)以及TSMC 0.18 μm元件庫(Cell Library)上實現與驗證。在FPGA設計部分，工作頻率為60 MHz，資料處理量最高為174.54 Mbps，消耗了Vertex 5系列FPGA實驗板總面積的7%；在元件庫設計的部分，工作頻率為106 MHz，資料處理量最高為308.36 Mbps，核心(core)面積為517.6 μm × 508.3 μm，其等效閘數量(gate count)約為15669個，消耗功率為21.22 mW。

In the thesis, we propose an area-saving universal VLSI architecture for AES encryption/decryption algorithm. To be used as a universal AES encryption/ decryption system and be able to accept a key with three different lengths, 128, 192, and 256 bits, the data-path of proposed architecture is designed as 32 bits and the keys are computed on-the-fly by the key expansion unit. As a consequence, for each 128-bit input with the cipher key, to finish a single round operation needs 4 clock cycles. The area of the proposed architecture is further reduced by the following two improvements. First, the composite field arithmetic is used for the byte substitution transformation to effectively reduce the complexity of algorithm. Second, the common operation is employed in the mix column transformation to achieve the circuit sharing and hence to reduce the area. The resulting architecture can save about a half area in comparison with conventional AES architecture.
The AES encryption/decryption chip has been implemented and verified with both Xilinx Vertex 5 FPGA and TSMC 0.18 μm cell library. In the FPGA part, it operates at 60 MHz and can achieve a high throughput of 174.54 Mbps. It takes up the total area of 7% in FPGA board. In the cell-based part, it operates at 106 MHz and can achieve a high throughput of 308.36 Mbps. The core occupies the area of 517.6 μm × 508.3 μm, which is approximately equivalent to 15669 gates, and consumes about 21.22 mW in the typical operating condition.

[1]AES home page, URL: http://www.nist.gov.aes/.
[2]The Rijndael Page, URL: http://www.esat.kuleuven.ac.be/~rijmen/rijndael/.
[3]Joan Daemen and Vincent Rijnmen, AES Proposal: Rijndael, AES Algorithm Submission, September 3, 1999, available at [1].
[4]James Nechvatal, et al., Report on the Development of the Advanced Encryption Standard (AES), National Institute of Standards and Technology, October 2, 2000, available at [1].
[5]J. Daemen and V. Rijmen, “Answer to New Observations on Rijndael,” AES Forum comment, August 11, 2000, available at URL:http://www.esat.kuleuven.ac.be/~rijmen/rijndael/.
[6]RSA Security, “RSA’s 56-bit DES Challenge,” April 2001, available at URL:http://www.rsasecurity.com/.
[7]RSA Security, “Team of Universities, Companies and Individual Computer Users Linked Over the Internet Crack RSA’s 56-bit DES Challenge,” available at URL: http://www.rsasecurity.com/.
[8]National Institute of Standards and Technology, Advanced Encryption Standard (AES), Federal Information Processing Standard (FIPS) Publication 197, November 2001.
[9]C. C. Wang, T. K. Truong, H. M. Shao, L. J. Deutsh, J. K. Omura, and I. I. Reed, “VLSI architecutres for computing mutiplications and inverters in GF(2m),” IEEE Transactions on Computers, Vol. C-34, pp. 709-717, Aug. 1985.
[10]H. Brunner, A. Curiger, and M. Hofstetter, “On computing multiplicative inverses in GF(2m),” IEEE Transactions on Computers, Vol. 42, No.8, August 1993, pp. 1010-1015.
[11]Y. T. Horng and S. W. Wei, “Fast Inverters and Dividers for Finite Field GF(2m),” Asia-Pacific Conference on Circuits and Systems, pp. 206-211, 1994.
[12]Robert J. McEliece, Finite Fields for Computer Scientists and Engineers, Kluwer Academic Publishers, 1987.
[13]William Stallings, Cryptography and Network Security: Principles and Practices Third Edition, Prentice Hall International, Inc, 2003.
[14]Kris Gaj and Pawel Chodowiec, “Comparison of the Hardware Performance of the AES Candidates using Reconfigurable Hardware,” The Third Advanced Encryption Standard (AES3) Candidate Conference, New York, USA, April 2000.
[15]Maire McLoone and John V McCanny, “Rijndael FPGA Implementation Utilizing Loop-Up Tables,” Signal Processing Systems, 2001 IEEE Workshop, pp. 349-360, September 26-28, 2001.
[16]M. H. Lee, A Gbps AES Cipher, Master Thesis, Dept. of Computer Science, National Tsing-Hua University, Hsinchu, Taiwan, June 2001.
[17]I. Verbauwhede, P. Schaumont, and H. Kuo, “Design and Performance Testing of a 2.29-GB/s Rijndael Processor,” IEEE Journal of Solid-State Circuits, Volume:38, pp. 569-572, Issue: 3, March 2003.
[18]B. Weeks, M. Bean, T. Rozylowicz, and C. Ficke, “Hardware Performance Simulations of Round 2 Advanced Encryption Standard Algorithms,” National Security Agency while paper, May 15, 2000, available at URL:
http://csrc.nist.gov/CryptoToolkit/aes/round2/NSA-AESfinalreport.pdf.
[19]T. Ichikawa, T. Kasuya, and M. Matsui, “Hardware Evaluation of the AES Finalist,” in Proc. 3rd AES Candidate Conference, 2000.
[20]M.H. Jing, Y.H. Chen, Y.T. Chang and C.H. Hsu, “The Design of A Fast Inverse Module in AES.” International Conferences on Info-tech and Info-net, Vol. 3, Page 298-303, 2001
[21]M. Y. Wang, C. P. Horng, C. W. Wu and C. T. Huang “Single- and Multi-core Configurable AES Architectures for Flexible Security” IEEE Trans. on VLSI Systems, Vol. 17, Issue 12,July 2009.
[22]S. F. Hsiao, M. C. Chen and C. S. Tu, “Memory-Free Low-Cost Designs of Advanced Encryption Standard Using Common Subexpression Elimination for Subfunctions in Transformations.” IEEE Circuit Syst. Mag., Vol. 53, No. 3, March 2006.
[23]X. Zhang and K. K. Parhi, “High speed VLSI architectures for AES algorithm,” IEEE Trans. VLSI, Vol.2, pp. 957-967 Sept. 2004
[24]C. C. Lu and S. Y. Tseng, “Integrated Design of AES (Advanced Encryption Standard) Encrypter and decrypter,” Proceedings of Application-Specific Systems, Architectures and Processors, pp.277-285, July 2002.
[25]A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” C. Boyd(Ed.):ASIACRYPT 2001, LNCS 2248, PP. 239-254, 2001.
[26]H. Kuo and I. Verbauwhede, “Architectural Optimization for a 1.82 Gbits/sec VLSI Implementation of the AES Rijndael Algorithm,” Proceedings of Cryptographic Hardware and Embedded Systems, pp. 51-64, May 2001.
[27]N. Sklavos and O. Koufopavlou, “Architecture and VLSI Implementation of the AES-Proposal Rijndael, “IEEE Transactions on Computers, Vol. 51, pp. 1454-1459, Dec. 2002.
[28]H. Li, and J. Li, “A New Compact Architecture for AES with Optimized ShiftRows Operation,” IEEE International Symposium on Circuits and Systems, 2007. ISCAS 2007. pp.1851-1854, May 2007.
[29]S. Mangard, M. Aigner, and S. Dominikus, “A highly regular and scalable AES hardware architecture,” IEEE Transactions on Computers, Vol. 52, pp. 483-491, April 2003.
[30]董力中, 非同步AES加解密晶片之設計與實作, 碩士論文–國立東華大學資訊工程學系研究所, 2002年7月。
[31]曾英彰, AES內建CBC模式加密與解密智產設計與驗證, 碩士論文–國立台灣科技大學電子工程學系研究所, 2004年7月。