This post is a continuation of my previous posts covering my configurable digital logic implementation of the AES-256 cryptographic algorithm. In this post I'll cover the refactoring I did to improve my implementation and make the design synthesizeable. Previously, the architecture for the module was poor and could not be synthesized to run on real hardware. This was an expected outcome as I learn to write verilog. I've detailed some of the changes I made below.

Removing Loops

I have read and heard mixed responses in regard to using for loops in synthesizeable code. It is my understanding that loops are unwound during synthesis, and large loops can result in large resource consumption. I decided to remove most of the loops in my AES implementation. One example is the key scheduling portion of the algorithm. previously, I relied on a loop to iterate over the key words:

    if(consent_reg == KEY_WORDS)
        rconIdx = 0;
        for(x = 8; x < 60; x++)
            if(x % 8 == 0)

I replaced the loop with a state machine that performs the same iteration over the key words. The main state machine (covered below) enables the key scheduling state machine and waits for it to finish.

///This state machine calculates the
///the round key words and round keys, setting its
///"done" register when finished
reg [5:0] table_idx;       //Key word index
reg [3:0] rcon_idx;        //Round constant index
reg [3:0] rk_idx;          //Round key index
parameter [4:0] KW_IDLE  = 4'b000, //Idle state
                KW_CALC  = 4'b001, //Calculate state
                KW_SCHED = 4'b010, //Form round keys
                KW_DONE  = 4'b011; //Done state
reg [2:0] kw_state;  //State machine states

//Done signal
assign KEY_WORDS_DONE = (kw_state == KW_DONE);
always @(posedge clock)begin

There were other places I relied on looping, mostly for convenience:

    for(row = 0; row < 4; row++)
        for(col=0; col<4; col++)
            matrix[row][col] = sbox(matrix[row][col]);

These loops were easily replaced by unwinding them manually.

    else if(state_reg == SUB_BYTE) begin
        //Peform S-box Substitutions
        sub_byte_matrix[3][3] <= sbox(round_key_matrix[3][3]);
        sub_byte_matrix[2][3] <= sbox(round_key_matrix[2][3]);
        sub_byte_matrix[1][3] <= sbox(round_key_matrix[1][3]);
        sub_byte_matrix[1][0] <= sbox(round_key_matrix[1][0]);
        sub_byte_matrix[0][0] <= sbox(round_key_matrix[0][0]);

Data Path/Multidriven Nets

One of the "rookie" mistakes I made was trying to read and write from the same register in multiple blocks. I replaced the single state matrix with multiple state matricies for the output from each step in the encryption process. Any one state matrix is only written by one always block and read from the successive block.

//This list of state matricies forms the data pipeline
reg [7:0] initial_matrix[0:3][0:3];   //Initial state matrix
reg [7:0] round_key_matrix[0:3][0:3]; //Round key matrix
reg [7:0] sub_byte_matrix[0:3][0:3];  //Byte substitution matrix
reg [7:0] shift_row_matrix[0:3][0:3]; //Shift rows matrix
reg [7:0] mix_col_matrix[0:3][0:3];   //Mix columns matrix

In the same vein, I combined the key scheduling stages into one state machine (described above).

Other Cleanup

I refactored my main state machine to use initialization/completion logic that's more inline with examples I've seen in Xilinx sources and other source files. Additonally, I tried to update my indentation and formatting to match conventions I've seen.

Testing on Hardware

To verify that my AES module can be synthesized and run on hardware, I created a basic block design for the Zynq7000 that contains a Xilinx VIO core, Zynq7000 processing system, and my AES module.

The VIO allows for manual input and output to the AES core. I ran an empty software application and used the Vivado hardware manager view to run the AES module with the same input data and key that I used in the test bench. The module functioned as designed and the output matches the expected output.

Input key: 

Input data: 

Starting encryption.
Data out: 6034088a2dedde69013d073e8681d21c
Valid: 1


Mistakes/bad design aside, I think my AES module is coming along nicely. Now that I have the module running on the hardware, I intend to use it in a practical design, using AXI to encrypt data stored in the PS DDR.

Get honeypotted? I like spam. Contact Us Contact Us Email Email email: