Small-footprint implementations of the advanced encryption standard (AES) algorithm are of interest in resource-constrained applications like Internet of Things (IoT). Symmetries in AES allow the datapath to be scaled down to the S-Box width of 8 bits, but the ShiftRows operation leads to a potential data hazard that must be avoided. The common method for resolving the ShiftRows hazard wastes power by moving data through a sequence of pipelined registers. We present in this article a novel 8-bit AES architecture that solves data movement inefficiencies by renaming registers and saves clock power with a single state update per AES round. We then extend register renaming to include microarchitectural randomization to mitigate susceptibility to side-channel attacks, which are a concern especially for low power implementations of AES. We fabricate and evaluate our designs in a commercial 16-nm FinFET technology. Testchip measurements show that the register renaming architecture encrypts data at 0.55 pJ/bit at nominal voltage, a $2.2\times $ improvement over a state-of-the-art reference 8-bit design implemented in the same technology. Side-channel evaluation indicates that the randomized variant of register renaming significantly reduces vulnerability to differential power analysis (DPA).

中文翻译：

---

16 纳米 FinFET 中 0.55 pJ/位的 8 位 AES 数据路径的高效寄存器重命名架构

高级加密标准 (AES) 算法的小尺寸实现在物联网 (IoT) 等资源受限的应用程序中很受关注。AES 中的对称性允许将数据路径缩小到 8 位的 S-Box 宽度，但 ShiftRows 操作会导致必须避免的潜在数据危险。解决 ShiftRows 危险的常用方法是通过一系列流水线寄存器移动数据来浪费电力。我们在本文中介绍了一种新颖的 8 位 AES 架构，该架构通过重命名寄存器来解决数据移动效率低下的问题，并通过每个 AES 轮的单个状态更新来节省时钟功率。然后，我们扩展了寄存器重命名以包括微架构随机化，以减轻对侧信道攻击的敏感性，这对于 AES 的低功耗实现尤其是一个问题。我们采用商用 16 纳米 FinFET 技术制造和评估我们的设计。Testchip 测量表明，寄存器重命名架构在标称电压下以 0.55 pJ/bit 加密数据，比采用相同技术实现的最先进参考 8 位设计提高了 2.2 美元/倍。旁道评估表明寄存器重命名的随机变体显着降低了差分功耗分析 (DPA) 的脆弱性。