Gaël Rouvroy

Learn More
Hardware implementations of the advanced encryption standard (AES) Rijndael algorithm have recently been the object of an intensive evaluation. Several papers describe efficient architectures for ASICs and FPGAs. In this context, the highest effort was devoted to high throughput (up to 20 Gbps) encryption-only designs, fewer works studied low area(More)
This paper presents an updated implementation of the Advanced Encryption Standard (AES) on the recent Xilinx Virtex-5 FPGAs. We show how a modified slice structure in these reconfigurable hardware devices results in significant improvement of the design efficiency. In particular, a single substitution box of the AES can fit in 8 FPGA slices. We combine(More)
A cryptanalytic time-memory tradeoff allows the cryptanalysis of any N key symmetric cryptosystem in O(N 2 3 ) operations with O(N 2 3 ) storage, if a precomputation of O(N) operations has been done in advance. This procedure is well known but did not lead to any realistic implementations. In this paper, the experimental results for the cryptanalysis of DES(More)
Performance evaluation of the Advanced Encryption Standard candidates has led to intensive study of both hardware and software implementations. However, although plentiful papers present various implementation results, it seems that efficiency could still be greatly improved by applying good design rules adapted to devices and algorithms. This paper(More)
We present a fast involutional block cipher optimized for reconfigurable hardware implementations. ICEBERG uses 64-bit text blocks and 128-bit keys. All components are involutional and allow very efficient combinations of encryption/decryption. Hardware implementations of ICEBERG allow to change the key at every clock cycle without any performance loss and(More)
Since their introduction by Kocher in 1998, power analysis attacks have attracted significant attention within the cryptographic community. While early works in the field mainly threatened the security of smart cards and simple processors, several recent publications have shown the vulnerability of hardware implementations as well. In particular, field(More)
We propose a new mathematical DES description that allows optimized implementations. It also provides the best DES and triple-DES FPGA implementations known in term of ratio throughput/area, where area means the number of FPGA slices used. First, we get a less resource consuming unrolled DES implementation that works at data rates of 21.3 Gbps (333 MHz),(More)
The image compression standard JPEG 2000 proposes a large set of features, useful for today’s multimedia applications. Unfortunately, it is much more complex than older standards. Real-time applications, such as Digital Cinema, require a specific, secure and scalable hardware implementation. In this paper, a decoding scheme is proposed with two main(More)
In its basic version, linear cryptanalysis is a known-plaintext attack that uses a linear relation between input-bits, outputbits, and key-bits of an encryption algorithm that holds with a certain probability. If enough plaintext-ciphertext pairs are provided, this approximation can be used to assign probabilities to the possible keys and to locate the most(More)
In 1980, Martin Hellman [1] introduced the concept of cryptanalytic time-memory tradeoffs, which allows the cryptanalysis of any N key symmetric cryptosystem in O(N 2 3 ) operations with O(N 2 3 ) storage, provided a precomputation of O(N) is performed beforehand. This procedure is well known but did not lead to realistic implementations. This paper(More)