Baseline AES FPGA reference design


I was wondering if there exists some form of de-facto baseline AES FPGA design that is used as a reference for comparison with other implementations, e.g. when implementing various SCA-resistant mechanisms. Are the CW FPGA implementations (for Spartan 6 on the CW308 and Artix 7 on the CW305 boards) completely in-house implementations, or are they adapted from a particular source?


Not that I’m aware of.
Our reference implementation is a straightforward AES implementation with no SCA resistance, one round per clock cycle, using look-up tables for the sboxes.

I think it can be considered a good baseline against which one can compare other implementations with side-channel countermeasures, but there is no widely-accepted baseline that I’m aware of.

The AES code itself comes from here:

which I think was for this Google “Project Vault”:

Thank you! Btw, whilst on the topic, are Sbox implementations through look-up tables known to leak more information than other implementations?

I have no idea! My knowledge of different s-box implementations is limited to their optimization for size or speed. Typically, look-up table implementations are faster but larger – except on FPGAs, since FPGAs typically have lots of LUTs available “for free”.