Improve Round Key pipelining

[pear7]

Issues #11 and #12 need to be resolved first.

Currently, we produce all of the rounds keys upfront and then buffer them between each round. Not all round keys need to be generated upfront and some of them can be delayed until later clock cycles. In addition to improving the number of operations occurring in one clock cycle, this would also improve the amount of data that needs to be buffered.

[kinap]

Tried to address this with the key_exp_piplining branch. I suggest we close this as a will-not-fix.

Summary of the results

• Key expansion pipelining is feasible and we have a working implementation
• Integration into the encoder is possible, as each key is generated on the fly for each round (or sometimes in advance of a round). This resulted in a buffer of keysize between each round, instead of NUM_ROUNDS * keysize.
• Integration into the decoder is not possible, and is discouraged in the literature. The issue is that you need the keys in reverse order, i.e. for decoder round 0 you need the last round key. Since each round key is dependent on the previous round keys, you must calculate them all during the first round, like we had before.

We tried a hybrid approach, where the pipelined module was used in the encoder and the single cycle module was used in the decoder. This asymmetry introduced additional problems such as an additional pipeline stage some complexity in the assertions.