You have no items in your shopping cart.

Subtotal: 0.00


With the current ubiquity of computer networks, distributed systems in general, and the Internet in particular, cryptography has become an enabling technology to secure the information infrastructures we are building, using, and counting on in daily life. In present days, almost every relevant communication system requires secure data transfer in order to maintain the privacy of the transmitted message. Hardware implementation on FPGA offers a quicker and customizable solution. I use Very High Speed Integrated Circuit Hardware Decryption Language (VHDL) for synthesizing logic design. The existing project uses Spartan6 FPGA Project Kit which is an integrated circuit development platform based on the Xilinx Spartan 6 FPGA.

Tool required


  • Xilinx ISE 14.7i


  • VHDL


  • Spartan6 FPGA kit
  • Serial Cable
  • PC

Block Diagram for AES Algorithm using Spartan6 FPGA Project Kit

Block Diagram for AES Algorithm using Spartan6 FPGA Project Kit


Cryptography enables to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. Secure communication with sensitive information it is necessary for military, government institutions but also for business sector and private individuals.

In this document I will describe the Advanced Encryption Standard (AES) Algorithm based on a hardware implementation. The following document provides a detailed and easy to understand explanation of the implementation of the AES algorithm. For this application type I proceed for developing of the following tasks:

⇛Serial communication implementation on FPGA, in order to exchange the encrypted and decrypted messages with other electronic devices.

⇛FPGA implementation of AES based on encryption module.

⇛FPGA implementation of AES based on decryption module.

⇛Additionally a software program used for messages management was developed on PC.

Advanced Encryption Standard

A symmetric block cipher Rijndael was standardized by National Institute of Standards and Technology (NIST) as AES in November 2001. AES replaced Data Encryption Standard (DES), which has been in use since 1977.

AES is symmetric bloc ciphers that can process blocks of 128 bits throw cipher keys with lengths of 128, 192 and 256 bits, other input, output and cipher key lengths are not permitted by this standard.

Rijndael encryption algorithm allows data blocks of 192 and 256 bits, these however are not part of the AES standard, and thus will not be mentioned in this paper.

The key used for decryption is derived from the key used at encryption (Cipher Key) through Key Schedule routine. This function provides one new key for each round of the algorithm. Round in AES algorithm it is a sequence through which the AES crossing a specific number of functions.

As most of the symmetrical encryption algorithm, AES operations consists of byte substitution, bit permutation and the addition of the expanded key, performed a predefined number of times, designated by rounds. These operations are performed through the usage of lookup tables to perform the byte substitution, column shifts and arithmetic operations in finite fields (addition and multiplications in GF(28)).

AES works by repeating the same defined steps multiple times; AES is a secret encryption algorithm and operates on an fixed number of bytes. AES algorithm uses almost the same steps to complete both encryption and decryption in reverse order.

Serial Communication Interface

Serial communication interface can send and receive data throw RS 232 port.

Serial Communication Interface

The application has three main buttons named: Open Port (used for opening of the serial port), Close Port (used for closing of the serial port) and Send (used for sending the datat). Also the application has other controls that enable us to set the parameters of the serial port and display the messages received from the Spartan6 FPGA Project Kit. The application listen continuously the serial port and display automatically the messages received from the FPGA.

Encryption Module

Encryption module has the following ports:


clk - Master clock with the frequency of 50 MHz.

rst - Reset input signal activates the encryption module when is '1'.

plaintext(127:0) - The input data used for the encryption.

round(3:0) - Encryption round number received from an external counter.


ciphertext(127:0) - Encrypted text resulted from the encryption. Encryption module has the plaintext(127:0) input port on witch will receive 128 bits of data from the PC. The data is stored in a block memory implemented on Spartan6 FPGA Project Kit. The encryption module is implemented with 128 bits key length and the Key Schedule module run with 10 rounds. For each round the Key Schedule module will generate a new round key.

round(3:0) input port it is assigned from an external binary counter. In round 10 (last round) ciphertext(127:0) output port provides the encrypted data.

In the figure 24 I represent the encryption module in a simulation phase. Input port plaintext(127:0) receive the data in hexadecimal and output port ciphertext(127:0) returns the encrypted data.

Input data (plaintext) for simulation has been set from VHDL simulator and it has the value 00112233445566778899aabbccddeeff, represented in hexadecimal. The output data after 10 rounds of encryption has the value 69c4e0d86a7b0430d8cdb78070b4c55a

Serial Communication Interface


Decryption Module

The Decryption module is implemented with the last key (10) generated by the encryption module and the Inverse Key Schedule module runs with 10 rounds.

Decryption module has the following ports:


clk - Master clock with the frequency of 50 MHz.

rst - Reset input signal activates the decryption module when is '1'.

ciphertext(127:0) - The input data used for the decryption.

round(3:0) - Encryption round number received from an external counter.


plaintext(127:0) - Decrypted text resulted from decryption.

For decryption I use the data generated from encryption (output from encryption, input for decryption)




Spartan6 FPGA Project Kit doesn't support both of the modules in the same time, so the encryption.bit file from encryption respectively decryption.bit file from decryption should be loaded sequentially because of fact that each file occupies ~60% from FPGA resources. As the matter of fact, in the encryption stage the file encryption.bit is loaded and after the process is finished it should be removed. For decryption decryption.bit file is loaded.