Texas Instruments CC2650DK Benutzerhandbuch
AES Cryptoprocessor Overview
10.1 AES Cryptoprocessor Overview
The AES security module provides hardware-accelerated data encryption and decryption operations
based on a binary key. The module supports a 128-bit key in hardware for both encryption and decryption
and uses symmetric algorithm, meaning that the encryption and decryption keys are identical. Encryption
converts plain text data to an unintelligible form called cipher text. Decrypting cipher text converts
previously-encrypted data back into its original plain text form.
The main features of the AES module are:
based on a binary key. The module supports a 128-bit key in hardware for both encryption and decryption
and uses symmetric algorithm, meaning that the encryption and decryption keys are identical. Encryption
converts plain text data to an unintelligible form called cipher text. Decrypting cipher text converts
previously-encrypted data back into its original plain text form.
The main features of the AES module are:
•
Support and availability of the following feedback operating modes:
–
Electronic code book mode (ECB)
–
Cipher block chaining mode (CBC)
–
Counter mode (CTR)
–
Counter mode with CBC-MAC (CCM)
•
Key size: 128-bits
•
Support for CBC-MAC authentication modes
•
Key scheduling in hardware
•
Support for
μDMA transfers
•
Fully synchronous design
ECB, CBC, CTR, and CCM modes require both reading and writing of data. CBC-MAC only requires
reading of the data from an external source. The CCM modes of operation returns an authentication
result. This result can either be DMAed out with a separate DMA operation, or read through the slave
interface. For all modes, there is an option to provide the data through the slave interface instead of using
DMA. The AES engine is forced to use keys from the key store module for its operations. A key is
provided to the AES engine by triggering the key store module to read an AES key from the key store
memory, and write it to the AES engine. The AES engine automatically pads or masks misaligned last
data blocks with zeroes for AES CBC-MAC and CCM (including misaligned AAD data). For AES CTR
mode, misaligned last data blocks are internally masked to support non-block size input data.
reading of the data from an external source. The CCM modes of operation returns an authentication
result. This result can either be DMAed out with a separate DMA operation, or read through the slave
interface. For all modes, there is an option to provide the data through the slave interface instead of using
DMA. The AES engine is forced to use keys from the key store module for its operations. A key is
provided to the AES engine by triggering the key store module to read an AES key from the key store
memory, and write it to the AES engine. The AES engine automatically pads or masks misaligned last
data blocks with zeroes for AES CBC-MAC and CCM (including misaligned AAD data). For AES CTR
mode, misaligned last data blocks are internally masked to support non-block size input data.
10.1.1 Functional Description
The AES engine is directly connected to the context and data registers so that it can immediately start
processing when all data is available. The AES engine also interfaces to the I/O-control FSM and
processing when all data is available. The AES engine also interfaces to the I/O-control FSM and
μDMA
request interface. AES comprises the following major functional blocks:
•
Global control FSM and
μDMA interface
•
Register interface module
•
The AES engine
The AES engine, which is the major top-level component, comprises the following functional blocks:
•
Mode-control FSM: manages the data flow to and from the AES engine and starts each encryption and
decryption operation.
decryption operation.
•
Feedback modes: the logic that implements the various feedback modes supported by AES.
•
AES key scheduler: generates AES encryption and decryption (round) keys
•
AES encryption core: the AES encryption algorithm
•
AES decryption core: the AES decryption algorithm
•
Substitution-boxes (S-Boxes): contain AES S-Box GF(2
8
) implementations.
The supported key length is 128-bit, which requires 10 rounds or 32 clock cycles, because {number of
clock cycles} = 2 + 3 × {number of rounds}. While one data block processes, the next block can be
preloaded immediately. When a block is preloaded, the previous block must finish before additional data
can be loaded. Therefore, once the pipeline is full, sequential data blocks can be passed every 32 clock
cycles.
clock cycles} = 2 + 3 × {number of rounds}. While one data block processes, the next block can be
preloaded immediately. When a block is preloaded, the previous block must finish before additional data
can be loaded. Therefore, once the pipeline is full, sequential data blocks can be passed every 32 clock
cycles.
798
Cryptography
SWCU117A – February 2015 – Revised March 2015
Copyright © 2015, Texas Instruments Incorporated